k8s平台不停机更新发布服务

一、单机服务架构实现不停机更新，利用readiness prob实现pod就绪探测。

deployment参考配置如下：

apiVersion: apps/v1
kind: Deployment
metadata:
  name: dengbao-record-api
spec:
  selector:
    matchLabels:
      app: dengbao-record-api
  replicas: 1
  template:
    metadata:
      labels:
        app: dengbao-record-api
    spec:
      containers:
      - name: dengbao-record-api
        image: harbor.mkl.io/chenlin/dengbao-record-api:0.1-$BUILD_NUMBER
        imagePullPolicy: Always
        ports:
        - containerPort: 8080
        readinessProbe:             #就绪探测使用tcp端口方式
          tcpSocket:
            port: 8080
          initialDelaySeconds: 30　　　　#容器启动30秒后开始第一次探测
          periodSeconds: 10            #每10秒探测一次
        livenessProbe:
          tcpSocket:
            port: 8080
          initialDelaySeconds: 15
          periodSeconds: 20
      imagePullSecrets:
      - name: secret-harbor-user

 

二、spring cloud alibaba微服务架构实现不停服更新服务，由于这种微服务架构，所有服务都注册到nacos，由gateway进行转发，所以在服务pod更新时，需要使用脚本自动下线服务，gateway才不会将请求转发至已下线pod

deployment参考配置如下：

apiVersion: apps/v1
kind: Deployment
metadata:
  name: megalab-admin-oms-dev
spec:
  selector:
    matchLabels:
      app: megalab-admin-oms-dev    
  replicas: 2
  strategy:    #根据实际情况修改pod滚动更新策略，也可不修改，使用默认策略
    rollingUpdate:
      maxSurge: 100%             
      maxUnavailable: 0      
    type: RollingUpdate
  template:
    metadata:
      labels:
        app: megalab-admin-oms-dev
    spec:
      terminationGracePeriodSeconds: 60   #默认termination时间为30s，改为60s
      nodeName: node0
      containers:
      - name: megalab-admin-oms-dev
        image: harbor.mkl.io/megalab/megalab-admin-oms-dev:0.1-$BUILD_NUMBER
        imagePullPolicy: IfNotPresent
        env:              #获取pod ip地址
        - name: MY_POD_IP
          valueFrom:
            fieldRef:
              apiVersion: v1
              fieldPath: status.podIP
        ports:
        - containerPort: 8084
        readinessProbe:    #pod就绪探测
          tcpSocket:
            port: 8084
          initialDelaySeconds: 60   
          periodSeconds: 20
        livenessProbe:      #pod心跳探测
          tcpSocket:
            port: 8084
          initialDelaySeconds: 15
          periodSeconds: 20
        lifecycle:
          preStop:     #在容器删除前执行服务下线脚本
            exec:
              command: ["/bin/sh","-c","sh /service_offline_nacos.sh"]
      imagePullSecrets:
      - name: secret-harbor-user

服务下线参考脚本service_offline_nacos.sh 如下：

#!/bin/sh
URL="http://nacos.mkl.io:8849"
USERNAME="nacos"
PASSWORD="mega8849"
SERVERNAME="megalab-admin-oms"
NAMESPACEID="megalab-dev"
PORT=8084

Token=$(curl -s --location --request POST "$URL/nacos/v1/auth/login" -d "username=$USERNAME&password=$PASSWORD" | awk -F "accessToken" '{print $2}'|awk -F ":" '{print $2}'|awk -F '"' '{print $2}')
curl -X PUT  "$URL/nacos/v1/ns/instance?accessToken=${Token}&serviceName=$SERVERNAME&groupName=DEFAULT_GROUP&namespaceId=$NAMESPACEID&ip=${MY_POD_IP}&clusterName=DEFAULT&port=$PORT&ephemeral=true&weight=1&enabled=1"

sleep 30

三、测试参考脚本如下，大致流程是，写个死循环，调用正在更新的服务接口进行测试验证。

#!/bin/bash
while true
do
  result=$(curl -s  -H 'token: ce90120b41348798d89d15c8e983c1d9'  'http://admin.mkl.io/api/object/list?page=1&limit=10&category=' | grep 502 | grep -v grep -c)
  if [ $result -gt 0 ]; then
      echo "服务不可用"
  fi
done