一、准备条件
确保kubernetes可以访问:reg.yunwei.edu镜像库(vim /etc/hosts)
需要准备镜像:
[root@cicd sock-shop]# cat complete-demo.yaml apiVersion: extensions/v1beta1 kind: Deployment metadata: name: carts-db labels: name: carts-db namespace: sock-shop spec: replicas: 1 template: metadata: labels: name: carts-db spec: containers: - name: carts-db image: reg.yunwei.edu/sock-shop/mongo ports: - name: mongo containerPort: 27017 securityContext: capabilities: drop: - all add: - CHOWN - SETGID - SETUID readOnlyRootFilesystem: true volumeMounts: - mountPath: /tmp name: tmp-volume volumes: - name: tmp-volume emptyDir: medium: Memory nodeSelector: beta.kubernetes.io/os: linux --- apiVersion: v1 kind: Service metadata: name: carts-db labels: name: carts-db namespace: sock-shop spec: ports: # the port that this service should serve on - port: 27017 targetPort: 27017 selector: name: carts-db --- apiVersion: extensions/v1beta1 kind: Deployment metadata: name: carts labels: name: carts namespace: sock-shop spec: replicas: 1 template: metadata: labels: name: carts spec: containers: - name: carts image: reg.yunwei.edu/sock-shop/carts:0.4.8 ports: - containerPort: 80 env: - name: ZIPKIN value: zipkin.jaeger.svc.cluster.local - name: JAVA_OPTS value: -Xms64m -Xmx128m -XX:PermSize=32m -XX:MaxPermSize=64m -XX:+UseG1GC -Djava.security.egd=file:/dev/urandom securityContext: runAsNonRoot: true runAsUser: 10001 capabilities: drop: - all add: - NET_BIND_SERVICE readOnlyRootFilesystem: true volumeMounts: - mountPath: /tmp name: tmp-volume volumes: - name: tmp-volume emptyDir: medium: Memory nodeSelector: beta.kubernetes.io/os: linux --- apiVersion: v1 kind: Service metadata: name: carts labels: name: carts namespace: sock-shop spec: ports: # the port that this service should serve on - port: 80 targetPort: 80 selector: name: carts --- apiVersion: extensions/v1beta1 kind: Deployment metadata: name: catalogue-db labels: name: catalogue-db namespace: sock-shop spec: replicas: 1 template: metadata: labels: name: catalogue-db spec: containers: - name: catalogue-db image: reg.yunwei.edu/sock-shop/catalogue-db:0.3.0 env: - name: MYSQL_ROOT_PASSWORD value: fake_password - name: MYSQL_DATABASE value: socksdb ports: - name: mysql containerPort: 3306 nodeSelector: beta.kubernetes.io/os: linux --- apiVersion: v1 kind: Service metadata: name: catalogue-db labels: name: catalogue-db namespace: sock-shop spec: ports: # the port that this service should serve on - port: 3306 targetPort: 3306 selector: name: catalogue-db --- apiVersion: extensions/v1beta1 kind: Deployment metadata: name: catalogue labels: name: catalogue namespace: sock-shop spec: replicas: 1 template: metadata: labels: name: catalogue spec: containers: - name: catalogue image: reg.yunwei.edu/sock-shop/catalogue:0.3.5 ports: - containerPort: 80 securityContext: runAsNonRoot: true runAsUser: 10001 capabilities: drop: - all add: - NET_BIND_SERVICE readOnlyRootFilesystem: true nodeSelector: beta.kubernetes.io/os: linux --- apiVersion: v1 kind: Service metadata: name: catalogue labels: name: catalogue namespace: sock-shop spec: ports: # the port that this service should serve on - port: 80 targetPort: 80 selector: name: catalogue --- apiVersion: extensions/v1beta1 kind: Deployment metadata: name: front-end namespace: sock-shop spec: replicas: 1 template: metadata: labels: name: front-end spec: containers: - name: front-end image: reg.yunwei.edu/sock-shop/front-end:0.3.12 resources: requests: cpu: 100m memory: 100Mi ports: - containerPort: 8079 securityContext: runAsNonRoot: true runAsUser: 10001 capabilities: drop: - all readOnlyRootFilesystem: true nodeSelector: beta.kubernetes.io/os: linux --- apiVersion: v1 kind: Service metadata: name: front-end labels: name: front-end namespace: sock-shop spec: type: NodePort ports: - port: 80 targetPort: 8079 nodePort: 30001 selector: name: front-end --- apiVersion: extensions/v1beta1 kind: Deployment metadata: name: orders-db labels: name: orders-db namespace: sock-shop spec: replicas: 1 template: metadata: labels: name: orders-db spec: containers: - name: orders-db image: reg.yunwei.edu/sock-shop/mongo ports: - name: mongo containerPort: 27017 securityContext: capabilities: drop: - all add: - CHOWN - SETGID - SETUID readOnlyRootFilesystem: true volumeMounts: - mountPath: /tmp name: tmp-volume volumes: - name: tmp-volume emptyDir: medium: Memory nodeSelector: beta.kubernetes.io/os: linux --- apiVersion: v1 kind: Service metadata: name: orders-db labels: name: orders-db namespace: sock-shop spec: ports: # the port that this service should serve on - port: 27017 targetPort: 27017 selector: name: orders-db --- apiVersion: extensions/v1beta1 kind: Deployment metadata: name: orders labels: name: orders namespace: sock-shop spec: replicas: 1 template: metadata: labels: name: orders spec: containers: - name: orders image: reg.yunwei.edu/sock-shop/orders:0.4.7 env: - name: ZIPKIN value: zipkin.jaeger.svc.cluster.local - name: JAVA_OPTS value: -Xms64m -Xmx128m -XX:PermSize=32m -XX:MaxPermSize=64m -XX:+UseG1GC -Djava.security.egd=file:/dev/urandom ports: - containerPort: 80 securityContext: runAsNonRoot: true runAsUser: 10001 capabilities: drop: - all add: - NET_BIND_SERVICE readOnlyRootFilesystem: true volumeMounts: - mountPath: /tmp name: tmp-volume volumes: - name: tmp-volume emptyDir: medium: Memory nodeSelector: beta.kubernetes.io/os: linux --- apiVersion: v1 kind: Service metadata: name: orders labels: name: orders namespace: sock-shop spec: ports: # the port that this service should serve on - port: 80 targetPort: 80 selector: name: orders --- apiVersion: extensions/v1beta1 kind: Deployment metadata: name: payment labels: name: payment namespace: sock-shop spec: replicas: 1 template: metadata: labels: name: payment spec: containers: - name: payment image: reg.yunwei.edu/sock-shop/payment:0.4.3 ports: - containerPort: 80 securityContext: runAsNonRoot: true runAsUser: 10001 capabilities: drop: - all add: - NET_BIND_SERVICE readOnlyRootFilesystem: true nodeSelector: beta.kubernetes.io/os: linux --- apiVersion: v1 kind: Service metadata: name: payment labels: name: payment namespace: sock-shop spec: ports: # the port that this service should serve on - port: 80 targetPort: 80 selector: name: payment --- apiVersion: extensions/v1beta1 kind: Deployment metadata: name: queue-master labels: name: queue-master namespace: sock-shop spec: replicas: 1 template: metadata: labels: name: queue-master spec: containers: - name: queue-master image: reg.yunwei.edu/sock-shop/queue-master:0.3.1 ports: - containerPort: 80 nodeSelector: beta.kubernetes.io/os: linux --- apiVersion: v1 kind: Service metadata: name: queue-master labels: name: queue-master annotations: prometheus.io/path: "/prometheus" namespace: sock-shop spec: ports: # the port that this service should serve on - port: 80 targetPort: 80 selector: name: queue-master --- apiVersion: extensions/v1beta1 kind: Deployment metadata: name: rabbitmq labels: name: rabbitmq namespace: sock-shop spec: replicas: 1 template: metadata: labels: name: rabbitmq spec: containers: - name: rabbitmq image: reg.yunwei.edu/sock-shop/rabbitmq:3.6.8 ports: - containerPort: 5672 securityContext: capabilities: drop: - all add: - CHOWN - SETGID - SETUID - DAC_OVERRIDE readOnlyRootFilesystem: true nodeSelector: beta.kubernetes.io/os: linux --- apiVersion: v1 kind: Service metadata: name: rabbitmq labels: name: rabbitmq namespace: sock-shop spec: ports: # the port that this service should serve on - port: 5672 targetPort: 5672 selector: name: rabbitmq --- apiVersion: extensions/v1beta1 kind: Deployment metadata: name: shipping labels: name: shipping namespace: sock-shop spec: replicas: 1 template: metadata: labels: name: shipping spec: containers: - name: shipping image: reg.yunwei.edu/sock-shop/shipping:0.4.8 env: - name: ZIPKIN value: zipkin.jaeger.svc.cluster.local - name: JAVA_OPTS value: -Xms64m -Xmx128m -XX:PermSize=32m -XX:MaxPermSize=64m -XX:+UseG1GC -Djava.security.egd=file:/dev/urandom ports: - containerPort: 80 securityContext: runAsNonRoot: true runAsUser: 10001 capabilities: drop: - all add: - NET_BIND_SERVICE readOnlyRootFilesystem: true volumeMounts: - mountPath: /tmp name: tmp-volume volumes: - name: tmp-volume emptyDir: medium: Memory nodeSelector: beta.kubernetes.io/os: linux --- apiVersion: v1 kind: Service metadata: name: shipping labels: name: shipping namespace: sock-shop spec: ports: # the port that this service should serve on - port: 80 targetPort: 80 selector: name: shipping --- apiVersion: extensions/v1beta1 kind: Deployment metadata: name: user-db labels: name: user-db namespace: sock-shop spec: replicas: 1 template: metadata: labels: name: user-db spec: containers: - name: user-db image: reg.yunwei.edu/sock-shop/user-db:0.4.0 ports: - name: mongo containerPort: 27017 securityContext: capabilities: drop: - all add: - CHOWN - SETGID - SETUID readOnlyRootFilesystem: true volumeMounts: - mountPath: /tmp name: tmp-volume volumes: - name: tmp-volume emptyDir: medium: Memory nodeSelector: beta.kubernetes.io/os: linux --- apiVersion: v1 kind: Service metadata: name: user-db labels: name: user-db namespace: sock-shop spec: ports: # the port that this service should serve on - port: 27017 targetPort: 27017 selector: name: user-db --- apiVersion: extensions/v1beta1 kind: Deployment metadata: name: user labels: name: user namespace: sock-shop spec: replicas: 1 template: metadata: labels: name: user spec: containers: - name: user image: reg.yunwei.edu/sock-shop/user:0.4.7 ports: - containerPort: 80 env: - name: MONGO_HOST value: user-db:27017 securityContext: runAsNonRoot: true runAsUser: 10001 capabilities: drop: - all add: - NET_BIND_SERVICE readOnlyRootFilesystem: true nodeSelector: beta.kubernetes.io/os: linux --- apiVersion: v1 kind: Service metadata: name: user labels: name: user namespace: sock-shop spec: ports: # the port that this service should serve on - port: 80 targetPort: 80 selector: name: user
二、部署微服务
编辑complete-demo.yaml后,执行
#kubectl apply -f complete-demo.yaml
查看前端service的访问端口:
#kubectl get service -n sock-shop
三、登录浏览器验证(集群节点ip+端口:192.168.42.121:30001)
