Kubernetes Ingress 实现蓝绿部署
金丝雀发布一般是先发1台机器,或者一个小比例,例如2%的服务器,主要做流量验证用,也称为金丝雀 (Canary) 测试,国内常称灰度测试。以前旷工下矿前,会先放一只金丝雀进去用于探测洞里是否有有毒气体,看金丝雀能否活下来,金丝雀发布由此得名。简单的金丝雀测试一般通过手工测试验证,复杂的金丝雀测试需要比较完善的监控基础设施配合,通过监控指标反馈,观察金丝雀的健康状况,作为后续发布或回退的依据。如果金丝测试通过,则把剩余的 V1 版本全部升级为 V2 版本。如果金丝雀测试失败,则直接回退金丝雀,发布失败。
在金丝雀发布基础上的进一步优化改进,是一种自动化程度较高的发布方式,用户体验比较平滑,是目前成熟型技术组织所采用的主流发布方式。一次滚动式发布一般由若干个发布批次组成,每批的数量一般是可以配置的(可以通过发布模板定义)。例如,第一批1台(金丝雀),第二批10%,第三批 50%,第四批100%。每个批次之间留观察间隔,通过手工验证或监控反馈确保没有问题再发下一批次,所以总体上滚动式发布过程是比较缓慢的 (其中金丝雀的时间一般会比后续批次更长,比如金丝雀10 分钟,后续间隔 2分钟)。
kubectl explain deploy
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 | KIND: Deployment VERSION: extensions/v1beta1 DESCRIPTION: DEPRECATED - This group version of Deployment is deprecated by apps/v1beta2/Deployment. See the release notes for more information. Deployment enables declarative updates for Pods and ReplicaSets. #我们使用apps/v1 FIELDS: apiVersion < string > APIVersion defines the versioned schema of this representation of an object . Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https: //git.k8s.io/community/contributors/devel/api-conventions.md#resources kind < string > Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https: //git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds metadata <Object> Standard object metadata. spec <Object> Specificatio of the desired behavior of the Deployment. status <Object> Most recently observed status of the Deployment. |
kubectl explain deploy.spec
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 | KIND: Deployment VERSION: extensions/v1beta1 RESOURCE: spec <Object> DESCRIPTION: Specification of the desired behavior of the Deployment. DeploymentSpec is the specification of the desired behavior of the Deployment. FIELDS: minReadySeconds <integer> Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready) paused <boolean> Indicates that the deployment is paused and will not be processed by the deployment controller. #暂停,当我们更新的时候创建pod先暂停,不是立即更新 progressDeadlineSeconds <integer> The maximum time in seconds for a deployment to make progress before it is considered to be failed. The deployment controller will continue to process failed deployments and a condition with a ProgressDeadlineExceeded reason will be surfaced in the deployment status. Note that progress will not be estimated during the time a deployment is paused. This is not set by default . replicas <integer> Number of desired pods. This is a pointer to distinguish between explicit zero and not specified. Defaults to 1. revisionHistoryLimit <integer> The number of old ReplicaSets to retain to allow rollback. This is a pointer to distinguish between explicit zero and not specified. #保留的历史版本数,默认是10个 rollbackTo <Object> DEPRECATED. The config this deployment is rolling back to. Will be cleared after rollback is done. selector <Object> Label selector for pods. Existing ReplicaSets whose pods are selected by this will be the ones affected by this deployment. strategy <Object> The deployment strategy to use to replace existing pods with new ones. #更新策略,支持的滚动更新策略 template <Object> -required- Template describes the pods that will be created. |
kubectl explain deploy.spec.strategy
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 | KIND: Deployment VERSION: extensions/v1beta1 RESOURCE: strategy <Object> DESCRIPTION: The deployment strategy to use to replace existing pods with new ones. DeploymentStrategy describes how to replace existing pods with new ones. FIELDS: rollingUpdate <Object> Rolling update config params . Present only if DeploymentStrategyType = RollingUpdate. type < string > Type of deployment. Can be "Recreate" or "RollingUpdate" . Default is RollingUpdate. #支持两种更新,Recreate和RollingUpdate #Recreate是重建式更新,删除一个更新一个 #RollingUpdate 滚动更新,定义滚动更新的更新方式的,也就是pod能多几个,少几个,控制更新力度的 |
kubectl explain deploy.spec.strategy.rollingUpdate
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 | KIND: Deployment VERSION: extensions/v1beta1 RESOURCE: rollingUpdate <Object> DESCRIPTION: Rolling update config params . Present only if DeploymentStrategyType = RollingUpdate. Spec to control the desired behavior of rolling update. FIELDS: maxSurge < string > The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. By default , a value of 1 is used. Example: when this is set to 30%, the new RC can be scaled up immediately when the rolling update starts, such that the total number of old and new pods do not exceed 130% of desired pods. Once old pods have been killed, new RC can be scaled up further, ensuring that total number of pods running at any time during the update is atmost 130% of desired pods. #我们更新的过程当中最多允许超出的指定的目标副本数有几个; 它有两种取值方式,第一种直接给定数量 第二种根据百分比,百分比表示原本是5个,最多可以超出20%,那就允许多一个 最多可以超过40%,那就允许多两个 maxUnavailable < string > The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. By default , a fixed value of 1 is used. Example: when this is set to 30%, the old RC can be scaled down to 70% of desired pods immediately when the rolling update starts. Once new pods are ready, old RC can be scaled down further, followed by scaling up the new RC, ensuring that the total number of pods available at all times during the update is at least 70% of desired pods. #最多允许几个不可用 |
cd /root/demo-test
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 | apiVersion: apps/v1 kind: Deployment metadata: name: myapp-deploy namespace : test spec: replicas: 3 selector: matchLabels: app: myapp release: canary template: metadata: labels: app: myapp release: canary spec: containers: - name: myapp image: myapp:v1 ports: - name: http containerPort: 80 |
kubectl apply -f deploy-demo.yaml
kubectl get deploy -n test
kubectl get rs -n test
kubectl get pods -n test
1 | kubectl apply -f deploy-demo.yaml |
kubectl get pods
kubectl describe deploy myapp
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 | Name: myapp-deploy Namespace: default CreationTimestamp: Thu, 27 Dec 2018 15:47:48 +0800 Labels: <none> Annotations: deployment.kubernetes.io/revision=1 kubectl.kubernetes.io/last-applied-configuration= { "apiVersion" : "apps/v1" , "kind" : "Deployment" , "metadata" :{ "annotations" :{}, "name" :"myapp- deploy "," namespace ":" default "}," spec ":{" replicas ":3," selector":{... Selector: app=myapp,release=canary Replicas: 3 desired | 3 updated | 3 total | 3 available | 0 unavailable StrategyType: RollingUpdate #默认的更新策略rollingUpdate MinReadySeconds: 0 RollingUpdateStrategy: 25% max unavailable, 25% max surge #最多允许多25%个pod,25%表示不足一个,可以补一个 Pod Template: Labels: app=myapp release=canary Containers: myapp: Image: ikubernetes/myapp:v1 Port: 80/TCP Host Port: 0/TCP Environment: <none> Mounts: <none> Volumes: <none> Conditions: Type Status Reason ---- ------ ------ Progressing True NewReplicaSetAvailable Available True MinimumReplicasAvailable OldReplicaSets: <none> NewReplicaSet: myapp-deploy-69b47bc96d (3/3 replicas created) Events: Type Reason Age From Message ---- ------ ---- ---- ------- Normal ScalingReplicaSet 26m deployment-controller Scaled up replica set myapp- deploy-69b47bc96d to 2 Normal ScalingReplicaSet 4m deployment-controller Scaled up replica set myapp- deploy-69b47bc96d to 3 |
kubectl get pods -l app=myapp -n test -w,(也可以使用kubectl rollout statusdeployment myapp-deploy,显示Waiting for deployment "myapp-deploy"rollout to finish: 1 out of 5 new replicas have been updated),下面命令执行完之后显示如下,之前的pod还在,新创建了一个pod,没有立即删除。
kubectl set image deployment myapp-deploy myapp:v2 -n test && kubectl rolloutpause deployment myapp-deploy -n test
kubectl get pods -l app=myapp -n test -w
kubectl rollout resume deployment myapp-deploy -n test
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 | myapp-deploy-6bdcd6755d-llrw8 0/1 Pending 0 0s myapp-deploy-6bdcd6755d-llrw8 0/1 ContainerCreating 0 0s myapp-deploy-67f6f6b4dc-7cs8v 0/1 Terminating 0 1h myapp-deploy-67f6f6b4dc-7cs8v 0/1 Terminating 0 1h myapp-deploy-67f6f6b4dc-7cs8v 0/1 Terminating 0 1h myapp-deploy-67f6f6b4dc-7cs8v 0/1 Terminating 0 1h myapp-deploy-6bdcd6755d-llrw8 1/1 Running 0 16s myapp-deploy-67f6f6b4dc-nhcp2 1/1 Terminating 0 1h myapp-deploy-6bdcd6755d-r4mrl 0/1 Pending 0 0s myapp-deploy-6bdcd6755d-r4mrl 0/1 Pending 0 1s myapp-deploy-6bdcd6755d-r4mrl 0/1 ContainerCreating 0 1s myapp-deploy-67f6f6b4dc-nhcp2 0/1 Terminating 0 1h myapp-deploy-67f6f6b4dc-nhcp2 0/1 Terminating 0 1h myapp-deploy-6bdcd6755d-r4mrl 1/1 Running 0 5s myapp-deploy-67f6f6b4dc-hwx7w 1/1 Terminating 0 1h myapp-deploy-6bdcd6755d-j8nj8 0/1 Pending 0 0s myapp-deploy-6bdcd6755d-j8nj8 0/1 Pending 0 0s myapp-deploy-6bdcd6755d-j8nj8 0/1 ContainerCreating 0 0s myapp-deploy-67f6f6b4dc-nhcp2 0/1 Terminating 0 1h myapp-deploy-67f6f6b4dc-nhcp2 0/1 Terminating 0 1h myapp-deploy-67f6f6b4dc-hwx7w 0/1 Terminating 0 1h myapp-deploy-6bdcd6755d-j8nj8 1/1 Running 0 4s myapp-deploy-67f6f6b4dc-dbcqh 1/1 Terminating 0 1h myapp-deploy-6bdcd6755d-lpk5b 0/1 Pending 0 1s myapp-deploy-6bdcd6755d-lpk5b 0/1 Pending 0 1s myapp-deploy-6bdcd6755d-lpk5b 0/1 ContainerCreating 0 1s myapp-deploy-67f6f6b4dc-dbcqh 0/1 Terminating 0 1h myapp-deploy-6bdcd6755d-lpk5b 1/1 Running 0 4s myapp-deploy-67f6f6b4dc-b4wfc 1/1 Terminating 0 1h myapp-deploy-67f6f6b4dc-b4wfc 0/1 Terminating 0 1h myapp-deploy-67f6f6b4dc-hwx7w 0/1 Terminating 0 1h myapp-deploy-67f6f6b4dc-hwx7w 0/1 Terminating 0 1h myapp-deploy-67f6f6b4dc-b4wfc 0/1 Terminating 0 1h myapp-deploy-67f6f6b4dc-b4wfc 0/1 Terminating 0 1h myapp-deploy-67f6f6b4dc-dbcqh 0/1 Terminating 0 1h myapp-deploy-67f6f6b4dc-dbcqh 0/1 Terminating 0 1h |
kubectl get rs -n test
kubectl rollout history deployment myapp-deploy -n test
kubectl get rs -n test -o wide
(1) kubectl get pods -l app=myapp -n test -w
cd /root/demo_test
cat deploy-demo.yaml
kubectl apply -f deploy-demo.yaml
在另外一个窗口执行kubectl get rs -n test,显示如下:
上面可以看到rs有两个,上面那个是升级之前的,已经被停掉,但是可以随时回滚,kubectl rollout history deployment myapp-deploy -n test
kubectl rollout undo作如下:
(2) 扩容到5个
cat deploy-demo.yaml
kubectl apply -f deploy-demo.yaml
kubectl get pods -n test显示如下:
kubectl patch deployment myapp-deploy -p '{"spec":{"strategy":{"rollingUpdate":{"maxSurge":1,"maxUnavailable":0}}}}' -n test
kubectl describe deployment myapp-deploy -n test
上面可以看到RollingUpdateStrategy: 0 max unavailable, 1 max surge
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 | apiVersion: apps/v1 kind: Deployment metadata: name: myapp-v1 namespace : blue-green spec: replicas: 3 selector: matchLabels: app: myapp version: v1 template: metadata: labels: app: myapp version: v1 spec: containers: - name: myapp image: janakiramm/myapp:v1 imagePullPolicy: IfNotPresent ports: - containerPort: 80 |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 | lv.yaml配置文件内容如下: apiVersion: apps/v1 kind: Deployment metadata: name: myapp-v2 namespace : blue-green spec: replicas: 3 selector: matchLabels: app: myapp version: v2 template: metadata: labels: app: myapp version: v2 spec: containers: - name: myapp image: janakiramm/myapp:v2 imagePullPolicy: IfNotPresent ports: - containerPort: 80 |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 | service_lanlv.yaml 配置文件内容如下: apiVersion: v1 kind: Service metadata: name: myapp-lan namespace : blue-green labels: app: myapp version: v1 spec: type: NodePort ports: - port: 80 nodePort: 30062 name: http selector: app: myapp version: v1 cd /root/demo_test/lanlv kubectl apply -f lan.yaml kubectl apply -f lv.yaml kubectl get pods -n blue-green 显示如下: |
上面可以看到有两个pod,一个是myapp-v1这个是蓝程序(升级之前的程序),一个是myapp-v2这个是绿程序(升级之后的程序),蓝绿程序一起运行kubectl apply -f service_lanlv.yaml
kubectl get svc -n blue-green
在浏览器访问http://<k8s集群任何一个节点ip>:port 显示如下:
修改service_lanlv.yaml 配置文件,修改标签,让其匹配到绿程序(升级之后的程序)
service_lv.yaml 文件内容如下:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 | apiVersion: v1 kind: Service metadata: name: myapp-lan namespace : blue-green labels: app: myapp version: v2 spec: type: NodePort ports: - port: 80 nodePort: 30062 name: http selector: app: myapp version: v2 kubectl apply -f service_lv.yaml |
kubectl get svc -n blue-green 显示如下: