部署spinnaker

 

 

直接登录官网部署,修改拉取镜像地址可以参考以下文档,

 https://blog.csdn.net/saynaihe/article/details/121175162

https://blog.csdn.net/qq_22917163/article/details/108623113

 

使用docker运行halyard容器
因为采用halyard的方式部署spinnaker的过程中需要访问国外的网站拉去一些配置,所以运行halyard容器的主机能够访问到过往的网站,在一些博客中,博主们使用代理的方式。再次,因为此次实践,全部基于阿里云ACK,所以我们可以直接按量付费买一台香港的服务器来充当运行halyard的主机,部署完以后,可以将磁盘做成镜像,然后释放,节省开销,在需要更新spinnaker的时候,利用备份的镜像重新启用该halyard主机即可。

安装docker
如上所述,我们在香港购买一台ECS后,配置docker运行环境。

[root@idc-hk-proxy ~]# wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo
[root@idc-hk-proxy ~]# yum install -y docker-ce-18.06.1.ce-3.el7
[root@idc-hk-proxy ~]# systemctl start docker
1
2
3
运行halyard容器
1.在物理节点上创建目录

[root@idc-hk-proxy ~]# mkdir ~/.hal
[root@idc-hk-proxy ~]# chmod 777 ~/.hal
1
2
2.运行halyard容器

[root@idc-hk-proxy ~]# docker run -p8084:8084 -p9000:9000 --name halyard --rm -v ~/.hal:/home/spinnaker/.hal -it gcr.io/spinnaker-marketplace/halyard:stable
1
3.配置集群凭据,让halyard容器可以通过kubectl操作k8s集群
进入容器中

[root@idc-hk-proxy ~]# docker exec -it halyard bash
1
创建.kube目录

mkdir ~/.kube
1
复制阿里云集群的凭据到 $HOME/.kube/config 目录下
测试在halyard容器中是否可以访问到集群资源

bash-5.0$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
jenkins Ready <none> 147d v1.18.2
microniu-mysql Ready <none> 154d v1.18.1
microniu-srv01 Ready <none> 168d v1.18.0
microniu-srv02 Ready <none> 168d v1.18.0
microniu-srv03 Ready <none> 168d v1.18.0
microniu-srv04 Ready <none> 120d v1.18.2
1
2
3
4
5
6
7
8
配置docker-registry provider
因为spinnaker部署的时候默认是去gcr.io上拉去相关的镜像,在国内的集群无法访问到该站点,所以我们可以在运行halyard容器的节点(香港服务器)上拉取下来所有要用到的镜像,然后打tag传到我们的私有镜像仓库,让pod启动的时候到我们制定的镜像仓库拉去相关镜像。

bash-5.0$ hal config provider docker-registry account add registry-aliyun \
> --no-validate \
--address registry.cn-beijing.aliyuncs.com/ \
--username '账号' \
--password '密码'
1
2
3
4
5
配置k8s provider
bash-5.0$ hal config provider kubernetes enable
bash-5.0$ CONTEXT=$(kubectl config current-context)
bash-5.0$ hal config provider kubernetes account add k8s-v2-account \
> --provider-version v2 \
> --context $CONTEXT \
> --docker-registries registry-aliyun
1
2
3
4
5
6
选择Spinnaker的部署环境
bash-5.0$ ACCOUNT=k8s-v2-account
bash-5.0$ hal config deploy edit --type distributed --account-name $ACCOUNT
1
2
创建存储,用来保存spinnaker需要持久保存的数据
在k8s集群中采用helm的方式部署minio(以下操作在可以管理集群的机器上执行)

helm fetch apphub/minio --untar --untardir .
1
修改value.yaml文件中的配置,按需修改persistence、ingress等部分,修改accessKey、secretKey,在安装期间创建所需bucket如下:
buckets:

name: spinnaker
policy: none
purge: false

helm install --name minio --namespace database -f minio/values.yaml ./minio
1
安装完登录后界面如下


配置存储信息
在hal pod中继续执行以下步骤:

bash-5.0$ mkdir -p ~/.hal/default/profiles
bash-5.0$ echo "spinnaker.s3.versioning: false" >> ~/.hal/default/profiles/front50-local.yml
bash-5.0$ hal config storage edit --type s3
bash-5.0$ ENDPOINT=http://minio.database:9000 //minio的svc
bash-5.0$ MINIO_ACCESS_KEY=ACCESS_KEY //上边部署minio的ACCESS_KEY
bash-5.0$ MINIO_SECRET_KEY=SECRET_KEY //上边部署minio的SECRET_KEY
bash-5.0$ echo $MINIO_SECRET_KEY | hal config storage s3 edit --endpoint $ENDPOINT \
> --path-style-access true \
> --bucket spinnaker \
> --root-folder spinnaker \
> --access-key-id $MINIO_ACCESS_KEY \
> --secret-access-key
1
2
3
4
5
6
7
8
9
10
11
12
部署spinnaker
列出并选择一个版本 注意:此处会从Google Cloud上获取一个versions.yml文件,这就是为什么要在香港服务器上运行halyard容器的原因

bash-5.0$ hal version list //列出可用版本
bash-5.0$ hal config version edit --version 1.22.1 //指定要部署的版本
bash-5.0$ hal version bom 1.22.1 //获得所选版本spinnaker各组件的版本
输出:
+ Get BOM for 1.22.1
Success
version: 1.22.1
timestamp: '2020-08-31 13:56:09'
services:
echo:
version: 2.14.0-20200817170018
commit: 62127327e4fef43a0516e8b9a134314eb18c1d6d
clouddriver:
version: 6.11.0-20200818115831
commit: 618921b0d0f8f9f1aed30e16a8f44abff6348acd
deck:
version: 3.3.0-20200818132306
commit: dab7ae79387031b55f87f0b5051d7e2d29227b68
fiat:
version: 1.13.0-20200817170018
commit: 0057cc6ddc5c1a5c82a25805da041d6ae28e7dcd
front50:
version: 0.25.1-20200831095512
commit: efaea57fa2ef04fb5e23ed75cfdf41baa89fa6d4
gate:
version: 1.18.1-20200825122721
commit: 72c2cefbcd18392814e04f98099ce711772b1669
igor:
version: 1.12.0-20200817200018
commit: f5b738fedddce00b6151776c6044f97e235af60d
kayenta:
version: 0.17.0-20200817170018
commit: ed5ba538f40a992b903eeb2957d45541b3c2f4d1
orca:
version: 2.16.0-20200817170018
commit: 05050949193e4121a7f93142d6b2857038a14f1b
rosco:
version: 0.21.1-20200827112228
commit: 0623c464a72cd8aa2cccc02a85fd19a80f10a62e
defaultArtifact: {}
monitoring-third-party:
version: 0.18.1-20200818110019
commit: 94826ddef6ce457a077987ebb5a52d2dcaede573
monitoring-daemon:
version: 0.18.1-20200818110019
commit: 94826ddef6ce457a077987ebb5a52d2dcaede573
dependencies:
redis:
version: 2:2.8.4-2
consul:
version: 0.7.5
vault:
version: 0.7.0
artifactSources:
debianRepository: https://dl.bintray.com/spinnaker-releases/debians
dockerRegistry: gcr.io/spinnaker-marketplace
googleImageProject: marketplace-spinnaker-release
gitPrefix: https://github.com/spinnaker
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
根据输出里边的各组件的版本从google拉取镜像,打tag重新push到你的私有仓库
例如:

docker pull gcr.io/spinnaker-marketplace/echo:2.14.0-20200817170018
docker tag gcr.io/spinnaker-marketplace/echo:2.14.0-20200817170018 registry.cn-beijing.aliyuncs.com/niu-idc/echo:2.14.0-20200817170018
docker push registry.cn-beijing.aliyuncs.com/niu-idc/echo:2.14.0-20200817170018
1
2
3
注意,依赖redis

docker pull gcr.io/kubernetes-spinnaker/redis-cluster:v2
docker tag gcr.io/kubernetes-spinnaker/redis-cluster:v2 registry.cn-beijing.aliyuncs.com/niu-idc/redis-cluster:v2
docker push registry.cn-beijing.aliyuncs.com/niu-idc/redis-cluster:v2
1
2
3
在.hal的目录下找到对应的目录,修改artifactId、overrideBaseUrl、imagePullSecret

cd service-settings/
mkdir service-settings
//创建如下文件,文件内容如下
ls .hal/default/service-settings
clouddriver.yml deck.yml echo.yml fiat.yml front50.yml gate.yml igor.yml kayenta.yml orca.yml redis.yml rosco.yml
cat *
artifactId: registry.cn-beijing.aliyuncs.com/niu-idc/clouddriver:4.3.5-20190307172446
kubernetes:
imagePullSecrets:
- registry-aliyun

artifactId: registry.cn-beijing.aliyuncs.com/niu-idc/deck:2.7.5-20190308182538
kubernetes:
imagePullSecrets:
- registry-aliyun
overrideBaseUrl: http://spin.spinnaker.com

artifactId: registry.cn-beijing.aliyuncs.com/niu-idc/echo:2.3.1-20190214121429
kubernetes:
imagePullSecrets:
- registry-aliyun

artifactId: registry.cn-beijing.aliyuncs.com/niu-idc/iat:1.3.2-20190128153726
kubernetes:
imagePullSecrets:
- registry-aliyun

artifactId: registry.cn-beijing.aliyuncs.com/niu-idc/front50:0.15.2-20190222161456
kubernetes:
imagePullSecrets:
- registry-aliyun

artifactId: registry.cn-beijing.aliyuncs.com/niu-idc/gate:1.5.2-20190301030607
kubernetes:
imagePullSecrets:
- registry-aliyun
overrideBaseUrl: http://gate.spinnaker.com

artifactId: registry.cn-beijing.aliyuncs.com/niu-idc/igor:1.1.1-20190213190226
kubernetes:
imagePullSecrets:
- registry-aliyun

artifactId: registry.cn-beijing.aliyuncs.com/niu-idc/kayenta:0.6.1-20190221030610
kubernetes:
imagePullSecrets:
- registry-aliyun

artifactId: registry.cn-beijing.aliyuncs.com/niu-idc/orca:2.4.0-20190308182538
kubernetes:
imagePullSecrets:
- registry-aliyun

artifactId: registry.cn-beijing.aliyuncs.com/niu-idc/redis-cluster:v2
kubernetes:
imagePullSecrets:
- registry-aliyun

artifactId: registry.cn-beijing.aliyuncs.com/niu-idc/rosco:0.9.0-20190123170846
kubernetes:
imagePullSecrets:
- registry-aliyun
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
根据自己实际情况修改overrideBaseUrl、镜像、镜像拉取secret

bash-5.0$ hal deploy apply //部署到指定的k8s中
1
等待一段时间,等所有的pod起来

➜ ~ kubectl get pods -n spinnaker
NAME READY STATUS RESTARTS AGE
spin-clouddriver-658d4b9f7c-mqpdz 1/1 Running 0 23h
spin-deck-5dd8b7b9cf-vccg6 1/1 Running 0 30h
spin-echo-67f9bb8f97-96g9g 1/1 Running 0 23h
spin-front50-6f4898b5d-zhcc5 1/1 Running 0 30h
spin-gate-9646b7884-wfrf6 1/1 Running 0 30h
spin-igor-d875459bb-q6bsd 1/1 Running 0 23h
spin-orca-5dbc6b6954-j4klc 1/1 Running 0 30h
spin-redis-5476486cbc-llcjr 1/1 Running 0 30h
spin-rosco-f66847bb4-b2fr7 1/1 Running 0 30h
1
2
3
4
5
6
7
8
9
10
11
部署deck和gate的ingress

cat spin-ingress.yaml
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: deck-ingress
namespace: spinnaker
annotations:
kubernetes.io/ingress.class: "nginx"
spec:
rules:
- host: spinnaker.test.com
http:
paths:
- path: /
backend:
serviceName: spin-deck
servicePort: 9000
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: gate-ingress
namespace: spinnaker
annotations:
kubernetes.io/ingress.class: "nginx"
spec:
rules:
- host: gate.test.com
http:
paths:
- path: /
backend:
serviceName: spin-gate
servicePort: 8084
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
!!!注意将host改为你自己的访问域名
————————————————
版权声明:本文为CSDN博主「浅抒流年」的原创文章,遵循CC 4.0 BY-SA版权协议,转载请附上原文出处链接及本声明。
原文链接:https://blog.csdn.net/qq_22917163/article/details/108623113

posted @ 2023-03-17 12:42  李瑞鑫  阅读(212)  评论(0编辑  收藏  举报