k8s应用一套yaml配置参考
从ingress详情和配置来看,有两个svc,一个svc是ingress在往后调度;另外一个是kong网关专用的,直接在空网关里配置,用nodeip:nodeport方式配置转到kong svc
1、资源
[root@kubemaster001.mcw.com mcw]# kubectl get ingress --all-namespaces|grep ai-mcwapp myprodns ai-mcwapp-cn-ing <none> gatewaykong-prod-api.daqiecn.com 80 289d [root@kubemaster001.mcw.com mcw]# [root@kubemaster001.mcw.com mcw]# kubectl get svc --all-namespaces|grep ai-mcwapp- myprodns ai-mcwapp-cn-svc ClusterIP 172.160.13.113 <none> 9090/TCP 287d myprodns ai-mcwapp-kong-svc NodePort 172.160.5.133 <none> 9090:30924/TCP 287d [root@kubemaster001.mcw.com mcw]# kubectl get deploy --all-namespaces|grep ai-mcwapp myprodns ai-mcwapp-cn-deploy 2/2 2 2 289d
2、配置
[root@kubemaster001.mcw.com mcw]# kubectl get ingress ai-mcwapp-cn-ing -n myprodns -o yaml apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: kubernetes.io/ingress.class: nginx creationTimestamp: "2023-08-19T12:46:31Z" generation: 1 labels: app: ai-mcwapp-cn comb: BJ name: ai-mcwapp-cn-ing namespace: myprodns resourceVersion: "67467990" uid: 527368e3-b37f-476f-9147-934326587306 spec: rules: - host: gatewaykong-prod-api.daqiecn.com http: paths: - backend: service: name: ai-mcwapp-cn-svc port: number: 9090 path: / pathType: Prefix status: loadBalancer: {} [root@kubemaster001.mcw.com mcw]# [root@kubemaster001.mcw.com mcw]# [root@kubemaster001.mcw.com mcw]# [root@kubemaster001.mcw.com mcw]# kubectl get deploy ai-mcwapp-cn-deploy -n myprodns -o yaml apiVersion: apps/v1 kind: Deployment metadata: annotations: deployment.kubernetes.io/revision: "7" creationTimestamp: "2023-08-19T13:12:29Z" generation: 8 labels: app: ai-mcwapp-cn comb: BJ name: ai-mcwapp-cn-deploy namespace: myprodns resourceVersion: "156067059" uid: a713162e-0e50-4a82-96f1-b5eaf1e74fde spec: progressDeadlineSeconds: 600 replicas: 2 revisionHistoryLimit: 10 selector: matchLabels: app: ai-mcwapp-cn comb: BJ strategy: rollingUpdate: maxSurge: 1 maxUnavailable: 0 type: RollingUpdate template: metadata: creationTimestamp: null labels: app: ai-mcwapp-cn comb: BJ spec: containers: - command: - java - -Xms2G - -Xmx2G - -XX:MetaspaceSize=128M - -XX:MaxMetaspaceSize=128M - -Xss256K - -XX:+UseConcMarkSweepGC - -XX:CMSFullGCsBeforeCompaction=5 - -XX:+UseCMSCompactAtFullCollection - -XX:CMSInitiatingOccupancyFraction=80 - -XX:+HeapDumpOnOutOfMemoryError - -XX:HeapDumpPath=./logs/ - -DserverName=ai-mcwapp - -jar - /app.jar env: - name: SERVER_ENV value: ali - name: SPRING_PROFILES_ACTIVE value: ali - name: EGG_SERVER_ENV value: ali - name: FF_CMD_DISABLE_DELAYED_ERROR_LEVEL_EXPANSION value: "false" - name: FF_USE_LEGACY_BUILDS_DIR_FOR_DOCKER value: "false" - name: FF_USE_LEGACY_VOLUMES_MOUNTING_ORDER value: "false" - name: JAVA_PROJECT_PATH value: ai-mcwapp-web image: qa-roc.daqiecn.com/deploy_prod/common-service/ai-mcwapp-cn:v1.6.0_20240930_cn_18980438b imagePullPolicy: Always lifecycle: preStop: exec: command: - sh - -c - ps -efH|grep 'java'| grep -v 'grep'| awk '{print $2}' |xargs kill -15 livenessProbe: failureThreshold: 3 httpGet: path: /argus/health port: 9090 scheme: HTTP initialDelaySeconds: 300 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 name: app ports: - containerPort: 9090 name: http protocol: TCP readinessProbe: failureThreshold: 3 httpGet: path: /argus/health port: 9090 scheme: HTTP initialDelaySeconds: 300 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 resources: limits: cpu: "2" memory: 4000Mi requests: cpu: "1" memory: 2000Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /usr/local/share/GeoIP name: geoipdir - image: qa-roc.daqiecn.com/app-dev/flume-ali:latest imagePullPolicy: Always livenessProbe: exec: command: - /daqie/daqieagent/healthcheck failureThreshold: 3 initialDelaySeconds: 3 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 name: daqieagent ports: - containerPort: 5000 protocol: UDP - containerPort: 5001 protocol: TCP - containerPort: 5002 protocol: TCP - containerPort: 8125 protocol: UDP - containerPort: 8094 protocol: UDP resources: limits: cpu: 500m memory: 1000Mi requests: cpu: 100m memory: 300Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: File dnsPolicy: ClusterFirst imagePullSecrets: - name: registrykey initContainers: - image: qa-roc.daqiecn.com/library/geoip:latest imagePullPolicy: Always name: initgeoip resources: {} terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /usr/local/share/GeoIP name: geoipdir restartPolicy: Always schedulerName: default-scheduler securityContext: {} terminationGracePeriodSeconds: 30 volumes: - emptyDir: {} name: geoipdir status: availableReplicas: 2 conditions: - lastTransitionTime: "2023-08-21T01:44:23Z" lastUpdateTime: "2023-09-12T02:06:35Z" message: ReplicaSet "ai-mcwapp-cn-deploy-db694c657" has successfully progressed. reason: NewReplicaSetAvailable status: "True" type: Progressing - lastTransitionTime: "2024-05-08T07:01:44Z" lastUpdateTime: "2024-05-08T07:01:44Z" message: Deployment has minimum availability. reason: MinimumReplicasAvailable status: "True" type: Available observedGeneration: 8 readyReplicas: 2 replicas: 2 updatedReplicas: 2 [root@kubemaster001.mcw.com mcw]# [root@kubemaster001.mcw.com mcw]# kubectl get svc ai-mcwapp-cn-svc -n myprodns -o yaml apiVersion: v1 kind: Service metadata: creationTimestamp: "2023-08-21T06:49:37Z" name: ai-mcwapp-cn-svc namespace: myprodns resourceVersion: "67822721" uid: 73ed9734-8340-4955-81b1-e7836d23ff75 spec: clusterIP: 172.160.13.113 clusterIPs: - 172.160.13.113 internalTrafficPolicy: Cluster ipFamilies: - IPv4 ipFamilyPolicy: SingleStack ports: - name: ai-mcwapp-cn port: 9090 protocol: TCP targetPort: 9090 selector: app: ai-mcwapp-cn comb: BJ sessionAffinity: None type: ClusterIP status: loadBalancer: {} [root@kubemaster001.mcw.com mcw]# [root@kubemaster001.mcw.com mcw]# kubectl get svc ai-mcwapp-kong-svc -n myprodns -o yaml apiVersion: v1 kind: Service metadata: creationTimestamp: "2023-08-21T06:49:37Z" name: ai-mcwapp-kong-svc namespace: myprodns resourceVersion: "67822718" uid: 6e7a16a5-4d01-41d2-87e4-64903c9d78a3 spec: clusterIP: 172.160.5.133 clusterIPs: - 172.160.5.133 externalTrafficPolicy: Cluster internalTrafficPolicy: Cluster ipFamilies: - IPv4 ipFamilyPolicy: SingleStack ports: - name: ai-mcwapp-cn nodePort: 30924 port: 9090 protocol: TCP targetPort: 9090 selector: app: ai-mcwapp-cn comb: BJ sessionAffinity: None type: NodePort status: loadBalancer: {} [root@kubemaster001.mcw.com mcw]#
容器里面,service的配置。可以通过nodePort访问到这个服务。svc的clusterip 的9090转到容器的9090端口。port是svc端口,targetPort是容器内服务端口,容器内服务可能起来很多个端口,但是容器的yaml配置文件不一定会体现出来。但是可以用svc来将容器端口暴露出来
ports:
- name: ai-mcwapp-cn
nodePort: 30924
port: 9090
protocol: TCP
targetPort: 9090
3、详情
[root@kubemaster001.mcw.com mcw]# kubectl describe ingress ai-mcwapp-cn-ing -n myprodns Name: ai-mcwapp-cn-ing Labels: app=ai-mcwapp-cn comb=BJ Namespace: myprodns Address: Default backend: default-http-backend:80 (<error: endpoints "default-http-backend" not found>) Rules: Host Path Backends ---- ---- -------- gatewaykong-prod-api.daqiecn.com / ai-mcwapp-cn-svc:9090 (172.161.3.253:9090,172.161.5.250:9090) Annotations: kubernetes.io/ingress.class: nginx Events: <none> [root@kubemaster001.mcw.com mcw]# [root@kubemaster001.mcw.com mcw]# kubectl describe deploy ai-mcwapp-cn-deploy -n myprodns Name: ai-mcwapp-cn-deploy Namespace: myprodns CreationTimestamp: Sat, 19 Aug 2023 21:12:29 +0800 Labels: app=ai-mcwapp-cn comb=BJ Annotations: deployment.kubernetes.io/revision: 7 Selector: app=ai-mcwapp-cn,comb=BJ Replicas: 2 desired | 2 updated | 2 total | 2 available | 0 unavailable StrategyType: RollingUpdate MinReadySeconds: 0 RollingUpdateStrategy: 0 max unavailable, 1 max surge Pod Template: Labels: app=ai-mcwapp-cn comb=BJ Init Containers: initgeoip: Image: qa-roc.daqiecn.com/library/geoip:latest Port: <none> Host Port: <none> Environment: <none> Mounts: /usr/local/share/GeoIP from geoipdir (rw) Containers: app: Image: qa-roc.daqiecn.com/deploy_prod/common-service/ai-mcwapp-cn:v1.6.0_20240930_cn_18980438b Port: 9090/TCP Host Port: 0/TCP Command: java -Xms2G -Xmx2G -XX:MetaspaceSize=128M -XX:MaxMetaspaceSize=128M -Xss256K -XX:+UseConcMarkSweepGC -XX:CMSFullGCsBeforeCompaction=5 -XX:+UseCMSCompactAtFullCollection -XX:CMSInitiatingOccupancyFraction=80 -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=./logs/ -DserverName=ai-mcwapp -jar /app.jar Limits: cpu: 2 memory: 4000Mi Requests: cpu: 1 memory: 2000Mi Liveness: http-get http://:9090/argus/health delay=300s timeout=1s period=10s #success=1 #failure=3 Readiness: http-get http://:9090/argus/health delay=300s timeout=1s period=10s #success=1 #failure=3 Environment: SERVER_ENV: ali SPRING_PROFILES_ACTIVE: ali EGG_SERVER_ENV: ali FF_CMD_DISABLE_DELAYED_ERROR_LEVEL_EXPANSION: false FF_USE_LEGACY_BUILDS_DIR_FOR_DOCKER: false FF_USE_LEGACY_VOLUMES_MOUNTING_ORDER: false JAVA_PROJECT_PATH: ai-mcwapp-web Mounts: /usr/local/share/GeoIP from geoipdir (rw) daqieagent: Image: qa-roc.daqiecn.com/app-dev/flume-ali:latest Ports: 5000/UDP, 5001/TCP, 5002/TCP, 8125/UDP, 8094/UDP Host Ports: 0/UDP, 0/TCP, 0/TCP, 0/UDP, 0/UDP Limits: cpu: 500m memory: 1000Mi Requests: cpu: 100m memory: 300Mi Liveness: exec [/daqie/daqieagent/healthcheck] delay=3s timeout=1s period=10s #success=1 #failure=3 Environment: <none> Mounts: <none> Volumes: geoipdir: Type: EmptyDir (a temporary directory that shmcw a pod's lifetime) Medium: SizeLimit: <unset> Conditions: Type Status Reason ---- ------ ------ Progressing True NewReplicaSetAvailable Available True MinimumReplicasAvailable OldReplicaSets: <none> NewReplicaSet: ai-mcwapp-cn-deploy-db694c657 (2/2 replicas created) Events: <none> [root@kubemaster001.mcw.com mcw]# kubectl describe svc ai-mcwapp-cn-svc -n myprodns Name: ai-mcwapp-cn-svc Namespace: myprodns Labels: <none> Annotations: <none> Selector: app=ai-mcwapp-cn,comb=BJ Type: ClusterIP IP Family Policy: SingleStack IP Families: IPv4 IP: 172.160.13.113 IPs: 172.160.13.113 Port: ai-mcwapp-cn 9090/TCP TargetPort: 9090/TCP Endpoints: 172.161.3.253:9090,172.161.5.250:9090 Session Affinity: None Events: <none> [root@kubemaster001.mcw.com mcw]# [root@kubemaster001.mcw.com mcw]# kubectl describe svc ai-mcwapp-kong-svc -n myprodns Name: ai-mcwapp-kong-svc Namespace: myprodns Labels: <none> Annotations: <none> Selector: app=ai-mcwapp-cn,comb=BJ Type: NodePort IP Family Policy: SingleStack IP Families: IPv4 IP: 172.160.5.133 IPs: 172.160.5.133 Port: ai-mcwapp-cn 9090/TCP TargetPort: 9090/TCP NodePort: ai-mcwapp-cn 30924/TCP Endpoints: 172.161.3.253:9090,172.161.5.250:9090 Session Affinity: None External Traffic Policy: Cluster Events: <none> [root@kubemaster001.mcw.com mcw]#
另外一个应用的yaml参考
ingress
[root@kubemaster001.mcw.com mcw]# kubectl get ingress ai-agent-ing -n myprodns NAME CLASS HOSTS ADDRESS PORTS AGE ai-agent-ing <none> ai-agent-api.mcwai.com 80 47d [root@kubemaster001.mcw.com mcw]# kubectl get ingress ai-agent-ing -n myprodns -o yaml apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: kubernetes.io/ingress.class: nginx creationTimestamp: "2024-04-17T12:45:18Z" generation: 1 name: ai-agent-ing namespace: myprodns resourceVersion: "148999358" uid: a0b888c4-743d-4b1b-8838-ed2a7c365c76 spec: rules: - host: ai-agent-api.daqieai.com http: paths: - backend: service: name: ai-agent-svc port: number: 8000 path: / pathType: Prefix status: loadBalancer: {} [root@kubemaster001.mcw.com mcw]#
service
[root@kubemaster001.mcw.com mcw]# kubectl get svc ai-agent-svc -n myprodns NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE ai-agent-svc ClusterIP 172.160.3.131 <none> 8000/TCP 47d [root@kubemaster001.mcw.com mcw]# kubectl get svc ai-agent-svc -n myprodns -o yaml apiVersion: v1 kind: Service metadata: creationTimestamp: "2024-04-17T12:45:18Z" name: ai-agent-svc namespace: myprodns resourceVersion: "148999354" uid: df489d63-81bf-4ceb-a368-5f43df125fec spec: clusterIP: 172.160.3.131 clusterIPs: - 172.160.3.131 internalTrafficPolicy: Cluster ipFamilies: - IPv4 ipFamilyPolicy: SingleStack ports: - name: ai-agent port: 8000 protocol: TCP targetPort: 8000 selector: app: ai-agent comb: BJ sessionAffinity: None type: ClusterIP status: loadBalancer: {} [root@kubemaster001.mcw.com mcw]#
deployment
[root@kubemaster001.mcw.com mcw]# kubectl get deploy ai-agent-deploy -n myprodns NAME READY UP-TO-DATE AVAILABLE AGE ai-agent-deploy 2/2 2 2 47d [root@kubemaster001.mcw.com mcw]# kubectl get deploy ai-agent-deploy -n myprodns -o yaml apiVersion: apps/v1 kind: Deployment metadata: annotations: deployment.kubernetes.io/revision: "4" creationTimestamp: "2024-04-17T10:13:50Z" generation: 4 labels: app: ai-agent comb: BJ name: ai-agent-deploy namespace: myprodns resourceVersion: "149218094" uid: cefb987c-a91f-41e2-be1d-caea93b8acb2 spec: progressDeadlineSeconds: 600 replicas: 2 revisionHistoryLimit: 10 selector: matchLabels: app: ai-agent comb: BJ strategy: rollingUpdate: maxSurge: 1 maxUnavailable: 0 type: RollingUpdate template: metadata: creationTimestamp: null labels: app: ai-agent comb: BJ spec: containers: - command: - sh - -c - python -u ai-agent/mainV2.py >> ./log.log env: - name: RUN_ENV value: BJ image: qa-roc.daqiecn.com/deploy_prod/ai-100zu/ai-agent:v1.1_cn_m12xio3f8 imagePullPolicy: Always livenessProbe: failureThreshold: 3 initialDelaySeconds: 30 periodSeconds: 10 successThreshold: 1 tcpSocket: port: http timeoutSeconds: 3 name: app ports: - containerPort: 8000 name: http protocol: TCP readinessProbe: failureThreshold: 3 initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 tcpSocket: port: http timeoutSeconds: 3 resources: limits: cpu: "4" memory: 4000Mi requests: cpu: 300m memory: 1000Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: File dnsPolicy: ClusterFirst hostAliases: - hostnames: - api.openai.com ip: 104.18.6.192 - hostnames: - api.openai.com ip: 104.18.7.192 imagePullSecrets: - name: registrykey restartPolicy: Always schedulerName: default-scheduler securityContext: {} terminationGracePeriodSeconds: 30 status: availableReplicas: 2 conditions: - lastTransitionTime: "2024-04-17T12:51:56Z" lastUpdateTime: "2024-04-17T12:51:56Z" message: Deployment has minimum availability. reason: MinimumReplicasAvailable status: "True" type: Available - lastTransitionTime: "2024-04-17T12:51:05Z" lastUpdateTime: "2024-04-18T04:11:08Z" message: ReplicaSet "ai-agent-deploy-779b574f89" has successfully progressed. reason: NewReplicaSetAvailable status: "True" type: Progressing observedGeneration: 4 readyReplicas: 2 replicas: 2 updatedReplicas: 2 [root@kubemaster001.mcw.com mcw]#
发布平台中创建重复资源
others: - _resource_: service _name_: ai-mexxl-admin-job-svc spec: type: NodePort ports: - port: 6785 targetPort: 6785
