k8s应用部署(实际生产环境,无坑版本)
2021-09-14 10:24 luoguoling 阅读(1653) 评论(0) 编辑 收藏 举报一.Docker harbor搭建
二.构建提交镜像
三.安装reloader热更及其k8s部署
一.Docker harbor搭建
1.1 .docker harbor部署(https://www.cnblogs.com/sanduzxcvbnm/p/13724770.html)
1.2 创建docker harbor认证secret
kubectl create secret docker-registry registry-pull-secret --docker-server=10.206.16.4 --docker-username=admin --docker-password=Rolinabc123 --docker-email=xxxx@qq.com
1.3 进入harbor界面,创建项目fronted
二.构建提交镜像
2.1 进入网站目录编写dockerfile
From nginx
WORKDIR /var/www/html
add h5game.xxx.com.tar.gz /var/www/html
2.2 修改客户端docker配置文件支持http
vim /etc/docker/daemon.json
"insecure-registries" : ["10.206.16.4"]
2.3 构建镜像推送到harbor
docker login 10.206.16.4
docker build 10.206.16.4/fronted/h5game.xxx.com:v1 .
docker push 10.206.16.4/fronted/h5game.xxx.com:v1
三.k8s部署
3.0 安装reloader
kubectl apply -f https://raw.githubusercontent.com/stakater/Reloader/master/deployments/kubernetes/reloader.yaml
可以通过reloader和checksum的形式来检测配置文件发生改变触发pod滚动更新
参考文章:https://juejin.cn/post/6993128314055426084
3.1 namespace创建 namespace.yaml
apiVersion: v1
kind: Namespace
metadata:
name: fronted
限定命名空间使用额度
#争对命名空间限额
# kubectl create -f compute-resources.yaml -n fronted
apiVersion: v1
kind: ResourceQuota
metadata:
name: compute-resources
spec:
hard:
pods: "20"
requests.cpu: "1"
requests.memory: 1Gi
limits.cpu: "2"
limits.memory: 4Gi
3.2 configmap配置创建 configmap.yaml
kind: ConfigMap # 对象类型
apiVersion: v1 # api 版本
metadata: # 元数据
name: h5sdk # 对象名称
namespace: fronted
data: # key-value 数据集合
nginx.conf: | # 将 nginx config 配置写入 ConfigMap 中,经典的 php-fpm 代理设置,这里就不再多说了
events {
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
sendfile on;
gzip on;
tcp_nopush on;
tcp_nodelay on;
server_tokens off;
keepalive_timeout 0;
client_body_timeout 10;
client_header_timeout 10;
client_header_buffer_size 1k;
large_client_header_buffers 4 4k;
output_buffers 1 32k;
client_max_body_size 64m;
client_body_buffer_size 256k;
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/html/h5game.sentsss.com;
#index index.php;
server_name _;
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ {
expires 30d;
}
location ~ .*\.(js|css)?$ {
expires 12h;
}
location / {
index index.html index.htm index.php;
if (!-e $request_filename) {
rewrite ^(.*)$ /index.php?s=$1 last;
break;
}
}
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log error;
#location ~ \.php$ {
# include fastcgi_params;
# fastcgi_param REQUEST_METHOD $request_method;
# fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# fastcgi_pass 127.0.0.1:9000;
}
}
3.3 部署文件 deployment.yaml
kind: Deployment
apiVersion: apps/v1
metadata:
name: h5sdk
namespace: fronted
annotations: #检测配置文件的改变来实现pod滚动更新
reloader.stakater.com/auto: "true"
spec:
selector:
matchLabels:
app: h5sdk
replicas: 2
template:
metadata:
labels:
app: h5sdk
spec:
#nodeName: k8s-node-01
imagePullSecrets:
- name: registry-pull-secret
containers:
- name: nginx
image: 10.206.16.4/fronted/www.h5sdk.xxx.com:v1
ports:
- containerPort: 80
volumeMounts:
#- mountPath: /var/www/html
#name: nginx-www
- mountPath: /etc/nginx/nginx.conf
subPath: nginx.conf
name: nginx-config
- mountPath: /var/log/nginx
name: nginx-log
- mountPath: /etc/localtime
name: timezone
#探针查看服务是否可用是否加入service
livenessProbe:
httpGet:
path: /user.html
port: 80
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 1
failureThreshold: 3
timeoutSeconds: 1
readinessProbe:
httpGet:
path: /user.html
port: 80
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 1
failureThreshold: 3
timeoutSeconds: 1
lifecycle:
preStop:
exec:
command: ["/bin/bash","-c","sleep 20"]
resources:
limits:
cpu: 40m
memory: 40Mi
requests:
cpu: 20m
memory: 20Mi
securityContext:
readOnlyRootFilesystem: true
runAsNonRoot: true
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- {key: app, operator: In, values: ["h5sdk"]}
topologyKey: fronted
volumes:
- name: nginx-log
hostPath:
path: /opt/log/nginx/h5sdk
- name: nginx-config
configMap:
name: h5sdk
- name: timezone
hostPath:
path: /usr/share/zoneinfo/Asia/Shanghai
#- name: nginx-www
# emptyDir: {}
3.4 svc的创建 svc.yaml
apiVersion: v1
kind: Service
metadata:
name: h5sdk
namespace: fronted
spec:
selector:
#project: h5sdk
app: h5sdk
ports:
- port: 80
targetPort: 80
3.5 ingress创建 ingress.yaml
kind: Ingress # 对象类型
apiVersion: networking.k8s.io/v1beta1
metadata:
name: h5sdk
namespace: fronted
spec:
rules:
- host: h6game.xxx.com
http:
paths:
- path: /
backend:
serviceName: h5sdk # 需要与servicename一致
servicePort: 80 # 与 Service 的 port 一致
3.6 hpa创建 hpa.yaml(记得提前安装metric)
kind: HorizontalPodAutoscaler # 对象类型,简称 hpa,水平自动伸缩
apiVersion: autoscaling/v2beta2 # autoscaling/v2beta2 与 autoscaling/v1 的 API 有很大的不同,注意识别两者的差异
metadata:
name: h5sdk
namespace: fronted
spec:
scaleTargetRef: # 伸缩的目标对象
apiVersion: apps/v1 # 对象版本
kind: Deployment # 目标对象的类型
name: h5sdk # 目标对象的名称
minReplicas: 2 # 最小副本数
maxReplicas: 4 # 最大副本数
metrics: # 指标
- type: Resource # 类型:资源
resource:
name: memory # 内存
target:
type: Utilization
averageUtilization: 70 # 1% 这个值是为了实验,具体值请参考业务方实际情况而定
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 70
