kubernetes滚动发布实现原理
kubernetes滚动发布实现原理
1. kubernetes滚动发布实现原理
-
滚动发布
每次只升级一个或多个服务,升级完成后加入生产环境,不断执行这个过程,直到集群中的全部旧版升级新版本。
-
优点
- 用户无感知,平滑过渡
-
缺点
- 部署周期长
- 发布策略较复杂
- 不易回滚
-
滚动发布结构图
-
滚动发布
1个 Deployment
2个 ReplicaSet
-
2. 示例
-
修改deploy.yml文件
--- apiVersion: apps/v1 kind: Deployment metadata: name: web namespace: default annotations: # 记录回滚参数 kubernetes.io/change-cause: "$ROLL_BACK" #记录到revision中的内容,记录版本号 spec: replicas: 3 revisionHistoryLimit: 10 # 回滚标识RS历史版本保存数量 selector: matchLabels: app: java-demo strategy: #滚动更新 rollingUpdate: maxSurge: 50% # 滚动更新过程最大pod副本数 maxUnavailable: 50% # 滚动更新过程中最大不可用pod副本数, type: RollingUpdate template: metadata: labels: app: java-demo spec: imagePullSecrets: - name: $SECRET_NAME containers: - name: tomcat image: $IMAGE_NAME ports: - containerPort: 8080 name: web livenessProbe: #存活检查 httpGet: path: / port: 8080 initialDelaySeconds: 60 timeoutSeconds: 5 failureThreshold: 12 readinessProbe: # 健康检查 httpGet: path: / port: 8080 initialDelaySeconds: 60 timeoutSeconds: 5 failureThreshold: 12 --- apiVersion: v1 kind: Service metadata: name: web spec: type: NodePort selector: app: java-demo ports: - protocol: TCP port: 80 targetPort: 8080 --- apiVersion: extensions/v1beta1 kind: Ingress metadata: name: web spec: rules: - host: java.scajy.org http: paths: - path: / backend: serviceName: web servicePort: 80 -
修改jenkinsfile文件
// 公共 def registry = "harbor.scajy.org" // harbor的连接地址 // 项目 def project = "k8s" // harbor的项目目录 def app_name = "java-demo" // 项目名称 def image_name = "${registry}/${project}/${app_name}:${BUILD_NUMBER}" // 推送harbor的全路径,BUILD_NUMBER是取得当前jenkins构建的号,为版本号 def roll_back = "${app_name}-${BUILD_NUMBER}" // 增加回滚标识 def git_address = "git@10.100.24.87:k8s/tomcat_java_demo.git" // 根据项目要更换git地址 def base_image = "${registry}/library/tomcat:latest" // 构建项目需要的基础镜像 // 认证 def secret_name = "registry-pull-secret" def docker_registry_auth = "b6085682-39e7-458f-96c0-f139fe17f2e1" // harbor仓库key,这个key要去jenkins查找 def git_auth = "d8bf675c-5dd4-4bf4-a4f7-4e8c1be1c002" // git代码仓库的key,这个key要去jenkins查找 def k8s_auth = "a16f5236-7cdc-4216-a4ec-c52346751f56" // k8s连接的key podTemplate(label: 'jenkins-slave', cloud: 'kubernetes', containers: [ containerTemplate( name: 'jnlp', // 模板 image: "${registry}/library/jenkins-slave:1.8" // jenkins-slave从服务器镜像 ), ], volumes: [ hostPathVolume(mountPath: '/var/run/docker.sock', hostPath: '/var/run/docker.sock'), hostPathVolume(mountPath: '/usr/bin/docker', hostPath: '/usr/bin/docker') ], ) { node("jenkins-slave"){ // 第一步 stage('拉取代码'){ checkout([$class: 'GitSCM', branches: [[name: '${Branch}']], userRemoteConfigs: [[credentialsId: "${git_auth}", url: "${git_address}"]]]) } // 第二步 stage('代码编译'){ sh "mvn clean package -Dmaven.test.skip=true" } // 第三步 stage('构建镜像'){ withCredentials([usernamePassword(credentialsId: "${docker_registry_auth}", passwordVariable: 'password', usernameVariable: 'username')]) { sh """ echo ' FROM ${base_image} RUN rm -rf /usr/local/tomcat/webapps/* ADD target/*.war /usr/local/tomcat/webapps/ROOT.war ' > Dockerfile ls ls target docker build -t ${image_name} . docker login -u ${username} -p '${password}' ${registry} docker push ${image_name} """ } } // 第四步 stage('部署到K8S平台'){ sh """ sed -i 's#\$IMAGE_NAME#${image_name}#' deploy.yml # k8s 需要的镜像连接地址 sed -i 's#\$SECRET_NAME#${secret_name}#' deploy.yml # k8s 连接harbor证书的名称 sed -i 's#\$ROLL_BACK#${roll_back}#' deploy.yml # k8s 回滚记录标识 """ kubernetesDeploy configs: 'deploy.yml', kubeconfigId: "${k8s_auth}" } } } -
提交到gitlab
-
gitlab验证是否修改
-
jenkins构建发布部署
-
发布前
-
发布后
-
2.1 k8s集群查询验证
-
验证pod
[root@k8s-master git]# kubectl get pods NAME READY STATUS RESTARTS AGE jenkins-0 1/1 Running 0 2d16h nfs-client-provisioner-5d99f8d7b9-562ff 1/1 Running 1 19d nginx-6799fc88d8-9fchc 1/1 Running 0 18d web-69698d5d54-6hfsj 1/1 Running 0 71s web-69698d5d54-mrt9x 1/1 Running 0 71s web-69698d5d54-qphrp 1/1 Running 0 71s web-77774786fc-9g55b 1/1 Terminating 0 30m web-77774786fc-dbmqs 0/1 Terminating 0 30m -
验证回滚标识
[root@k8s-master git]# kubectl rollout history deployment web deployment.apps/web REVISION CHANGE-CAUSE 1 <none> 2 <none> 3 <none> 4 <none> 5 <none> 6 <none> 7 java-demo-15 8 java-demo-16 -
浏览器访问测试
2.2 k8s-集群回滚上一个版本
-
回滚上一版本
# 回滚到上一个版本 [root@k8s-master git]# kubectl rollout undo deployment web deployment.apps/web rolled back -
查看pods是否在回滚
[root@k8s-master git]# kubectl get pods NAME READY STATUS RESTARTS AGE jenkins-0 1/1 Running 0 2d16h nfs-client-provisioner-5d99f8d7b9-562ff 1/1 Running 1 19d nginx-6799fc88d8-9fchc 1/1 Running 0 18d web-69698d5d54-6hfsj 1/1 Running 0 4m48s web-69698d5d54-mrt9x 1/1 Running 0 4m48s web-69698d5d54-qphrp 0/1 Terminating 0 4m48s web-77774786fc-6mdp9 0/1 Running 0 3s web-77774786fc-hdtn8 0/1 Running 0 3s web-77774786fc-p2t7g 0/1 Running 0 3s
