Kubernetes實戰總結 – DevOps實現
- 2020 年 7 月 24 日
- 筆記
- Kubernetes
一、概述
Git:一個開源的分散式版本控制系統,可以有效、高速地處理從很小到非常大的項目版本管理。
Jenkins:一個開源軟體項目,是基於Java開發的一種持續集成工具,用於監控持續重複的工作。
Maven:項目對象模型(POM),可以通過一小段描述資訊來管理項目的構建,報告和文檔的項目管理工具軟體。
Harbor:構建企業級私有Docker鏡像的倉庫的開源解決方案。
Kubernetes:一個開源的,用於管理雲平台中多個主機上的容器化的應用。
二、Java鏡像構建
啟動腳本run.sh:
#!/bin/sh java ${JVM_OPTS} ${JAVA_OPTS} -jar *.jar ${CLI_OPTS} 2>&1 | tee -a ${OUTPUT}
構建腳本Dockerfile:
# 基礎鏡像 FROM hub.jhmy.com/base/centos # 維護者 MAINTAINER leozhang # 切換目錄 WORKDIR /root # 添加環境變數 ENV JDK_VERSION=jdk1.8.0_191 ENV JAVA_HOME=/usr/local/$JDK_VERSION ENV PATH=$PATH:$JAVA_HOME/bin:$JAVA_HOME/lib/ ENV JAVA_OPTS='' CLI_OPTS='' OUTPUT='logs/output.log' ENV JVM_OPTS='-XX:+UnlockExperimentalVMOptions -XX:+UseCGroupMemoryLimitForHeap -XX:MaxRAMFraction=2' # 設置時區語言 ENV TZ='Asia/Shanghai' ENV LANG='C.UTF-8' LANGUAGE='C.UTF-8' LC_ALL='C.UTF-8' # 添加程式包 ADD $JDK_VERSION.tar.gz /usr/local/ COPY run.sh . # 執行命令 RUN chmod a+x run.sh && rm -rf `ls | grep -v "^run.sh$"` && mkdir -p /root/logs # 構建鏡像示例 # docker build -t hub.jhmy.com/base/java:1.8 . # 啟動容器示例 # docker run -dit --name=java hub.jhmy.com/base/java:1.8
環境變數說明:
JDK_VERSION:用於指定jdk包版本(需要提前下載好jdk軟體包,且保證解壓後名稱一致)JVM_OPTS:用於指定jvm運行參數JAVA_OPTS:用於指定java自定義參數CLI_OPTS:用於指定其他命令行參數OUTPUT:用於指定服務運行日誌保存路徑
注意:
-XX:+UnlockExperimentalVMOptions -XX:+UseCGroupMemoryLimitForHeap -XX:MaxRAMFraction=2
用於jvm自動識別容器記憶體限制以及自動分配記憶體大小(jdk10版本之後則不需要設置)更多詳情>>>容器中的JVM資源該如何被安全的限制?
三、Java項目鏡像構建
增加項目依賴腳本addPlugins.py:
# -*- coding:utf-8 -*- # **************************** # Author :leozhang # Date :2020/7/16 # File :addPlugins.py # Description :增加POM文件依賴 # **************************** import os pomplug=os.environ["PLUGINS"] newpom = "" with open("pom.xml", "r+") as fp: for line in fp.readlines(): if(line.find("<build>") != -1): line += "\n" + pomplug + "\n" newpom += line with open("pom.xml", "r+") as f: f.write(newpom)print(newpom)
構建腳本Dockerfile:
# 基礎鏡像 FROM hub.jhmy.com/base/java:1.8 # 維護者 MAINTAINER leozhang # 工作目錄 WORKDIR /root # 複製文件到鏡像 COPY *.jar . COPY lib/ lib/ # 查看當前目錄 RUN ls -l . # 容器啟動時運行命令 CMD ["./run.sh"] # 構建鏡像示例 # docker build -t hub.jhmy.com/test/appservice . # 啟動容器示例 # docker run -dit --name=appservice hub.jhmy.com/test/appservice
鏡像構建腳本buildImage.sh:
#!/bin/sh # creator: leozhang # up-date: 2020/03/21 # description: buildImage.sh # 公共參數 env=$1 name=$2 tag=$3 file=$4
# 設置倉庫地址和賬戶 harbor=hub.jhmy.com username=jenkins password=$(echo Q2hpc2NkY0AxMjMK | base64 -d)
# 修改鏡像名稱為小寫 image=${harbor}/${env}/$(echo ${name} | tr '[A-Z]' '[a-z]') # 默認名Dockerfile if [ ! "${file}" ] ;then file=Dockerfile fi # 構建鏡像 echo "************* build image ***************" docker build -t ${image}:${tag} -f ${file} . echo "************* push image ***************"
# 登錄倉庫 docker login -u ${username} -p ${password} //${harbor}
# 上傳鏡像
docker push ${image}:${tag}
# 如果非latest標籤,則更新latest標籤鏡像 if [ "${tag}" != "latest" ]; then docker tag ${image}:${tag} ${image}:latest docker push ${image}:latest fi
# 登出倉庫 docker logout https://${harbor}
四、Java項目容器化部署
Deployment文件:
apiVersion: apps/v1 # 資源版本 kind: Deployment #資源類型 metadata: #資源元數據:名稱、命名空間等 name: appservice namespace: default spec: replicas: 3 #副本數 selector: #選擇器 matchLabels: app: appservice template: #Pod模板 metadata: #Pod元數據:標籤、註解等 labels: app: appservice annotations: version: "20200715" spec: #Pod配置:名稱、鏡像、拉取策略、埠等 containers: - name: appservice image: hub.jhmy.com/test/appservice:latest imagePullPolicy: Always env: #環境變數 - name: JAVA_OPTS value: "-Dprops=/root/appservice.properties -Dlogpath=/root/logs" ports: - name: dubbo containerPort: 20114 resources: #資源限制:cpu、mem limits: memory: 2Gi cpu: 1 livenessProbe: #就緒檢測&生存檢測:初始時間、超時、檢測方式等 initialDelaySeconds: 60 timeoutSeconds: 10 tcpSocket: port: 20114 readinessProbe: initialDelaySeconds: 20 timeoutSeconds: 10 tcpSocket: port: 20114 volumeMounts: #存儲掛載 - name: config mountPath: /root/appservice.properties subPath: appservice.properties - name: log mountPath: /root/logs volumes: #存儲聲明:服務配置、持久化存儲請求、本地存儲 - name: config configMap: name: appservice - name: log hostPath: path: /home/ymt/logs/appservice type: DirectoryOrCreate #affinity: #節點親和性 # nodeAffinity: # requiredDuringSchedulingIgnoredDuringExecution: # nodeSelectorTerms: # - matchExpressions: # - key: app # operator: In # values: # - appservice
ConfigMap文件:
apiVersion: v1 kind: ConfigMap metadata: name: appservice namespace: default data: appservice.properties: |- server.port=20114
......
......
......
Service文件:
apiVersion: v1 kind: Service metadata: name: apprestserver namespace: default spec: selector: app: apprestserver ports: - name: rest port: 20114
五、Jenkins持續部署
Pipeline任務腳本:
def NOW = new Date().format("yyyyMMddHHmmss") def SERVER = env.JOB_BASE_NAME.toLowerCase() pipeline { agent any // parameters { // string(name: 'TAG', defaultValue: 'latest', description: '鏡像標籤' ) // string(name: 'BRANCH', defaultValue: 'test_0629', description: '分支名稱' ) // string(name: 'URL', defaultValue: '//10.88.88.226:8090/jhmy/source/wx_v1/appdataservicetemp.git', description: '項目地址' ) // string(name: 'PLUGINS', defaultValue: '<plugins> <plugin> ...... </plugin> </plugins> ', description: '相關依賴' ) // environment { ENV="test" MVN="/application/mvnBranch/bin/mvn" SCRIPT="${JENKINS_HOME}/workspace/Docker/updateConfigs/script" } stages { stage('Git Clone') { steps { git branch: '${BRANCH}', credentialsId: 'yf3b_gitlab', url: '${URL}' } } stage('Clean Package') { steps { sh "python ${SCRIPT}/addPlugins.py" sh "${MVN} clean package -Dmaven.test.skip=true" } post { success { archiveArtifacts "target/*.jar" } } } stage('Build Image') { steps { dir('target') { sh "cp ${SCRIPT}/Dockerfile-jar Dockerfile" sh "sh ${SCRIPT}/buildImage.sh ${ENV} ${SERVER} ${TAG}" } } } stage('Rolling Update') { steps { sh "kubectl config use-context k8s-ymt" sh """kubectl patch deployment ${SERVER} --patch '{"spec":{"template":{"metadata":{"annotations":{"version":"${NOW}"}}}}}'""" sh "sleep 30 && kubectl get pod -o wide | grep ${SERVER}" } } stage('Clean up') { steps { deleteDir() } } } }
作者:Leozhanggg
出處://www.cnblogs.com/leozhanggg/p/12069994.html
本文版權歸作者和部落格園共有,歡迎轉載,但未經作者同意必須保留此段聲明,且在文章頁面明顯位置給出原文連接,否則保留追究法律責任的權利。
