评论

收藏

[Linux] k8s生产环境应用部署(无坑版本)

服务系统 服务系统 发布于:2021-07-08 09:27 | 阅读数:466 | 评论:0

  

  • 一.Docker harbor搭建
  • 二.构建提交镜像
  • 三.k8s部署
  一.Docker harbor搭建
  1.1 .docker harbor部署(https://www.cnblogs.com/sanduzxcvbnm/p/13724770.html)
  1.2 创建docker harbor认证secret
kubectl create secret docker-registry registry-pull-secret --docker-server=10.206.16.4 --docker-username=admin --docker-password=Rolinabc123 --docker-email=xxxx@qq.com
  1.3 进入harbor界面,创建项目fronted
  二.构建提交镜像
  2.1 进入网站目录编写dockerfile
From nginx
WORKDIR /var/www/html
add h5game.xxx.com.tar.gz /var/www/html
  2.2 修改客户端docker配置文件支持http
vim /etc/docker/daemon.json
"insecure-registries" : ["10.206.16.4"]
  2.3 构建镜像推送到harbor
docker login 10.206.16.4
docker build  10.206.16.4/fronted/h5game.xxx.com:v1 .
docker push 10.206.16.4/fronted/h5game.xxx.com:v1
  三.k8s部署
  3.1 namespace创建 namespace.yaml
apiVersion: v1
kind: Namespace
metadata:
      name: fronted
  3.2 configmap配置创建  configmap.yaml
kind: ConfigMap # 对象类型
apiVersion: v1 # api 版本
metadata: # 元数据
  name: h5sdk # 对象名称
  namespace: fronted
data: # key-value 数据集合
  nginx.conf: | # 将 nginx config 配置写入 ConfigMap 中,经典的 php-fpm 代理设置,这里就不再多说了
  events {
  }
  http {
    include     mime.types;
    default_type  application/octet-stream;
    log_format  main '$remote_addr - $remote_user [$time_local] "$request" '
            '$status $body_bytes_sent "$http_referer" '
            '"$http_user_agent" "$http_x_forwarded_for"';
    sendfile       on;
    gzip         on;
    tcp_nopush     on;
    tcp_nodelay    on;
    server_tokens   off;
    keepalive_timeout  0;
    client_body_timeout      10;
    client_header_timeout    10;
    client_header_buffer_size  1k;
    large_client_header_buffers  4  4k;
    output_buffers         1  32k;
    client_max_body_size     64m;
    client_body_buffer_size    256k;
    server {
    listen 80 default_server;
    listen [::]:80 default_server;
    root /var/www/html/h5game.sentsss.com;
    #index index.php;
    server_name _;
    location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ {
      expires 30d;
    }
    location ~ .*\.(js|css)?$ {
      expires 12h;
    }
    location / {
      index  index.html index.htm index.php;
      if (!-e $request_filename) {
        rewrite  ^(.*)$  /index.php?s=$1  last;
        break;
      }
    }
    access_log  /var/log/nginx/access.log;
    error_log   /var/log/nginx/error.log error;
    #location ~ \.php$ {
    #  include fastcgi_params;
    #  fastcgi_param REQUEST_METHOD $request_method;
    #  fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    #  fastcgi_pass 127.0.0.1:9000;
    }
    }
  3.3 部署文件 deployment.yaml
kind: Deployment
apiVersion: apps/v1
metadata:
  name: h5sdk
  namespace: fronted
spec:
  selector:
kind: Deployment
apiVersion: apps/v1
metadata:
  name: h5sdk
  namespace: fronted
spec:
  selector:
  matchLabels:
    app: h5sdk
  replicas: 2
  template:
  metadata:
    labels:
    app: h5sdk
  spec:
      #nodeName: k8s-node-01
    imagePullSecrets:
    - name: registry-pull-secret
    containers:
    - name: nginx
      image: 10.206.16.4/fronted/www.h5sdk.xxx.com:v1
      ports:
      - containerPort: 80
      volumeMounts:
          #- mountPath: /var/www/html
          #name:  nginx-www
      - mountPath: /etc/nginx/nginx.conf
        subPath: nginx.conf
        name: nginx-config
      - mountPath: /var/log/nginx
        name: nginx-log
      - mountPath: /etc/localtime
        name: timezone
     #探针查看服务是否可用是否加入service  
      livenessProbe:
      httpGet:
        path: /user.html
        port: 80
      initialDelaySeconds: 30
      periodSeconds: 10
      successThreshold: 1
      failureThreshold: 3
      timeoutSeconds: 1
      readinessProbe:
      httpGet:
        path: /user.html
        port: 80
      initialDelaySeconds: 30
      periodSeconds: 10
      successThreshold: 1
      failureThreshold: 3
      timeoutSeconds: 1
      lifecycle:
      preStop:
        exec:
        command: ["/bin/bash","-c","sleep 20"]      
      resources:
      limits:
        cpu: 40m
        memory: 40Mi
      requests:
        cpu: 20m
        memory: 20Mi
    affinity:
    podAntiAffinity:
      requiredDuringSchedulingIgnoredDuringExecution: 
      - labelSelector:  
        matchExpressions:  
        - {key: app, operator: In, values: ["h5sdk"]}
      topologyKey: fronted   
    volumes:
    - name: nginx-log
      hostPath:
      path: /opt/log/nginx/h5sdk
    - name: nginx-config
      configMap:
      name: h5sdk
    - name: timezone
      hostPath:
      path: /usr/share/zoneinfo/Asia/Shanghai
         #- name: nginx-www
         # emptyDir: {}   
3.4 svc的创建 svc.yaml
apiVersion: v1
kind: Service
metadata:
  name: h5sdk
  namespace: fronted
spec:
  selector:
      #project: h5sdk
  app: h5sdk
  ports:
  - port: 80
    targetPort: 80
  3.5 ingress创建 ingress.yaml
kind: Ingress # 对象类型
apiVersion: networking.k8s.io/v1beta1
metadata:
  name: h5sdk
  namespace: fronted
spec:
  rules:
  - host: h6game.xxx.com
    http:
    paths:
    - path: /
      backend:
      serviceName: h5sdk # 需要与servicename一致
      servicePort: 80 # 与 Service 的 port 一致
  3.6 hpa创建 hpa.yaml(记得提前安装metric)
kind: HorizontalPodAutoscaler # 对象类型,简称 hpa,水平自动伸缩
apiVersion: autoscaling/v2beta2 # autoscaling/v2beta2 与 autoscaling/v1 的 API 有很大的不同,注意识别两者的差异
metadata:
  name: h5sdk
  namespace: fronted
spec:
  scaleTargetRef: # 伸缩的目标对象
  apiVersion: apps/v1 # 对象版本
  kind: Deployment # 目标对象的类型
  name: h5sdk # 目标对象的名称
  minReplicas: 2 # 最小副本数
  maxReplicas: 4 # 最大副本数
  metrics: # 指标
  - type: Resource # 类型:资源
    resource:
    name: memory # 内存
    target:
      type: Utilization
      averageUtilization: 70 # 1% 这个值是为了实验,具体值请参考业务方实际情况而定
        
  - type: Resource
    resource:
    name: cpu
    target:
      type: Utilization
      averageUtilization: 70
  3.7 腾讯云申请一个负载均衡,然后将所有node节点加入到负载均衡
  3.8 域名解析到负载均衡的ip上

  
关注下面的标签,发现更多相似文章