在Openshift上通過yaml部署應用
1.通過直接執行yaml
通過如下命令直接執行
oc create -f nginx.yml
nginx.yml
apiVersion: v1
items:
- apiVersion: apps.openshift.io/v1
# okd 部署配置(dc),與 k8s Deployment 資源對象類似,以啟動多個容器的方式生成 pod
kind: DeploymentConfig
metadata:
# 標簽,在查詢時具體資源對象時非常重要,如:>oc get dc -l app=nginx
labels:
app: nginx
name: nginx
# 選定項目空間
namespace: test
spec:
# 副本數,即 nginx app 部署的實例數
replicas: 1
# pod 的計算資源配額
resources:
# pod 能分配的最大計算資源
limits:
cpu: 300m
memory: 1024Mi
# pod 分配的最少計算資源
requests:
cpu: 100m
memory: 200Mi
# 選擇器 Service 根據此項來綁定到 dc
selector:
name: nginx
strategy:
# type: Recreate
type: Rolling
# dc 根據模板里內容創建 pod
template:
metadata:
labels:
app: nginx
name: nginx
deploymentconfig: nginx
spec:
# 容器集合
containers:
- capabilities: {}
# 容器內環境變量,下文給這個容器設置了時區和語言的環境變量
env:
- name: TZ
value: Asia/Shanghai
- name: LANG
value: en_US.UTF-8
# 容器使用什么鏡像部署,在創建時需要替換成實際要部署的鏡像
image: nginx:1.16
# 鏡像下載策略,總是下載最新的(Always)
imagePullPolicy: IfNotPresent
ports:
- containerPort: 80
protocol: TCP
# 健康檢查-pod 是否存活
livenessProbe:
failureThreshold: 2
# http get 請求的方式驗證 pod-ip:80/
httpGet:
path: /
port: 80
initialDelaySeconds: 60
periodSeconds: 60
timeoutSeconds: 5
name: nginx
# 健康檢查-pod 是否就緒
readinessProbe:
httpGet:
path: /
port: 80
initialDelaySeconds: 3
timeoutSeconds: 5
# 容器計算資源配額,與 pod 配額類似
resources:
limits:
cpu: 300m
memory: 1024Mi
requests:
cpu: 100m
memory: 200Mi
securityContext:
capabilities: {}
# privileged: true
terminationMessagePath: /dev/termination-log
# 將 pod 中配置的卷掛載到容器內
# volumeMounts:
# - mountPath: /data
# name: nginx
dnsPolicy: ClusterFirst
# 使用節點選擇器將應用固定部署到 node1 計算節點上
# nodeSelector:
# kubernetes.io/hostname: node1.app.com
restartPolicy: Always
# 配置和定義使用實際計算節點主機文件夾地址這種類型的卷
# volumes:
# - persistentVolumeClaim:
# claimName: nginx
# name: nginx
# pod 觸發器--配置變動觸發更新
triggers:
- type: ConfigChange
- apiVersion: v1
# 服務,與 k8s 中 service 一樣,將 dc 上部署的應用暴露給內部(多)或外部(少)
kind: Service
metadata:
labels:
app: nginx
name: nginx
spec:
# 應用中要暴露的端口信息
ports:
- name: http
# 對外暴露的端口
port: 80
protocol: TCP
# 應用實際端口
targetPort: 80
# 通過選擇器選擇 dc
selector:
name: nginx
sessionAffinity: None
type: ClusterIP
- apiVersion: route.openshift.io/v1
# OKD 平台特有資源,與 k8s 中 ingress 類似,用於將 service 正真暴露給外部使用,但只能使用域名訪問
kind: Route
metadata:
labels:
app: nginx
name: nginx
spec:
# 配置域名
host: xinchen.app.com
to:
kind: Service
name: nginx
kind: List
metadata: {}
2. 通過創建template
參考文檔: https://docs.okd.io/latest/dev_guide/templates.html#writing-templates
相關指令
# 上傳模板
oc create -f <filename> -n <project>
# 使用模板
oc process -f nginx-template -p IMAGE_NAME=nginx:1.6 -p REPLICA_COUNT=1
# 編輯模板
oc edit template <templateName>
# 導出模板
oc get -o yaml --export all > <yaml_filename>
nginx-template.yml
kind: Template
apiVersion: v1
metadata:
name: nginx-template
objects:
- kind: DeploymentConfig
apiVersion: v1
metadata:
name: nginx
namespace: xinchen
labels:
app: nginx
spec:
replicas: ${REPLICA_COUNT}
selector:
name: nginx
resources:
limits:
cpu: 300m
memory: 1024Mi
requests:
cpu: 100m
memory: 200Mi
strategy:
type: Rolling
template:
metadata:
labels:
app: nginx
name: nginx
deploymentconfig: nginx
spec:
containers:
- capabilities: {}
env:
- name: TZ
value: Asia/Shanghai
- name: LANG
value: en_US.UTF-8
image: ${IMAGE_NAME}
imagePullPolicy: IfNotPresent
ports:
- containerPort: 80
protocol: TCP
livenessProbe:
failureThreshold: 2
httpGet:
path: /
port: 80
initialDelaySeconds: 60
periodSeconds: 60
timeoutSeconds: 5
name: nginx
readinessProbe:
httpGet:
path: /
port: 80
initialDelaySeconds: 3
timeoutSeconds: 5
resources:
limits:
cpu: 300m
memory: 1024Mi
requests:
cpu: 100m
memory: 200Mi
securityContext:
capabilities: {}
# privileged: true
terminationMessagePath: /dev/termination-log
# volumeMounts:
# - mountPath: /data
# name: nginx
dnsPolicy: ClusterFirst
restartPolicy: Always
# volumes:
# - persistentVolumeClaim:
# claimName: nginx
# name: nginx
# pod 觸發器--配置變動觸發更新
triggers:
- type: ConfigChange
- kind: Service
apiVersion: v1
metadata:
name: nginx
labels:
app: nginx
spec:
ports:
- name: 80-tcp
port : 80
protocol: TCP
targetPort: 80
selector:
name: nginx
sessionAffinity: None
type: ClusterIP
- apiVersion: route.openshift.io/v1
kind: Route
metadata:
labels:
app: nginx
name: nginx
spec:
host: ${HOST_NAME}
port:
targetPort: 80-tcp
to:
kind: Service
name: nginx
weight: 100
parameters:
- name: HOST_NAME
displayName: Host Name
required: true
- name: IMAGE_NAME
displayName: Image Name
required: true
- name: REPLICA_COUNT
displayName: Replica Count
value: "1"
required: true
3. 進入運行的容器
參考: https://docs.okd.io/latest/dev_guide/ssh_environment.html
# 查看pod名
oc get pods
# 進入容器
oc rsh <pod>
# 或者直接進入dc
oc rsh dc/nginx
4. 刪除所有
# 刪除所有
oc delete all -l app=nginx