一.Docker harbor搭建
二.構建提交鏡像
三.安裝reloader熱更及其k8s部署
一.Docker harbor搭建
1.1 .docker harbor部署(https://www.cnblogs.com/sanduzxcvbnm/p/13724770.html)
1.2 創建docker harbor認證secret
kubectl create secret docker-registry registry-pull-secret --docker-server=10.206.16.4 --docker-username=admin --docker-password=Rolinabc123 --docker-email=xxxx@qq.com
1.3 進入harbor界面,創建項目fronted
二.構建提交鏡像
2.1 進入網站目錄編寫dockerfile
From nginx
WORKDIR /var/www/html
add h5game.xxx.com.tar.gz /var/www/html
2.2 修改客戶端docker配置文件支持http
vim /etc/docker/daemon.json
"insecure-registries" : ["10.206.16.4"]
2.3 構建鏡像推送到harbor
docker login 10.206.16.4
docker build 10.206.16.4/fronted/h5game.xxx.com:v1 .
docker push 10.206.16.4/fronted/h5game.xxx.com:v1
三.k8s部署
3.0 安裝reloader
kubectl apply -f https://raw.githubusercontent.com/stakater/Reloader/master/deployments/kubernetes/reloader.yaml
可以通過reloader和checksum的形式來檢測配置文件發生改變觸發pod滾動更新
參考文章:https://juejin.cn/post/6993128314055426084
3.1 namespace創建 namespace.yaml
apiVersion: v1
kind: Namespace
metadata:
name: fronted
限定命名空間使用額度
#爭對命名空間限額
# kubectl create -f compute-resources.yaml -n fronted
apiVersion: v1
kind: ResourceQuota
metadata:
name: compute-resources
spec:
hard:
pods: "20"
requests.cpu: "1"
requests.memory: 1Gi
limits.cpu: "2"
limits.memory: 4Gi
3.2 configmap配置創建 configmap.yaml
kind: ConfigMap # 對象類型
apiVersion: v1 # api 版本
metadata: # 元數據
name: h5sdk # 對象名稱
namespace: fronted
data: # key-value 數據集合
nginx.conf: | # 將 nginx config 配置寫入 ConfigMap 中,經典的 php-fpm 代理設置,這里就不再多說了
events {
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
sendfile on;
gzip on;
tcp_nopush on;
tcp_nodelay on;
server_tokens off;
keepalive_timeout 0;
client_body_timeout 10;
client_header_timeout 10;
client_header_buffer_size 1k;
large_client_header_buffers 4 4k;
output_buffers 1 32k;
client_max_body_size 64m;
client_body_buffer_size 256k;
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/html/h5game.sentsss.com;
#index index.php;
server_name _;
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ {
expires 30d;
}
location ~ .*\.(js|css)?$ {
expires 12h;
}
location / {
index index.html index.htm index.php;
if (!-e $request_filename) {
rewrite ^(.*)$ /index.php?s=$1 last;
break;
}
}
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log error;
#location ~ \.php$ {
# include fastcgi_params;
# fastcgi_param REQUEST_METHOD $request_method;
# fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# fastcgi_pass 127.0.0.1:9000;
}
}
3.3 部署文件 deployment.yaml
kind: Deployment
apiVersion: apps/v1
metadata:
name: h5sdk
namespace: fronted
annotations: #檢測配置文件的改變來實現pod滾動更新
reloader.stakater.com/auto: "true"
spec:
selector:
matchLabels:
app: h5sdk
replicas: 2
template:
metadata:
labels:
app: h5sdk
spec:
#nodeName: k8s-node-01
imagePullSecrets:
- name: registry-pull-secret
containers:
- name: nginx
image: 10.206.16.4/fronted/www.h5sdk.xxx.com:v1
ports:
- containerPort: 80
volumeMounts:
#- mountPath: /var/www/html
#name: nginx-www
- mountPath: /etc/nginx/nginx.conf
subPath: nginx.conf
name: nginx-config
- mountPath: /var/log/nginx
name: nginx-log
- mountPath: /etc/localtime
name: timezone
#探針查看服務是否可用是否加入service
livenessProbe:
httpGet:
path: /user.html
port: 80
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 1
failureThreshold: 3
timeoutSeconds: 1
readinessProbe:
httpGet:
path: /user.html
port: 80
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 1
failureThreshold: 3
timeoutSeconds: 1
lifecycle:
preStop:
exec:
command: ["/bin/bash","-c","sleep 20"]
resources:
limits:
cpu: 40m
memory: 40Mi
requests:
cpu: 20m
memory: 20Mi
securityContext:
readOnlyRootFilesystem: true
runAsNonRoot: true
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- {key: app, operator: In, values: ["h5sdk"]}
topologyKey: fronted
volumes:
- name: nginx-log
hostPath:
path: /opt/log/nginx/h5sdk
- name: nginx-config
configMap:
name: h5sdk
- name: timezone
hostPath:
path: /usr/share/zoneinfo/Asia/Shanghai
#- name: nginx-www
# emptyDir: {}
3.4 svc的創建 svc.yaml
apiVersion: v1
kind: Service
metadata:
name: h5sdk
namespace: fronted
spec:
selector:
#project: h5sdk
app: h5sdk
ports:
- port: 80
targetPort: 80
3.5 ingress創建 ingress.yaml
kind: Ingress # 對象類型
apiVersion: networking.k8s.io/v1beta1
metadata:
name: h5sdk
namespace: fronted
spec:
rules:
- host: h6game.xxx.com
http:
paths:
- path: /
backend:
serviceName: h5sdk # 需要與servicename一致
servicePort: 80 # 與 Service 的 port 一致
3.6 hpa創建 hpa.yaml(記得提前安裝metric)
kind: HorizontalPodAutoscaler # 對象類型,簡稱 hpa,水平自動伸縮
apiVersion: autoscaling/v2beta2 # autoscaling/v2beta2 與 autoscaling/v1 的 API 有很大的不同,注意識別兩者的差異
metadata:
name: h5sdk
namespace: fronted
spec:
scaleTargetRef: # 伸縮的目標對象
apiVersion: apps/v1 # 對象版本
kind: Deployment # 目標對象的類型
name: h5sdk # 目標對象的名稱
minReplicas: 2 # 最小副本數
maxReplicas: 4 # 最大副本數
metrics: # 指標
- type: Resource # 類型:資源
resource:
name: memory # 內存
target:
type: Utilization
averageUtilization: 70 # 1% 這個值是為了實驗,具體值請參考業務方實際情況而定
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 70