مرحبا يا هابر!
هذا هو الجزء الثاني من سلسلة مقالات "تعلم نشر الخدمات الصغيرة". في الجزء السابق ، كتبنا خدمتين صغيرتين بسيطتين - خلفية وبوابة ، واكتشفنا كيفية حزمها في صور عامل ميناء. في نفس المقالة ، سننظم تنسيق حاويات السفن الخاصة بنا باستخدام Kubernetes. سنقوم بالتهيئة التسلسلية لبدء تشغيل النظام في Minikube ، ثم تكييفه للنشر في Google Kubernetes Engine.
خطة السلسلة:
إنشاء خدمات في Spring Boot ، العمل مع Docker
الكلمات الرئيسية: Java 11 ، Spring Boot ، Docker ، تحسين الصورة
تطوير نظام التهيئة والنشر Kubernetes في محرك Google Kubernetes
الكلمات الرئيسية: Kubernetes ، GKE ، إدارة الموارد ، autoscaling ، الأسرار
إنشاء مخطط باستخدام Helm 3 لإدارة أكثر كفاءة للكتلة
: Helm 3, chart deployment
Jenkins
: Jenkins configuration, plugins, separate configs repository
Kubernetes:
- . , . , .
- . , , .
- . . .
- . - , Docker-, Kubernetes , .
- . ().
Kubernetes — , , . . Kubernetes- .
GitHub .
Kubernetes
Minikube — Kubernetes . . , , GKE. Google Cloud Platform - 300$ . 2+ (n1-standard-1).
:
Kubernetes
Kubernetes . . , .
Kubernetes:
Namespace — . , . .
Pod — . . , , , , .
ReplicaSet — , , . , . ReplicaSet — Deployment.
Deployment — , ReplicaSet'. .
Service — . , IP-. , . - , Service .
"" Kubernetes, .
. , . . , . :
- ClusterIP — . IP-, .
- NodePort — IP- ( ClusterIP) , .
<NodeIP>:<NodePort>. - LoadBalancer — NodePort , . IP- .
Kubernetes DNS , . .
ConfigMap — , , , .
Secret — . (№ SSL-), , base64- , . .
HorizontalPodAutoscaler — , .
Minikube configuration
Namespace:
:
kubectl create namespace msvc-ns
:
kubectl config set-context --current --namespace=msvc-ns
'msvc-ns'. , 'default'.
Kubernetes yaml- , CLI. yaml-.
ConfigMap
, . URL- . ConfigMap , ( ).
apiVersion: v1
kind: ConfigMap
metadata:
name: urls-config
data:
BACKEND_URL: "http://backend:8080/"
, Kubernetes . , 'backend' 8080 .
Secret
apiVersion: v1
kind: Secret
metadata:
name: msvc-secret
type: Opaque
stringData:
secret: secret
Opaque , -. , , Docker-, . stringData. base64, . :
data:
secret: c2VjcmV0
Deployments
— .
:
apiVersion: apps/v1
kind: Deployment
metadata:
name: gateway
labels:
tier: gateway
app: microservices
spec:
replicas: 3
selector:
matchLabels:
tier: gateway
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
labels:
tier: gateway
spec:
containers:
- name: gateway
image: anshelen/microservices-gateway:latest
envFrom:
- configMapRef:
name: urls-config
env:
- name: SECRET
valueFrom:
secretKeyRef:
name: msvc-secret
key: secret
readinessProbe:
httpGet:
path: /actuator/health
port: 8080
initialDelaySeconds: 5
periodSeconds: 3
ports:
- containerPort: 8080
protocol: TCP
resources:
limits:
memory: "256Mi"
cpu: "200m"
requests:
memory: "128Mi"
cpu: "50m"
metadata.labels
, . , 'microservices' 'gateway'.
metadata.annotations — , .
spec.replicas
.
spec.selector.matchLabels
. , tier, 'backend'. spec.template , metadata.labels , .
spec.strategy
spec.strategy . 'rollingUpdate' , ReplicaSet, ReplicaSet', . ( / ) maxSurge maxUnavailable. , . spec.strategy , .
spec.templates
spec.templates .
spec.templates.metadata.labels
, spec.selector.matchLabels, "" .
spec.templates.spec.containers.image
. latest Docker-, , . , — Kubernetes. , . . 'latest' 4 , Jenkins.
spec.templates.spec.containers.envFrom.configMapRef
ConfigMap .
spec.templates.spec.containers.env
'SECRET', - 'secret'.
spec.templates.spec.containers.readinessProbe
. , . Kubernetes , 3 200, .
initialDelaySeconds — .
periodSeconds — .
livenessProbe, ( ).
spec.templates.spec.containers.ports
ports . ( -p 8080:8080).
spec.templates.spec.containers.resources
. limits — , requests — , . 200m — 200 ( ), Mi — .
, , .
Services
:
apiVersion: v1
kind: Service
metadata:
labels:
tier: backend
name: backend
spec:
ports:
- port: 8080
protocol: TCP
targetPort: 8080
selector:
tier: backend
spec.ports.targetPort — , spec.ports.port — . spec.selector , , tier, 'backend'. , ClusterIP, http://backend:8080.
:
apiVersion: v1
kind: Service
metadata:
labels:
tier: gateway
name: gateway
spec:
ports:
- nodePort: 30500
port: 80
protocol: TCP
targetPort: 8080
selector:
tier: gateway
type: NodePort
Minikube, , NodePort. spec.ports.nodePort — . , 30000-32767.
Minikube
deploy.yamlapiVersion: v1
kind: ConfigMap
metadata:
name: urls-config
data:
BACKEND_URL: "http://backend:8080/"
---
apiVersion: v1
kind: Secret
metadata:
name: msvc-secret
type: Opaque
stringData:
secret: secret
---
apiVersion: v1
kind: Service
metadata:
labels:
tier: backend
name: backend
spec:
ports:
- port: 8080
protocol: TCP
targetPort: 8080
selector:
tier: backend
---
apiVersion: v1
kind: Service
metadata:
labels:
tier: gateway
name: gateway
spec:
ports:
- nodePort: 30500
port: 80
protocol: TCP
targetPort: 8080
selector:
tier: gateway
type: NodePort
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: backend
labels:
tier: backend
app: microservices
spec:
replicas: 3
selector:
matchLabels:
tier: backend
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
labels:
tier: backend
spec:
containers:
- name: backend
image: anshelen/microservices-backend:latest
envFrom:
- configMapRef:
name: urls-config
ports:
- containerPort: 8080
protocol: TCP
readinessProbe:
httpGet:
path: /actuator/health
port: 8080
initialDelaySeconds: 5
periodSeconds: 3
resources:
limits:
memory: "256Mi"
cpu: "200m"
requests:
memory: "128Mi"
cpu: "50m"
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: gateway
labels:
tier: gateway
app: microservices
spec:
replicas: 3
selector:
matchLabels:
tier: gateway
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
labels:
tier: gateway
spec:
containers:
- name: gateway
image: anshelen/microservices-gateway:latest
envFrom:
- configMapRef:
name: urls-config
env:
- name: SECRET
valueFrom:
secretKeyRef:
name: msvc-secret
key: secret
readinessProbe:
httpGet:
path: /actuator/health
port: 8080
initialDelaySeconds: 5
periodSeconds: 3
ports:
- containerPort: 8080
protocol: TCP
resources:
limits:
memory: "256Mi"
cpu: "200m"
requests:
memory: "128Mi"
cpu: "50m"
:
kubectl apply -f deploy.yaml
Kubernetes URL :
minikube service gateway --url -n msvc-ns
:
for i in `seq 50`; do curl $(minikube service gateway --url -n msvc-ns) && echo; done
( ):
Number of requests 1 (gateway 544429797, secret secret)
Number of requests 1 (gateway 1543772618, secret secret)
Number of requests 2 (gateway 544429797, secret secret)
Number of requests 3 (gateway 544429797, secret secret)
Number of requests 4 (gateway 544429797, secret secret)
Number of requests 1 (gateway -1940767433, secret secret)
Number of requests 2 (gateway -1940767433, secret secret)
Number of requests 2 (gateway 1543772618, secret secret)
Number of requests 5 (gateway 544429797, secret secret)
...
Number of requests 1 (gateway 544429797, secret secret)
Number of requests 1 (gateway 1543772618, secret secret)
Number of requests 2 (gateway 544429797, secret secret)
Number of requests 3 (gateway 544429797, secret secret)
Number of requests 4 (gateway 544429797, secret secret)
Number of requests 1 (gateway -1940767433, secret secret)
Number of requests 2 (gateway -1940767433, secret secret)
Number of requests 2 (gateway 1543772618, secret secret)
Number of requests 5 (gateway 544429797, secret secret)
Number of requests 3 (gateway 1543772618, secret secret)
Number of requests 6 (gateway 544429797, secret secret)
Number of requests 3 (gateway -1940767433, secret secret)
Number of requests 4 (gateway 1543772618, secret secret)
Number of requests 7 (gateway 544429797, secret secret)
Number of requests 4 (gateway -1940767433, secret secret)
Number of requests 8 (gateway 544429797, secret secret)
Number of requests 9 (gateway 544429797, secret secret)
Number of requests 10 (gateway 544429797, secret secret)
Number of requests 5 (gateway 1543772618, secret secret)
Number of requests 5 (gateway -1940767433, secret secret)
Number of requests 6 (gateway -1940767433, secret secret)
Number of requests 7 (gateway -1940767433, secret secret)
Number of requests 6 (gateway 1543772618, secret secret)
Number of requests 8 (gateway -1940767433, secret secret)
Number of requests 7 (gateway 1543772618, secret secret)
Number of requests 11 (gateway 544429797, secret secret)
Number of requests 12 (gateway 544429797, secret secret)
Number of requests 8 (gateway 1543772618, secret secret)
Number of requests 9 (gateway -1940767433, secret secret)
Number of requests 10 (gateway -1940767433, secret secret)
Number of requests 11 (gateway -1940767433, secret secret)
Number of requests 9 (gateway 1543772618, secret secret)
Number of requests 10 (gateway 1543772618, secret secret)
Number of requests 11 (gateway 1543772618, secret secret)
Number of requests 12 (gateway -1940767433, secret secret)
Number of requests 12 (gateway 1543772618, secret secret)
Number of requests 13 (gateway 544429797, secret secret)
Number of requests 13 (gateway 1543772618, secret secret)
Number of requests 13 (gateway -1940767433, secret secret)
Number of requests 14 (gateway 1543772618, secret secret)
Number of requests 14 (gateway -1940767433, secret secret)
Number of requests 15 (gateway -1940767433, secret secret)
Number of requests 14 (gateway 544429797, secret secret)
Number of requests 15 (gateway 544429797, secret secret)
Number of requests 16 (gateway 544429797, secret secret)
Number of requests 17 (gateway 544429797, secret secret)
Number of requests 15 (gateway 1543772618, secret secret)
Number of requests 16 (gateway 1543772618, secret secret)
Number of requests 16 (gateway -1940767433, secret secret)
Number of requests 17 (gateway 1543772618, secret secret)
, . , , . - , -, , . , , . , 1 , 1000, "" , 1000 . , , , . .
.
kubectl get <object-type> — . 'pod', 'service', 'deployment' . 'all'.
kubectl get <object-type> <object-name> -o yaml — yaml-.
kubectl describe <object-type> <object-name> — .
kubectl cluster-info — .
kubectl top pod/node — /.
kubectl apply -f <file/directory> — .
kubectl delete <object-type> <object-name> — .
kubectl scale deployment <deployment-name> --replicas=n — . : n = 0, n, .
kubectl edit <object-type> <object-name> — .
kubectl rollout undo deployment <deployment-name> — .
kubectl logs <pod-name> — . -f .
kubectl port-forward <pod-name> <host-port>:<container-port> — . .
kubectl exec -it <pod-name> -- /bin/sh — .
kubectl run curl --image=radial/busyboxplus:curl -i --tty — . curl, , , .
kubectl get events --sort-by='.metadata.creationTimestamp' — Kubernetes. , , , .
GKE configuration
, , , Google Kubernetes Engine.
Services
GKE , IP-. , LoadBalancer:
apiVersion: v1
kind: Service
metadata:
labels:
tier: gateway
name: gateway
spec:
selector:
tier: gateway
ports:
- port: 80
protocol: TCP
targetPort: 8080
type: LoadBalancer
, , . , GCP ( VPC -> IP-) , , spec.loadBalancerIp.
HorizontalPodAutoscalers
HorizontalPodAutoscaler . Minikube (- ), GKE .
apiVersion: autoscaling/v1
kind: HorizontalPodAutoscaler
metadata:
name: backend
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: backend
minReplicas: 1
maxReplicas: 3
targetCPUUtilizationPercentage: 50
spec.scaleTargetRef , backend. , 1 3 50%. , ( ), requests.cpu .
HorizontalPodAutoscaler' .
Quotas
. , (multitenant environment). , :
apiVersion: v1
kind: ResourceQuota
metadata:
name: msvc-quota
spec:
hard:
limits.cpu: "2"
limits.memory: 4Gi
- , . , , CLI (. kubectl run), LimitRange:
apiVersion: v1
kind: LimitRange
metadata:
name: msvc-default-resources
spec:
limits:
- default:
memory: "512Mi"
cpu: "250m"
defaultRequest:
memory: "256Mi"
cpu: "50m"
type: Container
, .
GKE
scripts_gke/.
create_quotas.yamlapiVersion: v1
kind: ResourceQuota
metadata:
name: msvc-quota
spec:
hard:
limits.cpu: "2"
limits.memory: 4Gi
---
apiVersion: v1
kind: LimitRange
metadata:
name: msvc-default-resources
spec:
limits:
- default:
memory: "512Mi"
cpu: "250m"
defaultRequest:
memory: "256Mi"
cpu: "50m"
type: Container
deploy.yamlapiVersion: v1
kind: ConfigMap
metadata:
name: urls-config
data:
BACKEND_URL: "http://backend:8080/"
---
apiVersion: v1
kind: Secret
metadata:
name: msvc-secret
type: Opaque
stringData:
secret: secret
---
apiVersion: v1
kind: Service
metadata:
labels:
tier: backend
name: backend
spec:
ports:
- port: 8080
protocol: TCP
targetPort: 8080
selector:
tier: backend
---
apiVersion: v1
kind: Service
metadata:
labels:
tier: gateway
name: gateway
spec:
selector:
tier: gateway
ports:
- port: 80
protocol: TCP
targetPort: 8080
type: LoadBalancer
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: backend
labels:
tier: backend
app: microservices
spec:
replicas: 2
selector:
matchLabels:
tier: backend
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
labels:
tier: backend
spec:
containers:
- name: backend
image: anshelen/microservices-backend:latest
envFrom:
- configMapRef:
name: urls-config
ports:
- containerPort: 8080
protocol: TCP
readinessProbe:
httpGet:
path: /actuator/health
port: 8080
initialDelaySeconds: 5
periodSeconds: 3
resources:
limits:
memory: "512Mi"
cpu: "250m"
requests:
memory: "256Mi"
cpu: "50m"
---
apiVersion: autoscaling/v1
kind: HorizontalPodAutoscaler
metadata:
name: backend
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: backend
minReplicas: 1
maxReplicas: 3
targetCPUUtilizationPercentage: 50
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: gateway
labels:
tier: gateway
app: microservices
spec:
replicas: 2
selector:
matchLabels:
tier: gateway
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
labels:
tier: gateway
spec:
containers:
- name: gateway
image: anshelen/microservices-gateway:latest
envFrom:
- configMapRef:
name: urls-config
env:
- name: SECRET
valueFrom:
secretKeyRef:
name: msvc-secret
key: secret
readinessProbe:
httpGet:
path: /actuator/health
port: 8080
initialDelaySeconds: 5
periodSeconds: 3
ports:
- containerPort: 8080
protocol: TCP
resources:
limits:
memory: "512Mi"
cpu: "250m"
requests:
memory: "256Mi"
cpu: "50m"
---
apiVersion: autoscaling/v1
kind: HorizontalPodAutoscaler
metadata:
name: gateway
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: gateway
minReplicas: 1
maxReplicas: 3
targetCPUUtilizationPercentage: 50
scripts_gke:
kubectl apply -f scripts_gke/
, . URL :
kubectl get svc gateway -o jsonpath='{.status.loadBalancer.ingress[0].ip}'
HorizontalPodAutoscaler' .
Kubernetes- Google Kubernetes Engine.
, , , . , … - , Kubernetes. ( ) Helm.
في الجزء الثالث من سلسلة المقالات هذه ، نتطرق إلى Helm 3 ، وننشئ مخططًا للرعاية لنظامنا ونضعه في مستودع تم إنشاؤه على أساس صفحات GitHub.