Kubernetes 实战案例
Kubernetes实战案例-规划(基于nerdctl + buildkitd+containerd构建容器镜像)
-
业务容器化优势:
① 提高资源利用率、节约部署IT成本。
② 提高部署效率,基于kubernetes实现微服务的快速部署与交付、容器的批量调度与秒级启动。
③ 实现横向扩容、灰度部署、回滚、链路追踪、服务治理等。
④ 可根据业务负载进行自动弹性伸缩。
⑤ 容器将环境和代码打包在镜像内,保证了测试与生产运行环境的一致性。
⑥ 紧跟云原生社区技术发展的步伐,不给公司遗留技术债,为后期技术升级夯实了基础。
⑦ 为个人储备前沿技术,提高个人level。
业务容器化案例之一: 业务规划及镜像分层构建
#构建Centos基础镜像
[root@k8s-master1 centos]#cat Dockerfile
#自定义Centos 基础镜像
FROM centos:7.9.2009
MAINTAINER kun 1710269083@qq.com
ADD CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo
ADD epel-7.repo /etc/yum.repos.d/epel.repo
ADD filebeat-7.12.1-x86_64.rpm /tmp
RUN cp /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup && yum repolist && yum install -y /tmp/filebeat-7.12.1-x86_64.rpm vim wget tree lrzsz gcc gcc-c++ automake pcre pcre-devel zlib zlib-devel openssl openssl-devel iproute net-tools iotop && rm -rf /etc/localtime /tmp/filebeat-7.12.1-x86_64.rpm && ln -snf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && useradd nginx -u 2088
[root@k8s-master1 centos]#cat build-command.sh
#!/bin/bash
/usr/local/bin/nerdctl build -t harbor.chendd.fun/images/centos:7.9.2009 .
/usr/local/bin/nerdctl push harbor.chendd.fun/images/centos:7.9.2009
#构建jdk—1.8.212基础镜像
[root@k8s-master1 jdk-1.8.212]#cat Dockerfile
#JDK Base Image
FROM harbor.chendd.fun/mageimages/centos:7.9.2009
#FROM centos:7.9.2009
MAINTAINER kun "1710269083@qq.com"
ADD jdk-8u212-linux-x64.tar.gz /usr/local/src/
RUN ln -sv /usr/local/src/jdk1.8.0_212 /usr/local/jdk
ADD profile /etc/profile
ENV JAVA_HOME /usr/local/jdk
ENV JRE_HOME $JAVA_HOME/jre
ENV CLASSPATH $JAVA_HOME/lib/:$JRE_HOME/lib/
ENV PATH $PATH:$JAVA_HOME/bin
[root@k8s-master1 jdk-1.8.212]#cat build-command.sh
#!/bin/bash
#docker build -t harbor.chendd.fun/pub-images/jdk-base:v8.212 .
#sleep 1
#docker push harbor.chendd.fun/pub-images/jdk-base:v8.212
nerdctl build -t harbor.chendd.fun/pub-images/jdk-base:v8.212 .
nerdctl push harbor.chendd.fun/pub-images/jdk-base:v8.212
#构建nginx:1.22基础镜像
[root@k8s-master1 nginx-base]#cat Dockerfile
#Nginx Base Image
FROM harbor.chendd.fun/mageimages/centos:7.9.2009
MAINTAINER kun@kun.net
RUN yum install -y vim wget tree lrzsz gcc gcc-c++ automake pcre pcre-devel zlib zlib-devel openssl openssl-devel iproute net-tools iotop
ADD nginx-1.22.0.tar.gz /usr/local/src/
RUN cd /usr/local/src/nginx-1.22.0 && ./configure && make && make install && ln -sv /usr/local/nginx/sbin/nginx /usr/sbin/nginx &&rm -rf /usr/local/src/nginx-1.22.0.tar.gz
[root@k8s-master1 nginx-base]#cat build-command.sh
#!/bin/bash
#docker build -t harbor.magedu.net/pub-images/nginx-base:v1.18.0 .
#sleep 1
#docker push harbor.magedu.net/pub-images/nginx-base:v1.18.0
nerdctl build -t harbor.chendd.fun/pub-images/nginx-base:v1.22.0 .
nerdctl push harbor.chendd.fun/pub-images/nginx-base:v1.22.0
业务容器化案例之二: Nginx+Tomcat+NFS实现动静分离
# 构建dockerfile 业务容器tomcat
[root@k8s-master1 tomcat-app1]#cat Dockerfile
#tomcat web1
FROM harbor.chendd.fun/pub-images/tomcat-base:v8.5.43
ADD catalina.sh /apps/tomcat/bin/catalina.sh
ADD server.xml /apps/tomcat/conf/server.xml
#ADD myapp/* /data/tomcat/webapps/myapp/
ADD app1.tar.gz /data/tomcat/webapps/app1/
ADD run_tomcat.sh /apps/tomcat/bin/run_tomcat.sh
#ADD filebeat.yml /etc/filebeat/filebeat.yml
RUN chown -R nginx.nginx /data/ /apps/
#ADD filebeat-7.5.1-x86_64.rpm /tmp/
#RUN cd /tmp && yum localinstall -y filebeat-7.5.1-amd64.deb
EXPOSE 8080 8443
CMD ["/apps/tomcat/bin/run_tomcat.sh"]
[root@k8s-master1 tomcat-app1]#bash build-command.sh v1
# 构建dockerfile 业务容器nginx
[root@k8s-master1 nginx]#cat Dockerfile
#Nginx 1.22.0
FROM harbor.chendd.fun/pub-images/nginx-base:v1.22.0
ADD nginx.conf /usr/local/nginx/conf/nginx.conf
ADD app1.tar.gz /usr/local/nginx/html/webapp/
ADD index.html /usr/local/nginx/html/index.html
#静态资源挂载路径
RUN mkdir -p /usr/local/nginx/html/webapp/static /usr/local/nginx/html/webapp/images
EXPOSE 80 443
CMD ["nginx"]
[root@k8s-master1 nginx]#cat build-command.sh
#!/bin/bash
TAG=$1
#docker build -t harbor.chendd.fun/magedu/nginx-web1:${TAG} .
#echo "镜像构建完成,即将上传到harbor"
#sleep 1
#docker push harbor.chendd.fun/magedu/nginx-web1:${TAG}
#echo "镜像上传到harbor完成"
nerdctl build -t harbor.chendd.fun/magedu/nginx-web1:${TAG} .
nerdctl push harbor.chendd.fun/magedu/nginx-web1:${TAG}
[root@k8s-master1 nginx]#bash build-command.sh v1k8s资源配置
#tomcat资源清单
[root@k8s-master1 tomcat-app1]#cat tomcat-app1.yaml
kind: Deployment
#apiVersion: extensions/v1beta1
apiVersion: apps/v1
metadata:
labels:
app: magedu-tomcat-app1-deployment-label
name: magedu-tomcat-app1-deployment
namespace: magedu
spec:
replicas: 1
selector:
matchLabels:
app: magedu-tomcat-app1-selector
template:
metadata:
labels:
app: magedu-tomcat-app1-selector
spec:
containers:
- name: magedu-tomcat-app1-container
image: harbor.chendd.fun/magedu/tomcat-app1:v1
#command: ["/apps/tomcat/bin/run_tomcat.sh"]
imagePullPolicy: IfNotPresent
#imagePullPolicy: Always
ports:
- containerPort: 8080
protocol: TCP
name: http
env:
- name: "password"
value: "123456"
- name: "age"
value: "18"
#resources:
# limits:
# cpu: 1
# memory: "512Mi"
# requests:
# cpu: 500m
# memory: "512Mi"
volumeMounts:
- name: magedu-images
mountPath: /usr/local/nginx/html/webapp/images
readOnly: false
- name: magedu-static
mountPath: /usr/local/nginx/html/webapp/static
readOnly: false
volumes:
- name: magedu-images
nfs:
server: 10.0.0.113
path: /data/k8sdata/magedu/images
- name: magedu-static
nfs:
server: 10.0.0.113
path: /data/k8sdata/magedu/static
# nodeSelector:
# project: magedu
# app: tomcat
---
kind: Service
apiVersion: v1
metadata:
labels:
app: magedu-tomcat-app1-service-label
name: magedu-tomcat-app1-service
namespace: magedu
spec:
type: NodePort
ports:
- name: http
port: 80
protocol: TCP
targetPort: 8080
nodePort: 30092
selector:
app: magedu-tomcat-app1-selector
#nginx资源清单
[root@k8s-master1 nginx]#cat nginx.yaml
kind: Deployment
apiVersion: apps/v1
metadata:
labels:
app: magedu-nginx-deployment-label
name: magedu-nginx-deployment
namespace: magedu
spec:
replicas: 1
selector:
matchLabels:
app: magedu-nginx-selector
template:
metadata:
labels:
app: magedu-nginx-selector
spec:
containers:
- name: magedu-nginx-container
image: harbor.chendd.fun/magedu/nginx-web1:v1
#command: ["/apps/tomcat/bin/run_tomcat.sh"]
#imagePullPolicy: IfNotPresent
imagePullPolicy: Always
ports:
- containerPort: 80
protocol: TCP
name: http
- containerPort: 443
protocol: TCP
name: https
env:
- name: "password"
value: "123456"
- name: "age"
value: "20"
resources:
limits:
cpu: 500m
memory: 512Mi
requests:
cpu: 500m
memory: 256Mi
volumeMounts:
- name: magedu-images
mountPath: /usr/local/nginx/html/webapp/images
readOnly: false
- name: magedu-static
mountPath: /usr/local/nginx/html/webapp/static
readOnly: false
volumes:
- name: magedu-images
nfs:
server: 10.0.0.113
path: /data/k8sdata/magedu/images
- name: magedu-static
nfs:
server: 10.0.0.113
path: /data/k8sdata/magedu/static
#nodeSelector:
# group: magedu
---
kind: Service
apiVersion: v1
metadata:
labels:
app: magedu-nginx-service-label
name: magedu-nginx-service
namespace: magedu
spec:
type: NodePort
ports:
- name: http
port: 80
protocol: TCP
targetPort: 80
nodePort: 30090
- name: https
port: 443
protocol: TCP
targetPort: 443
nodePort: 30091
selector:
app: magedu-nginx-selector测试结果
[root@k8s-master1 nginx]#kubectl get -n magedu pod,svc -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
pod/magedu-nginx-deployment-dc6b88d87-krtw7 1/1 Running 0 4h34m 10.200.107.194 10.0.0.113 <none> <none>
pod/magedu-tomcat-app1-deployment-5866b5677-l74xs 1/1 Running 0 5h12m 10.200.107.196 10.0.0.113 <none> <none>
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
service/magedu-nginx-service NodePort 10.100.177.90 <none> 80:30090/TCP,443:30091/TCP 4h34m app=magedu-nginx-selector
service/magedu-tomcat-app1-service NodePort 10.100.13.0 <none> 80:30092/TCP 5h12m app=magedu-tomcat-app1-selector
业务容器化案例之二: Nginx+Tomcat+NFS实现动静分离
Nginx 基础镜像制作
Nginx业务镜像制作
Nginx业务镜像测试
在kubernetes环境运行nginx
JDK基础镜像制作
tomcat基础镜像制作
tomcat业务镜像app1制作
在kubernetes环境运行tomcat
在kubernetes中nginx+tomcat实现动静分离
基于NFS实现数据共享
在后端服务生成数据并访问验证
