K8S-helm部署服务(四)

原创 K8S-helm部署服务(四)

兜兜 2021-09-03 11:25:50 2022-01-25 09:20:35

k8s

#### 一、准备工作 ```sh 1.修改springboot服务启动方式以及server.port改成固定端口 #为了K8S pod监控对应的端口，做健康检查 2.pom.xml加监控相关依赖以及修改监控配置 #为了K8S pod监控对应的端口，做健康检查 3.添加DockerFile以及其他文件 4.修改pom.xml的注册中心的地址 5.安装helm 6.创建helm chart ``` ##### 1.1 修改springboot服务启动方式 ```java @EnableCustomConfig @EnableRyFeignClients @SpringCloudApplication public class ShudoonHomeworkServerApplication { public static void main(String[] args) { //new StartCommand(args,false, true); 禁用StartCommand SpringApplication.run(ShudoonHomeworkServerApplication.class, args); } } ``` ##### 1.2 修改server.port改成固定端口 ```yaml server: port: 18009 ``` ##### 2.1 pom.xml加监控相关依赖 ```xml ...  <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-actuator</artifactId> </dependency>  <dependency> <groupId>io.micrometer</groupId> <artifactId>micrometer-registry-prometheus</artifactId> <version>1.5.1</version> </dependency> ... ``` ##### 2.2 修改监控配置 `暴露监控相关的API` ```yaml # 监听服务 management: endpoints: web: exposure: include: "*" metrics: tags: application: ${spring.application.name} ``` ##### 3.1 添加DockerFile以及其他文件 `代码版本库添加Dockerfile文件，方便统一管理` Dockerfile(`springboot微服务`) ```sh FROM openjdk:8 ARG server_port ENV SERVER_PORT=$server_port ADD target/*.jar /app.jar EXPOSE ${SERVER_PORT} ENTRYPOINT java -Dserver.port=${SERVER_PORT} -jar /app.jar ``` Dockerfile(`前端web服务`) ```sh FROM harbor.example.com/other/nginx:1.20.0 MAINTAINER sheyinsong COPY dist/ /usr/share/nginx/html/ COPY default.conf /etc/nginx/conf.d/default.conf ``` 添加default.conf(`前端web服务`) default.conf ```sh server { listen 80; root /usr/share/nginx/html; try_files $uri $uri/ /index.html; index index.html; } ``` ##### 4.1 修改pom.xml的注册中心的地址 `nacos部署在K8S集群中，微服务改成nacos的服务地址:nacos-headless:8848` ```xml ... <config.server-addr>nacos-headless:8848</config.server-addr> <nacos.namespace>f1e1891f-d11e-4180-883e-d709f02c4040</nacos.namespace>  <discovery.server-addr>nacos-headless:8848</discovery.server-addr> <dubbo.nacos.address>nacos://nacos-headless:8848</dubbo.nacos.address> ... ``` ##### 5.1 安装以及配置helm 5.1.1 安装以及配置helm ```sh $ wget https://get.helm.sh/helm-v3.5.4-linux-amd64.tar.gz $ tar -zxvf helm-v3.5.4-linux-amd64.tar.gz $ mv linux-amd64/helm /usr/local/bin/helm $ helm version version.BuildInfo{Version:"v3.5.4", GitCommit:"1b5edb69df3d3a08df77c9902dc17af864ff05d1", GitTreeState:"clean", GoVersion:"go1.15.11"} $ helm plugin install https://github.com/chartmuseum/helm-push $ helm repo add shudoon-local --username=shudoon --password=xxxxx https://harbor.example.com/chartrepo/shudoon/ #配置私有仓库shudoon-local $ helm repo list ``` ##### 6.1 创建helm chart 6.1.1 创建helm 微服务chart `微服务chart增加filebeat容器和skywalking初始化容器` ```sh $ helm create springboot-demo ``` 配置deployment.yml ```yml apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "springboot-demo.fullname" . }} labels: {{- include "springboot-demo.labels" . | nindent 4 }} spec: {{- if not .Values.autoscaling.enabled }} replicas: {{ .Values.replicaCount }} {{- end }} selector: matchLabels: {{- include "springboot-demo.selectorLabels" . | nindent 6 }} template: metadata: {{- with .Values.podAnnotations }} annotations: {{- toYaml . | nindent 8 }} {{- end }} labels: {{- include "springboot-demo.selectorLabels" . | nindent 8 }} spec: {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} serviceAccountName: {{ include "springboot-demo.serviceAccountName" . }} securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} initContainers: - name: {{ .Values.image3.name }} #skywalking容器 image: "{{ .Values.image3.repository }}:{{ .Values.image3.tag }}" imagePullPolicy: IfNotPresent command: ["sh"] args: [ "-c", "mkdir -p /skywalking/agent && cp -r /usr/skywalking/agent/* /skywalking/agent", ] volumeMounts: - mountPath: /skywalking/agent name: sw-agent containers: - name: {{ .Values.image2.name }} #filebeat容器 image: "{{ .Values.image2.repository }}:{{ .Values.image2.tag }}" imagePullPolicy: {{ .Values.image.pullPolicy }} command: - "/bin/sh" args: - "-c" - "filebeat -c /etc/filebeat/filebeat.yml" volumeMounts: - name: app-logs mountPath: /log - name: filebeat-{{.Release.Name}}-config mountPath: /etc/filebeat/ - name: {{ .Chart.Name }} securityContext: {{- toYaml .Values.securityContext | nindent 12 }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ .Values.image.pullPolicy }} env: - name: JAVA_TOOL_OPTIONS value: -javaagent:/usr/skywalking/agent/skywalking-agent.jar - name: SW_AGENT_NAME value: {{.Release.Name}} - name: SW_AGENT_COLLECTOR_BACKEND_SERVICES value: skywalking-oap:11800 #k8s需要提前安装skywalking服务 volumeMounts: - name: app-logs mountPath: /serverlog - name: sw-agent mountPath: /usr/skywalking/agent ports: - name: http containerPort: {{ .Values.service.targetPort | default 80 }} protocol: TCP livenessProbe: httpGet: path: /actuator/health/liveness port: {{ .Values.service.targetPort | default 80 }} initialDelaySeconds: 20 failureThreshold: 15 timeoutSeconds: 10 periodSeconds: 5 readinessProbe: httpGet: path: /actuator/health/readiness port: {{ .Values.service.targetPort | default 80 }} initialDelaySeconds: 20 failureThreshold: 15 timeoutSeconds: 10 periodSeconds: 5 resources: {{- toYaml .Values.resources | nindent 12 }} volumes: - name: app-logs emptyDir: {} - name: sw-agent emptyDir: {} - name: filebeat-{{.Release.Name}}-config configMap: name: filebeat-{{.Release.Name}}-config {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.affinity }} affinity: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} ``` configmap.yaml ```yml apiVersion: v1 kind: ConfigMap metadata: name: filebeat-{{.Release.Name}}-config data: filebeat.yml: | filebeat.inputs: - type: log enabled: true paths: - "/log/*/log_info.log" #日志路径 - "/log/*/*/log_info.log" - "/log/*/*/*/log_info.log" tags: ["{{ .Release.Name }}"] multiline.pattern: '^[0-9]{4}-[0-9]{2}-[0-9]{2}' multiline.negate: true multiline.match: after exclude_lines: ['.*com.alibaba.nacos.naming.client.listener.*'] output.elasticsearch: #配置日志输出到elasticsearch hosts: ["xxxxx.elasticsearch.com"] username: "elastic" password: "xxxxx" index: "{{ .Release.Name }}-%{+yyyy.MM.dd}" setup.ilm.enabled: false setup.template.name: "{{ .Release.Name }}" setup.template.pattern: "{{ .Release.Name }}-*" ``` value.yml ```yml env: #JAVA优化参数，限制pod的内存使用 JAVA_OPTS: -XX:MaxRAMFraction=2 replicaCount: 2 image: #默认镜像，部署的时候指定镜像替换默认镜像 repository: nginx pullPolicy: IfNotPresent imagePullPolicy: Always tag: "" image2: #filebeat镜像 name: filebeat repository: harbor.example.com/shudoon/filebeat pullPolicy: IfNotPresent imagePullPolicy: Always tag: "7.4.2" image3: #skywalking镜像 name: skywalking-agent-sidecar repository: harbor.example.com/shudoon/skywalking-agent-sidecar pullPolicy: IfNotPresent imagePullPolicy: Always tag: "8.7.0-fixbug-1" imagePullSecrets: [] nameOverride: "" fullnameOverride: "" serviceAccount: create: true annotations: {} name: "" podAnnotations: {} podSecurityContext: {} securityContext: {} service: #服务配置 type: ClusterIP port: 80 targetPort: 80 ingress: #ingress关闭 annotations: kubernetes.io/ingress.class: "nginx" ingress.kubernetes.io/ssl-redirect: "false" nginx.ingress.kubernetes.io/proxy-body-size: 100m nginx.ingress.kubernetes.io/proxy-connect-timeout: "600" nginx.ingress.kubernetes.io/proxy-read-timeout: "600" nginx.ingress.kubernetes.io/proxy-send-timeout: "600" enabled: false host: chart-example.local tls: [] resources: #资源配置 limits: cpu: 1000m memory: 2048Mi requests: cpu: 100m memory: 256Mi autoscaling: enabled: false minReplicas: 1 maxReplicas: 100 targetCPUUtilizationPercentage: 80 nodeSelector: {} tolerations: [] affinity: {} ``` Chart.yaml ```yaml apiVersion: v2 appVersion: 1.16.0 description: A Helm chart for Kubernetes name: springboot-demo type: application version: 0.2.24-filebeat-skywalking-javaheap ``` 打包&推送chart到仓库 ```sh $ helm package springboot-demo $ helm push /root/springboot-demo-filebeat/0.2.24-filebeat-skywalking-javaheap.tgz shudoon-local #指定仓库的名字 $ helm repo update ``` 6.1.2 创建helm 前端web服务chart ```sh $ helm create web-demo ``` deployment.yaml ```yaml apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "springboot-demo.fullname" . }} labels: {{- include "springboot-demo.labels" . | nindent 4 }} spec: {{- if not .Values.autoscaling.enabled }} replicas: {{ .Values.replicaCount }} {{- end }} selector: matchLabels: {{- include "springboot-demo.selectorLabels" . | nindent 6 }} template: metadata: {{- with .Values.podAnnotations }} annotations: {{- toYaml . | nindent 8 }} {{- end }} labels: {{- include "springboot-demo.selectorLabels" . | nindent 8 }} spec: {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} serviceAccountName: {{ include "springboot-demo.serviceAccountName" . }} securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} containers: - name: {{ .Chart.Name }} securityContext: {{- toYaml .Values.securityContext | nindent 12 }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ .Values.image.pullPolicy }} ports: - name: http containerPort: {{ .Values.containerPort | default 80 }} protocol: TCP livenessProbe: httpGet: host: path: / port: {{ .Values.containerPort | default 80 }} initialDelaySeconds: 5 failureThreshold: 10 timeoutSeconds: 10 periodSeconds: 5 resources: {{- toYaml .Values.resources | nindent 12 }} {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.affinity }} affinity: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} ``` Chart.yaml ```yaml apiVersion: v2 name: web-demo description: A Helm chart for Kubernetes type: application version: 0.2.0 appVersion: "1.16.0" ``` 打包&推送chart到仓库 ```sh $ helm package web-demo $ helm push /root/web-demo-0.2.0.tgz shudoon-local #指定仓库的名字 $ helm repo update ```