一.deployment
rc和rs控制器都是控制pod的副本数量的,但是,他们两个有个缺点,就是在部署新版本pod或者回滚代码的时候,需要先apply资源清单,然后再删除现有pod,通过资源控制,重新拉取新的pod来实现回滚或者迭代升级
deployments资源,实际上就是用来专门部署业务代码的控制器,专门用于企业业务代码的升级和回滚
deployment部署控制器,实际上控制的是rs副本控制器,如果说rs副本控制器是控制pod的副本数量的,那么deployment就是专门控制rs控制器资源的
简单来说:deployment不需要删除pod,rc,rs需要删除pod
1.deplyment的简单实现
·deplyment资源清单
[root@master 0721]# cat dp.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: dp-demo
spec:
replicas: 3
selector:
matchLabels:
demoo0: demoo0
template:
metadata:
name: pod001
labels:
demoo0: demoo0
spec:
containers:
- name: dd
image: harbor.test.com/test/nginx:v1
ports:
- containerPort: 80· 创建查看
[root@master 0721]# kubectl apply -f dp.yaml
deployment.apps/dp-demo created
[root@master 0721]# kubectl get deploy
NAME READY UP-TO-DATE AVAILABLE AGE
dp-demo 3/3 3 3 18s
[root@master 0721]# kubectl get rs
NAME DESIRED CURRENT READY AGE
dp-demo-988687d45 3 3 3 25s
[root@master 0721]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
dp-demo-988687d45-2b9d2 1/1 Running 0 38s 10.100.2.80 worker2 <none> <none>
dp-demo-988687d45-vp7xn 1/1 Running 0 38s 10.100.2.79 worker2 <none> <none>
dp-demo-988687d45-xg4fl 1/1 Running 0 38s 10.100.1.58 worker1 <none> <none>·通过标签查看pod时,可以发现pod多了一个标签
[root@master 0721]# kubectl get pods --show-labels
NAME READY STATUS RESTARTS AGE LABELS
dp-demo-988687d45-2b9d2 1/1 Running 0 61s demoo0=demoo0,pod-template-hash=988687d45
dp-demo-988687d45-vp7xn 1/1 Running 0 61s demoo0=demoo0,pod-template-hash=988687d45
dp-demo-988687d45-xg4fl 1/1 Running 0 61s demoo0=demoo0,pod-template-hash=988687d45注:
deployment:是用来部署服务的一个资源,是企业中常用的资源控制器
功能:
1,管理rs资源,通过rs资源管理pod
2,具有上线部署、副本设置、滚动升级、回滚等功能
3,提供了声明式更新,可以使用apply命令进行更新镜像版本之类的能力
使用场景:企业部署迭代应用
原理:
通过"标签"管理,实现rs资源的控制,它会在自动创建rs的过程中给rs自动生成一个特有的标签(专属于deployment),当apply更新清单的时候,它会通过标签选定是使用历史的rs还是重新创建rs
2.deployment升级回退
·v1版本
1.编辑deplyment资源清单
ps~直接用上面创建的那个也行
[root@master 0721]# cat dp.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: dp-demo
spec:
replicas: 3
selector:
matchLabels:
demoo0: demoo0
template:
metadata:
name: pod001
labels:
demoo0: demoo0
spec:
containers:
- name: dd
image: harbor.test.com/test/nginx:v1
ports:
- containerPort: 802.创建查看
[root@master 0721]# kubectl apply -f dp.yaml
deployment.apps/dp-demo created
[root@master 0721]# kubectl get deploy
NAME READY UP-TO-DATE AVAILABLE AGE
dp-demo 3/3 3 3 18s
[root@master 0721]# kubectl get rs
NAME DESIRED CURRENT READY AGE
dp-demo-988687d45 3 3 3 25s
[root@master 0721]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
dp-demo-988687d45-2b9d2 1/1 Running 0 38s 10.100.2.80 worker2 <none> <none>
dp-demo-988687d45-vp7xn 1/1 Running 0 38s 10.100.2.79 worker2 <none> <none>
dp-demo-988687d45-xg4fl 1/1 Running 0 38s 10.100.1.58 worker1 <none> <none>3.创建service资源用于访问
·编辑service资源清单
[root@master 0721]# cat svc.yaml
apiVersion: v1
kind: Service
metadata:
name: svc001
spec:
type: NodePort
selector:
demoo0: demoo0
ClusterIP: 10.200.200.101
ports:
- port: 99
targetPort: 80
nodePort: 30002·创建查看
[root@master 0721]# kubectl apply -f svc.yaml
service/svc001 created
[root@master 0721]# kubectl describe svc svc001
Name: svc001
Namespace: default
Labels: <none>
Annotations: <none>
Selector: demoo0=demoo0
Type: NodePort
IP Family Policy: SingleStack
IP Families: IPv4
IP: 10.200.200.200
IPs: 10.200.200.200
Port: <unset> 99/TCP
TargetPort: 80/TCP
NodePort: <unset> 30002/TCP
Endpoints: 10.100.1.58:80,10.100.2.79:80,10.100.2.80:80
Session Affinity: None
External Traffic Policy: Cluster
Events: <none>
[root@master 0721]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
dp-demo-988687d45-2b9d2 1/1 Running 0 22m 10.100.2.80 worker2 <none> <none>
dp-demo-988687d45-vp7xn 1/1 Running 0 22m 10.100.2.79 worker2 <none> <none>
dp-demo-988687d45-xg4fl 1/1 Running 0 22m 10.100.1.58 worker1 <none> <none>
4.浏览器访问测试
·v2版本
1.修改deployment清单中pod镜像版本为V2
[root@master 0721]# cat dp.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: dp-demo
spec:
replicas: 3
selector:
matchLabels:
demoo0: demoo0
template:
metadata:
name: pod001
labels:
demoo0: demoo0
spec:
containers:
- name: dd
image: harbor.test.com/test/nginx:v2
ports:
- containerPort: 802.重新加载deployment资源
[root@master 0721]# kubectl apply -f dp.yaml
deployment.apps/dp-demo configured3.浏览器访问测试
注:
deployment,不需要删除原有的pod,只需要apply重新更新一下资源清单,即可实现产品迭代,同比与rc和rs资源,优势明显
deployment资源,在apply升级后,是又重新创建了rs资源,也就是再升级的过程中,有两个rs资源
3.业务升级策略设置
升级过程中的控制策略
Kubernetes (k8s) 的升级策略取决于你想要如何管理更新。以下是一些常见的升级策略:
滚动更新(Rolling Update): 逐个更新Pod, 通过滚动更新Deployment来完成。
蓝绿部署(Blue/Green Deployment): 部署新版本的应用实例,然后将流量切换到新版本。
金丝雀部署(Canary Deployment): 部署新版本的一小部分,监控反馈,然后逐渐增加新版本的实例数量。
升级策略类型:
第一种:Recreate:先停止所有pod,再批量创建新的pod;生产环境不建议使用,因为用户在此时会访问不到服务;
第二种:RollingUpdate:滚动更新,即实现部分更新,逐渐替换掉原有的pod,也就是默认的策略;
·升级策略资源清单
[root@master 0721]# cat dp.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: dp-demo
spec:
#声明升级策略
strategy:
#设置升级策略类型
type: RollingUpdate
#若设置了RollingUpdate类型,还需要设置更新的策略
rollingUpdate:
#在原有pod副本数量的基础上,多启动pod的数量(也就是说,更新过程中同时可以存在2+副本数个pod, 新旧版本一起)
maxSurge: 2
#在升级的过程中最大不可访问的pod的数量(也就是说,pod副本数-1的数量可以被访问)
maxUnavailable: 1
replicas: 5
selector:
matchLabels:
demoo0: demoo0
template:
metadata:
name: pod001
labels:
demoo0: demoo0
spec:
containers:
- name: dd
image: harbor.test.com/test/nginx:v1
ports:
- containerPort: 80·升级创建资源
[root@master 0721]# kubectl apply -f dp.yaml
deployment.apps/dp-demo configured
[root@master 0721]# kubectl get rs
NAME DESIRED CURRENT READY AGE
dp-demo-6875bfb8b8 1 1 1 42m
dp-demo-988687d45 5 5 3 69m
[root@master 0721]# kubectl get rs
NAME DESIRED CURRENT READY AGE
dp-demo-6875bfb8b8 0 0 0 42m
dp-demo-988687d45 5 5 4 69m
[root@master 0721]# kubectl get rs
NAME DESIRED CURRENT READY AGE
dp-demo-6875bfb8b8 0 0 0 42m
dp-demo-988687d45 5 5 5 69m
4.蓝绿发布器
蓝绿发布,就是准备两套代码,不需要停止老版本(不影响上一个版本的用户访问),而是在另一套环境中部署新版本然后进行测试,测试通过后将用户流量切换到新的版本,其特点是业务没有终端,升级风险相对较小
实现方式:
1,部署当前版本代码
2,部署svc资源
3,部署新版本使用新的deployment名称,新的标签
4,切换svc标签到新的pod中实现业务切换;
·蓝环境-v1
1.编辑资源清单
deployment
[root@master 0721]# cat dp.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: dp-demo
spec:
replicas: 5
selector:
matchLabels:
demoo0: demoo0
template:
metadata:
name: pod001
labels:
demoo0: demoo0
spec:
containers:
- name: dd
image: harbor.test.com/test/nginx:v1
ports:
- containerPort: 80svc
apiVersion: v1
kind: Service
metadata:
name: svc001
spec:
type: NodePort
selector:
demoo0: demoo0
clusterIP: 10.200.200.200
ports:
- port: 99
targetPort: 80
nodePort: 300022.创建资源
[root@master 0721]# kubectl apply -f dp.yaml
[root@master 0721]# kubectl apply -f svc.yaml 3.浏览器访问测试
·绿环境-v2
1.编辑资源清单
[root@master 0721]# cat dp-green.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: dp-demo02
spec:
replicas: 5
selector:
matchLabels:
demoo02: demoo02
template:
metadata:
name: pod001
labels:
demoo02: demoo02
spec:
containers:
- name: dd
image: harbor.test.com/test/nginx:v2
ports:
- containerPort: 802.创建查看资源
[root@master 0721]# kubectl apply -f dp-green.yaml
deployment.apps/dp-demo02 created
[root@master 0721]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
dp-demo01-7dbc8d76b9-4gl65 1/1 Running 0 5m26s 10.100.1.95 worker1 <none> <none>
dp-demo01-7dbc8d76b9-67bpg 1/1 Running 0 5m26s 10.100.2.126 worker2 <none> <none>
dp-demo01-7dbc8d76b9-8mh2c 1/1 Running 0 5m26s 10.100.2.124 worker2 <none> <none>
dp-demo01-7dbc8d76b9-cnc6k 1/1 Running 0 5m26s 10.100.1.96 worker1 <none> <none>
dp-demo01-7dbc8d76b9-wwsp6 1/1 Running 0 5m26s 10.100.2.125 worker2 <none> <none>
dp-demo02-6f444d7988-ddbrs 1/1 Running 0 4m39s 10.100.1.97 worker1 <none> <none>
dp-demo02-6f444d7988-fhjhm 1/1 Running 0 4m39s 10.100.2.128 worker2 <none> <none>
dp-demo02-6f444d7988-hcljc 1/1 Running 0 4m39s 10.100.1.99 worker1 <none> <none>
dp-demo02-6f444d7988-m5z9r 1/1 Running 0 4m39s 10.100.2.127 worker2 <none> <none>
dp-demo02-6f444d7988-wpj47 1/1 Running 0 4m39s 10.100.1.98 worker1 <none> <none>3.切换svc资源的标签,让其指向新版本
[root@master 0721]# cat svc.yaml
apiVersion: v1
kind: Service
metadata:
name: svc001
spec:
type: NodePort
selector:
demoo02: demoo02
clusterIP: 10.200.200.200
ports:
- port: 99
targetPort: 80
nodePort: 300024.重新apply资源清单(svc)
有时候apply没用就需要先delete再apply重新创建
[root@master 0721]# kubectl delete svc svc001
service "svc001" deleted
[root@master 0721]# kubectl apply -f svc.yaml
service/svc001 created5.浏览器访问测试
5.灰度发布(金丝雀发布)
实现的机制:
1,部署老版本,使用多副本(模拟正式环境)
2,部署svc,匹配标签
3,部署新版本,标签与老版本标签一致(让svc能够访问到,副本从0开始)
4,灰度版本测试没有问题,将恢复版本的副本数量,逐渐调高增加为生产数量
5,将旧版本逐渐调低至0,此时流量全部跑到了新版本上
·部署老版本
[root@master 0721]# cat dp.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: dp-demo01
spec:
replicas: 5
selector:
matchLabels:
demoo01: demoo01
template:
metadata:
name: pod001
labels:
demoo01: demoo01
spec:
containers:
- name: dd
image: harbor.test.com/test/nginx:v1
ports:
- containerPort: 80
[root@master 0721]# kubectl apply -f dp.yaml
deployment.apps/dp-demo01 created·部署新版本
[root@master 0721]# cat dp-green.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: dp-demo02
spec:
replicas: 0
selector:
matchLabels:
demoo01: demoo01
template:
metadata:
name: pod001
labels:
demoo01: demoo01
spec:
containers:
- name: dd
image: harbor.xinjizhiwa.com/test/nginx:v2
ports:
- containerPort: 80·部署svc
[root@master 0721]# cat svc.yaml
apiVersion: v1
kind: Service
metadata:
name: svc001
spec:
type: NodePort
selector:
demoo01: demoo01
clusterIP: 10.200.200.200
ports:
- port: 99
targetPort: 80
nodePort: 30002
[root@master 0721]# kubectl apply -f svc.yaml
service/svc001 created
[root@master 0721]# kubectl describe svc svc001
Name: svc001
Namespace: default
Labels: <none>
Annotations: <none>
Selector: demoo01=demoo01
Type: NodePort
IP Family Policy: SingleStack
IP Families: IPv4
IP: 10.200.200.200
IPs: 10.200.200.200
Port: <unset> 99/TCP
TargetPort: 80/TCP
NodePort: <unset> 30002/TCP
Endpoints: 10.100.1.100:80,10.100.1.101:80,10.100.2.129:80 + 2 more...
Session Affinity: None
External Traffic Policy: Cluster
Events: <none>·将新版本的副本逐渐调高
就是将老版本rs控制器数量逐渐调低,新版本的逐渐调高(修改资源清单中的rs数量)
6.案例
步骤分析:
1.准备NFS环境
2.【wordpress的pod】创建deployment资源的wordpress(pod)容器
3.【用户访问的svc】创建用户访问的svc资源
4.【数据库的pod】创建deployment资源的数据库服务的pod容器
5.【数据库的svc】创建业务服务wordpress的pod资源访问数据库的svc资源
·准备nfs环境
nfs之前装过,存储节点配置nfs配置文件也在之前配置过了,所以创建个存储路径就好了
1.创建存储路径
mkdir -p /k8s/data/{mysql,wordpress}·编辑wordpress的depoloy资源清单
[root@master demowordpress]# cat dm-wordperss.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: dm-wp
spec:
replicas: 3
selector:
matchLabels:
k8s: wp
template:
metadata:
name: pod01
labels:
k8s: wp
spec:
volumes:
- name: vol-wp
nfs:
server: 10.0.0.230
path: /k8s/data/wordpress
containers:
- name: c-wp
image: wordpress:latest
ports:
- name: wp-c-port
containerPort: 80
volumeMounts:
- name: vol-wp
mountPath: /var/www/html/wp-content/uploads
env:
- name: WORDPRESS_DB_HOST
value: 10.200.200.200:3306
- name: WORDPRESS_DB_USER
value: admin
- name: WORDPRESS_DB_PASSWORD
value: demoo
- name: WORDPRESS_DB_NAME
value: wordpress·编辑wordpress的svc资源
[root@master demowordpress]# cat svc-wordpress.yaml
apiVersion: v1
kind: Service
metadata:
name: svc-wp
spec:
type: NodePort
selector:
k8s: wp
clusterIP: 10.200.200.100
ports:
- port: 99
targetPort: 80
nodePort: 31000·编辑数据库的deploy资源清单
[root@master demowordpress]# cat dm-mysql.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: dm-sql
spec:
replicas: 1
selector:
matchLabels:
k8s: sql
template:
metadata:
name: pod02
labels:
k8s: sql
spec:
volumes:
- name: vol-sql
nfs:
server: 10.0.0.230
path: /k8s/data/mysql
containers:
- name: c-db
image: mysql:8.0
ports:
- name: db-port
containerPort: 3306
volumeMounts:
- name: vol-sql
mountPath: /var/lib/mysql
env:
- name: MYSQL_DATABASE
value: wordpress
- name: MYSQL_USER
value: admin
- name: MYSQL_PASSWORD
value: demoo
- name: MYSQL_ROOT_PASSWORD
value: demoo·编辑数据库的svc资源
[root@master demowordpress]# cat svc-mysql.yaml
apiVersion: v1
kind: Service
metadata:
name: svc-sql
spec:
type: NodePort
selector:
k8s: sql
clusterIP: 10.200.200.200
ports:
- port: 3306
targetPort: 3306
nodePort: 32000·创建查看资源
[root@master demowordpress]# kubectl apply -f .
deployment.apps/dm-sql created
deployment.apps/dm-wp created
service/svc-sql unchanged
service/svc-wp unchanged
[root@master demowordpress]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.200.0.1 <none> 443/TCP 14d
svc-sql NodePort 10.200.200.200 <none> 3306:32000/TCP 14m
svc-wp NodePort 10.200.200.100 <none> 99:31000/TCP 11m
[root@master demowordpress]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
dm-sql-86b77b85c9-cqtd6 1/1 Running 0 2m28s 10.100.1.106 worker1 <none> <none>
dm-wp-75f457464f-2zn79 1/1 Running 0 2m28s 10.100.1.104 worker1 <none> <none>
dm-wp-75f457464f-94tm5 1/1 Running 0 2m28s 10.100.2.2 worker2 <none> <none>
dm-wp-75f457464f-jb7zx 1/1 Running 0 2m28s 10.100.1.105 worker1 <none> <none>·查看nfs存储路径,是否有数据
[root@harbor data]# ll mysql/
总用量 198056
-rw-r----- 1 polkitd input 56 7月 28 16:28 auto.cnf
-rw-r----- 1 polkitd input 3117698 7月 28 16:28 binlog.000001
-rw-r----- 1 polkitd input 156 7月 28 16:28 binlog.000002
-rw-r----- 1 polkitd input 32 7月 28 16:28 binlog.index
-rw------- 1 polkitd input 1680 7月 28 16:28 ca-key.pem
-rw-r--r-- 1 polkitd input 1112 7月 28 16:28 ca.pem
-rw-r--r-- 1 polkitd input 1112 7月 28 16:28 client-cert.pem
-rw------- 1 polkitd input 1680 7月 28 16:28 client-key.pem
-rw-r----- 1 polkitd input 196608 7月 28 16:28 #ib_16384_0.dblwr
-rw-r----- 1 polkitd input 8585216 7月 28 16:28 #ib_16384_1.dblwr
-rw-r----- 1 polkitd input 5698 7月 28 16:28 ib_buffer_pool
-rw-r----- 1 polkitd input 12582912 7月 28 16:28 ibdata1
-rw-r----- 1 polkitd input 50331648 7月 28 16:28 ib_logfile0
-rw-r----- 1 polkitd input 50331648 7月 28 16:28 ib_logfile1
-rw-r----- 1 polkitd input 12582912 7月 28 16:29 ibtmp1
drwxr-x--- 2 polkitd input 187 7月 28 16:28 #innodb_temp
drwxr-x--- 2 polkitd input 143 7月 28 16:28 mysql
-rw-r----- 1 polkitd input 31457280 7月 28 16:28 mysql.ibd
drwxr-x--- 2 polkitd input 8192 7月 28 16:28 performance_schema
-rw------- 1 polkitd input 1676 7月 28 16:28 private_key.pem
-rw-r--r-- 1 polkitd input 452 7月 28 16:28 public_key.pem
-rw-r--r-- 1 polkitd input 1112 7月 28 16:28 server-cert.pem
-rw------- 1 polkitd input 1680 7月 28 16:28 server-key.pem
drwxr-x--- 2 polkitd input 28 7月 28 16:28 sys
-rw-r----- 1 polkitd input 16777216 7月 28 16:28 undo_001
-rw-r----- 1 polkitd input 16777216 7月 28 16:28 undo_002
drwxr-x--- 2 polkitd input 6 7月 28 16:28 wordpress·浏览器访问验证
