【模块一】kubernetes容器编排进阶业务容器化案例
Kubernetes 实战案例
Kubernetes实战案例-规划(基于nerdctl + buildkitd+containerd构建容器镜像)
-
业务容器化优势:
① 提高资源利用率、节约部署IT成本。
② 提高部署效率,基于kubernetes实现微服务的快速部署与交付、容器的批量调度与秒级启动。
③ 实现横向扩容、灰度部署、回滚、链路追踪、服务治理等。
④ 可根据业务负载进行自动弹性伸缩。
⑤ 容器将环境和代码打包在镜像内,保证了测试与生产运行环境的一致性。
⑥ 紧跟云原生社区技术发展的步伐,不给公司遗留技术债,为后期技术升级夯实了基础。
⑦ 为个人储备前沿技术,提高个人level。
业务容器化案例之一: 业务规划及镜像分层构建
#构建Centos基础镜像
[root@k8s-master1 centos]#cat Dockerfile
#自定义Centos 基础镜像
FROM centos:7.9.2009
MAINTAINER kun 1710269083@qq.com
ADD CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo
ADD epel-7.repo /etc/yum.repos.d/epel.repo
ADD filebeat-7.12.1-x86_64.rpm /tmp
RUN cp /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup && yum repolist && yum install -y /tmp/filebeat-7.12.1-x86_64.rpm vim wget tree lrzsz gcc gcc-c++ automake pcre pcre-devel zlib zlib-devel openssl openssl-devel iproute net-tools iotop && rm -rf /etc/localtime /tmp/filebeat-7.12.1-x86_64.rpm && ln -snf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && useradd nginx -u 2088
[root@k8s-master1 centos]#cat build-command.sh
#!/bin/bash/usr/local/bin/nerdctl build -t harbor.chendd.fun/images/centos:7.9.2009 .
/usr/local/bin/nerdctl push harbor.chendd.fun/images/centos:7.9.2009#构建jdk—1.8.212基础镜像
[root@k8s-master1 jdk-1.8.212]#cat Dockerfile
#JDK Base Image
FROM harbor.chendd.fun/mageimages/centos:7.9.2009
#FROM centos:7.9.2009MAINTAINER kun "1710269083@qq.com"ADD jdk-8u212-linux-x64.tar.gz /usr/local/src/
RUN ln -sv /usr/local/src/jdk1.8.0_212 /usr/local/jdk
ADD profile /etc/profileENV JAVA_HOME /usr/local/jdk
ENV JRE_HOME $JAVA_HOME/jre
ENV CLASSPATH $JAVA_HOME/lib/:$JRE_HOME/lib/
ENV PATH $PATH:$JAVA_HOME/bin
[root@k8s-master1 jdk-1.8.212]#cat build-command.sh
#!/bin/bash
#docker build -t harbor.chendd.fun/pub-images/jdk-base:v8.212 .
#sleep 1
#docker push harbor.chendd.fun/pub-images/jdk-base:v8.212nerdctl build -t harbor.chendd.fun/pub-images/jdk-base:v8.212 .nerdctl push harbor.chendd.fun/pub-images/jdk-base:v8.212#构建nginx:1.22基础镜像
[root@k8s-master1 nginx-base]#cat Dockerfile
#Nginx Base Image
FROM harbor.chendd.fun/mageimages/centos:7.9.2009 MAINTAINER kun@kun.netRUN yum install -y vim wget tree lrzsz gcc gcc-c++ automake pcre pcre-devel zlib zlib-devel openssl openssl-devel iproute net-tools iotop
ADD nginx-1.22.0.tar.gz /usr/local/src/
RUN cd /usr/local/src/nginx-1.22.0 && ./configure && make && make install && ln -sv /usr/local/nginx/sbin/nginx /usr/sbin/nginx &&rm -rf /usr/local/src/nginx-1.22.0.tar.gz
[root@k8s-master1 nginx-base]#cat build-command.sh
#!/bin/bash
#docker build -t harbor.magedu.net/pub-images/nginx-base:v1.18.0 .
#sleep 1
#docker push harbor.magedu.net/pub-images/nginx-base:v1.18.0nerdctl build -t harbor.chendd.fun/pub-images/nginx-base:v1.22.0 .nerdctl push harbor.chendd.fun/pub-images/nginx-base:v1.22.0
业务容器化案例之二: Nginx+Tomcat+NFS实现动静分离
# 构建dockerfile 业务容器tomcat
[root@k8s-master1 tomcat-app1]#cat Dockerfile
#tomcat web1
FROM harbor.chendd.fun/pub-images/tomcat-base:v8.5.43 ADD catalina.sh /apps/tomcat/bin/catalina.sh
ADD server.xml /apps/tomcat/conf/server.xml
#ADD myapp/* /data/tomcat/webapps/myapp/
ADD app1.tar.gz /data/tomcat/webapps/app1/
ADD run_tomcat.sh /apps/tomcat/bin/run_tomcat.sh
#ADD filebeat.yml /etc/filebeat/filebeat.yml
RUN chown -R nginx.nginx /data/ /apps/
#ADD filebeat-7.5.1-x86_64.rpm /tmp/
#RUN cd /tmp && yum localinstall -y filebeat-7.5.1-amd64.debEXPOSE 8080 8443CMD ["/apps/tomcat/bin/run_tomcat.sh"]
[root@k8s-master1 tomcat-app1]#bash build-command.sh v1# 构建dockerfile 业务容器nginx
[root@k8s-master1 nginx]#cat Dockerfile
#Nginx 1.22.0
FROM harbor.chendd.fun/pub-images/nginx-base:v1.22.0 ADD nginx.conf /usr/local/nginx/conf/nginx.conf
ADD app1.tar.gz /usr/local/nginx/html/webapp/
ADD index.html /usr/local/nginx/html/index.html#静态资源挂载路径
RUN mkdir -p /usr/local/nginx/html/webapp/static /usr/local/nginx/html/webapp/images EXPOSE 80 443CMD ["nginx"]
[root@k8s-master1 nginx]#cat build-command.sh
#!/bin/bash
TAG=$1
#docker build -t harbor.chendd.fun/magedu/nginx-web1:${TAG} .
#echo "镜像构建完成,即将上传到harbor"
#sleep 1
#docker push harbor.chendd.fun/magedu/nginx-web1:${TAG}
#echo "镜像上传到harbor完成"nerdctl build -t harbor.chendd.fun/magedu/nginx-web1:${TAG} .nerdctl push harbor.chendd.fun/magedu/nginx-web1:${TAG}[root@k8s-master1 nginx]#bash build-command.sh v1k8s资源配置
#tomcat资源清单
[root@k8s-master1 tomcat-app1]#cat tomcat-app1.yaml
kind: Deployment
#apiVersion: extensions/v1beta1
apiVersion: apps/v1
metadata:labels:app: magedu-tomcat-app1-deployment-labelname: magedu-tomcat-app1-deploymentnamespace: magedu
spec:replicas: 1selector:matchLabels:app: magedu-tomcat-app1-selectortemplate:metadata:labels:app: magedu-tomcat-app1-selectorspec:containers:- name: magedu-tomcat-app1-containerimage: harbor.chendd.fun/magedu/tomcat-app1:v1#command: ["/apps/tomcat/bin/run_tomcat.sh"]imagePullPolicy: IfNotPresent#imagePullPolicy: Alwaysports:- containerPort: 8080protocol: TCPname: httpenv:- name: "password"value: "123456"- name: "age"value: "18"#resources:# limits:# cpu: 1# memory: "512Mi"# requests:# cpu: 500m# memory: "512Mi"volumeMounts:- name: magedu-imagesmountPath: /usr/local/nginx/html/webapp/imagesreadOnly: false- name: magedu-staticmountPath: /usr/local/nginx/html/webapp/staticreadOnly: falsevolumes:- name: magedu-imagesnfs:server: 10.0.0.113path: /data/k8sdata/magedu/images- name: magedu-staticnfs:server: 10.0.0.113path: /data/k8sdata/magedu/static
# nodeSelector:
# project: magedu
# app: tomcat
---
kind: Service
apiVersion: v1
metadata:labels:app: magedu-tomcat-app1-service-labelname: magedu-tomcat-app1-servicenamespace: magedu
spec:type: NodePortports:- name: httpport: 80protocol: TCPtargetPort: 8080nodePort: 30092selector:app: magedu-tomcat-app1-selector#nginx资源清单
[root@k8s-master1 nginx]#cat nginx.yaml
kind: Deployment
apiVersion: apps/v1
metadata:labels:app: magedu-nginx-deployment-labelname: magedu-nginx-deploymentnamespace: magedu
spec:replicas: 1selector:matchLabels:app: magedu-nginx-selectortemplate:metadata:labels:app: magedu-nginx-selectorspec:containers:- name: magedu-nginx-containerimage: harbor.chendd.fun/magedu/nginx-web1:v1#command: ["/apps/tomcat/bin/run_tomcat.sh"]#imagePullPolicy: IfNotPresentimagePullPolicy: Alwaysports:- containerPort: 80protocol: TCPname: http- containerPort: 443protocol: TCPname: httpsenv:- name: "password"value: "123456"- name: "age"value: "20"resources:limits:cpu: 500mmemory: 512Mirequests:cpu: 500mmemory: 256MivolumeMounts:- name: magedu-imagesmountPath: /usr/local/nginx/html/webapp/imagesreadOnly: false- name: magedu-staticmountPath: /usr/local/nginx/html/webapp/staticreadOnly: falsevolumes:- name: magedu-imagesnfs:server: 10.0.0.113path: /data/k8sdata/magedu/images - name: magedu-staticnfs:server: 10.0.0.113path: /data/k8sdata/magedu/static#nodeSelector:# group: magedu---
kind: Service
apiVersion: v1
metadata:labels:app: magedu-nginx-service-labelname: magedu-nginx-servicenamespace: magedu
spec:type: NodePortports:- name: httpport: 80protocol: TCPtargetPort: 80nodePort: 30090- name: httpsport: 443protocol: TCPtargetPort: 443nodePort: 30091selector:app: magedu-nginx-selector测试结果
[root@k8s-master1 nginx]#kubectl get -n magedu pod,svc -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
pod/magedu-nginx-deployment-dc6b88d87-krtw7 1/1 Running 0 4h34m 10.200.107.194 10.0.0.113 <none> <none>
pod/magedu-tomcat-app1-deployment-5866b5677-l74xs 1/1 Running 0 5h12m 10.200.107.196 10.0.0.113 <none> <none>NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
service/magedu-nginx-service NodePort 10.100.177.90 <none> 80:30090/TCP,443:30091/TCP 4h34m app=magedu-nginx-selector
service/magedu-tomcat-app1-service NodePort 10.100.13.0 <none> 80:30092/TCP 5h12m app=magedu-tomcat-app1-selector
业务容器化案例之二: Nginx+Tomcat+NFS实现动静分离
Nginx 基础镜像制作
Nginx业务镜像制作
Nginx业务镜像测试
在kubernetes环境运行nginx
JDK基础镜像制作
tomcat基础镜像制作
tomcat业务镜像app1制作
在kubernetes环境运行tomcat
在kubernetes中nginx+tomcat实现动静分离
基于NFS实现数据共享
在后端服务生成数据并访问验证