红帽全球峰会第 2 章 部署应用程序研讨会
2.1. 研讨会概述
复制链接链接已复制到粘贴板!
在成功置备集群后,请按照本研讨会部署应用程序以了解部署和操作基于容器的应用程序的概念。
2.1.1. 研讨会目标
复制链接链接已复制到粘贴板!
以下详细介绍了此集群创建研讨会的目的。
- 使用 Source-to-Image (S2I)和 Kubernetes 部署对象部署基于 Node.js 的应用
- 设置持续交付(CD)管道,以自动推送源代码更改
- 体验自我修复应用程序
- 通过 ConfigMap、secret 和环境变量探索配置管理
- 使用持久性存储在 pod 重启后共享数据
- 探索 Kubernetes 和应用程序中的网络
- 熟悉 Red Hat OpenShift Service on AWS 和 Kubernetes 功能
- 根据来自 Horizontal Pod Autoscaler (HPA)的负载自动缩放 pod
2.1.1.1. 先决条件
复制链接链接已复制到粘贴板!
- 在 AWS 集群上置备的 Red Hat OpenShift Service
- OpenShift 命令行界面(CLI)
- GitHub 帐户
2.1.2. 关于 OSToy 应用程序
复制链接链接已复制到粘贴板!
OSToy 是一个 Node.js 应用程序,它部署到 Red Hat OpenShift Service on AWS 集群,以帮助探索 Kubernetes 的功能。
这个应用程序有一个用户界面,您可以:
- 将消息写入日志(stdout / stderr)
- 有意使应用程序崩溃以查看自我修复
- 切换存活度探测并监控 OpenShift 行为
- 读取 ConfigMap、secret 和环境变量
- 连接到共享存储时读取和写入文件
- 使用 included 微服务检查网络连接、集群内 DNS 和内部通信
- 使用 HPA 增加负载以查看 pod 的自动扩展
2.1.2.1. 了解 OSToy UI
复制链接链接已复制到粘贴板!
- Pod 名称
- Home: 应用程序主页
- 持久性存储:将数据写入绑定到应用程序的持久性卷
- Config Maps: 显示应用程序可用的 ConfigMap 和 key:value 对
- Secrets : 显示应用程序和 key:value 对可用的 secret
- ENV 变量: 显示应用程序可用的环境变量
- 网络: 网络工具
- Pod 自动扩展: 增加 pod 的负载并测试 Horizontal Pod Autoscaler (HPA)
- ACK S3: Integrate with AWS S3 to read and write objects to a bucket
- 关于: 应用程序信息
2.1.2.2. 实验资源
复制链接链接已复制到粘贴板!
- OSToy 应用源代码
- OSToy 前端容器镜像
- OSToy 微服务容器镜像
部署定义 YAML 文件:
ostoy-frontend-deployment.yamlapiVersion: v1 kind: PersistentVolumeClaim metadata: name: ostoy-pvc spec: accessModes: - ReadWriteOnce resources: requests: storage: 1Gi --- apiVersion: apps/v1 kind: Deployment metadata: name: ostoy-frontend labels: app: ostoy spec: selector: matchLabels: app: ostoy-frontend strategy: type: Recreate replicas: 1 template: metadata: labels: app: ostoy-frontend spec: # Uncomment to use with ACK portion of the workshop # If you chose a different service account name please replace it. # serviceAccount: ostoy-sa containers: - name: ostoy-frontend securityContext: allowPrivilegeEscalation: false runAsNonRoot: true seccompProfile: type: RuntimeDefault capabilities: drop: - ALL image: quay.io/ostoylab/ostoy-frontend:1.6.0 imagePullPolicy: IfNotPresent ports: - name: ostoy-port containerPort: 8080 resources: requests: memory: "256Mi" cpu: "100m" limits: memory: "512Mi" cpu: "200m" volumeMounts: - name: configvol mountPath: /var/config - name: secretvol mountPath: /var/secret - name: datavol mountPath: /var/demo_files livenessProbe: httpGet: path: /health port: 8080 initialDelaySeconds: 10 periodSeconds: 5 env: - name: ENV_TOY_SECRET valueFrom: secretKeyRef: name: ostoy-secret-env key: ENV_TOY_SECRET - name: MICROSERVICE_NAME value: OSTOY_MICROSERVICE_SVC - name: NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace volumes: - name: configvol configMap: name: ostoy-configmap-files - name: secretvol secret: defaultMode: 420 secretName: ostoy-secret - name: datavol persistentVolumeClaim: claimName: ostoy-pvc --- apiVersion: v1 kind: Service metadata: name: ostoy-frontend-svc labels: app: ostoy-frontend spec: type: ClusterIP ports: - port: 8080 targetPort: ostoy-port protocol: TCP name: ostoy selector: app: ostoy-frontend --- apiVersion: route.openshift.io/v1 kind: Route metadata: name: ostoy-route spec: to: kind: Service name: ostoy-frontend-svc --- apiVersion: v1 kind: Secret metadata: name: ostoy-secret-env type: Opaque data: ENV_TOY_SECRET: VGhpcyBpcyBhIHRlc3Q= --- kind: ConfigMap apiVersion: v1 metadata: name: ostoy-configmap-files data: config.json: '{ "default": "123" }' --- apiVersion: v1 kind: Secret metadata: name: ostoy-secret data: secret.txt: VVNFUk5BTUU9bXlfdXNlcgpQQVNTV09SRD1AT3RCbCVYQXAhIzYzMlk1RndDQE1UUWsKU01UUD1sb2NhbGhvc3QKU01UUF9QT1JUPTI1 type: Opaqueostoy-microservice-deployment.yamlapiVersion: apps/v1 kind: Deployment metadata: name: ostoy-microservice labels: app: ostoy spec: selector: matchLabels: app: ostoy-microservice replicas: 1 template: metadata: labels: app: ostoy-microservice spec: containers: - name: ostoy-microservice securityContext: allowPrivilegeEscalation: false runAsNonRoot: true seccompProfile: type: RuntimeDefault capabilities: drop: - ALL image: quay.io/ostoylab/ostoy-microservice:1.5.0 imagePullPolicy: IfNotPresent ports: - containerPort: 8080 protocol: TCP resources: requests: memory: "128Mi" cpu: "50m" limits: memory: "256Mi" cpu: "100m" --- apiVersion: v1 kind: Service metadata: name: ostoy-microservice-svc labels: app: ostoy-microservice spec: type: ClusterIP ports: - port: 8080 targetPort: 8080 protocol: TCP selector: app: ostoy-microserviceACK S3 的 S3 存储桶清单
s3-bucket.yamlapiVersion: s3.services.k8s.aws/v1alpha1 kind: Bucket metadata: name: ostoy-bucket namespace: ostoy spec: name: ostoy-bucket
注意
为简化 OSToy 应用程序的部署,以上部署清单所需的所有对象都分组在一起。对于典型的企业部署,建议为每个 Kubernetes 对象有一个单独的清单文件。
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}