做软件下载网站违法吗,如何设计一个购物网站,论坛做视频网站,企业介绍怎么写呢前言
快速配置请直接跳转至汇总配置
K8s SpringBoot实现零宕机发布#xff1a;健康检查滚动更新优雅停机弹性伸缩Prometheus监控配置分离#xff08;镜像复用#xff09; 配置 健康检查
健康检查类型#xff1a;就绪探针#xff08;readiness#xff09; 存活探针 SpringBoot实现零宕机发布健康检查滚动更新优雅停机弹性伸缩Prometheus监控配置分离镜像复用 配置 健康检查
健康检查类型就绪探针readiness 存活探针liveness探针类型exec进入容器执行脚本、tcpSocket探测端口、httpGet调用接口业务层面
项目依赖 pom.xmldependencygroupIdorg.springframework.boot/groupIdartifactIdspring-boot-starter-actuator/artifactId/dependency定义访问端口、路径及权限 application.yaml
management:server:port: 50000 # 启用独立运维端口endpoint: # 开启health端点health:probes:enabled: trueendpoints:web:exposure:base-path: /actuator # 指定上下文路径启用相应端点include: health将暴露/actuator/health/readiness和/actuator/health/liveness两个接口访问方式如下
http://127.0.0.1:50000/actuator/health/readiness http://127.0.0.1:50000/actuator/health/liveness
运维层面
k8s部署模版deployment.yamlapiVersion: apps/v1
kind: Deployment
spec:template:spec:containers:- name: {APP_NAME}image: {IMAGE_URL}imagePullPolicy: Alwaysports:- containerPort: {APP_PORT}- name: management-portcontainerPort: 50000 # 应用管理端口readinessProbe: # 就绪探针httpGet:path: /actuator/health/readinessport: management-portinitialDelaySeconds: 30 # 延迟加载时间periodSeconds: 10 # 重试时间间隔timeoutSeconds: 1 # 超时时间设置successThreshold: 1 # 健康阈值failureThreshold: 6 # 不健康阈值livenessProbe: # 存活探针httpGet:path: /actuator/health/livenessport: management-portinitialDelaySeconds: 30 # 延迟加载时间periodSeconds: 10 # 重试时间间隔timeoutSeconds: 1 # 超时时间设置successThreshold: 1 # 健康阈值failureThreshold: 6 # 不健康阈值滚动更新
k8s资源调度之滚动更新策略若要实现零宕机发布需支持健康检查
apiVersion: apps/v1
kind: Deployment
metadata:name: {APP_NAME}labels:app: {APP_NAME}
spec:selector:matchLabels:app: {APP_NAME}replicas: {REPLICAS} # Pod副本数strategy:type: RollingUpdate # 滚动更新策略rollingUpdate:maxSurge: 1 # 升级过程中最多可以比原先设置的副本数多出的数量maxUnavailable: 1 # 升级过程中最多有多少个POD处于无法提供服务的状态优雅停机
在K8s中当我们实现滚动升级之前务必要实现应用级别的优雅停机。否则滚动升级时还是会影响到业务。使应用关闭线程、释放连接资源后再停止服务 业务层面
项目依赖 pom.xmldependencygroupIdorg.springframework.boot/groupIdartifactIdspring-boot-starter-actuator/artifactId
/dependency定义访问端口、路径及权限 application.yaml
spring:application:name: xxxprofiles:active: profileActivelifecycle:timeout-per-shutdown-phase: 30s # 停机过程超时时长设置30s超过30s直接停机server:port: 8080shutdown: graceful # 默认为IMMEDIATE表示立即关机GRACEFUL表示优雅关机management:server:port: 50000 # 启用独立运维端口endpoint: # 开启shutdown和health端点shutdown:enabled: truehealth:probes:enabled: trueendpoints:web:exposure:base-path: /actuator # 指定上下文路径启用相应端点include: health,shutdown将暴露/actuator/shutdown接口调用方式如下
curl -X POST 127.0.0.1:50000/actuator/shutdown
运维层面
确保dockerfile模版集成curl工具否则无法使用curl命令
FROM openjdk:8-jdk-alpine
#构建参数
ARG JAR_FILE
ARG WORK_PATH/app
ARG EXPOSE_PORT8080#环境变量
ENV JAVA_OPTS\JAR_FILE${JAR_FILE}#设置时区
RUN ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime echo Asia/Shanghai /etc/timezone
RUN sed -i s/dl-cdn.alpinelinux.org/mirrors.ustc.edu.cn/g /etc/apk/repositories \ apk add --no-cache curl
#将maven目录的jar包拷贝到docker中并命名为for_docker.jar
COPY target/$JAR_FILE $WORK_PATH/#设置工作目录
WORKDIR $WORK_PATH指定于外界交互的端口
EXPOSE $EXPOSE_PORT
配置容器使其可执行化
ENTRYPOINT exec java $JAVA_OPTS -jar $JAR_FILE
k8s部署模版deployment.yaml注经验证java项目可省略结束回调钩子的配置
此外若需使用回调钩子需保证镜像中包含curl工具且需注意应用管理端口50000不能暴露到公网
apiVersion: apps/v1
kind: Deployment
spec:template:spec:containers:- name: {APP_NAME}image: {IMAGE_URL}imagePullPolicy: Alwaysports:- containerPort: {APP_PORT}- containerPort: 50000lifecycle:preStop: # 结束回调钩子exec:command: [curl, -XPOST, 127.0.0.1:50000/actuator/shutdown]弹性伸缩
为pod设置资源限制后创建HPA
apiVersion: apps/v1
kind: Deployment
metadata:name: {APP_NAME}labels:app: {APP_NAME}
spec:template:spec:containers:- name: {APP_NAME}image: {IMAGE_URL}imagePullPolicy: Alwaysresources: # 容器资源管理limits: # 资源限制监控使用情况cpu: 0.5memory: 1Girequests: # 最小可用资源灵活调度cpu: 0.15memory: 300Mi
kind: HorizontalPodAutoscaler # 弹性伸缩控制器
apiVersion: autoscaling/v2beta2
metadata:name: {APP_NAME}
spec:scaleTargetRef:apiVersion: apps/v1kind: Deploymentname: {APP_NAME}minReplicas: {REPLICAS} # 缩放范围maxReplicas: 6metrics:- type: Resourceresource:name: cpu # 指定资源指标target:type: UtilizationaverageUtilization: 50Prometheus集成 业务层面
项目依赖 pom.xml!-- 引入Spring boot的监控机制--
dependencygroupIdorg.springframework.boot/groupIdartifactIdspring-boot-starter-actuator/artifactId
/dependency
dependencygroupIdio.micrometer/groupIdartifactIdmicrometer-registry-prometheus/artifactId
/dependency定义访问端口、路径及权限 application.yaml
management:server:port: 50000 # 启用独立运维端口metrics:tags:application: ${spring.application.name}endpoints:web:exposure:base-path: /actuator # 指定上下文路径启用相应端点 include: metrics,prometheus
将暴露/actuator/metric和/actuator/prometheus接口访问方式如下
http://127.0.0.1:50000/actuator/metric http://127.0.0.1:50000/actuator/prometheus
运维层面 deployment.yaml
apiVersion: apps/v1
kind: Deployment
spec:template:metadata:annotations:prometheus:io/port: 50000prometheus.io/path: /actuator/prometheus # 在流水线中赋值prometheus.io/scrape: true # 基于pod的服务发现配置分离
方案通过configmap挂载外部配置文件并指定激活环境运行
作用配置分离避免敏感信息泄露镜像复用提高交付效率
通过文件生成configmap通过dry-run的方式生成yaml文件
kubectl create cm -n APP_NAME --from-fileapplication-test.yaml --dry-run1 -oyaml configmap.yaml
更新
kubectl apply -f configmap.yaml
挂载configmap并指定激活环境
apiVersion: apps/v1
kind: Deployment
metadata:name: {APP_NAME}labels:app: {APP_NAME}
spec:template:spec:containers:- name: {APP_NAME}image: {IMAGE_URL}imagePullPolicy: Alwaysenv:- name: SPRING_PROFILES_ACTIVE # 指定激活环境value: testvolumeMounts: # 挂载configmap- name: confmountPath: /app/config # 与Dockerfile中工作目录一致readOnly: truevolumes:- name: confconfigMap:name: {APP_NAME}汇总配置
业务层面
项目依赖 pom.xml!-- 引入Spring boot的监控机制--
dependencygroupIdorg.springframework.boot/groupIdartifactIdspring-boot-starter-actuator/artifactId
/dependency
dependencygroupIdio.micrometer/groupIdartifactIdmicrometer-registry-prometheus/artifactId
/dependency定义访问端口、路径及权限 application.yaml
spring:application:name: project-sampleprofiles:active: profileActivelifecycle:timeout-per-shutdown-phase: 30s # 停机过程超时时长设置30s超过30s直接停机server:port: 8080shutdown: graceful # 默认为IMMEDIATE表示立即关机GRACEFUL表示优雅关机management:server:port: 50000 # 启用独立运维端口metrics:tags:application: ${spring.application.name}endpoint: # 开启shutdown和health端点shutdown:enabled: truehealth:probes:enabled: trueendpoints:web:exposure:base-path: /actuator # 指定上下文路径启用相应端点include: health,shutdown,metrics,prometheus运维层面
确保dockerfile模版集成curl工具否则无法使用curl命令
FROM openjdk:8-jdk-alpine
#构建参数
ARG JAR_FILE
ARG WORK_PATH/app
ARG EXPOSE_PORT8080#环境变量
ENV JAVA_OPTS\JAR_FILE${JAR_FILE}#设置时区
RUN ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime echo Asia/Shanghai /etc/timezone
RUN sed -i s/dl-cdn.alpinelinux.org/mirrors.ustc.edu.cn/g /etc/apk/repositories \ apk add --no-cache curl
#将maven目录的jar包拷贝到docker中并命名为for_docker.jar
COPY target/$JAR_FILE $WORK_PATH/#设置工作目录
WORKDIR $WORK_PATH# 指定于外界交互的端口
EXPOSE $EXPOSE_PORT
# 配置容器使其可执行化
ENTRYPOINT exec java $JAVA_OPTS -jar $JAR_FILEk8s部署模版deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:name: {APP_NAME}labels:app: {APP_NAME}
spec:selector:matchLabels:app: {APP_NAME}replicas: {REPLICAS} # Pod副本数strategy:type: RollingUpdate # 滚动更新策略rollingUpdate:maxSurge: 1maxUnavailable: 0template:metadata:name: {APP_NAME}labels:app: {APP_NAME}annotations:timestamp: {TIMESTAMP}prometheus.io/port: 50000 # 不能动态赋值prometheus.io/path: /actuator/prometheusprometheus.io/scrape: true # 基于pod的服务发现spec:affinity: # 设置调度策略采取多主机/多可用区部署podAntiAffinity:preferredDuringSchedulingIgnoredDuringExecution:- weight: 100podAffinityTerm:labelSelector:matchExpressions:- key: appoperator: Invalues:- {APP_NAME}topologyKey: kubernetes.io/hostname # 多可用区为topology.kubernetes.io/zoneterminationGracePeriodSeconds: 30 # 优雅终止宽限期containers:- name: {APP_NAME}image: {IMAGE_URL}imagePullPolicy: Alwaysports:- containerPort: {APP_PORT}- name: management-portcontainerPort: 50000 # 应用管理端口readinessProbe: # 就绪探针httpGet:path: /actuator/health/readinessport: management-portinitialDelaySeconds: 30 # 延迟加载时间periodSeconds: 10 # 重试时间间隔timeoutSeconds: 1 # 超时时间设置successThreshold: 1 # 健康阈值failureThreshold: 9 # 不健康阈值livenessProbe: # 存活探针httpGet:path: /actuator/health/livenessport: management-portinitialDelaySeconds: 30 # 延迟加载时间periodSeconds: 10 # 重试时间间隔timeoutSeconds: 1 # 超时时间设置successThreshold: 1 # 健康阈值failureThreshold: 6 # 不健康阈值resources: # 容器资源管理limits: # 资源限制监控使用情况cpu: 0.5memory: 1Girequests: # 最小可用资源灵活调度cpu: 0.1memory: 200Mienv:- name: TZvalue: Asia/Shanghai
---
kind: HorizontalPodAutoscaler # 弹性伸缩控制器
apiVersion: autoscaling/v2beta2
metadata:name: {APP_NAME}
spec:scaleTargetRef:apiVersion: apps/v1kind: Deploymentname: {APP_NAME}minReplicas: {REPLICAS} # 缩放范围maxReplicas: 6metrics:- type: Resourceresource:name: cpu # 指定资源指标target:type: UtilizationaverageUtilization: 50
