欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页

使用skipper实现Blue-Green deployments

程序员文章站 2022-04-18 16:46:41
...

1 创建skipper角色


# cat cat role.yaml 
apiVersion: v1
kind: ServiceAccount
metadata:
  name: skipper-ingress-serviceaccount
  namespace: kube-system

---

apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
  name: skipper-ingress-clusterrole
rules:
  - apiGroups:
      - ""
    resources:
      - configmaps
      - endpoints
      - nodes
      - pods
      - secrets
    verbs:
      - list
      - watch
  - apiGroups:
      - ""
    resources:
      - nodes
    verbs:
      - get
  - apiGroups:
      - ""
    resources:
      - services
    verbs:
      - get
      - list
      - watch
  - apiGroups:
      - "extensions"
    resources:
      - ingresses
    verbs:
      - get
      - list
      - watch
  - apiGroups:
      - ""
    resources:
        - events
    verbs:
        - create
        - patch
  - apiGroups:
      - "extensions"
    resources:
      - ingresses/status
    verbs:
      - update

---

apiVersion: rbac.authorization.k8s.io/v1beta1
kind: Role
metadata:
  name: skipper-ingress-role
  namespace: kube-system
rules:
  - apiGroups:
      - ""
    resources:
      - configmaps
      - pods
      - secrets
      - namespaces
    verbs:
      - get
  - apiGroups:
      - ""
    resources:
      - configmaps
    verbs:
      - get
      - update
  - apiGroups:
      - ""
    resources:
      - configmaps
    verbs:
      - create
  - apiGroups:
      - ""
    resources:
      - endpoints
    verbs:
      - get

---

apiVersion: rbac.authorization.k8s.io/v1beta1
kind: RoleBinding
metadata:
  name: skipper-ingress-role-nisa-binding
  namespace: kube-system
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: skipper-ingress-role
subjects:
  - kind: ServiceAccount
    name: skipper-ingress-serviceaccount
    namespace: kube-system

---

apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
  name: skipper-ingress-clusterrole-nisa-binding
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: skipper-ingress-clusterrole
subjects:
  - kind: ServiceAccount
    name: skipper-ingress-serviceaccount
    namespace: kube-system
# kubectl create -f role.yaml

2 创建skipper-ingress controller

# cat skipper-ingress-ds.yaml
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
  name: skipper-ingress
  namespace: kube-system
  labels:
    application: skipper-ingress
    version: v0.10.5
    component: ingress
spec:
  selector:
    matchLabels:
      application: skipper-ingress
  updateStrategy:
    type: RollingUpdate
  template:
    metadata:
      name: skipper-ingress
      labels:
        application: skipper-ingress
        version: v0.10.13
        component: ingress
      annotations:
        scheduler.alpha.kubernetes.io/critical-pod: ''
    spec:
      serviceAccountName: skipper-ingress-serviceaccount
      affinity:
        nodeAffinity:
          requiredDuringSchedulingIgnoredDuringExecution:
            nodeSelectorTerms:
            - matchExpressions:
              - key: master
                operator: DoesNotExist
      tolerations:
      - key: CriticalAddonsOnly
        operator: Exists
      hostNetwork: true
      containers:
      - name: skipper-ingress
        image: registry.opensource.zalan.do/pathfinder/skipper:v0.10.13
        ports:
        - name: ingress-port
          containerPort: 9999
          hostPort: 9999
        args:
          - "skipper"
          - "-kubernetes"
          - "-kubernetes-in-cluster"
          - "-address=:9999"
          - "-proxy-preserve-host"
          - "-serve-host-metrics"
          - "-enable-ratelimits"
          - "-experimental-upgrade"
          - "-metrics-exp-decay-sample"
          - "-lb-healthcheck-interval=3s"
          - "-metrics-flavour=codahale,prometheus"
          - "-enable-connection-metrics"
        resources:
          requests:
            cpu: 25m
            memory: 25Mi
        readinessProbe:
          httpGet:
            path: /kube-system/healthz
            port: 9999
          initialDelaySeconds: 5
          timeoutSeconds: 5
# kubectl create -f skipper-ingress-ds.yaml

3 测试Blue-Green deployments\
创建hello-world service:

# kubectl run hello-world --image=tutum/hello-world --replicas=2 --port=80
# kubectl expose deploy hello-world

创建skipper demo service

# cat demo-deployment.yaml 
apiVersion: apps/v1beta1
kind: Deployment
metadata:
  name: skipper-demo
spec:
  replicas: 2
  template:
    metadata:
      labels:
        application: skipper-demo
    spec:
      containers:
      - name: skipper-demo
        image: registry.opensource.zalan.do/pathfinder/skipper:v0.10.5
        args:
          - "skipper"
          - "-inline-routes"
          - "* -> inlineContent(\"<body style='color: white; background-color: green;'><h1>Hello!</h1>\") -> <shunt>"
        ports:
        - containerPort: 9090

# cat demo-svc.yaml 
apiVersion: v1
kind: Service
metadata:
  name: skipper-demo
  labels:
    application: skipper-demo
spec:
  type: ClusterIP
  ports:
    - port: 80
      protocol: TCP
      targetPort: 9090
      name: external
  selector:
    application: skipper-demo
# kubectl create -f demo-deployment.yaml
# kubectl create -f demo-svc.yaml

创建ingress

# cat demo-ing.yaml
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: skipper-demo
  annotations:
    zalando.org/backend-weights: |
      {"skipper-demo": 20, "hello-world": 80}
spec:
  rules:
  - host: skipper-demo.mydomain.org
    http:
      paths:
      - backend:
          serviceName: skipper-demo
          servicePort: 80
      - backend:
          serviceName: hello-world
          servicePort: 80
# kubectl create -f demo-ing.yaml

测试:

# kubectl get svc
NAME           TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)   AGE
hello-world    ClusterIP   10.100.216.64   <none>        80/TCP    25m
kubernetes     ClusterIP   10.96.0.1       <none>        443/TCP   4h
skipper-demo   ClusterIP   10.111.89.2     <none>        80/TCP    4h

# kubectl get ing
NAME           HOSTS                       ADDRESS   PORTS     AGE
skipper-demo   skipper-demo.mydomain.org             80        46m

访问skipper-demo.mydomain.org两次,能够转发到不同的service。
使用skipper实现Blue-Green deployments

使用skipper实现Blue-Green deployments

参考:
https://opensource.zalando.com/skipper/kubernetes/ingress-controller/#what-is-an-ingress-controller

https://github.com/zalando-incubator/kube-ingress-aws-controller/issues/153

https://opensource.zalando.com/skipper/kubernetes/ingress-usage/#blue-green-deployments

相关标签: kubernetes