K8S集群部署前后端分离的微服务项目

最新推荐文章于 2024-05-04 19:50:33 发布
最新推荐文章于 2024-05-04 19:50:33 发布
阅读量1.9k 收藏 10
点赞数 1
文章标签: 微服务 docker kubernetes spring cloud 前端
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/u011663693/article/details/125526801
版权

书接上文,K8S集群搭建完成之后就要部署服务了Centos7.9 从0到1搭建 K8S集群_u011663693的博客-CSDN博客本文记录自己从新建的centos7.9虚拟机搭建K8S集群的心路历程https://blog.csdn.net/u011663693/article/details/125319486?spm=1001.2014.3001.5501

一、部署Ingress、Ingress-Ngins、Ingress-Nginx-Controller

1. 从ingress nginx上下载跟K8S版本一致的deploy.yaml文件,链接:ingress-nginx/deploy.yaml at main · kubernetes/ingress-nginx · GitHubNGINX Ingress Controller for Kubernetes. Contribute to kubernetes/ingress-nginx development by creating an account on GitHub.https://github.com/kubernetes/ingress-nginx/blob/main/deploy/static/provider/baremetal/1.22/deploy.yaml

apiVersion: v1
kind: Namespace
metadata:
  labels:
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/name: ingress-nginx
  name: ingress-nginx
---
apiVersion: v1
automountServiceAccountToken: true
kind: ServiceAccount
metadata:
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx
    app.kubernetes.io/version: 1.2.1
  name: ingress-nginx
  namespace: ingress-nginx
---
apiVersion: v1
kind: ServiceAccount
metadata:
  labels:
    app.kubernetes.io/component: admission-webhook
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx
    app.kubernetes.io/version: 1.2.1
  name: ingress-nginx-admission
  namespace: ingress-nginx
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx
    app.kubernetes.io/version: 1.2.1
  name: ingress-nginx
  namespace: ingress-nginx
rules:
- apiGroups:
  - ""
  resources:
  - namespaces
  verbs:
  - get
- apiGroups:
  - ""
  resources:
  - configmaps
  - pods
  - secrets
  - endpoints
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - ""
  resources:
  - services
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - networking.k8s.io
  resources:
  - ingresses
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - networking.k8s.io
  resources:
  - ingresses/status
  verbs:
  - update
- apiGroups:
  - networking.k8s.io
  resources:
  - ingressclasses
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - ""
  resourceNames:
  - ingress-controller-leader
  resources:
  - configmaps
  verbs:
  - get
  - update
- apiGroups:
  - ""
  resources:
  - configmaps
  verbs:
  - create
- apiGroups:
  - ""
  resources:
  - events
  verbs:
  - create
  - patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  labels:
    app.kubernetes.io/component: admission-webhook
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx
    app.kubernetes.io/version: 1.2.1
  name: ingress-nginx-admission
  namespace: ingress-nginx
rules:
- apiGroups:
  - ""
  resources:
  - secrets
  verbs:
  - get
  - create
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  labels:
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx
    app.kubernetes.io/version: 1.2.1
  name: ingress-nginx
rules:
- apiGroups:
  - ""
  resources:
  - configmaps
  - endpoints
  - nodes
  - pods
  - secrets
  - namespaces
  verbs:
  - list
  - watch
- apiGroups:
  - ""
  resources:
  - nodes
  verbs:
  - get
- apiGroups:
  - ""
  resources:
  - services
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - networking.k8s.io
  resources:
  - ingresses
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - ""
  resources:
  - events
  verbs:
  - create
  - patch
- apiGroups:
  - networking.k8s.io
  resources:
  - ingresses/status
  verbs:
  - update
- apiGroups:
  - networking.k8s.io
  resources:
  - ingressclasses
  verbs:
  - get
  - list
  - watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  labels:
    app.kubernetes.io/component: admission-webhook
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx
    app.kubernetes.io/version: 1.2.1
  name: ingress-nginx-admission
rules:
- apiGroups:
  - admissionregistration.k8s.io
  resources:
  - validatingwebhookconfigurations
  verbs:
  - get
  - update
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx
    app.kubernetes.io/version: 1.2.1
  name: ingress-nginx
  namespace: ingress-nginx
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: ingress-nginx
subjects:
- kind: ServiceAccount
  name: ingress-nginx
  namespace: ingress-nginx
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  labels:
    app.kubernetes.io/component: admission-webhook
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx
    app.kubernetes.io/version: 1.2.1
  name: ingress-nginx-admission
  namespace: ingress-nginx
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: ingress-nginx-admission
subjects:
- kind: ServiceAccount
  name: ingress-nginx-admission
  namespace: ingress-nginx
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  labels:
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx
    app.kubernetes.io/version: 1.2.1
  name: ingress-nginx
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: ingress-nginx
subjects:
- kind: ServiceAccount
  name: ingress-nginx
  namespace: ingress-nginx
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  labels:
    app.kubernetes.io/component: admission-webhook
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx
    app.kubernetes.io/version: 1.2.1
  name: ingress-nginx-admission
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: ingress-nginx-admission
subjects:
- kind: ServiceAccount
  name: ingress-nginx-admission
  namespace: ingress-nginx
---
apiVersion: v1
data:
  allow-snippet-annotations: "true"
kind: ConfigMap
metadata:
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx
    app.kubernetes.io/version: 1.2.1
  name: ingress-nginx-controller
  namespace: ingress-nginx
---
apiVersion: v1
kind: Service
metadata:
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx
    app.kubernetes.io/version: 1.2.1
  name: ingress-nginx-controller
  namespace: ingress-nginx
spec:
  ipFamilies:
  - IPv4
  ipFamilyPolicy: SingleStack
  ports:
  - appProtocol: http
    name: http
    port: 80
    protocol: TCP
    targetPort: http
  - appProtocol: https
    name: https
    port: 443
    protocol: TCP
    targetPort: https
  selector:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/name: ingress-nginx
  type: NodePort
---
apiVersion: v1
kind: Service
metadata:
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx
    app.kubernetes.io/version: 1.2.1
  name: ingress-nginx-controller-admission
  namespace: ingress-nginx
spec:
  ports:
  - appProtocol: https
    name: https-webhook
    port: 443
    targetPort: webhook
  selector:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/name: ingress-nginx
  type: ClusterIP
---
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx
    app.kubernetes.io/version: 1.2.1
  name: ingress-nginx-controller
  namespace: ingress-nginx
spec:
  minReadySeconds: 0
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      app.kubernetes.io/component: controller
      app.kubernetes.io/instance: ingress-nginx
      app.kubernetes.io/name: ingress-nginx
  template:
    metadata:
      labels:
        app.kubernetes.io/component: controller
        app.kubernetes.io/instance: ingress-nginx
        app.kubernetes.io/name: ingress-nginx
    spec:
      containers:
      - args:
        - /nginx-ingress-controller
        - --election-id=ingress-controller-leader
        - --controller-class=k8s.io/ingress-nginx
        - --ingress-class=nginx
        - --configmap=$(POD_NAMESPACE)/ingress-nginx-controller
        - --validating-webhook=:8443
        - --validating-webhook-certificate=/usr/local/certificates/cert
        - --validating-webhook-key=/usr/local/certificates/key
        env:
        - name: POD_NAME
          valueFrom:
            fieldRef:
              fieldPath: metadata.name
        - name: POD_NAMESPACE
          valueFrom:
            fieldRef:
              fieldPath: metadata.namespace
        - name: LD_PRELOAD
          value: /usr/local/lib/libmimalloc.so
        image: registry.k8s.io/ingress-nginx/controller:v1.2.1@sha256:5516d103a9c2ecc4f026efbd4b40662ce22dc1f824fb129ed121460aaa5c47f8
        imagePullPolicy: IfNotPresent
        lifecycle:
          preStop:
            exec:
              command:
              - /wait-shutdown
        livenessProbe:
          failureThreshold: 5
          httpGet:
            path: /healthz
            port: 10254
            scheme: HTTP
          initialDelaySeconds: 10
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 1
        name: controller
        ports:
        - containerPort: 80
          name: http
          protocol: TCP
        - containerPort: 443
          name: https
          protocol: TCP
        - containerPort: 8443
          name: webhook
          protocol: TCP
        readinessProbe:
          failureThreshold: 3
          httpGet:
            path: /healthz
            port: 10254
            scheme: HTTP
          initialDelaySeconds: 10
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 1
        resources:
          requests:
            cpu: 100m
            memory: 90Mi
        securityContext:
          allowPrivilegeEscalation: true
          capabilities:
            add:
            - NET_BIND_SERVICE
            drop:
            - ALL
          runAsUser: 101
        volumeMounts:
        - mountPath: /usr/local/certificates/
          name: webhook-cert
          readOnly: true
      dnsPolicy: ClusterFirst
      nodeSelector:
        kubernetes.io/os: linux
      serviceAccountName: ingress-nginx
      terminationGracePeriodSeconds: 300
      volumes:
      - name: webhook-cert
        secret:
          secretName: ingress-nginx-admission
---
apiVersion: batch/v1
kind: Job
metadata:
  labels:
    app.kubernetes.io/component: admission-webhook
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx
    app.kubernetes.io/version: 1.2.1
  name: ingress-nginx-admission-create
  namespace: ingress-nginx
spec:
  template:
    metadata:
      labels:
        app.kubernetes.io/component: admission-webhook
        app.kubernetes.io/instance: ingress-nginx
        app.kubernetes.io/name: ingress-nginx
        app.kubernetes.io/part-of: ingress-nginx
        app.kubernetes.io/version: 1.2.1
      name: ingress-nginx-admission-create
    spec:
      containers:
      - args:
        - create
        - --host=ingress-nginx-controller-admission,ingress-nginx-controller-admission.$(POD_NAMESPACE).svc
        - --namespace=$(POD_NAMESPACE)
        - --secret-name=ingress-nginx-admission
        env:
        - name: POD_NAMESPACE
          valueFrom:
            fieldRef:
              fieldPath: metadata.namespace
        image: registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.1.1@sha256:64d8c73dca984af206adf9d6d7e46aa550362b1d7a01f3a0a91b20cc67868660
        imagePullPolicy: IfNotPresent
        name: create
        securityContext:
          allowPrivilegeEscalation: false
      nodeSelector:
        kubernetes.io/os: linux
      restartPolicy: OnFailure
      securityContext:
        fsGroup: 2000
        runAsNonRoot: true
        runAsUser: 2000
      serviceAccountName: ingress-nginx-admission
---
apiVersion: batch/v1
kind: Job
metadata:
  labels:
    app.kubernetes.io/component: admission-webhook
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx
    app.kubernetes.io/version: 1.2.1
  name: ingress-nginx-admission-patch
  namespace: ingress-nginx
spec:
  template:
    metadata:
      labels:
        app.kubernetes.io/component: admission-webhook
        app.kubernetes.io/instance: ingress-nginx
        app.kubernetes.io/name: ingress-nginx
        app.kubernetes.io/part-of: ingress-nginx
        app.kubernetes.io/version: 1.2.1
      name: ingress-nginx-admission-patch
    spec:
      containers:
      - args:
        - patch
        - --webhook-name=ingress-nginx-admission
        - --namespace=$(POD_NAMESPACE)
        - --patch-mutating=false
        - --secret-name=ingress-nginx-admission
        - --patch-failure-policy=Fail
        env:
        - name: POD_NAMESPACE
          valueFrom:
            fieldRef:
              fieldPath: metadata.namespace
        image: registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.1.1@sha256:64d8c73dca984af206adf9d6d7e46aa550362b1d7a01f3a0a91b20cc67868660
        imagePullPolicy: IfNotPresent
        name: patch
        securityContext:
          allowPrivilegeEscalation: false
      nodeSelector:
        kubernetes.io/os: linux
      restartPolicy: OnFailure
      securityContext:
        fsGroup: 2000
        runAsNonRoot: true
        runAsUser: 2000
      serviceAccountName: ingress-nginx-admission
---
apiVersion: networking.k8s.io/v1
kind: IngressClass
metadata:
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx
    app.kubernetes.io/version: 1.2.1
  name: nginx
spec:
  controller: k8s.io/ingress-nginx
---
apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
metadata:
  labels:
    app.kubernetes.io/component: admission-webhook
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx
    app.kubernetes.io/version: 1.2.1
  name: ingress-nginx-admission
webhooks:
- admissionReviewVersions:
  - v1
  clientConfig:
    service:
      name: ingress-nginx-controller-admission
      namespace: ingress-nginx
      path: /networking/v1/ingresses
  failurePolicy: Fail
  matchPolicy: Equivalent
  name: validate.nginx.ingress.kubernetes.io
  rules:
  - apiGroups:
    - networking.k8s.io
    apiVersions:
    - v1
    operations:
    - CREATE
    - UPDATE
    resources:
    - ingresses
  sideEffects: None

在deploy.yaml文件里面会使用到一些镜像, 一般都是docker pull不下来的。如:414,511,560这几行。

可以直接改镜像的仓库路径,改为:

414行:registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-ingress-controller:v1.2.1

511行:registry.cn-hangzhou.aliyuncs.com/google_containers/kube-webhook-certgen:v1.1.1

560行:registry.cn-hangzhou.aliyuncs.com/google_containers/kube-webhook-certgen:v1.1.1

2. 创建Ingress nginx

# 执行创建命令,会创建新的命名空间“ingress-nginx”,并把相关资源创建在这个命名空间下
kubectl create -f deploy.yaml

# 查询相关命名空间下的资源
kubectl get all -n ingress-nginx

二、部署相关服务

我的架构是在微服务外做了一层外壳,前端调用外壳服务,由外壳服务走内网调用服务网关。服务发现跟配置中心用的Nacos,单独部署。这里不再多说~

整体逻辑图

  

 1. 部署后端壳shell服务

1.1 使用jar包,制作镜像

Dockerfile文件:

FROM adoptopenjdk:8-jdk-openj9
MAINTAINER lxw

ENV JAVA_OPTS="-Xms512m -Xmx1024m -Xmn1024m -Xss512k -XX:+UseG1GC -XX:ParallelGCThreads=8 -XX:MaxDirectMemorySize=1024m -XX:NativeMemoryTracking=detail"
ENV NACOS_ADDR="192.168.0.103:8848"

COPY shell-0.0.1-SNAPSHOT.jar shell-0.0.1-SNAPSHOT.jar
RUN /bin/cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && echo 'Asia/Shanghai' > /etc/timezone

EXPOSE 8090

# java jar包启动命令视各自情况而定
ENTRYPOINT java -jar shell-0.0.1-SNAPSHOT.jar --spring.cloud.nacos.discovery.server-addr=${NACOS_ADDR} --spring.cloud.nacos.config.server-addr=${NACOS_ADDR} --spring.profiles.active=dev

build-docker.sh 制作镜像的文件:

IMAGE_NAME=application-shell

docker build -t ${IMAGE_NAME}:latest .
# 注意:不使用镜像库的话,需要在每个k8s的work节点上都打包本地镜像才行哦

# 我这里镜像直接打在本地,没有自己搭建harbor镜像库。后续搭建镜像库之后,补充docker push到镜像库的命令
# docker push ********

将Dockerfile、build-docker.sh、shell-0.0.1-SNAPSHOT.jar,放在同一文件夹内,执行命令:“sh build-docker.sh”,构建镜像。

 

2. 编写application-shell.yaml文件,创建Service、Pod。

---
apiVersion: v1
kind: Service
metadata:
  name: shell
  namespace: china
spec:
  ports:
  - port: 8090
    name: shell
  selector:
    project: china
    app: shell


---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: shell
  namespace: china
spec:
  replicas: 2
  selector:
    matchLabels:
      project: china
      app: shell
  template:
    metadata:
      labels:
        project: china
        app: shell
    spec:
      containers:
      - name: shell
        image: application-shell:latest # 镜像跟你在步骤1.1构建的镜像名要一致
        imagePullPolicy: IfNotPresent # 本地存在镜像时不拉取镜像(这个配置生产最好注释掉)
        ports:
          - protocol: TCP
            containerPort: 8090

 注意:imagePullPolicy属性,这个属性是描述镜像的拉取策略

  • Always 总是拉取镜像
  • IfNotPresent 本地有则使用本地镜像,不拉取
  • Never 只使用本地镜像,从不拉取,即使本地没有
  • 如果省略imagePullPolicy,  策略为always 

执行创建相关资源:

kubectl create -f application-shell.yaml -n china

 

2. 部署Gateway 

参照步骤1,构建镜像,创建K8S资源

Dockerfile文件:

FROM adoptopenjdk:8-jdk-openj9
MAINTAINER lxw

ENV JAVA_OPTS="-Xms512m -Xmx1024m -Xmn1024m -Xss512k -XX:+UseG1GC -XX:ParallelGCThreads=8 -XX:MaxDirectMemorySize=1024m -XX:NativeMemoryTracking=detail"
ENV NACOS_ADDR="192.168.0.103:8848"

COPY gateway-0.0.1-SNAPSHOT.jar gateway-0.0.1-SNAPSHOT.jar
RUN /bin/cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && echo 'Asia/Shanghai' > /etc/timezone

EXPOSE 20001

# java jar包启动命令视各自情况而定
ENTRYPOINT java -jar gateway-0.0.1-SNAPSHOT.jar --spring.cloud.nacos.discovery.server-addr=${NACOS_ADDR} --spring.cloud.nacos.config.server-addr=${NACOS_ADDR} --spring.profiles.active=dev

 build-docker.sh 制作镜像的文件:

IMAGE_NAME=cloud-gateway

docker build -t ${IMAGE_NAME}:latest .
# 注意:不使用镜像库的话,需要在每个k8s的work节点上都打包本地镜像才行哦

# 我这里镜像直接打在本地,没有自己搭建harbor镜像库。后续搭建镜像库之后,补充docker push到镜像库的命令
# docker push ********

cloud-gateway.yaml文件,创建Service、Pod

---
apiVersion: v1
kind: Service
metadata:
  name: cloud-gateway
  namespace: china
  labels:
    app: cloud-gateway
spec:
  ports:
  - port: 20001
    name: cloud-gateway
  selector:
    app: cloud-gateway


---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: cloud-gateway
  namespace: china
  labels:
    app: cloud-gateway
spec:
  replicas: 2
  selector:
    matchLabels:
      app: cloud-gateway
  template:
    metadata:
      labels:
        app: cloud-gateway
    spec:
      containers:
      - name: cloud-gateway
        image: cloud-gateway:latest
        imagePullPolicy: IfNotPresent
        ports:
        - protocol: TCP
          containerPort: 20001

 3. 部署Report 

参照步骤1,构建镜像,创建K8S资源

Dockerfile文件:

FROM adoptopenjdk:8-jdk-openj9
MAINTAINER lxw

ENV JAVA_OPTS="-Xms512m -Xmx1024m -Xmn1024m -Xss512k -XX:+UseG1GC -XX:ParallelGCThreads=8 -XX:MaxDirectMemorySize=1024m -XX:NativeMemoryTracking=detail"
ENV NACOS_ADDR="192.168.0.103:8848"

COPY report-0.0.1-SNAPSHOT.jar report-0.0.1-SNAPSHOT.jar
RUN /bin/cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && echo 'Asia/Shanghai' > /etc/timezone

EXPOSE 10577

# java jar包启动命令视各自情况而定
ENTRYPOINT java -jar report-0.0.1-SNAPSHOT.jar --spring.cloud.nacos.discovery.server-addr=${NACOS_ADDR} --spring.cloud.nacos.config.server-addr=${NACOS_ADDR} --spring.profiles.active=dev

 build-docker.sh 制作镜像的文件:

IMAGE_NAME=application-report

docker build -t ${IMAGE_NAME}:latest .
# 注意:不使用镜像库的话,需要在每个k8s的work节点上都打包本地镜像才行哦

# 我这里镜像直接打在本地,没有自己搭建harbor镜像库。后续搭建镜像库之后,补充docker push到镜像库的命令
# docker push ********

application-report.yaml文件,创建Pod:

---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: application-report
  namespace: china
  labels:
    app: application-report
spec:
  replicas: 2
  selector:
    matchLabels:
      app: application-report
  template:
    metadata:
      labels:
        app: application-report
    spec:
      containers:
      - name: application-report
        image: application-report:latest
        imagePullPolicy: IfNotPresent
        ports:
        - protocol: TCP
          containerPort: 10577

 4. 部署report-read 

参照步骤1,构建镜像,创建K8S资源

Dockerfile文件:

FROM adoptopenjdk:8-jdk-openj9
MAINTAINER lxw

ENV JAVA_OPTS="-Xms512m -Xmx1024m -Xmn1024m -Xss512k -XX:+UseG1GC -XX:ParallelGCThreads=8 -XX:MaxDirectMemorySize=1024m -XX:NativeMemoryTracking=detail"
ENV NACOS_ADDR="192.168.0.103:8848"

COPY report-0.0.1-SNAPSHOT.jar report-0.0.1-SNAPSHOT.jar
RUN /bin/cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && echo 'Asia/Shanghai' > /etc/timezone

EXPOSE 11577

# java jar包启动命令视各自情况而定
ENTRYPOINT java -jar report-0.0.1-SNAPSHOT.jar --spring.cloud.nacos.discovery.server-addr=${NACOS_ADDR} --spring.cloud.nacos.config.server-addr=${NACOS_ADDR} --spring.profiles.active=dev

 build-docker.sh 制作镜像的文件:

IMAGE_NAME=application-report-read

docker build -t ${IMAGE_NAME}:latest .
# 注意:不使用镜像库的话,需要在每个k8s的work节点上都打包本地镜像才行哦

# 我这里镜像直接打在本地,没有自己搭建harbor镜像库。后续搭建镜像库之后,补充docker push到镜像库的命令
# docker push ********

application-report-read.yaml文件,创建Pod:

---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: application-report-read
  namespace: china
  labels:
    app: application-report-read
spec:
  replicas: 2
  selector:
    matchLabels:
      app: application-report-read
  template:
    metadata:
      labels:
        app: application-report-read
    spec:
      containers:
      - name: cloud-gateway
        image: cloud-gateway:latest
        imagePullPolicy: IfNotPresent
        ports:
        - protocol: TCP
          containerPort: 11577

5. 部署前端静态页面

前提:已由前端人员打好的静态的dist文件

步骤跟部署后端服务基本没差别,不过在build镜像时Dockerfile文件有所差异

 Dockerfile文件:

FROM nginx:stable-alpine
MAINTAINER lxw

# 这个dist是前端打包的静态文件的文件夹,这里是把你的dist文件夹内容复制到镜像里的“/usr/share/nginx/html/”这个目录下,这个目录是nginx的静态页面的默认路径
COPY dist/ /usr/share/nginx/html/
# 将自己写的nginx配置,覆盖镜像里面的配置。
# 感兴趣的可以在容器启动之后,进入容器,进入相关路径去看看内容
COPY nginx-report.conf /etc/nginx/conf.d/default.conf

EXPOSE 80

CMD ["nginx", "-g", "daemon off;"]

 nginx-report.conf文件:

server {
    listen       80;
    server_name  localhost;

    location / {
        root   /usr/share/nginx/html;
        index  index.html index.htm;
        client_max_body_size  1000m;
        try_files $uri $uri/ /index.html;
    }

    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }
}

 build-docker.sh 制作镜像的文件:

IMAGE_NAME=web-report

docker build -t ${IMAGE_NAME}:latest .
# 注意:不使用镜像库的话,需要在每个k8s的work节点上都打包本地镜像才行哦

# 我这里镜像直接打在本地,没有自己搭建harbor镜像库。后续搭建镜像库之后,补充docker push到镜像库的命令
# docker push ********

web-report.yaml文件,创建Service、Pod:

---
apiVersion: v1
kind: Service
metadata:
  name: web-report
  namespace: china
  labels:
    app: web-report
spec:
  ports:
  - port: 80
    name: web-report
  selector:
    app: web-report


---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: web-report
  namespace: china
  labels:
    app: web-report
spec:
  replicas: 2
  selector:
    matchLabels:
      app: web-report
  template:
    metadata:
      labels:
        app: web-report
    spec:
      containers:
      - name: web-report
        image: web-report:latest
        imagePullPolicy: IfNotPresent
        ports:
        - protocol: TCP
          containerPort: 80

6. 部署Ingress

web-report-ingress.yaml文件,创建Ingress:

---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: web-report
  namespace: china
  annotations:
    kubernetes.io/ingress.class: "nginx"
    nginx.ingress.kubernetes.io/use-regex: "true"
spec:
  defaultBackend:
    service:
      name: shell
      port:
        number: 8090
  rules:
  - host: kreport.chinalxwvtown.com
    http:
      paths:
      - path: /
        pathType: Prefix   #值类型说明参考官方文档,有Exact和Prefix两种
        backend:
          service:
            name: web-report
            port:
              number: 80
      - path: /api
        pathType: Prefix   #值类型说明参考官方文档,有Exact和Prefix两种
        backend:
          service:
            name: shell
            port:
              number: 8090

7. 都创建完docker镜像之后,挨个执行"kubectl create -f ***.yaml -n china"命令,创建相关的K8S资源。创建好之后,资源全家福:

三、浏览器访问相关域名,看看是否正常

域名访问,如图:

 注意:因为域名是乱写的域名,需要在本机的hosts文件,添加域名解析。域名解析的地址就是ingress里面的映射出来的ip(192.168.0.242)

 

注意:根据Ingress的配置,域名后面带的请求路径中,

“/api”匹配之后会被转发到后端的service“shell”中,shell提供后端接口;

而其他的请求路径,会被转发到前端的service“web-report”中,制作镜像中看出里面是nginx做的静态服务器;

后续更新:域名使用外部域名,配置https等....

~~完结撒花🎉~~

 

 

 

u011663693
关注
  • 1
    点赞
  • 10
    收藏
    觉得还不错? 一键收藏
  • 1
    评论
Ingress-nginx工作原理和实践
webot123456的博客
03-18 597
这个图算是一个通用的前后端分离k8s 部署结构: Nginx Ingress 负责暴露服务(nginx前端静态资源服务), 根据十二要素应用的原 则,将后端 api 作为 nginx 服务的附加动态资源。 Ingress vs Ingress-nginx Ingress 是一种向 k8s 集群外部的客户端公开服务的方法, Ingress 在网络协议栈的应用层工作, 根据请求的主机名 host 和路径 path 决定请求转发到的服务。 在应用 Ingress对象提供的功能之前,必须强调集群中存在 In.
docker容器化+k8s集群部署教程以及springboot+vue部署示例
04-11
本文介绍VMware虚拟机下centos7操作系统中如何安装云原生 Kubernetesk8s集群k8s可视化界面kuboard,以及如何利用docker容器化将springboot+vue项目k8s集群部署运行。
k8s部署前后端分离项目.doc
05-11
k8s+docker部署前后端分离项目详细步骤; 服务器环境:k8s为一个主节点,两个子节点,还使用了harbor远程仓库; 前后端分离项目SpringBoot+vue,其中包含两个jar包一个dist.zip压缩包;
【万字长文】K8s部署前后端分离的web应用避坑系列指南之一:在本地开发环境、本地docker compose和k8s集群里跑通购物清单应用(macOS-2023版)
wuzhenben的博客
10-26 181
从源代码到docker compose再到k8s集群,开发与部署前后端分离web应用。练了3个月,写了4天。一万三千字。分享了8个避坑指南。先发布mac版。Windows10和unbuntu版随后发布。[憨笑]
Kubernetes 部署微服务 Spring Cloud 方案
IoTHub - 物联网开源技术社区
02-05 1015
Kubernetes 部署微服务 Spring Cloud 方案,Helm、Harbor、容器化。
K8s部署前后端分离项目(一)
m0_46914845的博客
01-12 3370
K8s部署前后端分离项目(一)
十分钟教你在 K8s部署一个前后端应用
pantouyuchiyu的博客
01-12 1132
好多开发人员,尤其是没接触过 k8s 的人员对如何在k8s部署一个 前后端应用很模糊,不知如何下手,所以本篇讲一下如何快速在 k8s 部署一个前后端应用,让大家对k8s有个快速认识
K8S部署前后端分离项目并支持Mysql和Redis数据持久化保存
JycDjy的博客
03-31 1533
K8S部署RuoYi前后端分离项目并支持Mysql和Redis数据持久化保存。
k8s+docker部署前后端分离项目
qq_37634156的博客
05-09 6103
环境准备 1、k8s集群 主节点master:192.168.3.200 子节点node1:192.168.3.201 子节点node2:192.168.3.202 安装方式略。 2、harbor远程仓库 http://192.168.3.200,输入用户名密码登录,初始用户名为admin,密码配置在【harbor.cfg】配置文件中的【harbor_admin_password】属性。 部署在主节点上,需要在harbor目录下输入命令,常用命令如下: # 查看harbor服务状..
k8s部署前后端分离项目
点滴记录IT技术进程
05-11 4167
k8s部署前后端分离项目的demo步骤。
K8S系列】第十三讲:Ingress详解
热门推荐
颜淡慕潇
12-23 2万+
NotePortIngressNodePort方式:最大的缺点是会占用很多集群机器的端口,而且需要在外部搭建额外的负载均衡;LB方式:最大的缺点则是每个service一个LB,有点浪费,并且需要k8s之外的支持,【eg:cloud provider】;ingressIngress就是为了解决1,2两种方式的限制,只需要一个NodePort或者一个LB就可以满足所有service对外服务的需求。
k8s学习-第5部分部署ruoyi前后端分离
Jaccccck的博客
12-26 2350
若依使用Redis 作为缓存使用,安转单节点就可以,数据不需要持久化。将ruoyi项目的sql文件提前上传到/home/app/sql目录下。开始安装MySQL 新建ruoyi-mysql.yaml。将redis 提示信息复制出来。
K8s集群所有细节部署文档
03-17
K8s集群所有细节部署文档 内容简介: 1、组件版本和配置策略 2、系统初始化和全局变量 3、创建CA证书和密钥 4、部署kubectl命令行工具 5、部署etcd集群 6、部署flannel网络 7、部署master节点 8、部署woker节点 9、...
最新XXLJOB K8S 集群部署验证版 YAML文件直接部署成功
06-05
最新XXLJOB K8S 集群部署验证版 YAML文件直接部署成功.
CentOS7+Kubeadm+K8S集群部署学习实践手册
12-22
CentOS7+Kubeadm+K8S集群部署学习实践手册
微服务入门学习笔记(黑马商城)
feng_ling_01的博客
04-29 1206
自定义过滤器有两种GatewayFilterFactory和GlobalFilter,前者可以设置单个服务过滤,也可以设置全局过滤,后者创建完后自动生效全局过滤实现更加简单。这样就实现了网关登录校验并且将用户信息传递给其他服务,但其他服务互相调用时还是不会传递用户信息。所以我们需要在服务之间发送http请求是带上用户信息的请求头。登录校验过滤器实现:将过滤校验所需的配置类和工具类转移到网关。创建网关模块,引入springcloud的网关依赖。配置网关转跳路由和过滤器,我的网关端口为8090。
微服务设计》读书笔记
longchanghua_enshi的专栏
04-28 401
微服务设计》读书笔记,宏观上介绍了微服务的概念、优点,设计微服务的原则,以及从测试、部署、监控、安全等方面阐述微服务治理
微服务】服务治理(Nacos注册中心)
最新发布
weixin_62513677的博客
05-04 364
RestTemplate进行服务间的相互调用是非常有问题的,如果服务备份多个服务器,进行集群服务,而且在开发阶段,我们也不知道其它服务器的地址,那这时我们将如何进行服务器之间的相互调用,我们就需要用到注册中心技术。我的理解:在现在一个服务备份多个分布在多台服务器上,当多个服务启动就将自己挂到注册中心,共消费者选择,起到一个公共黑板墙的作用。服务提供者通过心跳机制向注册中心报告自己的健康状态,当心跳异常时注册中心会将异常服务剔除,并通知订阅了该服务的消费者。:暴露服务接口,供其他服务调用。
微服务之并行与分布式计算
qq_62377885的博客
04-27 935
单机存储系统VS分布式存储系统单机存储系统单机存储就是散列表、B树等数据结构在机械硬盘、SSD 等持久化介质上的实现。存储系统的数据模型主要包括三类:文件关系以及键值模型分布式存储系统分布式系统能够将数据分布到多个节点,并在多个节点之间实现负载均衡。其方式主要有两种:散列分布,如一致性散列,代表系统为Amazon的Dynamo系统;顺序分布,即每张表格上的数据按照主键整体有序,代表系统为 Google的Bigtable。

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论 1
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值