当前位置：网站首页>[cloud native | kubernetes] in depth understanding of deployment (VIII)

[cloud native | kubernetes] in depth understanding of deployment (VIII)

2022-06-30 12:15:00 【Lanson】

Deepen understanding Deployment

One 、 What is? Deployment

One Deployment by Pods and ReplicaSets Provide declarative update capabilities .
You are responsible for describing Deployment Medium _ Target state _, and Deployment controller （Controller） Change at a controlled rate The actual state , Turn it into Expected state ; Control cycle . for(){ xxx controller.spec()}
Don't manage Deployment Owned ReplicaSet
When we deploy an application, we usually don't write directly Pod, Instead, deploy a Deployment
Deploy Preparation of the statute Deployments | Kubernetes

Two 、Deployment establish

The basic format
- .metadata.name Appoint deploy name
- replicas Specify the number of copies
- selector Specify the matching Pod Templates .
- template Make a statement Pod Templates

Write a Deployment Of yaml give Pod Self healing and failover capabilities

Check the... In the cluster Deployment when , The fields displayed are ：
- NAME Lists the Deployment The name of .
- READY Shows the available copy Count . The mode of display is “ The number of ready / Expected number ”.
- UP-TO-DATE Shows the number of copies that have been updated to achieve the desired state .
- AVAILABLE Shows the number of copies of the app available to users .
- AGE Shows when the application is running .
ReplicaSet The output contains the following fields ：
- NAME List... In the namespace ReplicaSet The name of ;
- DESIRED Shows the expected number of copies of the app , Creating Deployment The value defined when . This is the expected state ;
- CURRENT Displays the number of copies in the current running state ;
- READY Shows how many copies of the app can serve users ;
- AGE Shows how long the app has been running .
- Be careful ：ReplicaSet The name of is always formatted as [Deployment name ]-[ Random string ]. Where the random string is used pod-template-hash Randomly generated as seeds .

One Deploy Produce three

Deployment resources
replicaset resources
Pod resources

Deployment control RS,RS control Pod Number of copies ReplicaSet： It only provides the control function of the number of copies Deployment： Every time a new version is deployed, a new replica set is created , Use him to record status , Rollback is also specified directly rs take effect

3、 ... and 、Deployment Renewal mechanism

Only when the Deployment Pod Templates （ namely .spec.template） When there is a change , for example The label or container image of the template is updated , Will trigger Deployment go online . Other updates （ If yes Deployment Perform the expansion and reduction operation ） It doesn't trigger an online action .
Online action principle ： Create a new rs, When ready , Replace old rs（ Will not be deleted at this time , because **revisionHistoryLimit** Specifies how many versions to keep ）
frequently-used kubectl command

################ to update #################################
#kubectl  set image  deployment Resource name    Container name = Mirror name 
kubectl set image deployment.apps/nginx-deployment php-redis=tomcat:8 --record
## yaml Extract all the key fields that can be updated hash.
web---- /hello
postman   aservice- /hello

# Or modify the definition directly 
kubectl edit deployment.v1.apps/nginx-deployment
# Check the status 
kubectl rollout status deployment.v1.apps/nginx-deployment

################ View the history and roll back ####################################
# Check out the update history - See if the total number of history records we set is effective 
kubectl rollout history deployment.v1.apps/nginx-deployment
# Roll back 
kubectl rollout undo deployment.v1.apps/nginx-deployment --to-revision=2

############### Cumulative update ##############
# Pause recording version 
kubectl rollout pause deployment.v1.apps/nginx-deployment
# Multiple update operations .
## For example, the resource limit has been updated 
kubectl set resources deployment.v1.apps/nginx-deployment -c=nginx --limits=cpu=200m,memory=512Mi
## For example, the image version has been updated 
kubectl set image deployment.apps/nginx-deployment php-redis=tomcat:8
## Continue operation several times 
## See if the historical version records any changes 
kubectl rollout history deployment.v1.apps/nginx-deployment
# Make multiple cumulative effects 
kubectl rollout resume deployment.v1.apps/nginx-deployment

1、 Scaling （Proportional Scaling）

maxSurge（ Maximum increment ）： How many instances should be added besides the current number .

maxUnavailable（ Maximum unusable amount ）： Number of unavailable instances during rolling update .

2、HPA（ Dynamic expansion and contraction ）

Concept ：Pod Horizontal automatic expansion and contraction | Kubernetes

actual combat ：HorizontalPodAutoscaler rehearse | Kubernetes

2.1、 You need to install metrics-server

GitHub - kubernetes-sigs/metrics-server: Scalable and efficient source of container resource metrics for Kubernetes built-in autoscaling pipelines.

2.2、 Installation steps

apiVersion: v1
kind: ServiceAccount
metadata:
  labels:
    k8s-app: metrics-server
  name: metrics-server
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  labels:
    k8s-app: metrics-server
    rbac.authorization.k8s.io/aggregate-to-admin: "true"
    rbac.authorization.k8s.io/aggregate-to-edit: "true"
    rbac.authorization.k8s.io/aggregate-to-view: "true"
  name: system:aggregated-metrics-reader
rules:
- apiGroups:
  - metrics.k8s.io
  resources:
  - pods
  - nodes
  verbs:
  - get
  - list
  - watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  labels:
    k8s-app: metrics-server
  name: system:metrics-server
rules:
- apiGroups:
  - ""
  resources:
  - pods
  - nodes
  - nodes/stats
  - namespaces
  - configmaps
  verbs:
  - get
  - list
  - watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  labels:
    k8s-app: metrics-server
  name: metrics-server-auth-reader
  namespace: kube-system
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: extension-apiserver-authentication-reader
subjects:
- kind: ServiceAccount
  name: metrics-server
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  labels:
    k8s-app: metrics-server
  name: metrics-server:system:auth-delegator
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: system:auth-delegator
subjects:
- kind: ServiceAccount
  name: metrics-server
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  labels:
    k8s-app: metrics-server
  name: system:metrics-server
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: system:metrics-server
subjects:
- kind: ServiceAccount
  name: metrics-server
  namespace: kube-system
---
apiVersion: v1
kind: Service
metadata:
  labels:
    k8s-app: metrics-server
  name: metrics-server
  namespace: kube-system
spec:
  ports:
  - name: https
    port: 443
    protocol: TCP
    targetPort: https
  selector:
    k8s-app: metrics-server
---
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    k8s-app: metrics-server
  name: metrics-server
  namespace: kube-system
spec:
  selector:
    matchLabels:
      k8s-app: metrics-server
  strategy:
    rollingUpdate:
      maxUnavailable: 0
  template:
    metadata:
      labels:
        k8s-app: metrics-server
    spec:
      containers:
      - args:
        - --cert-dir=/tmp
        - --kubelet-insecure-tls
        - --secure-port=4443
        - --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname
        - --kubelet-use-node-status-port
        image: registry.cn-hangzhou.aliyuncs.com/lanson_k8s_images/metrics-server:v0.4.3
        imagePullPolicy: IfNotPresent
        livenessProbe:
          failureThreshold: 3
          httpGet:
            path: /livez
            port: https
            scheme: HTTPS
          periodSeconds: 10
        name: metrics-server
        ports:
        - containerPort: 4443
          name: https
          protocol: TCP
        readinessProbe:
          failureThreshold: 3
          httpGet:
            path: /readyz
            port: https
            scheme: HTTPS
          periodSeconds: 10
        securityContext:
          readOnlyRootFilesystem: true
          runAsNonRoot: true
          runAsUser: 1000
        volumeMounts:
        - mountPath: /tmp
          name: tmp-dir
      nodeSelector:
        kubernetes.io/os: linux
      priorityClassName: system-cluster-critical
      serviceAccountName: metrics-server
      volumes:
      - emptyDir: {}
        name: tmp-dir
---
apiVersion: apiregistration.k8s.io/v1
kind: APIService
metadata:
  labels:
    k8s-app: metrics-server
  name: v1beta1.metrics.k8s.io
spec:
  group: metrics.k8s.io
  groupPriorityMinimum: 100
  insecureSkipTLSVerify: true
  service:
    name: metrics-server
    namespace: kube-system
  version: v1beta1
  versionPriority: 100

kubectl apply that will do
All runnning use
- kubectl top nodes --use-protocol-buffers
- kubectl top pods --use-protocol-buffers

2.3、 To configure hpa test

###  The test image  registry.cn-hangzhou.aliyuncs.com/lanson_k8s_images/php-hpa:latest

## Applied yaml Have done well 
apiVersion: v1
kind: Service
metadata:
  name: php-apache
spec:
  ports:
  - port: 80
    protocol: TCP
    targetPort: 80
  selector:
    run: php-apache
---
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    run: php-apache
  name: php-apache
spec:
  replicas: 1
  selector:
    matchLabels:
      run: php-apache
  template:
    metadata:
      creationTimestamp: null
      labels:
        run: php-apache
    spec:
      containers:
      - image: registry.cn-hangzhou.aliyuncs.com/lanson_k8s_images/php-hpa:latest
        name: php-apache
        ports:
        - containerPort: 80
        resources:
          requests:
            cpu: 200m

##hpa To configure  hpa.yaml
apiVersion: autoscaling/v1
kind: HorizontalPodAutoscaler
metadata:
  name: php-apache
spec:
  maxReplicas: 10
  minReplicas: 1
  scaleTargetRef:
    apiVersion: apps/v1
    kind: Deployment
    name: php-apache
  targetCPUUtilizationPercentage: 50
  
#3、 Stress test 
kubectl run -i --tty load-generator --image=busybox /bin/sh

# Enter and hit the following command 
 kubectl run -i --tty load-generator --rm --image=busybox --restart=Never -- /bin/sh -c "while sleep 0.01; do wget -q -O- http://php-apache; done"

3、Canary（ Canary deployment ）

3.1、 Blue and green deployment VS Canary deployment

Blue and green deployment

Canary deployment

3.2、 A simple test of Canary

Use this image to test registry.cn-hangzhou.aliyuncs.com/lanson_k8s_images/nginx-test This mirror image docker run When -e msg=aaaa, Visit this nginx Page is to see aaaa

Step principle