目录
一、Django应用直接部署模式
1、django项目介绍
二、docker容器部署模式
1、Dockerfile文件编写
2、运行mysql容器
3、启动Django应用
三、k8s容器集群pod部署模式
1、mysql容器部署
2、myblog容器部署
3、部署以及注意点
四、k8s容器集群deploy部署模式
1、数据库敏感信息单拎
2、mysql容器部署
3、myblog容器部署
4、验证结果
本文演示了一个Django应用是如果进行容器化改造的,具体过程为服务器Django应用——>docker容器部署改造——>k8s容器集群部署改造——>k8s容器集群高可用改造
一、Django应用直接部署模式
1、django项目介绍
- 项目地址:YongxinLi/python-demo
- python3 + django + uwsgi + nginx + mysql
- 内部服务端口8002
直接服务器克隆git库即可,基于服务器本地部署,执行启动脚本生效,无需多言
[root@k8s-master python-demo]# ll
drwxr-xr-x 4 root root 151 12月 26 00:38 blog
drwxr-xr-x 2 root root 21 12月 26 00:38 log
-rw-r--r-- 1 root root 804 12月 26 00:38 manage.py
drwxr-xr-x 2 root root 70 12月 26 00:38 myblog
-rw-r--r-- 1 root root 1228 12月 26 00:38 myblog.conf
-rw-r--r-- 1 root root 44 12月 26 00:38 requirements.txt
drwxr-xr-x 4 root root 31 12月 26 01:15 resources
-rw-r--r-- 1 root root 84 12月 26 00:38 run.sh
drwxr-xr-x 3 root root 18 12月 26 00:38 static
-rw-r--r-- 1 root root 239 12月 26 00:38 uwsgi.ini
二、docker容器部署模式
1、Dockerfile文件编写
Dockerfile文件就是模拟正常部署应用操作,基于基础镜像、环境变量、操作命令、应用程序文件、必要插件等构造
myblog/Dockerfile
# This my first django Dockerfile
# Version 1.0
# Base images 基础镜像
FROM centos:centos7.5.1804
#MAINTAINER 维护者信息
LABEL maintainer="whr@email.com"
#ENV 设置环境变量
ENV LANG en_US.UTF-8
ENV LC_ALL en_US.UTF-8
#RUN 执行以下命令
RUN curl -so /etc/yum.repos.d/Centos-7.repo http://mirrors.aliyun.com/repo/Centos-7.repo && rpm -Uvh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm
RUN yum install -y python36 python3-devel gcc pcre-devel zlib-devel make net-tools nginx
#工作目录
WORKDIR /opt/myblog
#拷贝文件至工作目录
COPY . .
# 拷贝nginx配置文件
COPY myblog.conf /etc/nginx
#安装依赖的插件
RUN pip3 install -i http://mirrors.aliyun.com/pypi/simple/ --trusted-host mirrors.aliyun.com -r requirements.txt
RUN chmod +x run.sh && rm -rf ~/.cache/pip
#EXPOSE 映射端口
EXPOSE 8002
#容器启动时执行命令
CMD ["./run.sh"]
执行构建,并且把构建好的镜像上传到harbor库:
$ docker build . -t myblog:v1 -f Dockerfile
docker login -u admin -p Harbor12345 192.168.0.121:5000
docker tag myblog:v1 192.168.0.121:5000/myblog/myblog:v1
docker push 192.168.0.121:5000/myblog/myblog:v1
2、运行mysql容器
该应用依赖mysql数据库,需要先部署mysql,创建myblog数据库,然后通过应用对数据库进行初始化创建。
# 1、docker启动mysql,端口映射、目录挂载、指定数据库、密码、中文编码
$ docker run -d -p 3306:3306 --name mysql -v /opt/mysql:/var/lib/mysql -e MYSQL_DATABASE=myblog -e MYSQL_ROOT_PASSWORD=123456 mysql:5.7 --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci
# 2、参数传递,查看数据库myblog自动创建
$ docker exec -ti mysql bash
#/ mysql -uroot -p123456
#/ show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| myblog |
| mysql |
| performance_schema |
| sys |
+--------------------+
3、启动Django应用
## 启动容器
$ docker run -d -p 8002:8002 --name myblog -e MYSQL_HOST=192.168.0.122 -e MYSQL_USER=root -e MYSQL_PASSWD=123456 192.168.0.121:5000/myblog/myblog:v1
# docker ps | grep myblog
c5f748a80ffb 192.168.0.121:5000/myblog/myblog:v666 "./run.sh" 12 seconds ago Up 11 seconds 0.0.0.0:8002->8002/tcp, :::8002->8002/tcp myblog
# 注意:1、镜像之前已经构建在本地了;2、现在还不能用,数据库是空的
# 1、初始化数据库操作
$ docker exec -ti myblog bash
#/ python3 manage.py makemigrations # 创建数据库
#/ python3 manage.py migrate # 初始化表结构
#/ python3 manage.py createsuperuser # 创建超级用户,登陆界面
# 2、收集静态文件
$ docker exec -ti myblog python3 manage.py collectstatic
# 3、服务器 curl <myblog-ip>:8002/admin
三、k8s容器集群pod部署模式
1、mysql容器部署
apiVersion: v1
kind: Pod
metadata:
name: mysql
namespace: demo
labels:
component: mysql
spec:
hostNetwork: true # 声明pod的网络模式为host模式,效果同docker run --net=host
volumes:
- name: mysql-data
hostPath:
path: /opt/mysql/data
nodeSelector: # 使用节点选择器将Pod调度到指定label的节点
component: master
containers:
- name: mysql
image: 192.168.0.121:5000/myblog/mysql:v1
ports:
- containerPort: 3306
env:
- name: MYSQL_ROOT_PASSWORD
value: "123456"
- name: MYSQL_DATABASE
value: "myblog"
resources:
requests:
memory: 100Mi
cpu: 50m
limits:
memory: 500Mi
cpu: 100m
readinessProbe:
tcpSocket:
port: 3306
initialDelaySeconds: 5
periodSeconds: 10
livenessProbe:
tcpSocket:
port: 3306
initialDelaySeconds: 15
periodSeconds: 20
volumeMounts:
- name: mysql-data
mountPath: /var/lib/mysql
2、myblog容器部署
apiVersion: v1
kind: Pod
metadata:
name: myblog
namespace: demo
labels:
component: myblog
spec:
nodeSelector: # 使用节点选择器将Pod调度到指定label的节点
component: master
containers:
- name: myblog
image: 192.168.0.121:5000/myblog/myblog:v1
imagePullPolicy: IfNotPresent
env:
- name: MYSQL_HOST # 指定root用户的用户名
value: "192.168.0.121"
- name: MYSQL_PASSWD
value: "123456"
ports:
- containerPort: 8002
resources:
requests:
memory: 100Mi
cpu: 50m
limits:
memory: 500Mi
cpu: 100m
livenessProbe:
httpGet:
path: /blog/index/
port: 8002
scheme: HTTP
initialDelaySeconds: 10 # 容器启动后第一次执行探测是需要等待多少秒
periodSeconds: 15 # 执行探测的频率
timeoutSeconds: 2 # 探测超时时间
readinessProbe:
httpGet:
path: /blog/index/
port: 8002
scheme: HTTP
initialDelaySeconds: 10
timeoutSeconds: 2
periodSeconds: 15
3、部署以及注意点
# 添加标签
kubectl label nodes k8s-master component=master
# 部署
kubectl create -f .
# 注意
mysql部署完成后,再部署myblog,myblog处于运行状态且不是ready,此时需要参照docker模式exec -it进入myblog容器执行数据库初始化和管理员创建,否则myblog健康检查一直过不去,已踩坑,注意!!!
四、k8s容器集群deploy部署模式
目前部署方式弊端很明显,不推荐直接pod部署
1、环境变量中有很多敏感的信息,比如账号密码,直接暴漏在yaml文件中存在安全性问题
2、团队内部一般存在多个项目,例如mysql此类中间件数据应该单拎出来
3、pod模式部署不是高可用
4、k8s提供两类资源,configMap和Secret,可以用来实现业务配置的统一管理, 允许将配置文件与镜像文件分离,以使容器化的应用程序具有可移植性 。
1、数据库敏感信息单拎
[root@k8s-master myblog]# cat configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: myblog
namespace: demo
data:
MYSQL_HOST: "mysql"
MYSQL_PORT: "3306"
[root@k8s-master myblog]# cat secret.yaml
apiVersion: v1
kind: Secret
metadata:
name: myblog
namespace: demo
type: Opaque
data:
MYSQL_USER: cm9vdA==
MYSQL_PASSWD: MTIzNDU2
2、mysql容器部署
apiVersion: apps/v1
kind: Deployment
metadata:
name: mysql
namespace: demo
spec:
replicas: 1
selector:
matchLabels:
app: mysql
template:
metadata:
labels:
app: mysql
spec:
volumes:
- name: mysql-data
hostPath:
path: /opt/mysql/data
nodeSelector:
component: mysql
containers:
- name: mysql
image: 172.21.32.13:5000/mysql:5.7
args:
- "--character-set-server=utf8"
- "--collation-server=utf8_general_ci"
ports:
- containerPort: 3306
env:
- name: MYSQL_USER
valueFrom:
secretKeyRef:
name: myblog
key: MYSQL_USER
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: myblog
key: MYSQL_PASSWD
- name: MYSQL_DATABASE
value: "myblog"
resources:
requests:
memory: 100Mi
cpu: 50m
limits:
memory: 500Mi
cpu: 100m
readinessProbe:
tcpSocket:
port: 3306
initialDelaySeconds: 5
periodSeconds: 10
livenessProbe:
tcpSocket:
port: 3306
initialDelaySeconds: 15
periodSeconds: 20
volumeMounts:
- name: mysql-data
mountPath: /var/lib/mysql
[root@k8s-master mysql]# cat mysql-svc.yaml
apiVersion: v1
kind: Service
metadata:
name: mysql
namespace: demo
spec:
ports:
- port: 3306
protocol: TCP
targetPort: 3306
selector:
app: mysql
type: ClusterIP
3、myblog容器部署
apiVersion: apps/v1
kind: Deployment
metadata:
name: myblog
namespace: demo
spec:
replicas: 1
selector:
matchLabels:
app: myblog
template:
metadata:
labels:
app: myblog
spec:
nodeSelector:
component: master
containers:
- name: myblog
image: 192.168.0.121:5000/myblog/myblog:v1
imagePullPolicy: IfNotPresent
env:
- name: MYSQL_HOST
valueFrom:
configMapKeyRef:
name: myblog
key: MYSQL_HOST
- name: MYSQL_PORT
valueFrom:
configMapKeyRef:
name: myblog
key: MYSQL_PORT
- name: MYSQL_USER
valueFrom:
secretKeyRef:
name: myblog
key: MYSQL_USER
- name: MYSQL_PASSWD
valueFrom:
secretKeyRef:
name: myblog
key: MYSQL_PASSWD
ports:
- containerPort: 8002
resources:
requests:
memory: 100Mi
cpu: 50m
limits:
memory: 500Mi
cpu: 100m
livenessProbe:
httpGet:
path: /blog/index/
port: 8002
scheme: HTTP
initialDelaySeconds: 10
periodSeconds: 15
timeoutSeconds: 2
readinessProbe:
httpGet:
path: /blog/index/
port: 8002
scheme: HTTP
initialDelaySeconds: 10
timeoutSeconds: 2
periodSeconds: 15
[root@k8s-master myblog]# cat service.yaml
apiVersion: v1
kind: Service
metadata:
name: myblog
namespace: demo
spec:
ports:
- port: 80
protocol: TCP
targetPort: 8002
selector:
app: myblog
type: ClusterIP
[root@k8s-master myblog]# cat ingress.yaml
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: myblog
namespace: demo
spec:
rules:
- host: blog.rui.com
http:
paths:
- path: /
backend:
serviceName: myblog
servicePort: 80
k exec -it myblog-6fcff6f699-fjr4m bash
#/ python3 manage.py makemigrations # 创建数据库
#/ python3 manage.py migrate # 初始化表结构
#/ python3 manage.py createsuperuser # 创建超级用户,登陆界面
4、验证结果
[root@k8s-master ~]# kubectl get po -n demo
NAME READY STATUS RESTARTS AGE
myblog-6fcff6f699-fjr4m 1/1 Running 0 56m
mysql-6594584758-mczqf 1/1 Running 0 86m