1 常见的发布策略
- 灰度发布/金丝雀发布
描述:
升级过程中,先升级一部分服务,在逐步升级其他的。
特点:
在升级过程中存在旧版本和新版本共存的现象。
- 蓝绿部署
描述:
同时有两套环境。
特点:
只有一套环境对外提供服务,另一套环境空跑。
- A/B测试
描述:
相比于灰度发布而言,A/B测试的发布策略更加细粒度,比如基于用户实现精准控制升级。
特点:
可以向让一部分用户升级,而后在逐步升级。
2 灰度发布
- A.使用deploy部署旧版本;
- B.Server关联旧版本;
- C.使用deploy部署新版本;
- D.逐渐修改新旧版本的副本数量来达到灰度发布的效果;
2.1 部署旧版本
[root@master231 01-huidu]# cat 01-deploy-old.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: deploy-old
spec:
replicas: 3
selector:
matchLabels:
apps: xiuxian
template:
metadata:
labels:
apps: xiuxian
version: v1
spec:
containers:
- image: registry.cn-hangzhou.aliyuncs.com/cmy-k8s/apps:v1
name: c1
[root@master231 01-huidu]#
[root@master231 01-huidu]# kubectl apply -f 01-deploy-old.yaml
2.2 svc关联旧版本
[root@master231 01-huidu]# cat 02-svc-xiuxian.yaml
apiVersion: v1
kind: Service
metadata:
name: svc-xiuxian
spec:
ports:
- port: 80
selector:
apps: xiuxian
type: ClusterIP
2.3 部署新版本
[root@master231 01-huidu]# cat 03-deploy-new.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: deploy-new
spec:
replicas: 1
selector:
matchLabels:
apps: xiuxian
template:
metadata:
labels:
apps: xiuxian
version: v2
spec:
containers:
- image: registry.cn-hangzhou.aliyuncs.com/cmy-k8s/apps:v2
name: c1
kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
deploy-new-845ffc675b-gw25f 1/1 Running 0 3m50s 10.100.140.93 worker233 <none> <none>
deploy-new-845ffc675b-qxqvj 1/1 Running 0 2m35s 10.100.203.163 worker232 <none> <none>
deploy-old-568cf47956-tzmxz 1/1 Running 0 5m33s 10.100.203.160 worker232 <none> <none>
deploy-old-568cf47956-wsbcb 1/1 Running 0 5m33s 10.100.140.92 worker233 <none> <none>
逐步修改新旧pod数量,直到更新完成
3 蓝绿部署
1.蓝绿部署实现思路
- A.部署老版本;
- B.svc指向老版本的Pod;
- C.部署新版本;
- D.svc指向新版本的Pod;
2.1 部署旧版本
[root@master231 02-blue-green]# cat 01-deploy-old.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: deploy-old
spec:
replicas: 3
selector:
matchLabels:
apps: blue
template:
metadata:
labels:
apps: blue
version: v1
spec:
containers:
- image: registry.cn-hangzhou.aliyuncs.com/cmy-k8s/apps:v1
name: c1
2.2 svc关联旧版本
[root@master231 02-blue-green]# cat 02-svc-xiuxian.yaml
apiVersion: v1
kind: Service
metadata:
name: svc-xiuxian
spec:
ports:
- port: 80
selector:
apps: blue
type: ClusterIP
kubectl apply -f svc-xiuxian.yaml
service/svc-xiuxian created
[root@master-231 /oldboyedu/manifests/update/02-blue-greeen]# kubectl get svc,pod
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.200.0.1 <none> 443/TCP 7d22h
service/svc-xiuxian ClusterIP 10.200.197.116 <none> 80/TCP 8s
NAME READY STATUS RESTARTS AGE
pod/deploy-old-6f675ff948-gmpbt 1/1 Running 0 53s
pod/deploy-old-6f675ff948-khtvh 1/1 Running 0 53s
pod/deploy-old-6f675ff948-nqzn5 1/1 Running 0 53s
2.3 部署新版本
[root@master231 02-blue-green]# cat 03-deploy-new.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: deploy-new
spec:
replicas: 3
selector:
matchLabels:
apps: green
template:
metadata:
labels:
apps: green
version: v2
spec:
containers:
- image: registry.cn-hangzhou.aliyuncs.com/cmy-k8s/apps:v2
name: c1
kubectl get svc,pod -o wide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
service/kubernetes ClusterIP 10.200.0.1 <none> 443/TCP 7d22h <none>
service/svc-xiuxian ClusterIP 10.200.197.116 <none> 80/TCP 107s apps=blue
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
pod/deploy-new-5b64647c7f-h46pj 1/1 Running 0 11s 10.100.140.97 worker233 <none> <none>
pod/deploy-new-5b64647c7f-sncxz 1/1 Running 0 28s 10.100.140.96 worker233 <none> <none>
pod/deploy-new-5b64647c7f-wmk6r 1/1 Running 0 11s 10.100.203.168 worker232 <none> <none>
pod/deploy-old-6f675ff948-gmpbt 1/1 Running 0 2m32s 10.100.140.94 worker233 <none> <none>
pod/deploy-old-6f675ff948-khtvh 1/1 Running 0 2m32s 10.100.140.95 worker233 <none> <none>
pod/deploy-old-6f675ff948-nqzn5 1/1 Running 0 2m32s 10.100.203.159 worker232 <none> <none>
切换流量至新版本
kubectl describe -f svc-xiuxian.yaml
Name: svc-xiuxian
Namespace: default
Labels: <none>
Annotations: <none>
Selector: apps=green
Type: ClusterIP
IP Family Policy: SingleStack
IP Families: IPv4
IP: 10.200.197.116
IPs: 10.200.197.116
Port: <unset> 80/TCP
TargetPort: 80/TCP
Endpoints: 10.100.140.96:80,10.100.140.97:80,10.100.203.168:80
Session Affinity: None
Events: <none>
注意,同时只有一个版本对外提供服务
4 CICD
#!/bin/bash
# 登录 Harbor(确保密码安全,不要硬编码)
docker login -u admin -p 1 harbor.cmy.cn
function update() {
# 检查 Harbor 认证
docker login -u admin -p 1 harbor.cmy.cn
# 构建并推送镜像
docker build -t harbor.cmy.cn/yiliao/app:${gittag} .
docker push harbor.cmy.cn/yiliao/app:${gittag}
export KUBECONFIG=/root/admin.conf
# 更新 Deployment
kubectl set image deploy yiliao yiliao=harbor.cmy.cn/yiliao/app:${gittag}
# 检查状态
kubectl get svc,deploy,pods -o wide
}
function rollback() {
export KUBECONFIG=/root/admin.conf
kubectl set image deploy yiliao yiliao=harbor.cmy.cn/yiliao/app:${gittag}
# 检查状态
kubectl get svc,deploy,pods -o wide
}
case "$choose" in
update) update ;;
rollback) rollback ;;
esac
