初識OpenShift部署
Service Catalog
OpenShift初始安裝中含有一些樣例APP供大家學習使用。其中有Apache HTTP Server和Apache HTTP Server(httpd),這兩者有什麼區別?分別點擊進入可以發現:
Apache HTTP Server使用template(template名字爲httpd-example)部署方式。
Apache HTTP Server(httpd)使用builder image(image stream名字爲httpd)部署方式。
Service Catalog樣例使用了template和builder image(image+source)兩種部署方式。
查看template和image stream
- 使用Application Console,進入openshift項目
查看template,點擊Resources -> Other Resources -> Template:
查看Image Stream,點擊Builds -> Images:
- 使用oc命令
查看所有template和image stream:
$ oc new-app --list單獨查看template或image stream:
$ oc get templates -n openshift
$ oc get imagestreams -n openshift查看httpd-example template詳細信息:
$ oc describe template httpd-example -n openshift查看httpd image stream詳細信息:
$ oc describe imagestream httpd -n openshift查看httpd-example template的YAML定義:
$ oc new-app --search --template=httpd-example --output=yaml從所有template、image stream、docker image中查找"httpd":
$ oc new-app --search httpd其他部署方式
在Service Catalog中,除從Catalog直接選擇Item外,還提供了其他三種方式:
Deploy Image可以直接從image或image stream部署應用:
Import YAML / JSON 用來從YAML或JSON創建資源,比如image stream、template:
Select from Project 從指定的Project中選擇template來部署應用:
部署Apache HTTP Server
Apache HTTP Server的兩種部署方式本質上是相同的,都是使用S2I(Source-to-Image)構建的Docker鏡像來部署應用。Source均使用Apache HTTP Server (httpd) S2I Sample Application,Docker基礎鏡像(builder image)均使用Apache HTTP Server Container Image。
以下是httpd-example template中BuildConfig部分的定義:
- apiVersion: v1
kind: BuildConfig
metadata:
annotations:
description: Defines how to build the application
template.alpha.openshift.io/wait-for-ready: 'true'
name: '${NAME}'
spec:
output:
to:
kind: ImageStreamTag
name: '${NAME}:latest'
source:
contextDir: '${CONTEXT_DIR}'
git:
ref: '${SOURCE_REPOSITORY_REF}'
uri: '${SOURCE_REPOSITORY_URL}'
type: Git
strategy:
sourceStrategy:
from:
kind: ImageStreamTag
name: 'httpd:2.4'
namespace: '${NAMESPACE}'
type: Source
triggers:
- type: ImageChange
- type: ConfigChange
- github:
secret: '${GITHUB_WEBHOOK_SECRET}'
type: GitHub
- generic:
secret: '${GENERIC_WEBHOOK_SECRET}'
type: Generic參數定義及默認值:
parameters:
- description: The name assigned to all of the frontend objects defined in this template.
displayName: Name
name: NAME
required: true
value: httpd-example
- description: The OpenShift Namespace where the ImageStream resides.
displayName: Namespace
name: NAMESPACE
required: true
value: openshift
- description: Maximum amount of memory the container can use.
displayName: Memory Limit
name: MEMORY_LIMIT
required: true
value: 512Mi
- description: The URL of the repository with your application source code.
displayName: Git Repository URL
name: SOURCE_REPOSITORY_URL
required: true
value: 'https://github.com/openshift/httpd-ex.git'
- description: >-
Set this to a branch name, tag or other ref of your repository if you are
not using the default branch.
displayName: Git Reference
name: SOURCE_REPOSITORY_REF
- description: >-
Set this to the relative path to your project if it is not in the root of
your repository.
displayName: Context Directory
name: CONTEXT_DIR
- description: >-
The exposed hostname that will route to the httpd service, if left blank a
value will be defaulted.
displayName: Application Hostname
name: APPLICATION_DOMAIN
...Builder Image
我們先使用builder image方式部署Apache,來了解一下部署的整體流程:
在Application Console查看項目的Applications和Builds,可以發現部署過程中會自動創建Service、Route、Build、Deployment,創建ImageStream、Pod,其中會創建3個pod:httpd-1-build、http-1-deploy、httpd-1-xxxxx,在部署完畢後http-1-deploy會自動刪除。
下面先解釋一下基本概念。
- Service (Kubernetes Service)內部load balancer
apiVersion: v1
kind: Service
metadata:
annotations:
openshift.io/generated-by: OpenShiftWebConsole
creationTimestamp: '2019-03-26T02:12:50Z'
labels:
app: httpd
name: httpd
namespace: my-project
resourceVersion: '3004428'
selfLink: /api/v1/namespaces/my-project/services/httpd
uid: a81c759f-4f6c-11e9-9a7d-02fa2ffc40e6
spec:
clusterIP: 172.30.225.159
ports:
- name: 8080-tcp
port: 8080
protocol: TCP
targetPort: 8080
selector:
deploymentconfig: httpd
sessionAffinity: None
type: ClusterIP
status:
loadBalancer: {}其中,clusterIP用於OKD內部網絡訪問Service,selector定義了查找container(pod)進行負載均衡的標籤。
- Route 定義一個host name來公開Service,以便外部客戶可以訪問Service,默認host name爲:[app-name]-[project-name].[openshift_master_default_subdomain]。
- Build 執行S2I(本例),即從builder image和Source Code來構建App Image
查看Builds -> httpd -> #1 的YAML文本,可以瞭解Build流程爲FetchInputs -> Assemble -> CommitContainer -> PushImage:
...
status:
completionTimestamp: '2019-03-26T02:13:30Z'
config:
kind: BuildConfig
name: httpd
namespace: my-project
duration: 40000000000
output:
to:
imageDigest: 'sha256:5c1f20f20baaa796f4518d11ded13c6fac33e7a377774cfec77aa1e6e6a7cbb2'
outputDockerImageReference: 'docker-registry.default.svc:5000/my-project/httpd:latest'
phase: Complete
stages:
- durationMilliseconds: 3434
name: FetchInputs
startTime: '2019-03-26T02:12:56Z'
steps:
- durationMilliseconds: 3434
name: FetchGitSource
startTime: '2019-03-26T02:12:56Z'
- durationMilliseconds: 2127
name: CommitContainer
startTime: '2019-03-26T02:13:11Z'
steps:
- durationMilliseconds: 2127
name: CommitContainer
startTime: '2019-03-26T02:13:11Z'
- durationMilliseconds: 3426
name: Assemble
startTime: '2019-03-26T02:13:10Z'
steps:
- durationMilliseconds: 3426
name: AssembleBuildScripts
startTime: '2019-03-26T02:13:10Z'
- durationMilliseconds: 16143
name: PushImage
startTime: '2019-03-26T02:13:14Z'
steps:
- durationMilliseconds: 16143
name: PushImage
startTime: '2019-03-26T02:13:14Z'
startTimestamp: '2019-03-26T02:12:50Z'Image變化時會自動重新Build,當然也可以手動Build。
...
triggeredBy:
- imageChangeBuild:
fromRef:
kind: ImageStreamTag
name: 'httpd:2.4'
namespace: openshift
imageID: >-
docker-registry.default.svc:5000/openshift/httpd@sha256:4b6ea8da8647328a17e0ce5b763fafd195bb0c72df88d7aeb3708f36491c10e4
message: Image change
...- Deployment 部署App Image,包含三種對象:DeploymentConfig、ReplicationController、Pod。
DeploymentConfig描述部署策略、template、trigger等,ReplicationController描述複製相關信息。
進入Deployments -> httpd -> #1,編輯Replicas或調節pods數可以增刪pod:
App Image變化時會自動重新Deploy,也可以手動Deploy。
- ImageStream 引用Docker Image的OpenShift抽象,image stream和tag定義了和docker image的映射關係。Build成功後會自動創建ImageStream。
apiVersion: image.openshift.io/v1
kind: ImageStream
metadata:
annotations:
openshift.io/generated-by: OpenShiftWebConsole
creationTimestamp: '2019-03-26T02:12:50Z'
generation: 1
labels:
app: httpd
name: httpd
namespace: my-project
resourceVersion: '3004571'
selfLink: /apis/image.openshift.io/v1/namespaces/my-project/imagestreams/httpd
uid: a81b14bf-4f6c-11e9-9a7d-02fa2ffc40e6
spec:
lookupPolicy:
local: false
status:
dockerImageRepository: 'docker-registry.default.svc:5000/my-project/httpd'
tags:
- items:
- created: '2019-03-26T02:13:30Z'
dockerImageReference: >-
docker-registry.default.svc:5000/my-project/httpd@sha256:5c1f20f20baaa796f4518d11ded13c6fac33e7a377774cfec77aa1e6e6a7cbb2
generation: 1
image: >-
sha256:5c1f20f20baaa796f4518d11ded13c6fac33e7a377774cfec77aa1e6e6a7cbb2
tag: latest部署成功後,測試訪問Apache Server(Route定義的Hostname),頁面如下:
Template
瞭解了以上過程和術語就很容易理解httpd-example template了,其定義了整體的部署流程並實現了參數化,包含以下部分:Service、Route、ImageStream、BuildConfig、DeploymentConfig、parameters。您可以自己部署測試,此處不再贅述。
oc new-app
繼續之前,先將以前創建的測試project刪除或新建一個project。
$ oc delete project my-project
$ oc new-project my-project在Service Catalog一節我們提到了創建應用的三種方式:template、builder image(image+source)、image,對應的命令如下:
$ oc new-app httpd-example -p APPLICATION_DOMAIN=httpd-example.apps.itrunner.org
$ oc new-app openshift/httpd:2.4~https://github.com/openshift/httpd-ex.git --name=httpd-ex
$ oc new-app my-project/httpd-ex --name=httpd說明:
- image+source的語法爲[image]~[source]
- 第三種方式使用的image爲第二種方式中生成的
- 後面兩種方式不會自動創建Route,需要手工創建:
$ oc expose service httpd-ex --name httpd-ex --hostname=httpd-ex.apps.itrunner.org
$ oc expose service httpd --name httpd --hostname=httpd.apps.itrunner.org使用oc命令還可以直接從source code創建應用,可以使用本地或遠程source code:
$ oc new-app /path/to/source/code
$ oc new-app https://github.com/sclorg/cakephp-ex可以指定子目錄:
$ oc new-app https://github.com/sclorg/s2i-ruby-container.git --context-dir=2.0/test/puma-test-app可以指定branch:
$ oc new-app https://github.com/openshift/ruby-hello-world.git#beta4OpenShift自動檢測代碼中是否含有Docker、Pipeline
再談Route
$ oc create route edge http-ex -n my-project --hostname http-ex.apps.iata-asd.org --service httpd-ex待續
S2I
待續