k8s+rancher+阿里云镜像简单部署flask项目
- k8s简单部署一个flask项目示例,镜像从阿里镜像仓库拉取。首先搭建一个k8s集群,用kubeadm,二进制都可以。
1.示例项目准备
simpleweb
|—————Dockerfile# 镜像构建文件
|_____gunicorn.conf# gunicorn启动项目
|_____run.py# 项目代码
FROM python:3.6.8
ADD ./requirements.txt /requirements
RUN pip3 install -r requirements.txt -i http://mirrors.aliyun.com/pypi/simple --trusted-host mirrors.aliyun.com
ADD . /simpleweb
workers = 1
threads = 1
bind = "0.0.0.0:9005"
worker_connections = 1000
accesslog = "-"
errorlog = "-"
loglevel = "debug"
from flask import Flask
import os
app = Flask(__name__)
@app.route("/index/")
def index():
user = os.environ.get("USER")
password = os.environ.get("PASS")
return f"{user}_{password}"
@app.route("/version/")
def index():
env = os.environ.get("ENV")
version = os.environ.get("WEBVERSION")
return f"{env}_{version}"
2.镜像上传阿里镜像管理
docker build -t simpleweb:lastest .
docker login --username=xujunkai123 registry.cn-hangzhou.aliyuncs.com
# 然后输入密码
docker tag <Image Id> registry.cn-hangzhou.aliyuncs.com/webproject/simpleweb:lastest
# webproject 为镜像仓库创建命名空间,需要在阿里云镜像仓库创建
docker push registry.cn-hangzhou.aliyuncs.com/webproject/simpleweb:lastest
3.rancher添加阿里云镜像仓库凭证
- k8s在default 命名空间点击资源选择密文,镜像仓库凭证,添加凭证
1.填写名称
2.点击自定义
3.输入用户名密码
- 添加配置项:simpleweb-configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: simpleweb-configmap
data:
env: "dev"
webVersion: "v1"
- 添加要配置密码:simpleweb-secret.yaml
apiVersion: v1
kind: Secret
metadata:
name: db-user-pass
type: Opaque
data:
username: YWRtaW4=
password: MWYyZDFlMmU2N2Rm
# 注意Secret主要存储敏感数据,被base64加密
apiVersion: apps/v1
kind: Deployment# 采用deployment部署
metadata:
name: simpleweb
namespace: default# 默认命名空间
labels:
app: simpleweb
spec:
replicas: 1# 副本设置1个
selector:
matchLabels:
app: simpleweb
strategy:# 升级策略,这里副本是一个
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
type: RollingUpdate
template:
metadata:
labels:
app: simpleweb
spec:
containers:#容器相关配置
- args:# 启动命令
- gunicorn
- -c
- gunicorn.conf
- run:app
env:# 这里通过变量注入的方式配置相关参数,你也可以通过数据挂载的方式将配置挂载到容器指定目录下
- name: USER
valueFrom:
secretKeyRef:
name: db-user-pass
key: username
- name: PASS
valueFrom:
secretKeyRef:
name: db-user-pass
key: password
- name: ENV
valueFrom:
configMapKeyRef:
name: simpleweb-configmap
key: env
- name: WEBVERSION
valueFrom:
configMapKeyRef:
name: simpleweb-configmap
key: webVersion
image: registry.cn-hangzhou.aliyuncs.com/webproject/simpleweb:lastest# 镜像地址
imagePullPolicy: Always
name: simpleweb
ports:# 暴漏端口
- containerPort: 9005
name: 9005tcp01
protocol: TCP
workingDir: /simpleweb
imagePullSecrets:# 添加密钥凭据
- name: aliyun
restartPolicy: Always
terminationGracePeriodSeconds: 5
- 添加service暴漏应用:simplewebsvc.yaml
apiVersion: v1
kind: Service
metadata:
name: simplewebsvc
namespace: default
labels:
app: simplewebsvc
spec:
ports:
- name: 9005tcp01
port: 9005
protocol: TCP
targetPort: 9005# 容器端口
selector:
app: simpleweb# 指向pod
type: NodePort
kubectl create -f simpleweb-secret.yaml
kubectl create -f simpleweb-configmap.yaml
kubectl create -f simpleweb.yaml
kubectl create -f simplewebsvc.yaml
http://192.168.1.8:30566/index/
# 30566ß为暴漏随机端口