初识OpenShift部署
Service Catalog
OpenShift初始安装中含有一些样例APP供大家学习使用。其中有Apache HTTP Server和Apache HTTP Server(httpd),这两者有什么区别?分别点击进入可以发现:
Apache HTTP Server使用template(template名字为httpd-example)部署方式。
Apache HTTP Server(httpd)使用builder image(image stream名字为httpd)部署方式。
Service Catalog样例使用了template和builder image(image+source)两种部署方式。
查看template和image stream
- 使用Application Console,进入openshift项目
查看template,点击Resources -> Other Resources -> Template:
查看Image Stream,点击Builds -> Images:
- 使用oc命令
查看所有template和image stream:
$ oc new-app --list单独查看template或image stream:
$ oc get templates -n openshift
$ oc get imagestreams -n openshift查看httpd-example template详细信息:
$ oc describe template httpd-example -n openshift查看httpd image stream详细信息:
$ oc describe imagestream httpd -n openshift查看httpd-example template的YAML定义:
$ oc new-app --search --template=httpd-example --output=yaml从所有template、image stream、docker image中查找"httpd":
$ oc new-app --search httpd其他部署方式
在Service Catalog中,除从Catalog直接选择Item外,还提供了其他三种方式:
Deploy Image可以直接从image或image stream部署应用:
Import YAML / JSON 用来从YAML或JSON创建资源,比如image stream、template:
Select from Project 从指定的Project中选择template来部署应用:
部署Apache HTTP Server
Apache HTTP Server的两种部署方式本质上是相同的,都是使用S2I(Source-to-Image)构建的Docker镜像来部署应用。Source均使用Apache HTTP Server (httpd) S2I Sample Application,Docker基础镜像(builder image)均使用Apache HTTP Server Container Image。
以下是httpd-example template中BuildConfig部分的定义:
- apiVersion: v1
kind: BuildConfig
metadata:
annotations:
description: Defines how to build the application
template.alpha.openshift.io/wait-for-ready: 'true'
name: '${NAME}'
spec:
output:
to:
kind: ImageStreamTag
name: '${NAME}:latest'
source:
contextDir: '${CONTEXT_DIR}'
git:
ref: '${SOURCE_REPOSITORY_REF}'
uri: '${SOURCE_REPOSITORY_URL}'
type: Git
strategy:
sourceStrategy:
from:
kind: ImageStreamTag
name: 'httpd:2.4'
namespace: '${NAMESPACE}'
type: Source
triggers:
- type: ImageChange
- type: ConfigChange
- github:
secret: '${GITHUB_WEBHOOK_SECRET}'
type: GitHub
- generic:
secret: '${GENERIC_WEBHOOK_SECRET}'
type: Generic参数定义及默认值:
parameters:
- description: The name assigned to all of the frontend objects defined in this template.
displayName: Name
name: NAME
required: true
value: httpd-example
- description: The OpenShift Namespace where the ImageStream resides.
displayName: Namespace
name: NAMESPACE
required: true
value: openshift
- description: Maximum amount of memory the container can use.
displayName: Memory Limit
name: MEMORY_LIMIT
required: true
value: 512Mi
- description: The URL of the repository with your application source code.
displayName: Git Repository URL
name: SOURCE_REPOSITORY_URL
required: true
value: 'https://github.com/openshift/httpd-ex.git'
- description: >-
Set this to a branch name, tag or other ref of your repository if you are
not using the default branch.
displayName: Git Reference
name: SOURCE_REPOSITORY_REF
- description: >-
Set this to the relative path to your project if it is not in the root of
your repository.
displayName: Context Directory
name: CONTEXT_DIR
- description: >-
The exposed hostname that will route to the httpd service, if left blank a
value will be defaulted.
displayName: Application Hostname
name: APPLICATION_DOMAIN
...Builder Image
我们先使用builder image方式部署Apache,来了解一下部署的整体流程:
在Application Console查看项目的Applications和Builds,可以发现部署过程中会自动创建Service、Route、Build、Deployment,创建ImageStream、Pod,其中会创建3个pod:httpd-1-build、http-1-deploy、httpd-1-xxxxx,在部署完毕后http-1-deploy会自动删除。
下面先解释一下基本概念。
- Service (Kubernetes Service)内部load balancer
apiVersion: v1
kind: Service
metadata:
annotations:
openshift.io/generated-by: OpenShiftWebConsole
creationTimestamp: '2019-03-26T02:12:50Z'
labels:
app: httpd
name: httpd
namespace: my-project
resourceVersion: '3004428'
selfLink: /api/v1/namespaces/my-project/services/httpd
uid: a81c759f-4f6c-11e9-9a7d-02fa2ffc40e6
spec:
clusterIP: 172.30.225.159
ports:
- name: 8080-tcp
port: 8080
protocol: TCP
targetPort: 8080
selector:
deploymentconfig: httpd
sessionAffinity: None
type: ClusterIP
status:
loadBalancer: {}其中,clusterIP用于OKD内部网络访问Service,selector定义了查找container(pod)进行负载均衡的标签。
- Route 定义一个host name来公开Service,以便外部客户可以访问Service,默认host name为:[app-name]-[project-name].[openshift_master_default_subdomain]。
- Build 执行S2I(本例),即从builder image和Source Code来构建App Image
查看Builds -> httpd -> #1 的YAML文本,可以了解Build流程为FetchInputs -> Assemble -> CommitContainer -> PushImage:
...
status:
completionTimestamp: '2019-03-26T02:13:30Z'
config:
kind: BuildConfig
name: httpd
namespace: my-project
duration: 40000000000
output:
to:
imageDigest: 'sha256:5c1f20f20baaa796f4518d11ded13c6fac33e7a377774cfec77aa1e6e6a7cbb2'
outputDockerImageReference: 'docker-registry.default.svc:5000/my-project/httpd:latest'
phase: Complete
stages:
- durationMilliseconds: 3434
name: FetchInputs
startTime: '2019-03-26T02:12:56Z'
steps:
- durationMilliseconds: 3434
name: FetchGitSource
startTime: '2019-03-26T02:12:56Z'
- durationMilliseconds: 2127
name: CommitContainer
startTime: '2019-03-26T02:13:11Z'
steps:
- durationMilliseconds: 2127
name: CommitContainer
startTime: '2019-03-26T02:13:11Z'
- durationMilliseconds: 3426
name: Assemble
startTime: '2019-03-26T02:13:10Z'
steps:
- durationMilliseconds: 3426
name: AssembleBuildScripts
startTime: '2019-03-26T02:13:10Z'
- durationMilliseconds: 16143
name: PushImage
startTime: '2019-03-26T02:13:14Z'
steps:
- durationMilliseconds: 16143
name: PushImage
startTime: '2019-03-26T02:13:14Z'
startTimestamp: '2019-03-26T02:12:50Z'Image变化时会自动重新Build,当然也可以手动Build。
...
triggeredBy:
- imageChangeBuild:
fromRef:
kind: ImageStreamTag
name: 'httpd:2.4'
namespace: openshift
imageID: >-
docker-registry.default.svc:5000/openshift/httpd@sha256:4b6ea8da8647328a17e0ce5b763fafd195bb0c72df88d7aeb3708f36491c10e4
message: Image change
...- Deployment 部署App Image,包含三种对象:DeploymentConfig、ReplicationController、Pod。
DeploymentConfig描述部署策略、template、trigger等,ReplicationController描述复制相关信息。
进入Deployments -> httpd -> #1,编辑Replicas或调节pods数可以增删pod:
App Image变化时会自动重新Deploy,也可以手动Deploy。
- ImageStream 引用Docker Image的OpenShift抽象,image stream和tag定义了和docker image的映射关系。Build成功后会自动创建ImageStream。
apiVersion: image.openshift.io/v1
kind: ImageStream
metadata:
annotations:
openshift.io/generated-by: OpenShiftWebConsole
creationTimestamp: '2019-03-26T02:12:50Z'
generation: 1
labels:
app: httpd
name: httpd
namespace: my-project
resourceVersion: '3004571'
selfLink: /apis/image.openshift.io/v1/namespaces/my-project/imagestreams/httpd
uid: a81b14bf-4f6c-11e9-9a7d-02fa2ffc40e6
spec:
lookupPolicy:
local: false
status:
dockerImageRepository: 'docker-registry.default.svc:5000/my-project/httpd'
tags:
- items:
- created: '2019-03-26T02:13:30Z'
dockerImageReference: >-
docker-registry.default.svc:5000/my-project/httpd@sha256:5c1f20f20baaa796f4518d11ded13c6fac33e7a377774cfec77aa1e6e6a7cbb2
generation: 1
image: >-
sha256:5c1f20f20baaa796f4518d11ded13c6fac33e7a377774cfec77aa1e6e6a7cbb2
tag: latest部署成功后,测试访问Apache Server(Route定义的Hostname),页面如下:
Template
了解了以上过程和术语就很容易理解httpd-example template了,其定义了整体的部署流程并实现了参数化,包含以下部分:Service、Route、ImageStream、BuildConfig、DeploymentConfig、parameters。您可以自己部署测试,此处不再赘述。
oc new-app
继续之前,先将以前创建的测试project删除或新建一个project。
$ oc delete project my-project
$ oc new-project my-project在Service Catalog一节我们提到了创建应用的三种方式:template、builder image(image+source)、image,对应的命令如下:
$ oc new-app httpd-example -p APPLICATION_DOMAIN=httpd-example.apps.itrunner.org
$ oc new-app openshift/httpd:2.4~https://github.com/openshift/httpd-ex.git --name=httpd-ex
$ oc new-app my-project/httpd-ex --name=httpd说明:
- image+source的语法为[image]~[source]
- 第三种方式使用的image为第二种方式中生成的
- 后面两种方式不会自动创建Route,需要手工创建:
$ oc expose service httpd-ex --name httpd-ex --hostname=httpd-ex.apps.itrunner.org
$ oc expose service httpd --name httpd --hostname=httpd.apps.itrunner.org使用oc命令还可以直接从source code创建应用,可以使用本地或远程source code:
$ oc new-app /path/to/source/code
$ oc new-app https://github.com/sclorg/cakephp-ex可以指定子目录:
$ oc new-app https://github.com/sclorg/s2i-ruby-container.git --context-dir=2.0/test/puma-test-app可以指定branch:
$ oc new-app https://github.com/openshift/ruby-hello-world.git#beta4OpenShift自动检测代码中是否含有Docker、Pipeline
再谈Route
$ oc create route edge http-ex -n my-project --hostname http-ex.apps.iata-asd.org --service httpd-ex待续
S2I
待续