共计 2907 个字符,预计需要花费 8 分钟才能阅读完成。
前言
最近忙的要死, 👻👻👻. 上一周来了一次比 996 更猛的 907. 这周二终于有点遭不住了, 调休一天, 略微休憩一下.
同时手痒的不行, 把筹备了良久的重磅文章发上来哈哈. 😆😆😆
不过工夫还是有点仓促, 所以这次就先开个头, 前面有工夫再细化.
容器化利用零碎上生产的最佳实际
- 查看镜像、容器是否是用
root启动以及配置其余特权. 如无必要, 一律应用普通用户. - 查看镜像
LANG配置:LANG = en_US.UTF-8. 目标: 防止生产呈现 乱码等问题 - 查看镜像时区配置:
TZ=Asia/Shanghai目标: 防止生产呈现时区不统一的问题 - 配置内部化. 内部化伎俩有多种:
- 同一个镜像, 从测试流转到生产. 给镜像打
${version}或${gitCommitId}这一类的标签. 目标: 通过版本号或 commit id, 保障正确地的版本流转到生产 - 探讨每个组件的
- 日志输入优化:
- (可选) 依据须要, 装置 redis/kafka/rabbitmq 集群(并配置 exporter 监控)
- 微服务参数优化:
- 制作 DEV, TEST, UAT, Pre-PROD, PROD 的 DevOps pipeline.
- 配置 Readiness 和 Liveness 探针.
- 减少 JMX-exporter 监控和 Tracing 监控.
- NGINX conf 倡议减少:
worker_processes 1;而后按需调节正本数. - (可选)配置 PDB, 指定降级或重启过程中:
maxUnavailable或minAvailable(特地实用于: 有状态利用. 典型如: redis, kafka, zookeeper 等) - 配置反亲和性
podAntiAffinity. 保障同一组微服务 / 利用 / 组件尽可能打散在不同 node 上.
5-6 操作步骤:
nodeSelector:
zone: internet11 步示例如下:
livenessProbe:
tcpSocket:
port: 8080
initialDelaySeconds: 60
readinessProbe:
httpGet:
path: /myapp/services/
port: 8080
scheme: HTTP
initialDelaySeconds: 6014 步示例如下: (留神关键词: maxUnavailable 和 minAvailable)
kind: PodDisruptionBudget
apiVersion: policy/v1beta1
metadata:
name: kafka-prod-kafka
labels:
app.kubernetes.io/instance: kafka-prod
app.kubernetes.io/managed-by: strimzi-cluster-operator
app.kubernetes.io/name: strimzi
strimzi.io/cluster: kafka-prod
strimzi.io/kind: Kafka
strimzi.io/name: kafka-prod-kafka
spec:
selector:
matchLabels:
strimzi.io/cluster: kafka-prod
strimzi.io/kind: Kafka
strimzi.io/name: kafka-prod-kafka
maxUnavailable: 1kind: PodDisruptionBudget
apiVersion: policy/v1beta1
metadata:
name: redis-cluster-redis
namespace: myapp
labels:
app.kubernetes.io/component: redis
app.kubernetes.io/managed-by: redis-operator
app.kubernetes.io/name: redis
app.kubernetes.io/part-of: redis-cluster
redis.kun/v1beta1: myapp_redis
spec:
minAvailable: 2
selector:
matchLabels:
app.kubernetes.io/component: redis
app.kubernetes.io/managed-by: redis-operator
app.kubernetes.io/name: redis
app.kubernetes.io/part-of: redis-cluster
redis.kun/v1beta1: myapp_redis15 步骤示例如下: (留神关键词: podAntiAffinity)
kind: StatefulSet
apiVersion: apps/v1
metadata:
name: redis-cluster-redis
labels:
app.kubernetes.io/component: redis
app.kubernetes.io/managed-by: redis-operator
app.kubernetes.io/name: redis
app.kubernetes.io/part-of: redis-cluster
redis.kun/v1beta1: myapp_redis
spec:
replicas: 3
selector:
matchLabels:
app.kubernetes.io/component: redis
app.kubernetes.io/managed-by: redis-operator
app.kubernetes.io/name: redis
app.kubernetes.io/part-of: redis-cluster
redis.kun/v1beta1: myapp_redis
template:
metadata:
creationTimestamp: null
labels:
app.kubernetes.io/component: redis
app.kubernetes.io/managed-by: redis-operator
app.kubernetes.io/name: redis
app.kubernetes.io/part-of: redis-cluster
redis.kun/v1beta1: myapp_redis
spec:
containers:
<...>
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
podAffinityTerm:
labelSelector:
matchLabels:
app.kubernetes.io/component: redis
app.kubernetes.io/managed-by: redis-operator
app.kubernetes.io/name: redis
app.kubernetes.io/part-of: redis-cluster
redis.kun/v1beta1: myapp_redis
topologyKey: kubernetes.io/hostname
...完
🎉🎉🎉
本文由博客一文多发平台 OpenWrite 公布!
正文完