k8s使用ingress实现应用的灰度发布升级

v1是1.14.0版本nginx ,实操时候升级到v2是1.20.0版本nginx,来测试灰度发布实现过程

一、方案:使用ingress实现应用的灰度发布

1、服务端:正常版本v1,灰度升级版本v2

2、客户端:带有请求头version=v2标识的请求访问版本v2,其他的请求访问版本v1

3、待版本v2稳定后,所有请求切换至版本v2,停止版本v1(删除原deployment,service,ingress)

二、操作步骤

1、创建版本v1的deployment、service、ingress

nginx服务版本v1的deployment和service

nginx-v1.yml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-v1
spec:
  selector:
    matchLabels:
      app: nginx-v1
  replicas: 1
  template:
    metadata:
      labels:
        app: nginx-v1
    spec:
      containers:
      - name: nginx
        image: nginx:1.14.0
        ports:
        - containerPort: 80
        volumeMounts:
        - mountPath: /usr/share/nginx/html
          name: file
      volumes:
      - name: file
        hostPath:
          path: /data/nginx-v1
---
apiVersion: v1
kind: Service
metadata:
  name: nginx-v1-svc  
  labels:
    app: nginx-v1   
spec:
  type: ClusterIP  
  selector:
    app: nginx-v1
  ports:
  - port: 80
    targetPort: 80
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: nginx-v1
spec:
  ingressClassName: nginx
  rules:
  - host: test.nginx.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: nginx-v1-svc 
            port:
              number: 80

验证:apifox 调用test.nginx.com,当前所有请求都正常访问版本v1,即1.14版本nginx

2、创建版本v2的deployment、service、ingress

nginx服务版本v2的deployment、service

nginx-v2.yml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-v2
spec:
  selector:
    matchLabels:
      app: nginx-v2
  replicas: 1
  template:
    metadata:
      labels:
        app: nginx-v2
    spec:
      containers:
      - name: nginx
        image: nginx:1.20.0
        ports:
        - containerPort: 80
        volumeMounts:
        - mountPath: /usr/share/nginx/html
          name: file
      volumes:
      - name: file
        hostPath:
          path: /data/nginx-v2
---
apiVersion: v1
kind: Service
metadata:
  name: nginx-v2-svc  
  labels:
    app: nginx-v2   
spec:
  type: ClusterIP  
  selector:
    app: nginx-v2
  ports:
  - port: 80
    targetPort: 80
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: nginx-v2
  annotations:
    nginx.ingress.kubernetes.io/canary: "true"
    nginx.ingress.kubernetes.io/canary-by-header: "version"  #请求头key=version
    nginx.ingress.kubernetes.io/canary-by-header-value: "v2"  #请求头value=v2
spec:
  ingressClassName: nginx
  rules:
  - host: test.nginx.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: nginx-v2-svc 
            port:
              number: 80

nginx服务版本v2的ingress,匹配请求头version=2访问

验证:postman调用test.nginx.com,加了请求头version=v2的请求访问版本v2,即1.20版nginx,其他请求访问版本v1

三、方案:使用k8s 配置 RollingUpdate 滚动更新实现应用的灰度发布

spec:
  replicas: 1 #运行容器的副本数,修改这里可以快速修改分布式节点数量
  progressDeadlineSeconds: 600 #在Deployment 在进度卡住6分钟后报告
  minReadySeconds: 120 #Pod被认为是可用状态的最小秒数,然后加入nacos 可用。默认是0
  strategy:
    rollingUpdate:
      maxSurge: 1 #升级过程中激增Pod的最大数量
      maxUnavailable: 0 #升级过程中不可用Pod的最大数量
    type: RollingUpdate

apiVersion: v1
kind: Service
metadata:
  name: $IMG_NAME
  namespace: rz-dt
  labels:
    app: $IMG_NAME
spec:
  type: NodePort
  ports:
    - port: 8091
      nodePort: 31082 #service对外开放端口
  selector:
    app: $IMG_NAME
---
apiVersion: apps/v1
kind: Deployment #对象类型
metadata:
  name: $IMG_NAME #名称
  namespace: rz-dt
  labels:
    app: $IMG_NAME #标注
spec:
  replicas: 1 #运行容器的副本数,修改这里可以快速修改分布式节点数量
  progressDeadlineSeconds: 600 #在Deployment 在进度卡住6分钟后报告
  minReadySeconds: 120 #Pod被认为是可用状态的最小秒数,然后加入nacos 可用。默认是0
  strategy:
    rollingUpdate:
      maxSurge: 1 #升级过程中激增Pod的最大数量
      maxUnavailable: 0 #升级过程中不可用Pod的最大数量
    type: RollingUpdate
  selector:
    matchLabels:
      app: $IMG_NAME
  template:
    metadata:
      labels:
        app: $IMG_NAME
    spec:
      containers: #docker容器的配置
        - name: $IMG_NAME
          env:
            - name: aliyun_logs_catalina
              value: stdout
          image: rz-dt-image-server-registry-vpc.cn-shanghai.cr.aliyuncs.com/rz-dt/$IMG_NAME:$IMG_TAG # pull镜像的地址 ip:prot/dir/images:tag
          imagePullPolicy: Always #pull镜像时机,
          #command: ["java","-Dserver.port=8055","-jar","/usr/local/cenobitor/k8s-springboot-demo.jar"]
          ports:
            - containerPort: 8091 #容器对外开放端口,需与springboot配置文件一致
          volumeMounts:
            - name: time-config
              mountPath: /etc/localtime
              readOnly: true
            - name: volume-logs
              mountPath: /logs
              subPath: logs
          resources:
            limits:
              cpu: 500m
              memory: 1Gi
            requests:
              cpu: 10m
              memory: 50Mi
      #从私有仓库拉取镜像凭证
      imagePullSecrets:
        - name: rz-dt-miyue-vpc
      volumes:
        - name: time-config
          hostPath:
            path: /usr/share/zoneinfo/Asia/Shanghai
        - name: volume-logs
          persistentVolumeClaim:
            claimName: rz-dt-nas-volume-claim