@zwei
2018-07-30T10:26:32.000000Z
字数 8817
阅读 1274
kubernetes
管理和存储线上云平台中的所有k8s 集群的服务
安装和检查,更新 k8s 基础服务和k8s 内部服务
存储 k8s 集群的插件yaml 文件 和 app-agent 的插件demon
$ git clone http://newgit.op.ksyun.com/openstack/appengine.git
$ cd $GOPATH/src/appengine
$ make all
$ git clone http://newgit.op.ksyun.com/openstack/appengine.git
$ cd appengine
$ make all
$ docker build -t hub.kce.ksyun.com/ksyun/appengine:v1.0.1 .
title = "Appengine configurations"
[server]
port = ":80" #web服务开启端口
[database]
type = "mysql"
connection = "appengine:UPLGAu4p6r9NVKzH@tcp(172.31.21.7:3306)/appengine?charset=utf8&parseTime=True&loc=Local" # mysql db 连接地址
[ca]
cadir = "/opt/ca" # k8s 集群的config file 保存地址
[neutron]
proxy = true # 是否开启neutron 代理
remotehost = "tjwqone.neutron.sdns.ksyun.com" # 代理目标地址
remoteport = "9696" # 代理目标端口
localport = "9696" # 代理本地端口
$ mkdir -p /opt/src/github.com/ksyun
$ cd /opt/src/github.com/ksyun
$ git clone http://newgit.op.ksyun.com/openstack/app-agent-go.git
$ mv app-agent-go app-agent
$ cd app-agent
$ export GOPATH=/opt/
$ go build --ldflags '-extldflags "-static"' -o /opt/src/github.com/ksyun/app-agent/cmd/appctl/appctl /opt/src/github.com/ksyun/app-agent/cmd/appctl/appctl.go
$ go build --ldflags '-extldflags "-static"' -o /opt/src/github.com/ksyun/app-agent/cmd/app-plugin/demon/demon /opt/src/github.com/ksyun/app-agent/cmd/app-plugin/demon/demon.go
$ go build --ldflags '-extldflags "-static"' -o /opt/src/github.com/ksyun/app-agent/cmd/app-plugin/plugins/plugins /opt/src/github.com/ksyun/app-agent/cmd/app-plugin/plugins/plugins.go
$ mkdir -p /opt/src/github.com/ksyun
$ cd /opt/src/github.com/ksyun
$ git clone http://newgit.op.ksyun.com/openstack/app-agent-go.git
$ mv app-agent-go app-agent
$ export GOPATH=/opt/
$ cd app-agent
$ ./build.sh
$ appctl --help
The appctl is appengine service client and update node info to server.
Usage:
appctl [flags]
Flags:
--address string The IP address for the app-agent to serve on (set to 0.0.0.0 for all interfaces) (default "127.0.0.1")
--alsologtostderr log to standard error as well as files
--appctlconfig string app-agent config file. (default "/etc/appctl/appctl.conf")
--arrangement string openstack node arrangement file default /opt/app-agent/arrangement/clusterinfo (default "/opt/app-agent/arrangement/clusterinfo")
--enable-server Enable the app-agent's server
--endpoint string appengine server url. (default set http://appengine.sdns.ksyun.com:80). (default "http://appengine.sdns.ksyun.com:80")
--healthz-bind-address string The IP address for the healthz server to serve on. (set to 0.0.0.0 for all interfaces) (default "127.0.0.1")
--healthz-port int32 The port of the localhost healthz endpoint (set to 0 to disable) (default 1321)
-h, --help help for appctl
--hostname-override string If non-empty, will use this string as identification instead of the actual hostname.
--iface iface interface to use (IP or name) for inter-host communication. Can be specified multiple times to check each option in order. Returns the first match found. (default [])
--iface-regex iface regex expression to match the first interface to use (IP or name) for inter-host communication. Can be specified multiple times to check each regex in order. Returns the first match found. Regexes are checked after specific interfaces specified by the iface option have already been checked. (default [])
--log-backtrace-at traceLocation when logging hits line file:N, emit a stack trace (default :0)
--log-dir string If non-empty, write log files in this directory
--log-flush-frequency duration Maximum number of seconds between log flushes (default 5s)
--logtostderr log to standard error instead of files (default true)
--node-ip string IP address of the node. If set, app-agent will use this IP address for the node
--plugin-config-file string The app plugin bin config file (set /etc/app-agent/plugin/config) (default "/etc/appctl/plugin/config")
--plugin-dir string The app plugin bin dir. (set /opt/app-agent/plugin/bin) (default "/opt/app-agent/plugin/bin")
--port int32 The port for the app-agent to serve on. (default 1322)
--rootdir string app-agent server root dir. (default "/opt/app-agent")
--rpm-endpoint string The IP address rpm server (set default http://rpm.kce.sdns.ksyun.com:80) (default "http://rpm.kce.sdns.ksyun.com:80")
--stderrthreshold severity logs at or above this threshold go to stderr (default 2)
--templatedir string app-agent cluster ca file default /opt/app-agent/tempalte. (default "/opt/app-agent/template")
--tls-cert-file string File containing x509 Certificate used for serving HTTPS (with intermediate certs, if any, concatenated after server cert). If --tls-cert-file and --tls-private-key-file are not provided, a self-signed certificate and key are generated for the public address and saved to the directory passed to --cert-dir.
--tls-private-key-file string File containing x509 private key matching --tls-cert-file.
-v, --v Level log level for V logs
--version version[=true] Print version information and quit
--vmodule moduleSpec comma-separated list of pattern=N settings for file-filtered logging
$ 主要选选项 appctl --endpoint http://192.168.122.1:80 --rpm-endpoint http://192.168.122.2:80
$ --endpoint 为 appengine 服务地址
$ --rpm-endpoint 为rpm nginx服务地址
$ docker run -d --name nginx --restart=always --net=host -v /data/app-agent-go/template:/usr/share/nginx/html:ro -v /data/nginx/nginx.conf:/etc/nginx/nginx.conf:ro hub.kce.ksyun.com/ksyun/nginx
binary/ # 存放demon,plugins 插件地址
centos/ # 存放centos 7.3 的docker, kubelet rpm包 yum 源
rpm/ # 存放docker, kubelet 服务的配置文件和启动文件
test/ # 测试环境相关的文件和配置文件,插件
yaml/ # 存放k8s 服务中yaml地址
version # rpmservice 服务版本信息
├── binary
│ ├── appctl
│ ├── demon
│ └── plugins
├── centos
│ └── 7
│ ├── RPM-GPG-KEY-CENTOS-7
│ └── x86_64
├── rpm
│ ├── 7
│ │ ├── docker
│ │ ├── k8s.repo
│ │ └── kubelet
│ ├── appctl-v1.8.3-ksyun.x86_64.rpm
│ ├── docker-ce-17.09.0-ksyun.x86_64.rpm
│ ├── etcdctl-3.2.5-01.ksyun.x86_64.rpm
│ └── kubelet-v1.8.3-ksyun.x86_64.rpm
├── test
│ ├── appengine.toml
│ ├── app.sh
│ ├── demon
│ ├── nginx.conf
│ ├── nginx.yaml
│ └── service.yaml
├── version
└── yaml
├── dns
│ └── kube-dns.yaml
├── heapster
│ └── heapster.yaml
├── ingress
│ └── traefik.yaml
├── kube
│ ├── canal-flanneld.yaml
│ ├── etcd.yaml
│ ├── kube-apiserver.yaml
│ ├── kube-controller-manager.yaml
│ ├── kube-proxy.yaml
│ └── kube-scheduler.yaml
├── system-monitor
│ └── system-monitor.yaml
└── volume
└── flexvolume.yaml
$ git clone http://newgit.op.ksyun.com/openstack/app-agent-go.git
$ cd app-agent-go/template/yaml
$ ssh root@10.69.59.238
$ cd /data/app-agent-go/template/yaml
curl -X POST \
http://10.97.2.74/d9b78b541c2c4878af4041b1a90b9ee3/plugins \
-H 'cache-control: no-cache' \
-H 'content-type: application/json' \
-H 'postman-token: 694756ca-855a-8d70-c7d9-86d466f91eff' \
-H 'x-auth-token: d9b78b541c2c4878af4041b1a90b9ee2:d9b78b541c2c4878af4041b1a90b9ee3' \
-d '{"name": "demon", "version": "v1.0.1", "location": "http://1.1.1.1/demon"}'
调用appengine api 接口实现 组件更新
operate 可用参数介绍
- update: 设置为true, 表示滚动更新服务的image (kubectl set image, 适合于k8s集群非断服务不需要修改yaml文件)
- reset: 设置为true, 表示删除服务后,在执行创建 (kubectl delete -f xx.yaml && kubectl create -f xx.yaml)
- delete: 设置为true, 表示创建为yaml 后, 在把yaml 文件删除掉(适合用于image 中只是copy文件和测试,如flexvolume)
# 更新k8s 集群服务或资源
curl -X PUT \
http://10.97.2.74/d9b78b541c2c4878af4041b1a90b9ee3/plugins/c10e70ae-4aef-420b-81c7-52b181a6ddda \
-H 'cache-control: no-cache' \
-H 'content-type: application/json' \
-H 'postman-token: 4851a99a-4669-db49-4c89-838f1af7680b' \
-H 'x-auth-token: d9b78b541c2c4878af4041b1a90b9ee2:d9b78b541c2c4878af4041b1a90b9ee3' \
-d '{"version": "v1.0.2", "location": "http://1.1.1.1/demon", "operate": "{\"update\":true}"}'
# 重置 k8s 集群中的服务或资源
curl -X PUT \
http://10.97.2.74/d9b78b541c2c4878af4041b1a90b9ee3/plugins/c10e70ae-4aef-420b-81c7-52b181a6ddda \
-H 'cache-control: no-cache' \
-H 'content-type: application/json' \
-H 'postman-token: 4851a99a-4669-db49-4c89-838f1af7680b' \
-H 'x-auth-token: d9b78b541c2c4878af4041b1a90b9ee2:d9b78b541c2c4878af4041b1a90b9ee3' \
-d '{"version": "v1.0.2", "location": "http://1.1.1.1/demon", "operate": "{\"reset\":true}"}'
# 创建完并删除 k8s 集群中的服务或资源
curl -X PUT \
http://10.97.2.74/d9b78b541c2c4878af4041b1a90b9ee3/plugins/c10e70ae-4aef-420b-81c7-52b181a6ddda \
-H 'cache-control: no-cache' \
-H 'content-type: application/json' \
-H 'postman-token: 4851a99a-4669-db49-4c89-838f1af7680b' \
-H 'x-auth-token: d9b78b541c2c4878af4041b1a90b9ee2:d9b78b541c2c4878af4041b1a90b9ee3' \
-d '{"version": "v1.0.2", "location": "http://1.1.1.1/demon", "operate": "{\"delete\":true}"}'
去掉现有集群中的内部服务
curl -X DELETE \
http://10.97.2.74/d9b78b541c2c4878af4041b1a90b9ee3/plugins/48f98098-31ac-485e-a1ef-1323962522e9 \
-H 'cache-control: no-cache' \
-H 'content-type: application/json' \
-H 'postman-token: 27e541fc-c41d-434d-7d86-60c1be141a7d' \
-H 'x-auth-token: d9b78b541c2c4878af4041b1a90b9ee2:d9b78b541c2c4878af4041b1a90b9ee3'