One 、spinnaker summary

1、spinnaker yes netflix An open source cloud release CI/CD, Its predecessor is Asgard,spinnaker Support various deployment targets , Include OpenStack、DC/OS、Kubernetes and Cloud Foundry etc. .

2、 Function Overview
& By being flexible and configurable Pipelines, Achieve repeatable Automated Deployment ;
& Provide a global view of all environments , You can always see where the application is deployed Pipeline The state of ;
& Through consistent and reliable API , Provide programmable configuration ;
& Easy to configure 、 Maintenance and expansion ;
& With operational scalability ;
& compatible Asgard characteristic , Original users don't need to migrate .

3、 Component Overview


& Deck: User oriented UI Interface components , Provides an intuitive introduction to the operation interface , Visual operation release deployment process .
& API: Call oriented API Components , We don't have to use the UI, Call directly API operation , It helps us to perform publishing and other tasks in the background .
& Gate: yes API The gateway component of , It can be understood as agent , All requests are forwarded by their agents .
& Rosco: Is build beta Mirrored components , Need configuration Packer Components use .
& Orca: It's the core process engine component , Used to manage processes .
& Igor: It's used to integrate other things CI System components , Such as Jenkins Wait for a component .
& Echo: Is the notification system component , Send email and other information .
& Front50: It's a storage management component , Need configuration Redis、Cassandra And so on .
& Cloud driver It's a component that adapts to different cloud platforms , such as Kubernetes,Google、AWS EC2、Microsoft Azure etc. .
& Fiat Is the component of authentication , Configure rights management , Support OAuth、SAML、LDAP、GitHub teams、Azure groups、 Google Groups etc. .

Two 、 Deploy

1、 Deploy the system

ubuntu   4 nucleus 8G      System version :16.04 tls

2、 install docker

Choose the right version ,k8s The version used is docker-ce_17.06.

download docker:
   https://download.docker.com/linux/ubuntu/dists/xenial/pool/test/amd64/

install docker:

# dpkg -i /data/docker-ce_17.06.2~ce-0~ubuntu-xenial_amd64.deb

To configure dockerFQ:
Configure your own shadowsocks+privoxy, Refer to my blog :https://www.cnblogs.com/cuishuai/p/8463458.html

# mkdir /etc/systemd/system/docker.service.d/
# cd /etc/systemd/system/docker.service.d/
# cat http-proxy.conf
[Service]
Environment="HTTP_PROXY=http://10.10.23.4:8118" "NO_PROXY=localhost,127.0.0.1,0.0.0.0,10.10.29.3,10.10.25.29,172.11.0.0,172.10.0.0,172.11.0.0/16,172.10.0.0/16,10.,172.,10.10.23.4,10.96.0.0/12,10.244.0.0/16"

# systemctl daemon-reload
# systemctl restart docker

3、 Use kubeadm install k8s

by ubuntu System switching , The domestic environment is not good FQ Can't download , So we need to change the source .

# cat <<EOF > /etc/apt/sources.list.d/kubernetes.list
deb http://mirrors.ustc.edu.cn/kubernetes/apt kubernetes-xenial main
EOF

# apt-get  update

# apt-get install  kubeadm  kubectl  kubelet  ipvsadm

The latest version installed by default , I installed 1.11.2.

You can download the required image in advance :

k8s.gcr.io/kube-proxy-amd64:v1.11.2

k8s.gcr.io/kube-controller-manager-amd64:v1.11.2

k8s.gcr.io/kube-apiserver-amd64:v1.11.2

k8s.gcr.io/kube-scheduler-amd64:v1.11.2

k8s.gcr.io/coredns:1.1.3

k8s.gcr.io/etcd-amd64:3.2.18

k8s.gcr.io/pause:3.1

quay.io/coreos/flannel:v0.10.0-amd64

If it's already configured FQ, You can directly perform the following initialization steps .

initialization k8s:

# kubeadm init --kubernetes-version v1.11.2 --token-ttl 0 \

--pod-network-cidr 10.244.0.0/16

Follow the prompts to complete the initialization operation , Then set the master Sure deploy.

# kubectl taint nodes --all node-role.kubernetes.io/master-

As shown in the figure above, it means normal startup .

4、 establish Account and NFS Dynamic storage

First, build a NFS service , Please refer to my other blog for the specific construction process :https://www.cnblogs.com/cuishuai/p/7798154.html

Install the client on the current system :

# apt install nfs-kernel-server

Set the hanging point :

# mount -t nfs  10.10.29.4:/data/opv  /data/opv -o proto=tcp -o nolock

##10.10.29.4:/data/opv Of /data/opv yes nfs Shared directory for service ,  hinder /data/opv It's the hanging point of this machine .

1) establish account be used for helm Deployment Services

## establish tiller user , be used for helm Installation authorization
# cat rbac.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
   name: tiller
   namespace: default
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
   name: tiller
roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
   name: cluster-admin
subjects:
   - kind: ServiceAccount
     name: tiller
     namespace: default

# kubectl  create -f  rbac.yaml

## establish default user , be used for spinnaker Installation authorization
# cat default-rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
   name: default
roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
   name: cluster-admin
subjects:
   - kind: ServiceAccount
     name: default
     namespace: default

# kubectl  create -f  default-rbac.yaml

2) establish NFS Dynamic storage

! Create user authorization

# cat serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
   name: nfs-provisioner

# cat clusterrole.yaml
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
   name: nfs-provisioner-runner
rules:
   - apiGroups: [""]
      resources: ["persistentvolumes"]
      verbs: ["get", "list", "watch", "create", "delete"]
   - apiGroups: [""]
      resources: ["persistentvolumeclaims"]
      verbs: ["get", "list", "watch", "update"]
   - apiGroups: ["storage.k8s.io"]
      resources: ["storageclasses"]
      verbs: ["get", "list", "watch"]
   - apiGroups: [""]
      resources: ["events"]
      verbs: ["watch", "create", "update", "patch"]
   - apiGroups: [""]
      resources: ["services", "endpoints"]
      verbs: ["get"]
   - apiGroups: ["extensions"]
      resources: ["podsecuritypolicies"]
      resourceNames: ["nfs-provisioner"]
      verbs: ["use"]

# cat clusterrolebinding.yaml
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
   name: run-nfs-provisioner
subjects:
   - kind: ServiceAccount
     name: nfs-provisioner
     namespace: default
roleRef:
   kind: ClusterRole
   name: nfs-provisioner-runner
   apiGroup: rbac.authorization.k8s.io

# kubectl create -f serviceaccount.yaml -f clusterrole.yaml -f clusterrolebinding.yaml

! establish deployment

# cat deployment.yaml
kind: Deployment
apiVersion: extensions/v1beta1
metadata:
   name: nfs-client-provisioner
spec:
   replicas: 1
   strategy:
   type: Recreate
   template:
      metadata:
         labels:
            app: nfs-client-provisioner
      spec:
         serviceAccount: nfs-provisioner
         containers:
            - name: nfs-client-provisioner
               image: registry.cn-hangzhou.aliyuncs.com/open-ali/nfs-client-provisioner
               volumeMounts:
                  - name: nfs-client-root
mountPath: /persistentvolumes
   env:
      - name: PROVISIONER_NAME
         value: fuseim.pri/ifs
      - name: NFS_SERVER
         value: 10.10.29.4
      - name: NFS_PATH
         value: /data/opv
   volumes:
      - name: nfs-client-root
         nfs:
            server: 10.10.29.4
            path: /data/opv

! establish storageclass

# cat storageclass.yaml
apiVersion: storage.k8s.io/v1beta1
kind: StorageClass
metadata:
   name: managed-nfs-storage
provisioner: fuseim.pri/ifs

# kubectl create -f deployment.yaml -f storageclass.yaml

5、 install helm

Download the corresponding binary installation package

https://github.com/helm/helm/releases

Unzip and add to the system path :

#  wget https://storage.googleapis.com/kubernetes-helm/helm-v2.10.0-linux-amd64.tar.gz

# tar xf helm-v2.10.0-linux-amd64.tar.gz

# cp helm  /usr/local/bin

initialization helm, install tiller

# helm init --upgrade --service-account tiller --tiller-namespace default -i registry.cn-hangzhou.aliyuncs.com/google_containers/tiller:v2.10.0 --stable-repo-url https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts

Download the latest charts. Do not use aliyun Of , Outdated Version , Will report a mistake .

https://github.com/helm/charts/tree/master/stable/spinnaker

modify charts Inside storageclass For the above self-defined :managed-nfs-storage

root@skr:/data/spinnaker# ls charts/
jenkins minio redis

1) Modify the values.yaml file , take storageclass/Storageclass Change the name to the one created above managed-nfs-storage

2) modify spinnaker In the catalog values.yaml file , take minio Of imageTAG Modify to and charts/minio In the catalog values.yaml The file is the same .

#vim  spinnaker/values.yaml

minio:
enabled: true
imageTag: RELEASE.2018-03-16T22-52-12Z

# vim spinnaker/charts/minio/values.yaml

image:
repository: minio/minio
tag: RELEASE.2018-03-16T22-52-12Z

Define your own docker registry Address :
#vim spinnaker/values.yaml
accounts:
- name: dockerhub
   address: https://index.docker.io

address Change it to your own registry Address

3) modify spinnaker In the catalog values.yaml file , modify kubeConfig

kubectl create secret generic kubeconfig --from-file=/root/.kube/config

kubeConfig:
enabled: true
secretName: kubeconfig
secretKey: config
# List of contexts from the kubeconfig to make available to Spinnaker
contexts:
- kubernetes-admin@kubernetes

6、 install spinnaker:

stay spinnaker Execute under directory :
# helm install -n spinnaker --tiller-namespace default ./ -f values.yaml --namespace default

If there's a problem with the deployment , You can use the following command to delete this deployment :

# helm del --purge --tiller-namespace default spinnaker

7、 visit

Configure access deck:
see pod Service port for :
# kubectl get pods spinnaker-spinnaker-deck-5d87d8d9f9-lswwv --template='{{(index (index .spec.containers 0).ports 0).containerPort}}{{"\n"}}'

Map port to local ,127.0.0.1:port Access to services . Of course, one can be deployed ingress Agent access , This is just a test environment .

# kubectl port-forward spinnaker-spinnaker-deck-5d87d8d9f9-lswwv 9000:9000

As a result of such a leaked service monitoring 127.0.0.1, So in order to use the service , We need to set up a service agent by ourselves . I'll use it here nginx:

##spinnaker-spinnaker-deck-5d87d8d9f9-lswwv  It is my deck Of pod The name of , Here you need to write your own .

Delete what cannot be deleted pod:
# kubectl delete pod pod-name --grace-period 0 --force

K8s And spinnaker More articles about

  1. spinnaker Automatic release k8s Deploy the application &lt; One &gt;

    One . Prepare the environment !docker-ce---17.06.2-ce !k8s colony ----1.11.1 !helm Deployment tools ---helm-v2.10.0 !spinnaker-charts---spinnak ...

  2. K8S(16) Integrated combat - Use spinnaker Automate deployment

    K8s Integrated combat - Use spinnaker Automate deployment 1 spinnaker Overview and selection 1.1 summary 1.1.1 The main function Spinnaker It's an open source multi cloud continuous delivery platform , Provide fast . reliable . Stable software change ...

  3. How to view k8s There is etcd Data in ( turn )

    original text https://yq.aliyun.com/articles/561888 I always have this impulse , Want to know kubernetes Go to etcd What data is in the library , How it is organized . Can see , Only then can we know its realization and details ...

  4. utilize Spinnaker Create a continuous delivery pipeline

    stay Pivotal Container Service (PKS) There are many ways to deploy software , This article focuses on how to use Spinnaker stay PKS( Or any Kubernetes to cluster around ) Continuous delivery on the Internet . Pivota ...

  5. be based on K8s There are so many tools for application publishing , Why did Ali choose Cinderella Tekton ?

    author | Deng Hongchao , Alibaba cloud container platform engineer , Kubernetes Operator The second person , Well known technical experts in the field of cloud native application standard delivery and management   Reading guide : In recent years , More and more are devoted to Kubernetes Do application Publishing ...

  6. ( turn ) First try Netflix Open source continuous cloud delivery platform Spinnaker

    Catalog Spinnaker Introduce Environmental Science . Software preparation install Development Spinnaker Configuration dependent environment Configure and install Spinnaker demonstration Spinnaker Pipeline demonstration Spi ...

  7. 【Kubernetes】K8S Network plan -- I've been watching recently

    K8S The Internet - I've been watching recently Create a Minikube cluster - Kubernetes Kubernetes Documentation - Kubernetes Kubernetes ...

  8. 【Kubernetes】K8S Network isolation programme

    Reference material : K8S- Network isolation reference OpenContrail is an open source network virtualization platform for the cloud. – Kub ...

  9. k8s Introduction series guestbook Rapid deployment

    k8s The cluster and some extensions have been installed , This article introduces how to use k8s Rapid deployment on a cluster guestbook application . • The experimental environment is cluster :master(1)+node(4), For details, please refer to <k8s Introduction series ...

Random recommendation

  1. I/O Request packet

    MSDN original text :https://msdn.microsoft.com/zh-cn/library/windows/hardware/hh439638(v=vs.85).aspx Send to most of the device drivers ...

  2. Python 7 —— Extension and embedding

    Python 7 —— Extension and embedding Expansion refers to , stay Python Calling other languages , because Python The main problem is efficiency , Extension here mainly refers to extension C C++ Program ( a key ) The so-called embedding refers to , In other languages, you can call P ...

  3. 003--VS2013 C++ Polygon drawing

    // Global variables HPEN hPen;HBRUSH hBru;POINT poly1[6], poly2[5], poly3[5]; //---------------------------------- ...

  4. Take a class ( perhaps Object) Turn it into a dictionary

    Go straight to the code : Convert a class to object, And then convert it into a dictionary internal static IDictionary<string, string> GetDictionary(this ob ...

  5. poj 1505 Copying Books

    http://poj.org/problem?id=1505 Copying Books Time Limit: 3000MS   Memory Limit: 10000K Total Submiss ...

  6. The fourth day Built in functions 2 Random code Decorator iterator 、 generator recursive Bubble sort JSON

    About functions return li = [11,22,33,44] def f1(arg): arg.append(55) li = f1(li) print(li) because li = f1(li) Actual assigned ...

  7. 【easy】572. Subtree of Another Tree

    Determine whether a tree contains another subtree ( Include is , The children under the root node where two trees overlap are equal ) There are two ways : Method 2 : Recursive writing // Method 1 : We can learn from the previous serialization topic , If the serialized sequence is the same, it is the same tree // Method 2 ...

  8. mocha The test framework -truffle

    https://mochajs.org/ Learning website : https://www.jianshu.com/p/9c78548caffa https://www.jb51.net/article/10646 ...

  9. Luogu 2173 [ZJOI2012] The Internet - LCT

    Solution $LCT$ Go straight up $QuQ$ Be careful $cut$ End need $d[u + c * N]--$ Again   $link$,  Otherwise it will output Error 1 Of course Code #include<cs ...

  10. vuex The grammar is simple ( Convenient for development and reference )

    vuex The grammar is simple ( Convenient for development and reference ) store structure state Getter Mutation actions vuex The grammar is simple ( Convenient for development and reference ) This article is just to facilitate the development of a quick reference to the relevant Syntax , For details, please ...