docker hub
github
kubernetes - deployment
2021-11-19
亲和性
- RequiredDuringSchedulingRequiredDuringExecution :在调度期间要求满足亲和性或者反亲和性规则,如果不能满足规则,则POD不能被调度到对应的主机上。在之后的运行过程中,如果因为某些原因(比如修改label)导致规则不能满足,系统会尝试把POD从主机上删除(现在版本还不支持)。
- RequiredDuringSchedulingIgnoredDuringExecution :在调度期间要求满足亲和性或者反亲和性规则,如果不能满足规则,则POD不能被调度到对应的主机上。在之后的运行过程中,系统不会再检查这些规则是否满足。
- PreferredDuringSchedulingIgnoredDuringExecution :在调度期间尽量满足亲和性或者反亲和性规则,如果不能满足规则,POD也有可能被调度到对应的主机上。在之后的运行过程中,系统不会再检查这些规则是否满足。
apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
branch: origin/master
buildUrl: ""
dateTime: "2021-02-19 11:30:57"
deployment.kubernetes.io/revision: "16"
executeUser: 唐三
git: https://git.xx.com/yunwei/ops-alarm.git
img: registry-vpc.cn-hangzhou.aliyuncs.com/repo/ws-12000:64c877109aa467eb02e2e0166a4e5496321de1d1
generation: 1
labels:
app: ws-12000
env: pro
name: test
name: ws-12000-deployment-pro
spec:
progressDeadlineSeconds: 600
replicas: 2
revisionHistoryLimit: 10
selector:
matchLabels:
app: ws-12000
strategy:
rollingUpdate:
maxSurge: 50%
maxUnavailable: 50%
type: RollingUpdate
template:
metadata:
annotations:
applyUser: 唐三
branch: origin/master
buildUrl: ""
dateTime: "2021-02-19 11:30:57"
developer: 唐三
executeUser: 唐三
git: https://git.xx.com/yunwei/ops-alarm.git
img: registry-vpc.cn-hangzhou.aliyuncs.com/repo/ws-12000:64c877109aa467eb02e2e0166a4e5496321de1d1
uid: 5891a93be12c40aab427c2234f67f694
xx-cmp.cloud/controller-kind: deployment
creationTimestamp: null
labels:
app: ws-12000
env: pro
name: test
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: level
operator: In
values:
- L1
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchExpressions:
- key: app
operator: In
values:
- ws-12000
topologyKey: kubernetes.io/hostname
weight: 100
containers:
- env:
- name: CPU_LIMIT
valueFrom:
resourceFieldRef:
divisor: 1m
resource: limits.cpu
- name: CPU_REQUEST
valueFrom:
resourceFieldRef:
divisor: 1m
resource: requests.cpu
- name: MEMORY_LIMIT
valueFrom:
resourceFieldRef:
divisor: 1Mi
resource: limits.memory
- name: MEMORY_REQUEST
valueFrom:
resourceFieldRef:
divisor: 1Mi
resource: requests.memory
- name: ARMS_JVM
value: -javaagent:/opt/share/ArmsAgent/arms-bootstrap-1.7.0-SNAPSHOT.jar
-Darms.licenseKey=xxxxxxxxxxxxx -Darms.appName=12000
- name: JACOCO_JVM
- name: POD_SERVICE_ACCOUNT
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: spec.serviceAccountName
- name: EUREKA_SERVER
value: http://ws.xx:8999
- name: APOLLO_METADATA
value: http://apollo-config.xx.corp:8080
- name: APOLLO_JVM
value: -Dfile.encoding=utf-8 -Denv=PRO -Dapollo.cluster=pro -Dapollo.meta=http://apollo-config.xx.corp:8080
- name: POD_IP
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: status.podIP
- name: POD_UID
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.uid
- name: APOLLO_CLUSTER
value: pro
- name: APOLLO_ENV
value: PRO
- name: APP_NAME
value: test
- name: NODE_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: spec.nodeName
- name: POD_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- name: RUN_TIME_ENV
value: k8s
- name: APP_PORT
value: "12000"
- name: JVM_MEMORY
value: 768m
- name: APOLLO_ENCRYPT_JVM
value: -Djasypt.encryptor.password=xxxxxxxxxx -Djasypt.encryptor.algorithm=xxxxxxxxxxxxx
-Djasypt.encryptor.key-obtention-iterations=1000 -Djasypt.encryptor.provider-name=SunJCE
-Djasypt.encryptor.salt-generator-classname=org.jasypt.salt.RandomSaltGenerator
-Djasypt.encryptor.iv-generator-classname=org.jasypt.iv.RandomIvGenerator
-Djasypt.encryptor.string-output-type=base64
- name: NODE_IP
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: status.hostIP
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
image: registry-vpc.cn-hangzhou.aliyuncs.com/repo/ws-12000:64c877109aa467eb02e2e0166a4e5496321de1d1
imagePullPolicy: IfNotPresent
lifecycle:
postStart:
exec:
command:
- /bin/sh
- -c
- mkdir -p /opt/logs/${POD_NAME} && rm -rf /opt/web/ws-${APP_PORT}/logs
&& ln -s /opt/logs/${POD_NAME} /opt/web/ws-${APP_PORT}/logs
preStop:
exec:
command:
- /bin/sh
- -c
- curl -s -X PUT http://${POD_NAMESPACE}.ws.xx:8999/eureka/apps/${APP_NAME}/${POD_NAME}:${APP_NAME}:${APP_PORT}/status?value=OUT_OF_SERVICE
&& sleep 60
livenessProbe:
failureThreshold: 5
httpGet:
path: /actuator/info
port: 12000
scheme: HTTP
initialDelaySeconds: 3
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 3
name: ws-12000
resources:
limits:
cpu: "4"
memory: 2Gi
requests:
cpu: 500m
memory: 1Gi
securityContext:
privileged: false
startupProbe:
failureThreshold: 50
httpGet:
path: /actuator/info
port: 12000
scheme: HTTP
initialDelaySeconds: 30
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 5
terminationMessagePolicy: File
volumeMounts:
- mountPath: /opt/logs
name: log-storage
- mountPath: /opt/share
name: soft-share
- mountPath: /data/appdatas/cat
name: cat-path
dnsPolicy: ClusterFirst
imagePullSecrets:
- name: ali-login-registry
initContainers:
- command:
- sh
- -c
- curl -s -X DELETE http://pro.ws.xx:8999/eureka/apps/test/$HOSTNAME:test:12000
image: sequenceiq/busybox
imagePullPolicy: Always
name: deregister-service
restartPolicy: Always
schedulerName: default-scheduler
terminationGracePeriodSeconds: 60
volumes:
- hostPath:
path: /opt/web/pro/ws-12000
type: DirectoryOrCreate
name: log-storage
- hostPath:
path: /opt/share
type: DirectoryOrCreate
name: soft-share
- configMap:
defaultMode: 420
name: client.xml
name: cat-path