How to use CRD to realize batch release in Kubernetes Cluster 01/19 Update SLTechnology News&Howtos

How to use CRD to realize batch release in Kubernetes Cluster

2025-01-19 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >

Shulou(Shulou.com)06/01 Report--

This article introduces how to use CRD to achieve batch release in Kubernetes cluster, the content is very detailed, interested friends can refer to, hope to be helpful to you.

Release in batches using kubectl

Alicloud-application-controller is installed by default in the new cluster. Please install the old cluster manually first.

Kubectl create-f alicloud-application-controller.yml

ApiVersion: extensions/v1beta1kind: Deploymentmetadata: name: alicloud-application-controller labels: owner: aliyun app: alicloud-application-controller namespace: kube-systemspec: 1 selector: matchLabels: owner: aliyun app: alicloud-application-controller template: metadata: labels: owner: aliyun app: alicloud-application-controller annotations: scheduler.alpha.kubernetes.io/critical-pod:''spec: Tolerations:-effect: NoSchedule operator: Exists key: node-role.kubernetes.io/master-effect: NoSchedule operator: Exists key: node.cloudprovider.kubernetes.io/uninitialized containers:-name: alicloud-application-controller image: registry.cn-hangzhou.aliyuncs.com/acs/aliyun-app-lifecycle-manager:0.1-93095ba imagePullPolicy: IfNotPresent serviceAccount: admin

Let's use the following StatefulSet as an example to demonstrate the process of batch release.

ApiVersion: apps/v1kind: StatefulSetmetadata: name: webspec: selector: matchLabels: app: nginx # has to match .spec.template.metadata.labels serviceName: "nginx" replicas: 3 # by default is 1 template: metadata: labels: app: nginx # has to match .spec.selector.matchLabels spec: terminationGracePeriodSeconds: 10 containers:-name: nginx image: registry.cn-hangzhou.aliyuncs.com/xianlu/old- Nginx ports:-containerPort: 80 name: web

This is a nginx instance with three instances. To expose this container, we use Service to expose. The Yaml of Service is as follows

ApiVersion: v1kind: Servicemetadata: name: nginx labels: app: nginxspec: ports:-port: 80 name: web selector: app: nginx type: LoadBalancer

Here the nginx service is exposed through SLB.

In order to ensure the Yaml security of users, batch releases need to use Secret to store the final yaml. Here, you need to perform a base64 operation on the yaml and then store it.

This is StatefulSet's Secret Yaml.

ApiVersion: v1kind: Secretmetadata: name: myststype: Opaquedata: yaml: YXBpVmVyc2lvbjogYXBwcy92MQpraW5kOiBTdGF0ZWZ1bFNldAptZXRhZGF0YToKICBuYW1lOiB3ZWIKc3BlYzoKICBzZWxlY3RvcjoKICAgIG1hdGNoTGFiZWxzOgogICAgICBhcHA6IG5naW54ICMgaGFzIHRvIG1hdGNoIC5zcGVjLnRlbXBsYXRlLm1ldGFkYXRhLmxhYmVscwogIHNlcnZpY2VOYW1lOiAibmdpbngiCiAgcmVwbGljYXM6IDMgIyBieSBkZWZhdWx0IGlzIDEKICB0ZW1wbGF0ZToKICAgIG1ldGFkYXRhOgogICAgICBsYWJlbHM6CiAgICAgICAgYXBwOiBuZ2lueCAjIGhhcyB0byBtYXRjaCAuc3BlYy5zZWxlY3Rvci5tYXRjaExhYmVscwogICAgc3BlYzoKICAgICAgdGVybWluYXRpb25HcmFjZVBlcmlvZFNlY29uZHM6IDEwCiAgICAgIGNvbnRhaW5lcnM6CiAgICAgIC0gbmFtZTogbmdpbngKICAgICAgICBpbWFnZTogcmVnaXN0cnkuY24taGFuZ3pob3UuYWxpeXVuY3MuY29tL3hpYW5sdS9vbGQtbmdpbngKICAgICAgICBwb3J0czoKICAgICAgICAtIGNvbnRhaW5lclBvcnQ6IDgwCiAgICAgICAgICBuYW1lOiB3ZWI=

The following is the Secret Yaml of Service

ApiVersion: v1kind: Secretmetadata: name: mysvctype: Opaquedata: yaml: YXBpVmVyc2lvbjogdjEKa2luZDogU2VydmljZQptZXRhZGF0YToKICBuYW1lOiBuZ2lueAogIGxhYmVsczoKICAgIGFwcDogbmdpbngKc3BlYzoKICBwb3J0czoKICAtIHBvcnQ6IDgwCiAgICBuYW1lOiB3ZWIKICBzZWxlY3RvcjoKICAgIGFwcDogbmdpbngKICB0eXBlOiBMb2FkQmFsYW5jZXI=

Create the above two Secret respectively, kubectl create-f xxxxx

Cdn.com/a20640c6e505c48a39cec1b05f30d748796d2221.png ">

You can see that both Secret have been created, so you can create a batch-released CRD. The CRD format released in batches is as follows

ApiVersion: alicloud.com/v1beta1kind: BatchReleasemetadata: name: example-batch-release annotations: aliyun.batchnum: "2" spec: statefulSetSecretName: mysts serviceSecretName: mysvc

Batch aliyun.batchnum: it is released in several batches. Currently, the default is 2 batches.

StatefulSetSecretName: represents the Secret name of the storage StatefulSet

ServiceSecretName: represents the Secret name of the storage Service

Create this CRD batch release using kubectl create-f xxx

As you can see, the description resources have been created.

[root@iZbp11x2k7by5gfy6pkrl1Z] # kubectl get stsNAME DESIRED CURRENT AGEweb 3 36m [root@iZbp11x2k7by5gfy6pkrl1Z] # kubectl get pods-o=wideNAME READY STATUS RESTARTS AGE IP NODEweb-0 1 Running 0 7m 172.16.2.2 cn-hangzhou.i-bp199b7a244chaux4ozhweb-1 1 Running 0 6m 172.16.2.131 cn-hangzhou.i-bp199b7a244chaux4oziweb-2 1 cn-hangzhou.i-bp199b7a244chaux4oziweb-2 1 Running 0 6m 172.16.1.136 cn-hangzhou.i-bp199b7a244chaux4ozg [root@iZbp11x2k7by5gfy6pkrl1Z] # kubectl get svcNAME TYPE CLUSTER-IP EXTERNAL-IP PORT (S) AGEkubernetes ClusterIP 172.19.0.1 443/TCP 4hnginx LoadBalancer 172.19.12.163 120.55.148.238 80:32065/TCP 7m [root@iZbp11x2k7by5gfy6pkrl1Z ~] # curl 120.55.148.238old

As you can see, the StatefulSet of nginx and the corresponding Service have been created, and the curl can be accessed directly.

Let's start to release a new version of StatefulSet in batches. Here our new StatefulSet Yaml template is as follows

As you can see, the difference between the new and old StatefulSet is that the image of the new version has been replaced.

Again, we need to create a Secret to store the new StatefulSet

ApiVersion: v1kind: Secretmetadata: name: my-new-ststype: Opaquedata: yaml: YXBpVmVyc2lvbjogYXBwcy92MQpraW5kOiBTdGF0ZWZ1bFNldAptZXRhZGF0YToKICBuYW1lOiB3ZWIKc3BlYzoKICBzZWxlY3RvcjoKICAgIG1hdGNoTGFiZWxzOgogICAgICBhcHA6IG5naW54ICMgaGFzIHRvIG1hdGNoIC5zcGVjLnRlbXBsYXRlLm1ldGFkYXRhLmxhYmVscwogIHNlcnZpY2VOYW1lOiAibmdpbngiCiAgcmVwbGljYXM6IDMgIyBieSBkZWZhdWx0IGlzIDEKICB0ZW1wbGF0ZToKICAgIG1ldGFkYXRhOgogICAgICBsYWJlbHM6CiAgICAgICAgYXBwOiBuZ2lueCAjIGhhcyB0byBtYXRjaCAuc3BlYy5zZWxlY3Rvci5tYXRjaExhYmVscwogICAgc3BlYzoKICAgICAgdGVybWluYXRpb25HcmFjZVBlcmlvZFNlY29uZHM6IDEwCiAgICAgIGNvbnRhaW5lcnM6CiAgICAgIC0gbmFtZTogbmdpbngKICAgICAgICBpbWFnZTogcmVnaXN0cnkuY24taGFuZ3pob3UuYWxpeXVuY3MuY29tL3hpYW5sdS9uZXctbmdpbngKICAgICAgICBwb3J0czoKICAgICAgICAtIGNvbnRhaW5lclBvcnQ6IDgwCiAgICAgICAgICBuYW1lOiB3ZWI=

Then we update the CRD we just created to change the statefulSetSecretName to the new StatefulSet name.

The modified CRD Yaml is as follows:

[root@iZbp11x2k7by5gfy6pkrl1Z ~] # kubectl get BatchRelease example-batch-release-o=yamlapiVersion: alicloud.com/v1beta1kind: BatchReleasemetadata: annotations: aliyun.batchnum: "2" clusterName: "" creationTimestamp: 2018-07-31T08:17:17Z generation: 1 name: example-batch-release namespace: default resourceVersion: "43484" selfLink: / apis/alicloud.com/v1beta1/namespaces/default/batchreleases/example-batch-release uid: 2386ddfd-949a-11e8-a3c2-00163e086528spec: serviceSecretName: mysvc statefulSetSecretName: my- New-sts [root@iZbp11x2k7by5gfy6pkrl1Z ~] # kubectl describe BatchRelease example-batch-releaseName: example-batch-releaseNamespace: defaultLabels: Annotations: alicloud.com/v1beta1Kind: BatchReleaseMetadata: Cluster Name: Creation Timestamp: 2018-07-31T08:17:17Z Generation: 1 Resource Version: 43484 Self Link: / apis/alicloud.com/v1beta1/namespaces/default/batchreleases/example-batch-release UID: 2386ddfd-949a-11e8-a3c2-00163e086528Spec: Service Secret Name: mysvc Stateful Set Secret Name: my-new-stsStatus: Control: Release: Batch _ Order: 1 Progress: finished Status: WaitingForConfirm Resources: Service: Name: nginx Namespace: default Status: Updating Stateful Set: Name: web Namespace: default Status: UpdatingEvents: Type Reason Age From Message-Normal CreateSubResource 2m aliyun-controller Create StatefulSet resource sucessfully Normal CreateSubResource 2m aliyun-controller Create service resource sucessfully Normal Synced 2m aliyun-controller Batch CRD synced successfully Normal UpdateResource 1m aliyun-controller Begin to update StatefulSet web with partition 2 Normal UpdateResource 1m aliyun-controller Waiting StatefulSet default:web ready ReadyReplicas 2 replicas 3 times 1 Normal UpdateResource 1m aliyun-controller Waiting StatefulSet default:web ready, readyReplicas 2 replicas 3 times 2 Normal UpdateResource 1m aliyun-controller Begin to update service with new selector map [app:nginx aliyun.version:2] Normal UpdateResource 1m aliyun-controller Update StatefulSet and Service sucessfully Waiting confirm [root@iZbp11x2k7by5gfy6pkrl1Z] # kubectl get pods-o=wideNAME READY STATUS RESTARTS AGE IP NODEweb-0 1 Running 0 2m 172.16.2.132 cn-hangzhou.i-bp199b7a244chaux4oziweb-1 1 Running 0 2m 172.16.2.3 cn-hangzhou.i-bp199b7a244chaux4ozhweb-2 1 Running 0 1m 172.16.1.138 cn-hangzhou.i-bp199b7a244chaux4ozg [root@iZbp11x2k7by5gfy6pkrl1Z ~] # kubectl get svcNAME TYPE CLUSTER-IP EXTERNAL-IP PORT (S) AGEkubernetes ClusterIP 172.19.0.1 443/TCP 5hnginx LoadBalancer 172.19.2.184 101.37.107.187 80:32173/TCP 2m [root@iZbp11x2k7by5gfy6pkrl1Z ~] # curl 101.37.107.187new [root@iZbp11x2k7by5gfy6pkrl1Z ~] #

We can see all the events of CRD through event. At the same time, you can see that one of the three pod of nginx has changed to become the latest image. At the same time, the service corresponding to the curl will find that the traffic has been directed to the new pod. In this way, users can make mistakes quickly.

Let's demonstrate how to roll back quickly. If there is a problem after the traffic hits the new pod and needs to be rolled back, then we need to edit the CRD.

Set the action of Status to rollback to roll back quickly.

[root@iZbp11x2k7by5gfy6pkrl1Z ~] # kubectl edit BatchRelease example-batch-releasebatchrelease.alicloud.com "example-batch-release" edited [root@iZbp11x2k7by5gfy6pkrl1Z] # kubectl get pods-o=wideNAME READY STATUS RESTARTS AGE IP NODEweb-0 1 Running 0 7m 172.16.2.132 cn-hangzhou.i-bp199b7a244chaux4oziweb-1 1 Running 0 7m 172.16 .2.3 cn-hangzhou.i-bp199b7a244chaux4ozhweb-2 1 443/TCP 5hnginx LoadBalancer 1 Running 0 3s 172.16.1.139 cn-hangzhou.i-bp199b7a244chaux4ozg [root@iZbp11x2k7by5gfy6pkrl1Z] # kubectl get svcNAME TYPE CLUSTER-IP EXTERNAL-IP PORT (S) AGEkubernetes ClusterIP 172.19.0.1 443/TCP 5hnginx LoadBalancer 172. 19.2.184 101.37.107.187 80:32173/TCP 7m [root@iZbp11x2k7by5gfy6pkrl1Z ~] # curl 101.37.107.187old

You can see that the original pod where web-2 resides has been rolled back to the old image, and now curl service is also an old service.

Release the second batch

To release the second batch, you need to set it to continue on action.

[root@iZbp11x2k7by5gfy6pkrl1Z ~] # kubectl get pods-o=wideNAME READY STATUS RESTARTS AGE IP NODEweb-0 1 Running 0 3s 172.16.2.138 cn-hangzhou.i-bp199b7a244chaux4oziweb-1 1 Running 0 13s 172.16.2.12 cn-hangzhou.i-bp199b7a244chaux4ozhweb-2 1 Running 0 2m 172.16.1.153 cn-hangzhou.i-bp199b7a244chaux4ozg [root@iZbp11x2k7by5gfy6pkrl1Z ~] # kubectl get BatchRelease example-batch-release-o=yamlapiVersion: alicloud.com/v1beta1kind: BatchReleasemetadata: annotations: aliyun.batchnum: "2" clusterName: "" creationTimestamp: 2018-07-31T09:44:58Z generation: 1 name: example-batch-release namespace: default resourceVersion: "58066" selfLink: / apis/alicloud.com/v1beta1/namespaces/default/batchreleases/example-batch- Release uid: 6321dcaf-94a6-11e8-a3c2-00163e086528spec: serviceSecretName: mysvc statefulSetSecretName: my-new-stsstatus: control: {} release: batch_order: "2" progress: finished status: WaitingForConfirm resources: Service: name: nginx namespace: default status: Updating StatefulSet: name: web namespace: default status: Updating

You can see that all three pod of StatefulSet have been updated.

At this time, you can confirm the release.

This release is confirmed by setting it to confirm.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.