Background:
My base environment all in kubernetes, see:https://cloud.tencent.com/developer/article/1806089, https://cloud.tencent.com/developer/article/1811859Backend bosses play SpringBoot Cloud projects. Therefore, the Spring Boot Cloud project is deployed in the Kubernetes cluster. In fact, I have some objections to the price of using SpringBoot Cloud. Read some articles such as:https://www.cnblogs.com/lakeslove/p/10997011.html. Spring Boot has a lot of overlap with my Kubernetes. It was almost the same time the rise of the project…. If I’m using something new, I’d rather be on the service grid: Istio. Now that you’ve decided to springboot cloud on Kubernets, play it this way……
Maven could have taken over the packaging. But the program likes to type itself, so I just put Dockerfile in the project. Only responsible for the mirror layer:
1. Kubernetes deploies SpringBoot project using ConfigMap
Springboot kubernetes configmap configmap springboot kubernetes configmap configmap
Like this one on the graph, but it doesn’t feel like what I want, so I just want to simply round up my variables. Then I saw:https://capgemini.github.io/engineering/externalising-spring-boot-config-with-kubernetes/Let’s do it this way:
Note: I don’t want them to write a dead file because it’s just a simple test, so I can just pack it and test it
1. Quantify the parameters used
Refer to the original configuration file:
Modified:
Variable names are their own write the main test effect can be achieved. Of course, the actual need and the program unified or normalized parameter is better, the format of the ${} is.
Well, we extracted 8 parameters and quantified them.
2. Generate the JAR package and build Docker Image
Docker packaging is not integrated into my Jenkins Pipeline (the library of the application, which I won’t do too much with), generating the JAR package
Upload the JAR package to my server with Docker environment and package it as Docker image:
cat Dockerfile
From OpenJDK :8-jdk-alpine VOLUME/TMP ADD target/ game-1.0-snapshot.jar game-1.0-snapshot.jar entryPoint [" Java ", "- Djava. Security. Or egd = file: / dev /. / urandom", "- the jar", "/ game - 1.0 - the SNAPSHOT. Jar"]
Docker build - t ccr.ccs.tencentyun.com/xxxx/xxxx:0.2. Docker push ccr.ccs.tencentyun.com/xxxx/xxxx:0.2
3. Generate the configmap file
cat spring-boot.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: spring-config
data:
dev-config.json:
'{
"redis.database.host": "xxxx",
"redis.database.port": "xxxx",
"redis.database.password": "xxxx",
"mysql.database.url": "jdbc:mysql://xxxx:3306/xxxx",
"mysql.database.username": "xxxx",
"mysql.database.password": "xxxxx",
"cloud.nacos.server-addr": "http://xxxx:8848",
"cloud.nacos.discovery.server-addr": "http://xxxx:8848"
}'
Apply deployment configMap file:
kubectl apply -f spring-config.yaml -n qaThe describe it:
4. Deploy the SpringBoot service
cat test.yaml
apiVersion: apps/v1 kind: Deployment metadata: name: pvp-test spec: replicas: 1 strategy: rollingUpdate: maxSurge: 1 maxUnavailable: 0 selector: matchLabels: app: pvp-test template: metadata: labels: app: pvp-test spec: containers: - name: PVP - test image: ccr.ccs.tencentyun.com/xxxx/xxxx:0.2 env: - name: SPRING_PROFILES_ACTIVE value: "qa" - name: SPRING_APPLICATION_JSON valueFrom: configMapKeyRef: name: spring-config key: dev-config.json envFrom: - configMapRef: name: deploy ports: - containerPort: 8001 name: game-http - containerPort: 8011 name: game-tcp resources: requests: memory: "512M" cpu: "500m" limits: memory: "512M" cpu: "500m" imagePullSecrets: - name: tencent --- apiVersion: v1 kind: Service metadata: name: pvp-test labels: app: pvp-test spec: ports: - port: 8001 name: game-http targetPort: 8001 - port: 8011 name: game-tcp targetPort: 8011 selector: app: pvp-testkubectl apply -f 2.yaml -n qaNote: ImagePullSecrets is the secret key to download Image. If you are a public repository can be ignored. Personal version of Tencent Cloud for my warehouse. The secret key creates its own name to be called Tencent. YAML files such as 1 and 2 were named when comparing the warehouse configuration files
5. Check the deployment results and NACOS registration status
kubectl get pods -n qa
kubectl logs -f pvp-test-7f49fcdb9-dsjlz -n qa
There was an error in the boot process but ignore that for now. Because I looked at Nacos and my service was actually registered at…. . Preliminary I think the result is realized!
6. Error reporting:
Literally, right? User “system:serviceaccount:qa:default” cannot get resource “configmaps” in API group “” in the namespace “qa”. This is a review of the RBAC ClusterRole RoleBinding. cat configmap-get.yaml
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
namespace: qa
name: configmap-get
rules:
- apiGroups: [""]
resources: ["configmap"]
verbs: ["get"]And serviceaccount: qa: the default binding
kubectl create clusterrolebinding configmap-get-configmap --clusterrole=configmap-get --serviceaccount=qa:defaultKill the container and continue to view the log of the new container
kubectl delete pods pvp-test-7f49fcdb9-dsjlz -n qa
kubectl logs -f pvp-test-7f49fcdb9-ck9m6 -n qa
Error still reported… Take a close look at the log…. Well, the parameter should be configmaps…. I’m missing an s, right? Modify the configmap-get.yaml file as follows:
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
namespace: qa
name: configmap-get
rules:
- apiGroups: [""]
resources: ["configmaps"]
verbs: ["get"]
Apply redeployed the Clusterrole. Remove old POD to review log:
kubectl apply -f configmap-get.yaml
kubectl delete pods pvp-test-7f49fcdb9-ck9m6 -n qa
Well, it worked this time
Postscript:
Today, I reviewed several knowledge points……
- configmap
- clusterrole rolebinding