🥇E hoʻokuʻu iā Camunda BPM ma nā Kubernetes

Ke hoʻohana nei ʻoe iā Kubernetes? Mākaukau e hoʻoneʻe i kāu mau hiʻohiʻona Camunda BPM mai nā mīkini virtual, a i ʻole e hoʻāʻo wale e holo iā lākou ma Kubernetes? E nānā i kekahi mau hoʻonohonoho maʻamau a me nā mea ponoʻī i hiki ke hoʻohālikelike ʻia i kāu mau pono kikoʻī.

Manaʻo ia ua hoʻohana ʻoe i nā Kubernetes ma mua. Inā ʻaʻole, no ke aha e nānā ʻole ai alakaʻi ʻaʻole hoʻomaka i kāu hui mua?

Authors

Alastair Firth (Alastair Firth) - Luna Nui Pono Pono Pūnaewele ma ka hui Camunda Cloud;
Lars Lange (Lars Lange) - ʻenehana DevOps ma Camunda.

I ka pōkole:

git clone https://github.com/camunda-cloud/camunda-examples.git cd camunda-examples/camunda-bpm-demo make skaffold

ʻAe, ʻaʻole paha i hana no ka mea ʻaʻohe āu skaffold a me kustomize i hoʻokomo ʻia. A laila e heluhelu!

He aha ka Camunda BPM

ʻO Camunda BPM kahi kumu hoʻokele kaʻina hana ʻoihana a me ka ʻōnaehana hoʻoholo hoʻoholo e pili ana i nā mea hoʻohana ʻoihana a me nā mea hoʻomohala polokalamu. He kūpono ia no ka hoʻonohonoho ʻana a me ka hoʻopili ʻana i nā kānaka, nā lawelawe (micro) a i ʻole nā bots! Hiki iā ʻoe ke heluhelu hou aʻe e pili ana i nā hihia hoʻohana like ʻole ma loulou.

No ke aha e hoʻohana ai iā Kubernetes

Ua lilo ʻo Kubernetes i ka maʻamau de facto no ka holo ʻana i nā noi hou ma Linux. Ma ka hoʻohana ʻana i nā kelepona ʻōnaehana ma kahi o ka emulation hardware a me ka hiki i ka kernel ke hoʻokele i ka hoʻomanaʻo a me ka hoʻololi ʻana i ka hana, mālama ʻia ka manawa boot a me ka manawa hoʻomaka. Eia nō naʻe, hiki mai ka pōmaikaʻi nui loa mai ka API maʻamau a Kubernetes i hoʻolako ai no ka hoʻonohonoho ʻana i nā ʻōnaehana i koi ʻia e nā noi āpau: mālama, pūnaewele, a me ka nānā ʻana. Ua lilo ia i 2020 mau makahiki i Iune 6 a ʻo ia paha ka lua o ka papahana open source nui loa (ma hope o Linux). Ua hoʻoikaika ikaika ʻo ia i kāna hana ma hope o ka hoʻololi wikiwiki ʻana i nā makahiki i hala iho nei no ka lilo ʻana i mea koʻikoʻi i nā hana hana a puni ka honua.

Hiki iā Camunda BPM Engine ke hoʻopili maʻalahi i nā noi ʻē aʻe e holo ana ma ka pūʻulu like, a hāʻawi ʻo Kubernetes i ka scalability maikaʻi loa, e ʻae iā ʻoe e hoʻonui i nā kumukūʻai ʻoihana inā pono maoli (a hoʻemi maʻalahi iā lākou e like me ka mea e pono ai).

Hoʻomaikaʻi maikaʻi ʻia ka maikaʻi o ka nānā ʻana me nā mea hana e like me Prometheus, Grafana, Loki, Fluentd a me Elasticsearch, e ʻae iā ʻoe e nānā pono i nā hana a pau i kahi hui. I kēia lā e nānā mākou pehea e hoʻokō ai i ka Prometheus exporter i ka Java Virtual Machine (JVM).

Nń Pahuhopu

E nānā i kekahi mau wahi e hiki ai iā mākou ke hana i ke kiʻi ʻo Camunda BPM Docker (github) no laila e launa pū me nā Kubernetes.

Log a me nā ana;
Nā pilina waihona;
Hōʻoia;
Hooponopono kau.

E nānā mākou i kekahi mau ala e hoʻokō ai i kēia mau pahuhopu a hōʻike maopopo i ke kaʻina holoʻokoʻa.

i hoʻopuka: Ke hoʻohana nei ʻoe i ka mana Enterprise? Nānā maanei a hōʻano hou i nā loulou kiʻi e like me ka mea e pono ai.

Hoʻomohala kaʻina hana

Ma kēia demo, e hoʻohana mākou iā Skaffold e kūkulu i nā kiʻi Docker me ka hoʻohana ʻana iā Google Cloud Build. Loaʻa iā ia ke kākoʻo maikaʻi no nā mea hana like ʻole (e like me Kustomize a me Helm), CI a kūkulu i nā mea hana, a me nā mea hoʻolako waiwai. waihona skaffold.yaml.tmpl Aia nā hoʻonohonoho no Google Cloud Build a me GKE, e hāʻawi ana i kahi ala maʻalahi loa e holo ai i nā ʻōnaehana papa hana.

make skaffold e hoʻouka i ka pōʻaiapili Dockerfile i Cloud Build, kūkulu i ke kiʻi a mālama iā ia ma GCR, a laila e hoʻopili i nā hōʻike i kāu hui. ʻO kēia kāna hana make skaffold, akā he nui nā hiʻohiʻona ʻē aʻe iā Skaffold.

No nā laʻana yaml ma Kubernetes, hoʻohana mākou i ka customize e hoʻokele i nā uhi ʻana o yaml me ka ʻole o ka ʻoki ʻana i ka hōʻike holoʻokoʻa, hiki iā ʻoe ke hoʻohana. git pull --rebase no nā hoʻomaikaʻi hou aku. I kēia manawa i kubectl a maikaʻi loa ia no ia mau mea.

Hoʻohana pū mākou i ka envsubst e hoʻopiha i ka inoa hoʻokipa a me ka ID papahana GCP ma nā faila *.yaml.tmpl. Hiki iā ʻoe ke ʻike pehea e hana ai i loko makefile a i ʻole e hoʻomau hou aku.

Mea pono

Hui hana Kubernetes
Hoʻopilikino
Pākuʻi - no ka hana ʻana i kāu mau kiʻi docker ponoʻī a maʻalahi hoʻi i ka GKE
Ke kope o kēia code
Envsubst

Ke kaʻina hana e hoʻohana ana i nā hōʻike

Inā ʻaʻole ʻoe makemake e hoʻohana i ka kustomize a i ʻole skaffold, hiki iā ʻoe ke kuhikuhi i nā hōʻike ma generated-manifest.yaml a hoʻololi iā lākou i ke kaʻina hana āu e koho ai.

Log a me nā ana

Ua lilo ʻo Prometheus i mea maʻamau no ka ʻohi ʻana i nā metric ma Kubernetes. Loaʻa iā ia ka niche like me AWS Cloudwatch Metrics, Cloudwatch Alerts, Stackdriver Metrics, StatsD, Datadog, Nagios, vSphere Metrics a me nā mea ʻē aʻe. He kumu hāmama a loaʻa kahi ʻōlelo noiʻi ikaika. E hāʻawi mākou i ka hiʻohiʻona iā Grafana - hele mai me ka nui o nā dashboards i loaʻa ma waho o ka pahu. Hoʻopili ʻia lākou i kekahi i kekahi a maʻalahi hoʻi e hoʻokomo prometheus-operator.

Ma ka maʻamau, hoʻohana ʻo Prometheus i ke kumu hoʻohālike <service>/metrics, a ʻo ka hoʻohui ʻana i nā pahu sidecar no kēia mea maʻamau. ʻO ka mea pōʻino, ʻoi aku ka maikaʻi o nā metric JMX i loko o ka JVM, no laila ʻaʻole maikaʻi nā pahu sidecar. E hoʻohui kāua jmx_exporter open source mai Prometheus i ka JVM ma ka hoʻohui ʻana i ke kiʻi pahu e hāʻawi i ke ala /metrics ma kekahi awa okoa.

E hoʻohui iā Prometheus jmx_exporter i ka pahu

-- images/camunda-bpm/Dockerfile FROM camunda/camunda-bpm-platform:tomcat-7.11.0

## Add prometheus exporter RUN wget https://repo1.maven.org/maven2/io/prometheus/jmx/ jmx_prometheus_javaagent/0.11.0/jmx_prometheus_javaagent-0.11.0.jar -P lib/ #9404 is the reserved prometheus-jmx port ENV CATALINA_OPTS -javaagent:lib/ jmx_prometheus_javaagent-0.11.0.jar=9404:/etc/config/prometheus-jmx.yaml

ʻAe, ua maʻalahi kēlā. E nānā ka mea kūʻai aku i ka tomcat a hōʻike i kāna mau ana ma ke ʻano Prometheus ma <svc>:9404/metrics

Hoʻonohonoho mea kūʻai aku

E noʻonoʻo paha ka mea heluhelu no hea mai ia prometheus-jmx.yaml? Nui nā mea like ʻole i hiki ke holo i ka JVM, a ʻo tomcat kekahi o lākou, no laila pono ka mea hoʻopuka i kahi hoʻonohonoho hou. Loaʻa nā hoʻonohonoho maʻamau no ka tomcat, wildfly, kafka a pēlā aku maanei. E hoʻohui mākou i ka tomcat e like me ConfigMap ma Kubernetes a laila e kau iā ia ma ke ʻano he leo.

ʻO ka mea mua, hoʻohui mākou i ka faila hoʻonohonoho mea kūʻai aku i kā mākou papa kuhikuhi / config / papa kuhikuhi

platform/config └── prometheus-jmx.yaml

A laila hoʻohui mākou ConfigMapGenerator в kustomization.yaml.tmpl:

-- platform/kustomization.yaml.tmpl apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization [...] configMapGenerator: - name: config files: - config/prometheus-jmx.yaml

E hoʻohui kēia i kēlā me kēia mea files[] ma ke ʻano he mea hoʻonohonoho ConfigMap. He mea maikaʻi loa ka ConfigMapGenerators no ka mea ua paʻa lākou i ka ʻikepili hoʻonohonoho a hoʻomaka hou i kahi pod inā loli. Hoʻemi lākou i ka nui o ka hoʻonohonoho ʻana i ka Deployment no ka mea hiki iā ʻoe ke kau i kahi "folder" holoʻokoʻa o nā faila hoʻonohonoho i hoʻokahi VolumeMount.

ʻO ka hope, pono mākou e kau i ka ConfigMap ma ke ʻano he leo i ka pod:

-- platform/deployment.yaml apiVersion: apps/v1 kind: Deployment [...] spec: template: spec: [...] volumes: - name: config configMap: name: config defaultMode: 0744 containers: - name: camunda-bpm volumeMounts: - mountPath: /etc/config/ name: config [...]

Kupaianaha. Inā ʻaʻole i hoʻonohonoho ʻia ʻo Prometheus e hana i kahi hoʻomaʻemaʻe piha, pono paha ʻoe e haʻi iā ia e hoʻomaʻemaʻe i nā pods. Hiki i nā mea hoʻohana Prometheus Operator ke hoʻohana service-monitor.yaml e hoʻomaka. E ʻimi Service-monitor.yaml, hoʻolālā mea hoʻohana и ServiceMonitorSpec ma mua o kou hoʻomaka ʻana.

Hoʻonui i kēia ʻano i nā hihia hoʻohana ʻē aʻe

Loaʻa nā faila a pau a mākou e hoʻohui ai iā ConfigMapGenerator ma ka papa kuhikuhi hou /etc/config. Hiki iā ʻoe ke hoʻonui i kēia template e kau i nā faila hoʻonohonoho ʻē aʻe āu e pono ai. Hiki iā ʻoe ke kau i kahi palapala hoʻomaka hou. Hiki iā ʻoe ke hoʻohana subPath e kau i nā faila pākahi. No ka hoʻonui i nā faila xml, e noʻonoʻo e hoʻohana xmlstarlet ma kahi o ka sed. Ua komo i loko o ke kiʻi.

Nā makasina

Nuhou nui! Loaʻa nā moʻolelo noi ma stdout, no ka laʻana me kubectl logs. E hoʻouna ʻo Fluentd (i hoʻokomo ʻia ma GKE) i kāu mau lāʻau iā Elasticsearch, Loki, a i ʻole kāu kahua hoʻopaʻa inoa ʻoihana. Inā makemake ʻoe e hoʻohana i ka jsonify no nā lāʻau a laila hiki iā ʻoe ke hahai i ka template ma luna e hoʻokomo hoʻihoʻi hou.

Database

Ma ka paʻamau, loaʻa i ke kiʻi kahi waihona H2. ʻAʻole kūpono kēia iā mākou, a e hoʻohana mākou iā Google Cloud SQL me Cloud SQL Proxy - pono kēia ma hope e hoʻoponopono i nā pilikia kūloko. He koho maʻalahi a hilinaʻi kēia inā ʻaʻohe āu makemake ponoʻī i ka hoʻonohonoho ʻana i ka waihona. Hāʻawi ʻo AWS RDS i kahi lawelawe like.

ʻO ka ʻikepili āu e koho ai, ke ʻole ʻo H2, pono ʻoe e hoʻonohonoho i nā ʻano hoʻololi kaiapuni kūpono i loko. platform/deploy.yaml. He mea like me kēia:

-- platform/deployment.yaml apiVersion: apps/v1 kind: Deployment [...] spec: template: spec: [...] containers: - name: camunda-bpm env: - name: DB_DRIVER value: org.postgresql.Driver - name: DB_URL value: jdbc:postgresql://postgres-proxy.db:5432/process-engine - name: DB_USERNAME valueFrom: secretKeyRef: name: cambpm-db-credentials key: db_username - name: DB_PASSWORD valueFrom: secretKeyRef: name: cambpm-db-credentials key: db_password [...]

i hoʻopuka: Hiki iā ʻoe ke hoʻohana iā Kustomize e kau i nā kaiapuni like ʻole me ka hoʻohana ʻana i kahi overlay: hiʻohiʻona.

i hoʻopuka: hoohana valueFrom: secretKeyRef. E ʻoluʻolu, e hoʻohana kēia hiʻohiʻona Kubernetes ʻoiai i ka wā hoʻomohala e mālama pono i kāu mau mea huna.

Loaʻa paha iā ʻoe kahi ʻōnaehana makemake no ka mālama ʻana i nā mea huna Kubernetes. Inā ʻaʻole, eia kekahi mau koho: Hoʻopili iā lākou me ka KMS o kāu mea hoʻolako kapua a laila hoʻokomo iā lākou i loko o K8S ma ke ʻano he mea huna ma o ka pipeline CD - ʻO Mozilla SOPS - e hana maikaʻi loa i ka hui pū ʻana me nā mea huna Kustomize. Aia nā mea hana ʻē aʻe, e like me dotGPG, e hana i nā hana like: Hale Waihona HashiCorp, Hoʻopilikino i ka waiwai huna.

Pau

Inā ʻaʻole ʻoe e koho e hoʻohana i ka port forwarding kūloko, pono ʻoe i kahi Ingress Controller i hoʻonohonoho ʻia. Inā ʻaʻole ʻoe e hoʻohana komo-nginx (Papa kuhi helm) a laila ʻike paha ʻoe pono ʻoe e hoʻokomo i nā annotations pono i loko ingress-patch.yaml.tmpl ai ole ia, platform/ingress.yaml. Inā ʻoe e hoʻohana ana i ka ingress-nginx a ʻike ʻoe i kahi papa ingress nginx me kahi mea kaulike ukana e kuhikuhi ana iā ia a me kahi DNS waho a i ʻole wildcard DNS komo, maikaʻi ʻoe e hele. A i ʻole, e hoʻonohonoho i ka Ingress Controller a me DNS, a i ʻole e lele i kēia mau ʻanuʻu a mālama i ka pilina pololei i ka pod.

TLS

Inā ʻoe e hoʻohana ana luna hoʻomalu a i ʻole kube-lego a letsencrypt - e loaʻa maʻalahi nā palapala hōʻoia no ka hoʻopaʻa inoa hou. A i ʻole, wehe ingress-patch.yaml.tmpl a hoʻopilikino iā ia e like me kāu mau pono.

Hoʻolana!

Inā hahai ʻoe i nā mea a pau i kākau ʻia ma luna, a laila ke kauoha make skaffold HOSTNAME=<you.example.com> pono e hoʻomaka i kahi laʻana i loaʻa ma <hostname>/camunda

Inā ʻaʻole ʻoe i hoʻonohonoho i kāu kau inoa i kahi URL lehulehu, hiki iā ʻoe ke hoʻohuli hou iā ia me localhost: kubectl port-forward -n camunda-bpm-demo svc/camunda-bpm 8080:8080 maluna o localhost:8080/camunda

E kali i kekahi mau minuke a hiki i ka mākaukau ʻana o ka tomcat. E hoʻopaʻa ʻia ka Cert-manager e hōʻoia i ka inoa domain. Hiki iā ʻoe ke nānā i nā lāʻau me ka hoʻohana ʻana i nā mea hana i loaʻa e like me kahi mea hana e like me kubetail, a i ʻole e hoʻohana wale ana i kubectl:

kubectl logs -n camunda-bpm-demo $(kubectl get pods -o=name -n camunda-bpm-demo) -f

Nā ʻanuʻu aʻe

ʻO kaʻaeʻana

ʻOi aku ka pili o kēia i ka hoʻonohonoho ʻana iā Camunda BPM ma mua o nā Kubernetes, akā he mea nui e hoʻomaopopo i ka paʻamau, ua pio ka hōʻoia ʻana i ka REST API. Hiki iā ʻoe hiki i ka hōʻoia kumu a i ʻole e hoʻohana i kahi ala ʻē aʻe e like me Ua ʻōlelo ʻo J.W.T.. Hiki iā ʻoe ke hoʻohana i nā configmaps a me nā volumes e hoʻouka i ka xml, a i ʻole xmlstarlet (e ʻike i luna) e hoʻoponopono i nā faila i loaʻa i ke kiʻi, a hoʻohana paha i ka wget a hoʻouka paha iā lākou me ka hoʻohana ʻana i kahi pahu init a me kahi leo like.

Hooponopono kau

E like me nā noi ʻē aʻe he nui, mālama ʻo Camunda BPM i nā kau ma ka JVM, no laila inā makemake ʻoe e holo i nā replicas he nui, hiki iā ʻoe ke hoʻohana i nā manawa pili (no ka laʻana no ka ingress-nginx), e noho ana a nalo ke kope, a i ʻole e hoʻonoho i ke ʻano Max-Age no nā kuki. No ka hoʻonā ʻoi aku ka ikaika, hiki iā ʻoe ke kau i ka Session Manager ma Tomcat. Ua loaʻa iā Lars pou kaawale ma keia kumuhana, aka, penei:

wget http://repo1.maven.org/maven2/de/javakaffee/msm/memcached-session-manager/ 2.3.2/memcached-session-manager-2.3.2.jar -P lib/ && wget http://repo1.maven.org/maven2/de/javakaffee/msm/memcached-session-manager-tc9/ 2.3.2/memcached-session-manager-tc9-2.3.2.jar -P lib/ &&

sed -i '/^</Context>/i <Manager className="de.javakaffee.web.msm.MemcachedBackupSessionManager" memcachedNodes="redis://redis-proxy.db:22121" sticky="false" sessionBackupAsync="false" storageKeyPrefix="context" lockingMode="auto" />' conf/context.xml

i hoʻopuka: hiki iā ʻoe ke hoʻohana i ka xmlstarlet ma kahi o sed

Ua hoʻohana mākou twemproxy i mua o Google Cloud Memorystore, me memcached-sesion-manager (kākoʻo iā Redis) e holo.

Ka hoʻonui ʻana

Inā maopopo iā ʻoe nā kau, a laila ʻo ka palena mua (a pinepine ka hope) i ka hoʻonui ʻana iā Camunda BPM paha ka pilina i ka waihona. Loaʻa ka hoʻoponopono ʻāpana "mai ka pahu" E hoʻopau pū kākou i ka intialSize i ka faila settings.xml. Hoʻohui Horizontal Pod Autoscaler (HPA) a hiki iā ʻoe ke hoʻonui maʻalahi i ka helu o nā pods.

Nā noi a me nā kapu

В platform/deployment.yaml E ʻike ʻoe ua paʻakikī mākou i ke kahua kumu waiwai. Hana maikaʻi kēia me HPA, akā makemake paha i ka hoʻonohonoho hou. Ua kūpono ka ʻāpana customize no kēia. Cm. ingress-patch.yaml.tmpl и ./kustomization.yaml.tmpl

hopena

No laila ua hoʻokomo mākou i ka Camunda BPM ma Kubernetes me nā metric Prometheus, logs, H2 database, TLS a me Ingress. Hoʻohui mākou i nā faila jar a me nā faila hoʻonohonoho e hoʻohana ana i ka ConfigMaps a me Dockerfile. Ua kamaʻilio mākou e pili ana i ka hoʻololi ʻana i ka ʻikepili i nā volumes a pololei i nā ʻano hoʻololi kaiapuni mai nā mea huna. Eia kekahi, ua hāʻawi mākou i kahi hiʻohiʻona o ka hoʻonohonoho ʻana iā Camunda no nā replicas he nui a me kahi API i hōʻoia ʻia.

kūmole

github.com/camunda-cloud/camunda-examples/camunda-bpm-kubernetes │ ├── generated-manifest.yaml <- manifest for use without kustomize ├── images │ └── camunda-bpm │ └── Dockerfile <- overlay docker image ├── ingress-patch.yaml.tmpl <- site-specific ingress configuration ├── kustomization.yaml.tmpl <- main Kustomization ├── Makefile <- make targets ├── namespace.yaml ├── platform │ ├── config │ │ └── prometheus-jmx.yaml <- prometheus exporter config file │ ├── deployment.yaml <- main deployment │ ├── ingress.yaml │ ├── kustomization.yaml <- "base" kustomization │ ├── service-monitor.yaml <- example prometheus-operator config │ └── service.yaml └── skaffold.yaml.tmpl <- skaffold directives

05.08.2020/XNUMX/XNUMX, unuhi nāʻatikala Alastair Firth, Lars Lange

Source: www.habr.com

Ke holo nei ʻo Camunda BPM ma nā Kubernetes