Ị na-eji Kubernetes? Ị dịla njikere ibupụ ihe omume Camunda BPM gị n'igwe mebere, ma ọ bụ ikekwe nwaa ịgba ọsọ na Kubernetes? Ka anyị leba anya n'ụfọdụ nhazi na ihe ndị a na-ahụkarị nke enwere ike ịhazi maka mkpa gị.
Ọ na-eche na ị na-eji Kubernetes na mbụ. Ọ bụrụ na ọ bụghị, gịnị ma ị lee anya ma ghara ibido ụyọkọ nke mbụ gị?
Authors
- (Alastair Firth) - Injinia ntụkwasị obi Saịtị dị elu na otu Camunda Cloud;
- (Lars Lange) - Injinia DevOps na Camunda.
Na mpempe:
git clone https://github.com/camunda-cloud/camunda-examples.git
cd camunda-examples/camunda-bpm-demo
make skaffold
Ọ dị mma, ọ nwere ike ọ gaghị arụ ọrụ n'ihi na ị nweghị skaffold na kustomize arụnyere. Ọfọn wee gụọ n'ihu!
Kedu ihe bụ Camunda BPM
Camunda BPM bụ njikwa usoro azụmaahịa mepere emepe yana ikpo okwu akpaaka na-ejikọ ndị ọrụ azụmaahịa na ndị mmepe ngwanrọ. Ọ dị mma maka ịhazi na ijikọ ndị mmadụ, ọrụ (micro) ma ọ bụ ọbụna bots! Ị nwere ike ịgụkwu gbasara ụdị ojiji dị iche iche na .
Gịnị kpatara eji Kubernetes
Kubernetes abụrụla ọkọlọtọ de facto maka ịme ngwa ọgbara ọhụrụ na Linux. Site n'iji oku sistemu kama iṅomi ngwaike yana ikike kernel jikwaa ebe nchekwa na ngbanwe ọrụ, a na-edobe oge buut na oge mmalite ka opekempe. Otú ọ dị, nnukwu uru nwere ike isi na API ọkọlọtọ Kubernetes na-enye iji hazie akụrụngwa nke ngwa niile chọrọ: nchekwa, ịkparịta ụka n'Ịntanet, na nlekota oru. Ọ tụgharịrị afọ 2020 na June 6 ma eleghị anya bụ ọrụ nke abụọ mepere emepe (mgbe Linux gasịrị). N'oge na-adịbeghị anya, ọ na-arụsi ọrụ ike na-arụ ọrụ ya mgbe ọ gbasasịrị ngwa ngwa n'ime afọ ole na ole gara aga ka ọ na-adị mkpa maka mmepụta ọrụ na gburugburu ụwa.
Camunda BPM Engine nwere ike jikọọ na ngwa ndị ọzọ na-agba ọsọ n'otu ụyọkọ ahụ, na Kubernetes na-enye oke scalability, na-enye gị ohere ịbawanye ọnụ ahịa akụrụngwa naanị mgbe ọ dị mkpa (ma belata ha ngwa ngwa dị mkpa).
A na-ejikwa ngwa ọrụ dị ka Prometheus, Grafana, Loki, Fluentd na Elasticsearch na-eme ka ogo nke nleba anya dịkwuo mma, na-enye gị ohere ilele ọrụ niile dị na ụyọkọ. Taa, anyị ga-eleba anya ka esi etinye onye na-ebupụ Prometheus n'ime igwe Java Virtual Machine (JVM).
Ebumnuche
Ka anyị leba anya na mpaghara ole na ole ebe anyị nwere ike hazie foto Camunda BPM Docker () nke mere na ọ na-emekọrịta nke ọma na Kubernetes.
- Ndekọ na metrik;
- Njikọ data;
- Nyocha;
- Nlekọta oge.
Anyị ga-eleba anya n'ọtụtụ ụzọ iji nweta ihe mgbaru ọsọ ndị a ma gosi n'ụzọ doro anya usoro dum.
Примечание: Ị na-eji ụdị Enterprise? Lee anya ma melite njikọ oyiyi dịka achọrọ.
Mmepe usoro ọrụ
Na ngosi a, anyị ga-eji Skaffold wuo onyonyo Docker site na iji Google Cloud Build. Ọ nwere nkwado dị mma maka ngwaọrụ dị iche iche (dịka Kustomize na Helm), CI na ngwá ọrụ wuo, na ndị na-enye akụrụngwa. Faịlụ skaffold.yaml.tmpl gụnyere ntọala maka Google Cloud Build na GKE, na-enye ụzọ dị mfe iji rụọ akụrụngwa ọkwa ọkwa mmepụta.
make skaffold ga-ebuba ọnọdụ Dockerfile n'ime Cloud Build, wuo onyonyo a wee chekwaa ya na GCR, wee tinye ihe ngosi ahụ na ụyọkọ gị. Nke a bụ ihe ọ na-eme make skaffold, mana Skaffold nwere ọtụtụ atụmatụ ndị ọzọ.
Maka ndebiri yaml na Kubernetes, anyị na-eji kustomize iji jikwaa yaml overlays na-ejighi ihe ngosi niile, na-enye gị ohere iji. git pull --rebase maka mmelite ọzọ. Ugbu a ọ nọ na kubectl na ọ na-arụ ọrụ nke ọma maka ihe ndị dị otú ahụ.
Anyị na-ejikwa envsubst iji mejupụta aha nnabata yana NJ ọrụ GCP na faịlụ * .yaml.tmpl. Ị nwere ike ịhụ ka ọ na-arụ ọrụ makefile ma ọ bụ naanị gaa n'ihu.
Ihe ndị ị ga-eme tupu oge eruo
- Ụyọkọ ọrụ
- - maka imepụta onyonyo docker nke gị yana ibuga ngwa ngwa na GKE
- Mpempe koodu a
- Envsubst
Arụ ọrụ na-eji ngosipụta
Ọ bụrụ na ịchọghị iji kustomize ma ọ bụ skaffold, ị nwere ike zoo aka na ngosipụta na generated-manifest.yaml ma mee ka ha kwekọọ na usoro ọrụ nke nhọrọ gị.
Ndekọ na metrik
Prometheus abụrụla ọkọlọtọ maka ịnakọta metrik na Kubernetes. Ọ nwere otu niche dị ka AWS Cloudwatch Metrics, Cloudwatch Alerts, Stackdriver Metrics, StatsD, Datadog, Nagios, vSphere Metrics na ndị ọzọ. Ọ bụ isi mmalite mepere emepe ma nwee asụsụ ajụjụ dị ike. Anyị ga-enyefe ihe ngosi ahụ n'aka Grafana - ọ na-abịa na ọnụ ọgụgụ dashboard dị ukwuu dị na igbe ahụ. A na-ejikọta ha na ibe ha ma dị mfe iji wụnye ya .
Site na ndabara, Prometheus na-eji ụdị mmịpụta <service>/metrics, na ịgbakwụnye akụkụ ụgbọ ala maka nke a bụ ihe a na-ahụkarị. N'ụzọ dị mwute, JMX metrics kacha mma na-abanye n'ime JVM, ya mere, akụkụ ụgbọ ala adịghị arụ ọrụ nke ọma. Ka anyị jikọọ isi mmalite sitere na Prometheus gaa na JVM site na ịgbakwunye ya na foto akpa nke ga-enye ụzọ ahụ /metrics n'ọdụ ụgbọ mmiri dị iche.
Tinye Prometheus jmx_exporter na akpa
-- images/camunda-bpm/Dockerfile
FROM camunda/camunda-bpm-platform:tomcat-7.11.0
## Add prometheus exporter
RUN wget https://repo1.maven.org/maven2/io/prometheus/jmx/
jmx_prometheus_javaagent/0.11.0/jmx_prometheus_javaagent-0.11.0.jar -P lib/
#9404 is the reserved prometheus-jmx port
ENV CATALINA_OPTS -javaagent:lib/
jmx_prometheus_javaagent-0.11.0.jar=9404:/etc/config/prometheus-jmx.yaml
Ọfọn, nke ahụ dị mfe. Onye mbupụ ga-enyocha tomcat wee gosipụta metrik ya na usoro Prometheus na <svc>:9404/metrics
Nhazi onye mbupụ
Onye na-agụ nke ọma nwere ike ịnọ na-eche ebe o si bịa prometheus-jmx.yaml? Enwere ọtụtụ ihe dị iche iche nwere ike ịgba ọsọ na JVM, na tomcat bụ naanị otu n'ime ha, ya mere onye na-ebupụ chọrọ nhazi ọzọ. Nhazi ọkọlọtọ maka tomcat, wildfly, kafka na ndị ọzọ dị . Anyị ga-agbakwunye tomcat dị ka na Kubernetes wee bulie ya dị ka olu.
Nke mbụ, anyị na-agbakwunye faịlụ nhazi nke mbupụ na ikpo okwu / config / ndekọ anyị
platform/config
└── prometheus-jmx.yaml
Mgbe ahụ, anyị na-agbakwụnye в kustomization.yaml.tmpl:
-- platform/kustomization.yaml.tmpl
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
[...]
configMapGenerator:
- name: config
files:
- config/prometheus-jmx.yaml
Nke a ga-agbakwunye ihe ọ bụla files[] dị ka ihe nhazi nhazi ConfigMap. ConfigMapGenerators dị mma n'ihi na ha hash data nhazi na ịmanye pọd malitegharịa ma ọ bụrụ na ọ gbanwere. Ha na-ebelata ọnụọgụ nhazi na ntinye ebe ọ bụ na ị nwere ike ịkwanye "nchekwa" nke faịlụ nhazi n'otu VolumeMount.
N'ikpeazụ, anyị kwesịrị ịkwanye ConfigMap dị ka olu na pọd:
-- platform/deployment.yaml
apiVersion: apps/v1
kind: Deployment
[...]
spec:
template:
spec:
[...]
volumes:
- name: config
configMap:
name: config
defaultMode: 0744
containers:
- name: camunda-bpm
volumeMounts:
- mountPath: /etc/config/
name: config
[...]
magburu onwe ya. Ọ bụrụ na ahazighị Prometheus ka ọ mee mkpochapụ zuru oke, ị nwere ike ịgwa ya ka ọ hichaa pọd. Ndị ọrụ Prometheus Operator nwere ike iji service-monitor.yaml ibido. Nyochaa Service-monitor.yaml, и tupu ịmalite.
Ịgbatị ụkpụrụ a na ihe ndị ọzọ eji eme ihe
Faịlụ niile anyị gbakwunyere na ConfigMapGenerator ga-adị na ndekọ ọhụrụ /etc/config. Ị nwere ike ịgbatị template a iji bulie faịlụ nhazi ọ bụla ịchọrọ. Ị nwere ike ịkwanye edemede mmalite ọhụrụ. Ị nwere ike iji iji bulie faịlụ n'otu n'otu. Ka imelite faịlụ xml, tụlee iji kama sed. E tinyelarị ya na onyonyo a.
Magazin
Ozi ọma! Ndekọ ngwa adịlarị na stdout, dịka ọmụmaatụ na kubectl logs. Fluentd (arụnyere na ndabara na GKE) ga-ebuga ndekọ gị na Elasticsearch, Loki, ma ọ bụ ikpo okwu ndekọ ụlọ ọrụ gị. Ọ bụrụ na ịchọrọ iji jsonify maka ndekọ mgbe ahụ ị nwere ike soro template dị n'elu iji wụnye .
Database
Site na ndabara, onyonyo a ga-enwe nchekwa data H2. Nke a adabaghị maka anyị, anyị ga-eji Google Cloud SQL na Cloud SQL Proxy - nke a ga-adị mkpa ma emechaa dozie nsogbu dị n'ime. Nke a bụ nhọrọ dị mfe ma bụrụ nke a pụrụ ịdabere na ya ma ọ bụrụ na ị nweghị mmasị gị na ịtọ ntọala nchekwa data. AWS RDS na-enye ọrụ yiri ya.
N'agbanyeghị nchekwa data ị họọrọ, ọ gwụla ma ọ bụ H2, ị ga-achọ ịtọ mgbanwe gburugburu ebe kwesịrị ekwesị na platform/deploy.yaml. Ọ dị ka nke a:
-- platform/deployment.yaml
apiVersion: apps/v1
kind: Deployment
[...]
spec:
template:
spec:
[...]
containers:
- name: camunda-bpm
env:
- name: DB_DRIVER
value: org.postgresql.Driver
- name: DB_URL
value: jdbc:postgresql://postgres-proxy.db:5432/process-engine
- name: DB_USERNAME
valueFrom:
secretKeyRef:
name: cambpm-db-credentials
key: db_username
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: cambpm-db-credentials
key: db_password
[...]
Примечание: Ị nwere ike iji Kustomize ka ibuga na gburugburu dị iche iche site na iji ihe mkpuchi: .
Примечание: eji valueFrom: secretKeyRef. Biko, jiri ọbụlagodi n'oge mmepe iji chekwaa ihe nzuzo gị.
O yikarịrị ka ị nweelarị usoro ọkacha mmasị maka ijikwa nzuzo Kubernetes. Ọ bụrụ na ọ bụghị, ebe a bụ ụfọdụ nhọrọ: Iji KMS onye na-eweta igwe ojii zoo ha wee tinye ha na K8S dị ka ihe nzuzo site na pipeline CD - - ga-arụ ọrụ nke ọma na ngwakọta na Kustomize nzuzo. Enwere ngwaọrụ ndị ọzọ, dị ka dotGPG, na-arụ ọrụ ndị yiri ya: , .
Nje
Ọ gwụla ma ịhọrọ iji mbugharị ọdụ ụgbọ mmiri mpaghara, ị ga-achọ onye njikwa Ingress ahaziri. Ọ bụrụ na ị naghị eji () mgbe ahụ ọ ga-abụ na ị maralarị na ịchọrọ itinye nkọwa ndị dị mkpa na ingress-patch.yaml.tmpl ma ọ bụ platform/ingress.yaml. Ọ bụrụ na ị na-eji ingress-nginx wee hụ klas nginx ingress nke nwere ihe nrụnye ibu na-atụ aka na ya yana DNS mpụga ma ọ bụ ntinye DNS nke anụ ọhịa, ị dị mma ịga. Ma ọ bụghị ya, hazie Ingress Controller na DNS, ma ọ bụ gbanye usoro ndị a ma debe njikọ ahụ kpọmkwem na pọd.
TLS
Ọ bụrụ na ị na-eji ma ọ bụ kube-lego na letsencrypt - asambodo maka nbanye ọhụrụ ga-enweta na akpaghị aka. Ma ọ bụghị ya, mepee ingress-patch.yaml.tmpl ma hazie ya ka o kwekọọ mkpa gị.
Mwepụta!
Ọ bụrụ na ị gbasoro ihe niile edere n'elu, mgbe ahụ iwu ahụ make skaffold HOSTNAME=<you.example.com> kwesịrị ịmalite ihe atụ dị na <hostname>/camunda
Ọ bụrụ na ịtọbeghị nbanye gị na URL ọha, ị nwere ike iji redirect ya localhost: kubectl port-forward -n camunda-bpm-demo svc/camunda-bpm 8080:8080 on localhost:8080/camunda
Chere nkeji ole na ole ruo mgbe tomcat dị njikere kpamkpam. Cert- manager ga-ewe oge iji nyochaa ngalaba aha. Ị nwere ike nyochaa ndekọ ahụ site na iji ngwaọrụ dị dị ka ngwá ọrụ dị ka kubetail, ma ọ bụ nanị iji kubectl:
kubectl logs -n camunda-bpm-demo $(kubectl get pods -o=name -n camunda-bpm-demo) -f
Nzọụkwụ ndị ọzọ
Ikike
Nke a dị mkpa maka ịhazi Camunda BPM karịa Kubernetes, mana ọ dị mkpa iburu n'uche na na ndabara, enweghị nkwarụ na REST API. Ị nwere ike ma ọ bụ jiri usoro ọzọ dị ka . Ị nwere ike iji configmaps na mpịakọta iji buo xml, ma ọ bụ xmlstarlet (lee n'elu) iji dezie faịlụ ndị dị na foto a, ma jiri wget ma ọ bụ buo ha site na iji init akpa na oke òkè.
Nlekọta oge
Dị ka ọtụtụ ngwa ndị ọzọ, Camunda BPM na-edozi nnọkọ na JVM, yabụ ọ bụrụ na ịchọrọ ịme ọtụtụ ihe oyiri, ị nwere ike mee ka nnọkọ nnyapade (), nke ga-adị ruo mgbe oyiri ga-apụ n'anya, ma ọ bụ tọọ njirimara Max-Age maka kuki. Maka ngwọta siri ike karị, ị nwere ike ibuga Njikwa Oge na Tomcat. Lars nwere na isiokwu a, mana ihe dị ka:
wget http://repo1.maven.org/maven2/de/javakaffee/msm/memcached-session-manager/
2.3.2/memcached-session-manager-2.3.2.jar -P lib/ &&
wget http://repo1.maven.org/maven2/de/javakaffee/msm/memcached-session-manager-tc9/
2.3.2/memcached-session-manager-tc9-2.3.2.jar -P lib/ &&
sed -i '/^</Context>/i
<Manager className="de.javakaffee.web.msm.MemcachedBackupSessionManager"
memcachedNodes="redis://redis-proxy.db:22121"
sticky="false"
sessionBackupAsync="false"
storageKeyPrefix="context"
lockingMode="auto"
/>' conf/context.xml
Примечание: ị nwere ike iji xmlstarlet kama sed
Anyị ji n'ihu Google Cloud Memorystore, na (na-akwado Redis) iji mee ya.
Ịtụle
Ọ bụrụ na ị ghọtarala nnọkọ, mgbe ahụ njedebe nke mbụ (na mgbe ikpeazụ) maka ịkachasị Camunda BPM nwere ike ịbụ njikọ na nchekwa data. Nhazi akụkụ adịlarị"" Ka anyị gbanyụọ intialSize na faịlụ settings.xml. Tinye na ị nwere ike mfe na-akpaghị aka ọnụ ọgụgụ nke pọd.
Arịrịọ na mgbochi
В platform/deployment.yaml Ị ga-ahụ na anyị etinyela koodu mpaghara akụrụngwa. Nke a na-arụ ọrụ nke ọma na HPA, mana ọ nwere ike ịchọ nhazi ọzọ. Ngwunye kustomize dabara maka nke a. Cm. ingress-patch.yaml.tmpl и ./kustomization.yaml.tmpl
nkwubi
Ya mere, anyị wụnye Camunda BPM na Kubernetes na Prometheus metrics, logs, H2 database, TLS na Ingress. Anyị gbakwunyere faịlụ ite na faịlụ nhazi site na iji ConfigMaps na Dockerfile. Anyị na-ekwu maka mgbanwe data na mpịakọta yana ozugbo na mgbanwe gburugburu ebe obibi site na nzuzo. Na mgbakwunye, anyị nyere nkọwapụta nke ịtọlite Camunda maka ọtụtụ oyiri yana API emelitere.
zoro
github.com/camunda-cloud/camunda-examples/camunda-bpm-kubernetes
│
├── generated-manifest.yaml <- manifest for use without kustomize
├── images
│ └── camunda-bpm
│ └── Dockerfile <- overlay docker image
├── ingress-patch.yaml.tmpl <- site-specific ingress configuration
├── kustomization.yaml.tmpl <- main Kustomization
├── Makefile <- make targets
├── namespace.yaml
├── platform
│ ├── config
│ │ └── prometheus-jmx.yaml <- prometheus exporter config file
│ ├── deployment.yaml <- main deployment
│ ├── ingress.yaml
│ ├── kustomization.yaml <- "base" kustomization
│ ├── service-monitor.yaml <- example prometheus-operator config
│ └── service.yaml
└── skaffold.yaml.tmpl <- skaffold directives
05.08.2020/XNUMX/XNUMX, ntụgharị asụsụ Alastair Firth, Lars Lange
isi: www.habr.com