In hoc articulo utimur vercundus, ssh, Docker ΠΈ nginx Inconsutilem extensionem interretialis ordinabimus. Caeruleo-viridis instruere ars est quae sinit te statim applicationem renovare sine petitione unica repudiantis. Una est e nulla downtime inceptis instruere et ad applicationes una instantia aptissima est, sed facultas ad alterum onerandi instantiam prope paratam.
Dicamus te applicationem habere interretialem qua multi clientes active laborant, et omnino nullo modo est ut pro duobus secundis cubare possit. Et vere debes evolvere update bibliothecam, cimex fix, vel novum frigus pluma. In communi situ, applicatione prohibere necesse est, repone et iterum incipias. In casu lapatho primum reponere potes, deinde sileo, sed adhuc erit tempus in quo petitio applicationis non procedetur, quia plerumque applicatio temporis ad initium oneris sumit. Quid si incipit, sed inexoperabilis evadit? Haec est quaestio, eam minimis modis quam lepide solvamus.
DECLAMATOR: Plerique articuli in forma experimentali exhibentur - in forma recordationis sessionis consolatoriae. Utinam hoc nimis difficilis sit intellectui ac signum ipsum satis documentum dabit. Nam atmosphaera, finge haec excerpta non solum codicem, sed chartam ex teletypo "ferreo".
Artes interest quae difficiles Google modo legendo codicem describuntur in initio cuiusque sectionis. Si quid aliud incertum est, google illud et vide. explainshell (Fortune iterum operatur propter solutionem telegraphi). Si nihil Google potes, in commenta quaere. Laetus ero sectioni respondens βInterretis artibusβ.
Incipiamus.
$ mkdir blue-green-deployment && cd $_
obsequium
experimentalem faciamus operam et in vase ponemus.
Interestings technicae
cat << EOF > file-name (Hic Document + I / O Redirection) via multi-linea fasciculi cum uno praecepto creare est. Omnia vercundus legit ex /dev/stdin post hanc lineam et ante lineam EOF ut perscribetur file-name.
wget -qO- URL (explainshell) - output documentum receptum per HTTP to /dev/stdout (analog curl URL).
Printout
Praecipue aculeum frango ut Python ut luceat. In fine erit alia pars huius modi. Videte chartam in his locis incisam mittendam esse ad quatenus (ubi signum erat manu coloratum cum highlighters), partes hae posteriores agglutinatae sunt.
$ cat << EOF > uptimer.py
from http.server import BaseHTTPRequestHandler, HTTPServer
from time import monotonic
app_version = 1
app_name = f'Uptimer v{app_version}.0'
loading_seconds = 15 - app_version * 5
class Handler(BaseHTTPRequestHandler):
def do_GET(self):
if self.path == '/':
try:
t = monotonic() - server_start
if t < loading_seconds:
self.send_error(503)
else:
self.send_response(200)
self.send_header('Content-Type', 'text/html')
self.end_headers()
response = f'<h2>{app_name} is running for {t:3.1f} seconds.</h2>n'
self.wfile.write(response.encode('utf-8'))
except Exception:
self.send_error(500)
else:
self.send_error(404)
httpd = HTTPServer(('', 8080), Handler)
server_start = monotonic()
print(f'{app_name} (loads in {loading_seconds} sec.) started.')
httpd.serve_forever()
EOF
$ cat << EOF > Dockerfile
FROM python:alpine
EXPOSE 8080
COPY uptimer.py app.py
CMD [ "python", "-u", "./app.py" ]
EOF
$ docker build --tag uptimer .
Sending build context to Docker daemon 39.42kB
Step 1/4 : FROM python:alpine
---> 8ecf5a48c789
Step 2/4 : EXPOSE 8080
---> Using cache
---> cf92d174c9d3
Step 3/4 : COPY uptimer.py app.py
---> a7fbb33d6b7e
Step 4/4 : CMD [ "python", "-u", "./app.py" ]
---> Running in 1906b4bd9fdf
Removing intermediate container 1906b4bd9fdf
---> c1655b996fe8
Successfully built c1655b996fe8
Successfully tagged uptimer:latest
$ docker run --rm --detach --name uptimer --publish 8080:8080 uptimer
8f88c944b8bf78974a5727070a94c76aa0b9bb2b3ecf6324b784e782614b2fbf
$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8f88c944b8bf uptimer "python -u ./app.py" 3 seconds ago Up 5 seconds 0.0.0.0:8080->8080/tcp uptimer
$ docker logs uptimer
Uptimer v1.0 (loads in 10 sec.) started.
$ wget -qSO- http://localhost:8080
HTTP/1.0 503 Service Unavailable
Server: BaseHTTP/0.6 Python/3.8.3
Date: Sat, 22 Aug 2020 19:52:40 GMT
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 484
$ wget -qSO- http://localhost:8080
HTTP/1.0 200 OK
Server: BaseHTTP/0.6 Python/3.8.3
Date: Sat, 22 Aug 2020 19:52:45 GMT
Content-Type: text/html
<h2>Uptimer v1.0 is running for 15.4 seconds.</h2>
$ docker rm --force uptimer
uptimer
Reverse procuratorem
Ut autem applicatio nostra inscios mutare possit, necesse est ut sit aliquod aliud ens prae se, quod eius subrogetur. Posset esse telam server nginx Π² contrarium procuratoris modus. Procurator vicissim constituitur inter clientem et applicationem. Petitiones a clientibus accipit, eosque ad applicationem et applicationem responsa clientium promovet.
Applicatio et e converso procurator coniungi potest intus utens fautor docker network. Ita vas applicationis ne portum quidem hospitariae promovere necesse est, hoc applicatione ab minis externis maxime remotum esse permittit.
Si contra procuratorem in alio hospite vivit, retiaculum schoenale relinquere debebis et applicationes ad e contrario procuratorem per retis exercitum applicandum, portum promovendum. apps modulus --publishsicut prius et cum procuratorio.
Contrarium procuratorem in portu 80 curremus, quia haec est prorsus entitas quae auscultare debet retiacula externa. Si 80 portum tuum hospes occupatus est, modulum mutare --publish 80:80 on --publish ANY_FREE_PORT:80.
$ docker network create web-gateway
5dba128fb3b255b02ac012ded1906b7b4970b728fb7db3dbbeccc9a77a5dd7bd
$ docker run --detach --rm --name uptimer --network web-gateway uptimer
a1105f1b583dead9415e99864718cc807cc1db1c763870f40ea38bc026e2d67f
$ docker run --rm --network web-gateway alpine wget -qO- http://uptimer:8080
<h2>Uptimer v1.0 is running for 11.5 seconds.</h2>
$ docker run --detach --publish 80:80 --network web-gateway --name reverse-proxy nginx:alpine
80695a822c19051260c66bf60605dcb4ea66802c754037704968bc42527bf120
$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
80695a822c19 nginx:alpine "/docker-entrypoint.β¦" 27 seconds ago Up 25 seconds 0.0.0.0:80->80/tcp reverse-proxy
a1105f1b583d uptimer "python -u ./app.py" About a minute ago Up About a minute 8080/tcp uptimer
$ cat << EOF > uptimer.conf
server {
listen 80;
location / {
proxy_pass http://uptimer:8080;
}
}
EOF
$ docker cp ./uptimer.conf reverse-proxy:/etc/nginx/conf.d/default.conf
$ docker exec reverse-proxy nginx -s reload
2020/06/23 20:51:03 [notice] 31#31: signal process started
$ wget -qSO- http://localhost
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Sat, 22 Aug 2020 19:56:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
<h2>Uptimer v1.0 is running for 104.1 seconds.</h2>
Inconsutilem instruere
Novam versionem applicationis evolvamus (cum duplici satus perficiendi boost) et illam compagem explicandi conetur.
Interestings technicae
echo 'my text' | docker exec -i my-container sh -c 'cat > /my-file.txt' - Write text my text ut file /my-file.txt intra continens my-container.
cat > /my-file.txt - scribe contenta vexillum initus ad lima /dev/stdin.
Printout
$ sed -i "s/app_version = 1/app_version = 2/" uptimer.py
$ docker build --tag uptimer .
Sending build context to Docker daemon 39.94kB
Step 1/4 : FROM python:alpine
---> 8ecf5a48c789
Step 2/4 : EXPOSE 8080
---> Using cache
---> cf92d174c9d3
Step 3/4 : COPY uptimer.py app.py
---> 3eca6a51cb2d
Step 4/4 : CMD [ "python", "-u", "./app.py" ]
---> Running in 8f13c6d3d9e7
Removing intermediate container 8f13c6d3d9e7
---> 1d56897841ec
Successfully built 1d56897841ec
Successfully tagged uptimer:latest
$ docker run --detach --rm --name uptimer_BLUE --network web-gateway uptimer
96932d4ca97a25b1b42d1b5f0ede993b43f95fac3c064262c5c527e16c119e02
$ docker logs uptimer_BLUE
Uptimer v2.0 (loads in 5 sec.) started.
$ docker run --rm --network web-gateway alpine wget -qO- http://uptimer_BLUE:8080
<h2>Uptimer v2.0 is running for 23.9 seconds.</h2>
$ sed s/uptimer/uptimer_BLUE/ uptimer.conf | docker exec --interactive reverse-proxy sh -c 'cat > /etc/nginx/conf.d/default.conf'
$ docker exec reverse-proxy cat /etc/nginx/conf.d/default.conf
server {
listen 80;
location / {
proxy_pass http://uptimer_BLUE:8080;
}
}
$ docker exec reverse-proxy nginx -s reload
2020/06/25 21:22:23 [notice] 68#68: signal process started
$ wget -qO- http://localhost
<h2>Uptimer v2.0 is running for 63.4 seconds.</h2>
$ docker rm -f uptimer
uptimer
$ wget -qO- http://localhost
<h2>Uptimer v2.0 is running for 84.8 seconds.</h2>
$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
96932d4ca97a uptimer "python -u ./app.py" About a minute ago Up About a minute 8080/tcp uptimer_BLUE
80695a822c19 nginx:alpine "/docker-entrypoint.β¦" 8 minutes ago Up 8 minutes 0.0.0.0:80->80/tcp reverse-proxy
In hac scaena, imago directe aedificatur in calculonis, qui postulat ut ibi sint fontes, et etiam servo cum labore supervacuo onerat. Proximus gradus est imaginem imaginis collocare ad machinam separatam (exempli gratia, ad rationem CI) et postea ad ministratorem transferre.
imagines transferendi
Infeliciter, sensum transferre imagines non facit ab locali ad hospitem localem, ergo haec sectio solum explorari potest si duas turmas cum Docker in manu habeas. Ad minimum aliquid sic spectat:
$ ssh production-server docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
$ docker image save uptimer | ssh production-server 'docker image load'
Loaded image: uptimer:latest
$ ssh production-server docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
uptimer latest 1d56897841ec 5 minutes ago 78.9MB
bigas docker save imaginum notitias servat in archivo .tar, id quod plus pondo 1.5 times quam forma compressa ponderat. Excutemus igitur hoc nomine temporis et mercaturae;
Nunc omnia colligamus quae in unum scriptionem manuale fecimus. In summo gradu munus sit amet, et vide alios in eo usus.
Interestings technicae
${parameter?err_msg} - unus de magicis carminibus vercundus (aka modulus substitutionis). Si parameter non certa, output " err_msg et exeunt cum codice 1 .
docker --log-driver journald - defaltam, agitator auctor logging est fasciculus textus sine omni rotatione. Hoc aditu omnia celeriter totum orbem implent, ideo ad efficiendum environment necessarium est aurigam in stimulo mutare.
Scriptum instruere
deploy() {
local usage_msg="Usage: ${FUNCNAME[0]} image_name"
local image_name=${1?$usage_msg}
ensure-reverse-proxy || return 2
if get-active-slot $image_name
then
local OLD=${image_name}_BLUE
local new_slot=GREEN
else
local OLD=${image_name}_GREEN
local new_slot=BLUE
fi
local NEW=${image_name}_${new_slot}
echo "Deploying '$NEW' in place of '$OLD'..."
docker run
--detach
--restart always
--log-driver journald
--name $NEW
--network web-gateway
$image_name || return 3
echo "Container started. Checking health..."
for i in {1..20}
do
sleep 1
if get-service-status $image_name $new_slot
then
echo "New '$NEW' service seems OK. Switching heads..."
sleep 2 # Ensure service is ready
set-active-slot $image_name $new_slot || return 4
echo "'$NEW' service is live!"
sleep 2 # Ensure all requests were processed
echo "Killing '$OLD'..."
docker rm -f $OLD
docker image prune -f
echo "Deployment successful!"
return 0
fi
echo "New '$NEW' service is not ready yet. Waiting ($i)..."
done
echo "New '$NEW' service did not raise, killing it. Failed to deploy T_T"
docker rm -f $NEW
return 5
}
get-active-slot service_name - Decernit quod socors sit amet activum pro servitio dato (BLUE aut GREEN)
get-service-status service_name deployment_slot - Decernit utrum servitium sit paratum ad processum petitionum advenientium
set-active-slot service_name deployment_slot - Mutat nginx aboutconfig in contrarium procuratorem continens
Ut:
ensure-reverse-proxy() {
is-container-up reverse-proxy && return 0
echo "Deploying reverse-proxy..."
docker network create web-gateway
docker run
--detach
--restart always
--log-driver journald
--name reverse-proxy
--network web-gateway
--publish 80:80
nginx:alpine || return 1
docker exec --interactive reverse-proxy sh -c "> /etc/nginx/conf.d/default.conf"
docker exec reverse-proxy nginx -s reload
}
is-container-up() {
local container=${1?"Usage: ${FUNCNAME[0]} container_name"}
[ -n "$(docker ps -f name=${container} -q)" ]
return $?
}
get-active-slot() {
local service=${1?"Usage: ${FUNCNAME[0]} service_name"}
if is-container-up ${service}_BLUE && is-container-up ${service}_GREEN; then
echo "Collision detected! Stopping ${service}_GREEN..."
docker rm -f ${service}_GREEN
return 0 # BLUE
fi
if is-container-up ${service}_BLUE && ! is-container-up ${service}_GREEN; then
return 0 # BLUE
fi
if ! is-container-up ${service}_BLUE; then
return 1 # GREEN
fi
}
get-service-status() {
local usage_msg="Usage: ${FUNCNAME[0]} service_name deployment_slot"
local service=${1?usage_msg}
local slot=${2?$usage_msg}
case $service in
# Add specific healthcheck paths for your services here
*) local health_check_port_path=":8080/" ;;
esac
local health_check_address="http://${service}_${slot}${health_check_port_path}"
echo "Requesting '$health_check_address' within the 'web-gateway' docker network:"
docker run --rm --network web-gateway alpine
wget --timeout=1 --quiet --server-response $health_check_address
return $?
}
set-active-slot() {
local usage_msg="Usage: ${FUNCNAME[0]} service_name deployment_slot"
local service=${1?$usage_msg}
local slot=${2?$usage_msg}
[ "$slot" == BLUE ] || [ "$slot" == GREEN ] || return 1
get-nginx-config $service $slot | docker exec --interactive reverse-proxy sh -c "cat > /etc/nginx/conf.d/$service.conf"
docker exec reverse-proxy nginx -t || return 2
docker exec reverse-proxy nginx -s reload
}
munus get-active-slot exiguum explicationem requirit;
Cur numerus redit et chorda non output?
Alioqui in vocatione functionis exitum operis eius coercemus, et codicem exitus inhibito utens vercundus multo facilius est quam chorda cohibere. Praeterea filo ab eo admodum simplex; get-active-slot service && echo BLUE || echo GREEN.
Suntne tres conditiones satisne omnes status distinguere?
Etiam duo satis erunt, ultimus hic pro perfectione tantum est, ut non scribat else.
Munus solum quod redit nginx configs indeterminata manet; get-nginx-config service_name deployment_slot. Per analogiam cum perscriptio sanitatis, hic aliquem config pro quovis ministerio potes ponere. De rebus interesting - solum cat <<- EOFquae permittit ut omnes tab ab initio removeas. Verum, pretium bonae formaturae tabs cum spatiis admiscetur, quae hodie forma pessima censetur. Sed copiae tabs bash, et etiam pulchrum est habere normales formas in nginx config. In summa, miscens tabs cum spatiis hic vere videtur optima solutio de pessimo. Sed hoc in snippet infra non videbis, quia Habr bene facit, mutando omnes tabs in 4 spatia et EOF invalidum faciens. Et hic notabile est.
Ut bis non surgas, de tempore tibi dicam cat << 'EOF'quae infra occurrunt. Si simpliciter scribis cat << EOFintra heredoc chorda interpolata (variabiles dilatentur'.$foo) Mandatum vocat ($(bar)) etc.), et si finem documenti in singulis virgulis includas, interpolatio debilitata est ac symbolum $ ut ostenditur. Quod opus est tibi scripturam inserere in alio scripto.
get-nginx-config() {
local usage_msg="Usage: ${FUNCNAME[0]} service_name deployment_slot"
local service=${1?$usage_msg}
local slot=${2?$usage_msg}
[ "$slot" == BLUE ] || [ "$slot" == GREEN ] || return 1
local container_name=${service}_${slot}
case $service in
# Add specific nginx configs for your services here
*) nginx-config-simple-service $container_name:8080 ;;
esac
}
nginx-config-simple-service() {
local usage_msg="Usage: ${FUNCNAME[0]} proxy_pass"
local proxy_pass=${1?$usage_msg}
cat << EOF
server {
listen 80;
location / {
proxy_pass http://$proxy_pass;
}
}
EOF
}
Tota haec scriptura est. Itaque summa huic scripto ad deprimendum per wget vel Crispum.
Exsecutioni parameterized scriptor in remotis server
Tempus est ut servo scopo pulset. Hoc tempore localhost satis idoneus;
$ ssh-copy-id localhost
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
himura@localhost's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'localhost'"
and check to make sure that only the key(s) you wanted were added.
Scripsimus instruere scriptum quod downloads imaginem praestructam ad scopo servientis et seamlessly in locum servitutis continentis, sed quomodo possumus eam in machina remota facere? Scriptum argumenta habet, quia universalis est et plura officia simul sub uno contrario procuratore explicari potest (nginx configs uter uter utri domicilio erit qui serviat). Scriptum in calculonis condi non potest, cum in hoc casu statim illud renovare non poterimus (ad cimex figendi et nova opera addito), et generatim, malum = malum.
Solutio I: Servo adhuc repone scripturam, sed omne tempus illud imitare scp. Deinde coniungere via ssh et scripturam necessariis argumentis exequi.
cons:
Duo actiones pro uno
Non sit locus ubi transcribis, aut non sit aditus ad eum, aut scriptura exsecutioni mandari tempore substitutionis.
Post te dictum est (delere scriptionem).
Iam tres actiones.
Solutio 2;
Definitiones tantum functiones in scripto retine et nihil omnino currunt
cum sed addere munus vocationem ad finem
Mitte tibi omnia recta shh per pipe (|)
pros,
vere stateless
Nulla entia boilerplate
Sententia frigus
Id modo sine Ansible faciamus. Omnia iam inventa sunt. Immo birota. Vide quam simplex, elegans et minimus cursorium est:
$ cat << 'EOF' > deploy.sh
#!/bin/bash
usage_msg="Usage: $0 ssh_address local_image_tag"
ssh_address=${1?$usage_msg}
image_name=${2?$usage_msg}
echo "Connecting to '$ssh_address' via ssh to seamlessly deploy '$image_name'..."
( sed "$a deploy $image_name" | ssh -T $ssh_address ) << 'END_OF_SCRIPT'
deploy() {
echo "Yay! The '${FUNCNAME[0]}' function is executing on '$(hostname)' with argument '$1'"
}
END_OF_SCRIPT
EOF
$ chmod +x deploy.sh
$ ./deploy.sh localhost magic-porridge-pot
Connecting to localhost...
Yay! The 'deploy' function is executing on 'hut' with argument 'magic-porridge-pot'
Attamen certo certius non possumus quod hospes longinquus satis vercundus habet, itaque parvam perceptivum in principio adiciamus (hoc loco est. shellbang):
if [ "$SHELL" != "/bin/bash" ]
then
echo "The '$SHELL' shell is not supported by 'deploy.sh'. Set a '/bin/bash' shell for '$USER@$HOSTNAME'."
exit 1
fi
Et nunc verum est;
$ docker exec reverse-proxy rm /etc/nginx/conf.d/default.conf
$ wget -qO deploy.sh https://git.io/JUURc
$ chmod +x deploy.sh
$ ./deploy.sh localhost uptimer
Sending gzipped image 'uptimer' to 'localhost' via ssh...
Loaded image: uptimer:latest
Connecting to 'localhost' via ssh to seamlessly deploy 'uptimer'...
Deploying 'uptimer_GREEN' in place of 'uptimer_BLUE'...
06f5bc70e9c4f930e7b1f826ae2ca2f536023cc01e82c2b97b2c84d68048b18a
Container started. Checking health...
Requesting 'http://uptimer_GREEN:8080/' within the 'web-gateway' docker network:
HTTP/1.0 503 Service Unavailable
wget: server returned error: HTTP/1.0 503 Service Unavailable
New 'uptimer_GREEN' service is not ready yet. Waiting (1)...
Requesting 'http://uptimer_GREEN:8080/' within the 'web-gateway' docker network:
HTTP/1.0 503 Service Unavailable
wget: server returned error: HTTP/1.0 503 Service Unavailable
New 'uptimer_GREEN' service is not ready yet. Waiting (2)...
Requesting 'http://uptimer_GREEN:8080/' within the 'web-gateway' docker network:
HTTP/1.0 200 OK
Server: BaseHTTP/0.6 Python/3.8.3
Date: Sat, 22 Aug 2020 20:15:50 GMT
Content-Type: text/html
New 'uptimer_GREEN' service seems OK. Switching heads...
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
2020/08/22 20:15:54 [notice] 97#97: signal process started
The 'uptimer_GREEN' service is live!
Killing 'uptimer_BLUE'...
uptimer_BLUE
Total reclaimed space: 0B
Deployment successful!
Nunc potes aperire http://localhost/ in navigatro, iterum instruere instruere et fac ut compagem incurrat adaequationis paginam secundum CD in extensione.