ProHoster > Блог > Whakahaerenga > Te whakahaere i te Camunda BPM i runga i nga Kubernetes

Te whakahaere i te Camunda BPM i runga i nga Kubernetes

Te whakahaere i te Camunda BPM i runga i nga Kubernetes

Kei te whakamahi koe i nga Kubernetes? Kua reri ki te neke atu i to tauira Camunda BPM mai i nga miihini mariko, me ngana noa ranei ki te whakahaere i runga i nga Kubernetes? Me titiro ki etahi whirihoranga noa me nga mea takitahi ka taea te whakarite ki o hiahia motuhake.

Ko te whakaaro kua whakamahia e koe a Kubernetes i mua. Ki te kore, he aha e kore e titiro ki rangatira a kaua e timata i to huinga tuatahi?

Kaitito

  • Alastair Firth (Alastair Firth) - Kaitohutohu Pae Matua i runga i te kapa Camunda Cloud;
  • Lars Lange (Lars Lange) - Kaihanga DevOps i Camunda.

Hei poto:

git clone https://github.com/camunda-cloud/camunda-examples.git
cd camunda-examples/camunda-bpm-demo
make skaffold

Kaati, kaore pea i mahi na te mea karekau he skaffold me te kustomize i whakauruhia. Na ka panuihia!

He aha te Camunda BPM

Ko te Camunda BPM he punaha whakahaere tukanga pakihi me te papaautu aunoatanga whakatau e hono ana i nga kaiwhakamahi pakihi me nga kaihanga rorohiko. He mea pai mo te ruruku me te hono i nga tangata, (micro) ratonga, tae noa ki nga potae! Ka taea e koe te panui atu mo nga keehi whakamahi rereke i hono.

He aha te whakamahi Kubernetes

Kua noho a Kubernetes te paerewa pono mo te whakahaere i nga tono hou i runga i te Linux. Ma te whakamahi i nga waea punaha hei utu mo te whakahiato taputapu me te kaha o te kernel ki te whakahaere i te mahara me te huri mahi, ka iti ake te wa whakaoho me te wa whakaoho. Engari, ko te painga nui ka puta mai i te API paerewa e whakaratohia ana e Kubernetes hei whirihora i nga hanganga e hiahiatia ana e nga tono katoa: te rokiroki, te whatunga, me te aroturuki. I huri ki te 2020 tau i te Hune 6 a koinei pea te tuarua o nga kaupapa tuwhera nui rawa atu (i muri i a Linux). No tata nei kua kaha te whakapumau i tana mahi whai muri i te tere o te whitiwhitinga i roto i nga tau kua hipa na te mea he mea nui ki nga mahi whakangao huri noa i te ao.

Ka taea e Camunda BPM Engine te hono ngawari ki etahi atu tono e rere ana i runga i te roopu kotahi, a ka whakarato a Kubernetes i te tauine pai rawa atu, ka taea e koe te whakanui ake i nga utu hangahanga ina tika ana (me te whakaiti ngawari ina hiahiatia).

Ko te kounga o te aro turuki ka tino pai ake me nga taputapu penei i a Prometheus, Grafana, Loki, Fluentd me Elasticsearch, ka taea e koe te tiro ki te puku o nga mahi katoa i roto i te roopu. I tenei ra ka titiro tatou me pehea te whakatinana i te Kaituku Prometheus ki roto i te Java Virtual Machine (JVM).

Ngā Whāinga

Kia titiro tatou ki etahi waahi ka taea e tatou te whakarite i te ahua o te ahua o Camunda BPM Docker (GitHub) kia pai ai te mahi tahi me Kubernetes.

  1. Rangitaki me nga inenga;
  2. hononga pātengi raraunga;
  3. Motuhēhēnga;
  4. Te whakahaerenga hui.

He maha nga huarahi ka tirohia e matou ki te whakatutuki i enei whainga me te whakaatu marama i nga mahi katoa.

parau: Kei te whakamahi koe i te putanga Enterprise? Titiro konei me te whakahou i nga hononga whakaahua ina hiahiatia.

Te whanaketanga rerenga mahi

I tenei whakaaturanga, ka whakamahia e matou a Skaffold ki te hanga whakaahua Docker ma te whakamahi i te Google Cloud Build. He pai te tautoko mo nga momo taputapu (penei i a Kustomize me Helm), CI me nga taputapu hanga, me nga kaiwhakarato hanganga. Kōnae skaffold.yaml.tmpl kei roto i nga tautuhinga mo Google Cloud Build me GKE, he huarahi tino ngawari ki te whakahaere i nga hanganga-whakangao.

make skaffold ka utaina te horopaki Dockerfile ki te Hanga Kapua, hanga te ahua ka penapena ki te GCR, katahi ka hoatu nga whakaaturanga ki to huinga. Ko te mahi tenei make skaffold, engari he maha atu nga ahuatanga o Skaffold.

Mo nga tauira yaml i Kubernetes, ka whakamahia e matou te customize ki te whakahaere i nga whakakikorua yaml me te kore e mawehe i te whakaaturanga katoa, ka taea e koe te whakamahi git pull --rebase mo nga whakapainga ake. Inaianei kei te kubectl a he pai te mahi mo enei mea.

Ka whakamahia ano e matou te envsubst ki te whakakii i te ingoa kaihautu me te ID kaupapa GCP i roto i nga konae *.yaml.tmpl. Ka taea e koe te kite me pehea te mahi i roto makefile haere tonu atu ranei.

Nga whakaritenga e hiahiatia ana

  • Huihui mahi Kubernetes
  • Whakaritea
  • Tauira - mo te hanga i o ake whakaahua docker me te tuku ngawari ki te GKE
  • He kape o tenei waehere
  • Envsubst

Reremahi ma te whakamahi whakaaturanga

Mena kaore koe e hiahia ki te whakamahi i te kustomize, te skaffold ranei, ka taea e koe te korero ki nga whakaaturanga i roto generated-manifest.yaml ka urutau ki te rerenga mahi e hiahia ana koe.

Rangitaki me nga inenga

Ko Prometheus te paerewa mo te kohi inenga i Kubernetes. He rite tonu te waahi ki te AWS Cloudwatch Metrics, Cloudwatch Alerts, Stackdriver Metrics, StatsD, Datadog, Nagios, vSphere Metrics me etahi atu. He puna tuwhera, he reo patai kaha. Ka tukuna e matou te tirohanga ki a Grafana - ka tae mai me te maha o nga papatohu kei waho o te pouaka. He mea hono ki a raua, he ngawari noa te whakauru prometheus-kaiwhakahaere.

Ma te taunoa, ka whakamahia e Prometheus te tauira tangohanga <service>/metrics, me te taapiri i nga ipu tahataha mo tenei he mea noa. Ko te mea pouri, ko nga inenga JMX he pai te whakauru ki roto i te JVM, na reira kaore i tino pai nga ipu tahataha. Kia hono tatou jmx_kaituku puna tuwhera mai i Prometheus ki te JVM ma te taapiri atu ki te ahua ipu ka puta te huarahi /metrics i runga i tetahi tauranga rereke.

Tāpiri Prometheus jmx_exporter ki te ipu

-- images/camunda-bpm/Dockerfile
FROM camunda/camunda-bpm-platform:tomcat-7.11.0

## Add prometheus exporter
RUN wget https://repo1.maven.org/maven2/io/prometheus/jmx/
jmx_prometheus_javaagent/0.11.0/jmx_prometheus_javaagent-0.11.0.jar -P lib/
#9404 is the reserved prometheus-jmx port
ENV CATALINA_OPTS -javaagent:lib/
jmx_prometheus_javaagent-0.11.0.jar=9404:/etc/config/prometheus-jmx.yaml

Ana, he ngawari tena. Ka aro turuki te kaihoko ki te tomcat me te whakaatu i ana inenga ki te whakatakotoranga Prometheus i <svc>:9404/metrics

Tatūnga kaihoko

Ka whakaaro pea te kaipanui whakarongo no hea mai prometheus-jmx.yaml? He maha nga mea rereke ka taea te whakahaere i roto i te JVM, a ko te tomcat tetahi o enei, na reira ka hiahia te kaihoko ki etahi atu whirihoranga. Ko nga whirihoranga paerewa mo te tomcat, wildfly, kafka me etahi atu e waatea ana konei. Ka taapirihia e matou te tomcat hei Mahere Whirihora i Kubernetes ka whakairihia hei rōrahi.

Tuatahi, ka taapirihia e matou te konae whirihoranga kaihoko ki to maatau papaarangi/config/ whaiaronga

platform/config
└── prometheus-jmx.yaml

Na ka tapiritia e matou ConfigMapGenerator в kustomization.yaml.tmpl:

-- platform/kustomization.yaml.tmpl
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
[...] configMapGenerator:
- name: config
files:
- config/prometheus-jmx.yaml

Ma tenei ka taapiri ia huānga files[] hei huānga whirihoranga ConfigMap. He rawe nga ConfigMapGenerators na te mea ka whakamaarama i nga raraunga whirihoranga me te akiaki i te whakaara ano i te pona mena ka huri. Ka whakahekehia hoki te nui o te whirihoranga i roto i te Whakamahinga mai i te mea ka taea e koe te whakanoho i te "kōpaki" katoa o nga konae whirihoranga i roto i te VolumeMount kotahi.

Ka mutu, me whakairihia te ConfigMap hei rōrahi ki te pod:

-- platform/deployment.yaml
apiVersion: apps/v1
kind: Deployment
[...] spec:
template:
spec:
[...] volumes:
- name: config
configMap:
name: config
defaultMode: 0744
containers:
- name: camunda-bpm
volumeMounts:
- mountPath: /etc/config/
name: config
[...]

Whakamiharo. Mena karekau a Prometheus i whirihora ki te horoi katoa, me kii atu koe ki te horoi i nga poro. Ka taea e nga kaiwhakamahi Prometheus Operator te whakamahi service-monitor.yaml ki te timata. Torotoro Service-monitor.yaml, hoahoa kaiwhakahaere и RatongaAroturukiSpec i mua i to tiimata.

Te whakaroa atu i tenei tauira ki etahi atu keehi whakamahi

Ko nga konae katoa ka taapirihia e matou ki te ConfigMapGenerator ka waatea ki te raarangi hou /etc/config. Ka taea e koe te whakawhānui i tenei tauira ki te whakairi i etahi atu konae whirihoranga e hiahia ana koe. Ka taea e koe te whakauru i tetahi tuhinga whakaoho hou. Ka taea e koe te whakamahi araroto ki te whakairi i nga konae takitahi. Hei whakahou i nga konae xml, whakaarohia te whakamahi xmlstarlet hei utu mo te sed. Kua whakauruhia ki roto i te ahua.

Moheni

He rongo pai! Kei te waatea nga raarangi tono i runga i te stdout, hei tauira me kubectl logs. Ko te Fluentd (kua whakauruhia ma te taunoa i roto i te GKE) ka tuku atu i o raarangi ki Elasticsearch, Loki, ki to papaahi takiuru hinonga ranei. Mena kei te hiahia koe ki te whakamahi i te jsonify mo nga raarangi ka taea e koe te whai i te tauira i runga ake nei hei whakauru takiuru.

Pātengi Raraunga

Ma te taunoa, ka whiwhi te ahua i te papanga raraunga H2. Kaore tenei e pai mo matou, a ka whakamahia e matou a Google Cloud SQL me te Cloud SQL Proxy - ka hiahiatia tenei hei muri mai hei whakaoti rapanga o roto. He huarahi ngawari me te pono tenei ki te kore koe e whai ake i o hiahia ki te whakarite i te papaa raraunga. Ka whakaratohia e AWS RDS tetahi ratonga rite.

Ahakoa te pātengi raraunga e kōwhiria e koe, hāunga ko H2, me whakarite e koe ngā taurangi taiao e tika ana ki roto. platform/deploy.yaml. He penei te ahua:

-- platform/deployment.yaml
apiVersion: apps/v1
kind: Deployment
[...] spec:
template:
spec:
[...] containers:
- name: camunda-bpm
env:
- name: DB_DRIVER
value: org.postgresql.Driver
- name: DB_URL
value: jdbc:postgresql://postgres-proxy.db:5432/process-engine
- name: DB_USERNAME
valueFrom:
secretKeyRef:
name: cambpm-db-credentials
key: db_username
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: cambpm-db-credentials
key: db_password
[...]

parau: Ka taea e koe te whakamahi Kustomize ki te hora ki nga taiao rereke ma te whakamahi i te whakakikorua: tauira.

parau: whakamahi valueFrom: secretKeyRef. Tena koa, whakamahia tenei ahuatanga Kubernetes ahakoa i te wa o te whanaketanga hei pupuri i o mea ngaro.

Te ahua kei a koe he punaha pai ake mo te whakahaere i nga mea ngaro Kubernetes. Ki te kore, koinei etahi o nga whiringa: Whakamuna ki te KMS o to kaiwhakarato kapua, ka werohia ki te K8S hei mea ngaro ma te paipa CD − Mozilla SOPS - ka tino pai te mahi me nga mea ngaro Kustomize. He taputapu ano, penei i te dotGPG, he rite nga mahi: HashiCorp Vault, Whakaritea nga Mono Mono Uara Muna.

Ingoa

Ki te kore koe e whiriwhiri ki te whakamahi i te tuku whakamua tauranga paetata, ka hiahia koe ki tetahi Kaiwhakahaere Ingress kua whirihorahia. Ki te kore koe e whakamahi whakauru-nginx (Tūtohi helm) katahi ka mohio kua mohio koe me whakauru koe i nga korero e tika ana ki roto ingress-patch.yaml.tmpl ranei platform/ingress.yaml. Mena kei te whakamahi koe i te ingress-nginx ka kite koe i tetahi karaehe whakauru nginx me te taurite kawenga e tohu ana ki a ia me te DNS o waho, te urunga DNS wildcard ranei, kei te pai koe ki te haere. Ki te kore, whirihorahia te Ingress Controller me te DNS, pekehia ranei enei hikoi ka pupuri i te hononga tika ki te pona.

TLS

Mena kei te whakamahi koe tohu-kaiwhakahaere ranei kube-lego me letsencrypt - ka whiwhi aunoa nga tiwhikete mo te takiuru hou. Ki te kore, tuwhera ingress-patch.yaml.tmpl me te whakarite kia rite ki o hiahia.

Whakarewa!

Mena ka whai koe i nga mea katoa i tuhia i runga ake nei, katahi ka whakahau make skaffold HOSTNAME=<you.example.com> me whakarewa he tauira e waatea ana i roto <hostname>/camunda

Mena kaore koe i tautuhi i to takiuru ki tetahi URL whanui, ka taea e koe te tuku ano localhost: kubectl port-forward -n camunda-bpm-demo svc/camunda-bpm 8080:8080 i runga i localhost:8080/camunda

Tatari mo etahi meneti kia tino rite te tomcat. He wa roa te kaiwhakahaere-cert ki te manatoko i te ingoa rohe. Ka taea e koe te aro turuki i nga raarangi ma te whakamahi i nga taputapu e waatea ana penei i te taputapu penei i te kubetail, ma te whakamahi noa i te kubectl:

kubectl logs -n camunda-bpm-demo $(kubectl get pods -o=name -n camunda-bpm-demo) -f

Nga mahi ka whai ake

Whakaaetanga

He mea nui ake tenei ki te whirihora i te Camunda BPM i a Kubernetes, engari he mea nui kia mohio koe na te taunoa, kua monoa te motuhēhēnga i te REST API. Ka taea e koe taea te motuhēhēnga taketake whakamahi ranei i tetahi atu tikanga penei J.W.T.. Ka taea e koe te whakamahi i nga whirihora me nga pukapuka ki te uta i te xml, te xmlstarlet ranei (tirohia ki runga ake) hei whakatika i nga konae kei roto i te ahua, me te whakamahi i te wget ka utaina ranei ma te whakamahi i te ipu init me te rōrahi tiritahi.

Te whakahaerenga hui

Pērā i te maha atu o nga tono, ka whakahaere a Camunda BPM i nga huihuinga i roto i te JVM, na ki te hiahia koe ki te whakahaere i nga tauira maha, ka taea e koe te whakaahei i nga waahi piri (hei tauira mo te ingress-nginx), ka noho tae noa ki te ngaro atu o te tauira, ka tautuhi ranei i te huanga Max-Age mo nga pihikete. Mo te otinga pakari ake, ka taea e koe te tuku Kaiwhakahaere Wātū ki Tomcat. Kei a Lars pou motuhake mo tenei kaupapa, engari he penei:

wget http://repo1.maven.org/maven2/de/javakaffee/msm/memcached-session-manager/
2.3.2/memcached-session-manager-2.3.2.jar -P lib/ &&
wget http://repo1.maven.org/maven2/de/javakaffee/msm/memcached-session-manager-tc9/
2.3.2/memcached-session-manager-tc9-2.3.2.jar -P lib/ &&

sed -i '/^</Context>/i
<Manager className="de.javakaffee.web.msm.MemcachedBackupSessionManager"
memcachedNodes="redis://redis-proxy.db:22121"
sticky="false"
sessionBackupAsync="false"
storageKeyPrefix="context"
lockingMode="auto"
/>' conf/context.xml

parau: ka taea e koe te whakamahi xmlstarlet hei utu mo te sed

I whakamahia e matou twemproxy i mua o Google Cloud Memorystore, me memcached-wātū-kaiwhakahaere (tautoko a Redis) ki te whakahaere.

Tauine

Mēnā kua mārama kē koe ki ngā wātū, ko te tuatahi (me te nuinga o te wā whakamutunga) te herenga ki te tauine i te Camunda BPM ko te hononga ki te pātengi raraunga. Kua watea kee te waahanga whakaritenga "mai i te pouaka" Me whakakore ano te intialSize i te kōnae settings.xml. Tāpiri Whakapae Aunoa Pod (HPA) a ka taea e koe te whakatika aunoa i te maha o nga poti.

Nga tono me nga here

В platform/deployment.yaml Ka kite koe kua whakataua e matou te mara rauemi. He pai tenei ki te HPA, engari ka hiahiatia he whirihoranga taapiri. He pai te papaki customize mo tenei. Cm. ingress-patch.yaml.tmpl и ./kustomization.yaml.tmpl

mutunga

Na ka whakauruhia e matou a Camunda BPM ki runga i nga Kubernetes me nga inenga Prometheus, nga raarangi, te paataka H2, TLS me te Ingress. I taapirihia e matou nga konae ipu me nga konae whirihoranga ma te whakamahi i te ConfigMaps me te Dockerfile. I korero matou mo te whakawhiti raraunga ki nga pukapuka me te tika ki nga taurangi taiao mai i nga mea ngaro. I tua atu, i whakaratohia e matou he tirohanga mo te whakarite i te Camunda mo nga tauira maha me te API motuhēhē.

tohutoro

github.com/camunda-cloud/camunda-examples/camunda-bpm-kubernetes

├── generated-manifest.yaml <- manifest for use without kustomize
├── images
│ └── camunda-bpm
│ └── Dockerfile <- overlay docker image
├── ingress-patch.yaml.tmpl <- site-specific ingress configuration
├── kustomization.yaml.tmpl <- main Kustomization
├── Makefile <- make targets
├── namespace.yaml
├── platform
│ ├── config
│ │ └── prometheus-jmx.yaml <- prometheus exporter config file
│ ├── deployment.yaml <- main deployment
│ ├── ingress.yaml
│ ├── kustomization.yaml <- "base" kustomization
│ ├── service-monitor.yaml <- example prometheus-operator config
│ └── service.yaml
└── skaffold.yaml.tmpl <- skaffold directives

05.08.2020/XNUMX/XNUMX, whakamaoritanga Tuhinga Alastair Firth, Lars Lange

Source: will.com

Tāpiri i te kōrero