Uri kushandisa Kubernetes? Wagadzirira kufambisa yako Camunda BPM zviitiko kubva mumakina chaiwo, kana pamwe kungoedza kuamhanyisa paKubernetes? Ngatitarisei mamwe magadzirirwo akajairwa uye zvinhu zvega zvinogona kugadzirwa kune zvaunoda chaizvo.
Zvinofungidzira kuti wakamboshandisa Kubernetes kare. Kana zvisina kudaro, wadii kutarisa uye kusatanga sumbu rako rekutanga?
Authors
- (Alastair Firth) - Senior Site Reliability Engineer paCamunda Cloud team;
- (Lars Lange) - DevOps injiniya kuCamunda.
Muchidimbu:
git clone https://github.com/camunda-cloud/camunda-examples.git
cd camunda-examples/camunda-bpm-demo
make skaffold
Okay, pamwe hazvina kushanda nekuti hauna skaffold uye kustomize yakaiswa. Zvakanaka zvino verenga!
Chii chinonzi Camunda BPM
Camunda BPM ndeye yakavhurika sosi bhizinesi maitiro manejimendi uye sarudzo otomatiki chikuva chinobatanidza vashandisi vebhizinesi uye vanogadzira software. Yakanakira kurongedza nekubatanidza vanhu, (micro) masevhisi kana kunyange bots! Iwe unogona kuverenga zvakawanda nezve akasiyana ekushandisa kesi pa .
Sei kushandisa Kubernetes
Kubernetes yave iyo de facto standard yekumhanyisa maapplication emazuva ano paLinux. Nekushandisa nharembozha pachinzvimbo chemahara emulation uye kugona kwekernel kubata ndangariro uye basa switching, boot nguva uye yekutanga nguva inochengetwa iri shoma. Nekudaro, iyo yakakura bhenefiti inogona kubva kune yakajairwa API iyo Kubernetes inopa kugadzirisa zvivakwa zvinodikanwa nese maapplication: kuchengetedza, networking, uye kutarisa. Yakashandura makore matanhatu munaJune 2020 uye ingangove yechipiri yakakura yakavhurika sosi chirongwa (mushure meLinux). Yave ichangobva kuita kudzikamisa mashandiro ayo mushure mekukurumidza iteration mumakore mashoma apfuura sezvo inove yakakosha kumabasa ekugadzira kutenderera pasirese.
Camunda BPM Injini inogona kubatana zviri nyore kune mamwe maapplication ari kushanda pane imwechete cluster, uye Kubernetes inopa yakanakisa scalability, ichikubvumidza kuti uwedzere mitengo yezvivakwa chete kana ichinyatso kudiwa (uye kudzideredza zviri nyore sezvinodiwa).
Hunhu hwekutarisisa hunovandudzwa zvakare nemidziyo yakadai sePrometheus, Grafana, Loki, Fluentd uye Elasticsearch, ichikubvumidza kuti utarise nechepakati mabasa ese ari musumbu. Nhasi tichatarisa maitiro ekuita iyo Prometheus mutengesi muJava Virtual Machine (JVM).
Zvinangwa
Ngatitarisei nzvimbo shoma kwatinogona kugadzirisa iyo Camunda BPM Docker mufananidzo () kuitira kuti iwirirane zvakanaka neKubernetes.
- Logs uye metrics;
- Database connections;
- Authentication;
- Session management.
Tichatarisa nzira dzinoverengeka dzekuzadzisa zvinangwa izvi uye kuratidza zvakajeka maitiro ese.
taura pfungwa: Uri kushandisa iyo Enterprise vhezheni? Tarisa uye gadzirisa zvinongedzo zvemufananidzo sezvinodiwa.
Workflow development
Mune iyi demo, isu tichashandisa Skaffold kuvaka Docker mifananidzo tichishandisa Google Cloud Build. Iyo ine rutsigiro rwakanaka rwezvishandiso zvakasiyana (seKustomize neHelm), CI uye kuvaka maturusi, uye vanopa zvivakwa. File skaffold.yaml.tmpl inosanganisira marongero eGoogle Cloud Build neGKE, ichipa nzira iri nyore yekumhanyisa zvigadzirwa zvegiredhi.
make skaffold ichaisa iyo Dockerfile mamiriro mu Cloud Build, kuvaka chifananidzo uye chichengete muGCR, uye wobva waisa zviratidziro kuboka rako. Izvi ndizvo zvainoita make skaffold, asi Skaffold ine zvimwe zvakawanda.
Kune yaml templates muKubernetes, isu tinoshandisa kustomize kubata yaml overlays pasina kuforoma iyo yese manifest, ichikubvumidza iwe kushandisa. git pull --rebase kuitira zvimwe zvigadziriso. Ikozvino iri mu kubectl uye inoshanda chaizvo kuzvinhu zvakadaro.
Isu tinoshandisawo envsubst kuzadza zita remugamuchiri uye GCP chirongwa ID mumafaira e *.yaml.tmpl. Unogona kuona kuti inoshanda sei mukati makefile kana kungoenderera mberi.
Mamiriro ezvinhu anodikanwa
- Basa sumbu
- - yekugadzira yako docker mifananidzo uye nyore kutumira kuGKE
- Kopi yekodhi iyi
- Envsubst
Kufambiswa kwebasa uchishandisa manifesheni
Kana iwe usingade kushandisa kustomize kana skaffold, unogona kureva mamanifesiti mukati generated-manifest.yaml uye zvigadzirise kuti zvienderane nekufamba kwesarudzo yako.
Logs uye metrics
Prometheus yave chiyero chekuunganidza metrics muKubernetes. Iyo inogara niche yakafanana neAWS Cloudwatch Metrics, Cloudwatch Alerts, Stackdriver Metrics, StatsD, Datadog, Nagios, vSphere Metrics nevamwe. Iyo yakavhurika sosi uye ine simba rekubvunza mutauro. Isu tinopa iyo yekuona kuGrafana - inouya nehuwandu hukuru hwemadhibhodhi anowanikwa kunze kwebhokisi. Iwo akabatana kune mumwe nemumwe uye ari nyore kuisa nawo .
Nekutadza, Prometheus anoshandisa iyo yekubvisa modhi <service>/metrics, uye kuwedzera sidecar midziyo yeizvi kwakajairika. Nehurombo, maJMX metrics anonyatso kurodha mukati meJVM, saka midziyo yepadivi haina kunyatsoita. Ngatibatanei yakavhurika sosi kubva kuPrometheus kuenda kuJVM nekuwedzera kumufananidzo wemudziyo unozopa nzira /metrics pachiteshi chakasiyana.
Wedzera Prometheus jmx_exporter kumudziyo
-- images/camunda-bpm/Dockerfile
FROM camunda/camunda-bpm-platform:tomcat-7.11.0
## Add prometheus exporter
RUN wget https://repo1.maven.org/maven2/io/prometheus/jmx/
jmx_prometheus_javaagent/0.11.0/jmx_prometheus_javaagent-0.11.0.jar -P lib/
#9404 is the reserved prometheus-jmx port
ENV CATALINA_OPTS -javaagent:lib/
jmx_prometheus_javaagent-0.11.0.jar=9404:/etc/config/prometheus-jmx.yaml
Zvakanaka, izvo zvaive nyore. Iye anotengesa kunze anozotarisa tomcat uye kuratidza mametric ayo muPrometheus fomati pa <svc>:9404/metrics
Exporter setup
Muverengi anonyatsoteerera anogona kushamisika kuti yakabva kupi prometheus-jmx.yaml? Pane zvakawanda zvakasiyana zvinhu zvinogona kumhanya muJVM, uye tomcat ingori imwe yacho, saka mutengesi anoda kumwe kugadziridzwa. Magadzirirwo akajairwa etomcat, wildfly, kafka uye zvichingodaro zviripo . Isu tichawedzera tomcat se muKubernetes wobva waiisa sevhoriyamu.
Kutanga, isu tinowedzera iyo yekunze gadziriso faira kune yedu chikuva/config/dhairekitori
platform/config
└── prometheus-jmx.yaml
Zvadaro tinowedzera в kustomization.yaml.tmpl:
-- platform/kustomization.yaml.tmpl
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
[...]
configMapGenerator:
- name: config
files:
- config/prometheus-jmx.yaml
Izvi zvichawedzera chimwe nechimwe chinhu files[] sechinhu cheConfigMap chekugadzirisa. ConfigMapGenerators yakanaka nekuti vane hash yekumisikidza data uye vanomanikidza podhi kutangazve kana ikachinja. Ivo zvakare vanodzikisira huwandu hwekumisikidzwa muDeployment sezvo iwe uchigona kukwira yakazara "folder" yemafaira ekugadzirisa mune imwe VolumeMount.
Chekupedzisira, isu tinofanirwa kukwidza iyo ConfigMap sevhoriyamu kune pod:
-- platform/deployment.yaml
apiVersion: apps/v1
kind: Deployment
[...]
spec:
template:
spec:
[...]
volumes:
- name: config
configMap:
name: config
defaultMode: 0744
containers:
- name: camunda-bpm
volumeMounts:
- mountPath: /etc/config/
name: config
[...]
Wonderful. Kana Prometheus isina kugadzirwa kuti iite kuchenesa kwakazara, unogona kuitaurira kuti ichenese mapodhi. Prometheus Operator vashandisi vanogona kushandisa service-monitor.yaml kuti nditange. Explore Service-monitor.yaml, и usati watanga.
Kuwedzera iyi pateni kune mamwe makesi ekushandisa
Ese mafaera atinowedzera kuConfigMapGenerator achave aripo mudhairekitori idzva /etc/config. Iwe unogona kuwedzera iyi template kuti uise chero mamwe mafaera ekugadzirisa aunoda. Iwe unogona kutoisa script nyowani yekutanga. Unogona kushandisa kuisa mafaira ega. Kuti ugadzirise mafaera exml, funga kushandisa panzvimbo sed. Yakatoiswa mumufananidzo.
Magazini
Nhau dzakanaka! matanda ekushandisa atovepo pastdout, semuenzaniso ne kubectl logs. Fluentd (yakaiswa neyakagadzika muGKE) inoendesa matanda ako kuElasticsearch, Loki, kana bhizinesi rako rekutema matanda. Kana iwe uchida kushandisa jsonify yematanda saka unogona kutevedzera iri pamusoro template yekuisa .
Database
Nekumisikidza, mufananidzo unenge uine H2 dhatabhesi. Izvi hazvina kukodzera kwatiri, uye tichashandisa Google Cloud SQL ne Cloud SQL Proxy - izvi zvichazodiwa gare gare kugadzirisa matambudziko emukati. Iyi isarudzo yakapusa uye yakavimbika kana iwe usina zvaunofarira pakugadzira dhatabhesi. AWS RDS inopa sevhisi yakafanana.
Pasinei nedhatabhesi yaunosarudza, kunze kwekunge iri H2, iwe unozofanirwa kuseta akakodzera nharaunda akasiyana mukati. platform/deploy.yaml. Zvinotaridzika seizvi:
-- platform/deployment.yaml
apiVersion: apps/v1
kind: Deployment
[...]
spec:
template:
spec:
[...]
containers:
- name: camunda-bpm
env:
- name: DB_DRIVER
value: org.postgresql.Driver
- name: DB_URL
value: jdbc:postgresql://postgres-proxy.db:5432/process-engine
- name: DB_USERNAME
valueFrom:
secretKeyRef:
name: cambpm-db-credentials
key: db_username
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: cambpm-db-credentials
key: db_password
[...]
taura pfungwa: Unogona kushandisa Kustomize kuendesa kunzvimbo dzakasiyana uchishandisa overlay: .
taura pfungwa: kushandiswa valueFrom: secretKeyRef. Ndapota, shandisa kunyangwe panguva yekuvandudza kuchengetedza zvakavanzika zvako.
Zvingangodaro kuti iwe watove uine yakasarudzika sisitimu yekugadzirisa Kubernetes zvakavanzika. Kana zvisina kudaro, hedzino dzimwe sarudzo: Kudzivharira neKMS yewako wekupa gore wobva wadzipinza muK8S sezvakavanzika kuburikidza nepombi yeCD − - ichashanda zvakanyanya mukubatana neKustomize zvakavanzika. Kune mamwe maturusi, senge dotGPG, anoita mabasa akafanana: , .
Ingress
Kunze kwekunge iwe ukasarudza kushandisa yemuno chiteshi kutumira, iwe unozoda yakagadziriswa Ingress Controller. Kana usingashandisi () ipapo iwe unogona kunge uchitoziva kuti unofanirwa kuisa anonots anodiwa mukati ingress-patch.yaml.tmpl kana platform/ingress.yaml. Kana iwe uri kushandisa ingress-nginx uye woona nginx ingress kirasi ine mutoro unongedza kwairi uye yekunze DNS kana wildcard DNS yekupinda, iwe wakanaka kuenda. Zvikasadaro, gadzira iyo Ingress Controller uye DNS, kana kusvetuka aya matanho uye chengetedza yakananga kubatana kune pod.
TLS
Kana iwe uri kushandisa kana kube-lego uye letsencrypt - zvitupa zvekupinda kutsva zvichawanikwa otomatiki. Zvikasadaro, vhura ingress-patch.yaml.tmpl uye gadzirisa kuti ienderane nezvido zvako.
Launch!
Kana iwe wakatevera zvese zvakanyorwa pamusoro, ipapo murairo make skaffold HOSTNAME=<you.example.com> inofanira kutanga chiitiko chinowanikwa mukati <hostname>/camunda
Kana usati waisa yako yekuenda kune yeruzhinji URL, unogona kuitungamira nayo localhost: kubectl port-forward -n camunda-bpm-demo svc/camunda-bpm 8080:8080 pamusoro localhost:8080/camunda
Mirira maminetsi mashoma kusvika tomcat yagadzirira zvachose. Cert-maneja zvinotora nguva kuti ione zita rezita. Iwe unogona ipapo kutarisa matanda uchishandisa anowanikwa maturusi senge chishandiso sekubetail, kana kungoshandisa kubectl:
kubectl logs -n camunda-bpm-demo $(kubectl get pods -o=name -n camunda-bpm-demo) -f
Matanho anotevera
Mvumo
Izvi zvakakosha pakugadzirisa Camunda BPM kupfuura Kubernetes, asi zvakakosha kuti uzive kuti nekusarudzika, kuvimbiswa kwakadzimwa muREST API. Unogona kana kushandisa imwe nzira se . Unogona kushandisa configmaps uye mavhoriyamu kurodha xml, kana xmlstarlet (ona pamusoro) kugadzirisa mafaera aripo mumufananidzo, uye kushandisa wget kana kuaisa uchishandisa init mudziyo uye vhoriyamu yakagovaniswa.
Session management
Kufanana nezvimwe zvakawanda zvinoshandiswa, Camunda BPM inobata zvikamu muJVM, saka kana iwe uchida kumhanyisa akawanda replicas, unogona kugonesa zvikamu zvinonamira (), iyo ichavapo kusvika replica yanyangarika, kana kuseta iyo Max-Age hunhu hwemakuki. Kuti uwane imwe yakasimba mhinduro, unogona kuendesa Session Maneja muTomcat. Lars akadaro pamusoro penyaya iyi, asi chimwe chinhu chakadai:
wget http://repo1.maven.org/maven2/de/javakaffee/msm/memcached-session-manager/
2.3.2/memcached-session-manager-2.3.2.jar -P lib/ &&
wget http://repo1.maven.org/maven2/de/javakaffee/msm/memcached-session-manager-tc9/
2.3.2/memcached-session-manager-tc9-2.3.2.jar -P lib/ &&
sed -i '/^</Context>/i
<Manager className="de.javakaffee.web.msm.MemcachedBackupSessionManager"
memcachedNodes="redis://redis-proxy.db:22121"
sticky="false"
sessionBackupAsync="false"
storageKeyPrefix="context"
lockingMode="auto"
/>' conf/context.xml
taura pfungwa: unogona kushandisa xmlstarlet pane sed
Takashandisa pamberi peGoogle Cloud Memorystore, ine (inotsigira Redis) kuti imhanye.
Kuyera
Kana iwe uchitonzwisisa zvikamu, saka yekutanga (uye kazhinji yekupedzisira) kumisa kuyera Camunda BPM inogona kunge iri yekubatanidza kune dhatabhesi. Partial customization yatovepo "" Ngatidzimeiwo intialSize mumasetting.xml file. Wedzera uye iwe unogona nyore nyore kuyera huwandu hwepods.
Zvikumbiro uye zvirambidzo
В platform/deployment.yaml Iwe uchaona kuti isu takaomesesa-coded yezviwanikwa munda. Izvi zvinoshanda nemazvo neHPA, asi zvingangoda imwe gadziriso. Iyo kustomize chigamba inokodzera izvi. Cm. ingress-patch.yaml.tmpl и ./kustomization.yaml.tmpl
mhedziso
Saka isu takaisa Camunda BPM paKubernetes ine Prometheus metrics, matanda, H2 dhatabhesi, TLS uye Ingress. Takawedzera mafaera ejagi uye mafaera ekugadzirisa tichishandisa ConfigMaps uye Dockerfile. Takataura nezve kuchinjanisa data kune mavhoriyamu uye zvakananga kune zvakatipoteredza zvinosiyana kubva kune zvakavanzika. Uye zvakare, isu takapa tarisiro yekumisikidza Camunda kune akawanda replicas uye yakatendeseka API.
nezvakanyorwa
github.com/camunda-cloud/camunda-examples/camunda-bpm-kubernetes
│
├── generated-manifest.yaml <- manifest for use without kustomize
├── images
│ └── camunda-bpm
│ └── Dockerfile <- overlay docker image
├── ingress-patch.yaml.tmpl <- site-specific ingress configuration
├── kustomization.yaml.tmpl <- main Kustomization
├── Makefile <- make targets
├── namespace.yaml
├── platform
│ ├── config
│ │ └── prometheus-jmx.yaml <- prometheus exporter config file
│ ├── deployment.yaml <- main deployment
│ ├── ingress.yaml
│ ├── kustomization.yaml <- "base" kustomization
│ ├── service-monitor.yaml <- example prometheus-operator config
│ └── service.yaml
└── skaffold.yaml.tmpl <- skaffold directives
05.08.2020/XNUMX/XNUMX, shanduro Alastair Firth, Lars Lange
Source: www.habr.com