k3d + kubevela +gin +vue element+admin 部署记录(kubevela 1.0 以后完全不一样了,这篇删了)

原创
2020/12/21 09:56
阅读数 1.9K

目标是把 github上发现的 https://github.com/flipped-aurora/gin-vue-admin  项目改造一下部署在k8s 环境。

使用 k3d   (k3d version v3.4.0   k3s version v1.19.4-k3s1)

改造后代码仓库地址为 https://e.coding.net/awol2005ex/gin-vue-admin-k8s/gin-vue-admin-k8s.git

1. 使用 k3d 创建测试用的集群    (端口映射不能开太多,不然一个端口对应一个进程)

k3d cluster create test-cluster --api-port [测试机IP]:10080 -e "HTTP_PROXY=xxxxx:xxxx" -e "HTTPS_PROXY=xxxxx:xxxx" -p "30080:30080@server[0]" -p "30443:30443@server[0]" --k3s-server-arg --disable=traefik 

2. 安装ingress-nginx

git clone https://github.com/kubernetes/ingress-nginx

把 ingress-nginx/charts/ingress-nginx/values.yaml 中的 


controller:
  name: controller
  image:
    repository: k8s.gcr.io/ingress-nginx/controller
    tag: "v0.41.2"
    digest: sha256:1f4f402b9c14f3ae92b11ada1dfe9893a88f0faeb0b2f4b903e2c67a0c3bf0de
    pullPolicy: IfNotPresent
    # www-data -> uid 101
    runAsUser: 101
    allowPrivilegeEscalation: true

改成

controller:
  name: controller
  image:
    repository: bitnami/nginx-ingress-controller
    tag: "0.41.2-debian-10-r23"
    pullPolicy: IfNotPresent
    # www-data -> uid 101
    runAsUser: 101
    allowPrivilegeEscalation: true

安装charts

helm install ingress-nginx ingress-nginx/charts/ingress-nginx --namespace=ingress-nginx

3. 构建镜像

#构建镜像
./build_docker_k8s_web.sh
./build_docker_k8s_server.sh

4. 安装keda 

  

git clone https://github.com/kedacore/charts
helm install keda charts/keda --namespace=keda

 

5.安装 flagger

git clone https://github.com/weaveworks/flagger
kubectl apply -f  flagger/artifacts/flagger/crd.yaml
helm install flagger flagger/charts/flagger/flagger --namespace=ingress-nginx  --set meshProvider=nginx --set prometheus.install=true

6. kubevela 安装

wget https://github.com/oam-dev/kubevela/releases/download/v0.2.1/vela-v0.2.1-linux-amd64.zip

解压后复制到  /usr/local/bin 然后

chmod +x /usr/local/bin/vela

运行

vela install

7.部署应用

  编写APP文件(看源码发现路由规则就是ingress-nginx的路由规则)

vela_app.yaml

name: gva
services:
  gva-server:
    type: webservice
    image: registry.cn-hangzhou.aliyuncs.com/wuyj-example/gin-vue-admin-server:dev
    port: 8888
    cpu: "0.5"
    env:
      - name: redis_addr
        value: 10.110.35.171:6379
      - name: redis_password
        value: redis
      - name: mysql_path
        value: 10.110.35.175:3306
      - name: mysql_password
        value: root
    autoscale:
      min: 1
      max: 4
      cpuPercent: 10
    route:
      domain: gva.com
      rules:
        - path: /gva/api/(.*)$
          rewriteTarget: /$1
  gva-web:
    type: webservice
    image: registry.cn-hangzhou.aliyuncs.com/wuyj-example/gin-vue-admin-web:dev
    port: 80
    autoscale:
      min: 1
      max: 4
      cpuPercent: 10
    route:
      domain: gva.com
      rules:
        - path: /gva/(.*)$
          rewriteTarget: /$1
vela up -f vela_app.yaml

部署

8. 查看页面 

  改hosts

[测试机IP]  gva.com

修改 ingress-nginx-controller 的对外端口与k3d对外暴露的端口一致

打开 http://gva.com:30080/gva/

 

9. 创建自颁发证书

  vela_tls.yaml

apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
  name: gva-selfsigned-issuer
  namespace: default
spec:
  selfSigned: {}
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
  name: ca-gva-com
  namespace: default
spec:
  # Secret names are always required.
  secretName: gva-tls
  duration: 2160h
  renewBefore: 360h
  subject:
    organizations:
      - Example Inc.
  commonName: gva.com
  isCA: true
  privateKey:
    algorithm: RSA
    encoding: PKCS1
    size: 2048
  dnsNames:
    - gva.com
  issuerRef:
    name: gva-selfsigned-issuer
    kind: Issuer
    group: cert-manager.io

10. 修改APP文件,添加issuer (研究了一下webserice的CUE模板不支持clusterissuer)

    vela_app.yaml

name: gva
services:
  gva-server:
    type: webservice
    image: registry.cn-hangzhou.aliyuncs.com/wuyj-example/gin-vue-admin-server:dev
    port: 8888
    cpu: "0.5"
    env:
      - name: redis_addr
        value: 10.110.35.171:6379
      - name: redis_password
        value: redis
      - name: mysql_path
        value: 10.110.35.175:3306
      - name: mysql_password
        value: root
    autoscale:
      min: 1
      max: 4
      cpuPercent: 10
    route:
      domain: gva.com
      issuer: gva-selfsigned-issuer
      rules:
        - path: /gva/api/(.*)$
          rewriteTarget: /$1
  gva-web:
    type: webservice
    image: registry.cn-hangzhou.aliyuncs.com/wuyj-example/gin-vue-admin-web:dev
    port: 80
    autoscale:
      min: 1
      max: 4
      cpuPercent: 10
    route:
      domain: gva.com
      issuer: gva-selfsigned-issuer
      rules:
        - path: /gva/(.*)$
          rewriteTarget: /$1

vela up -f vela_app.yaml

11. 打开页面  https://gva.com:30443/gva/  (里面居然有 http的图片导致不安全)

展开阅读全文
打赏
0
0 收藏
分享
加载中
更多评论
打赏
0 评论
0 收藏
0
分享
返回顶部
顶部