k8s 以sidecar的模式部署java应用.
k8s 以sidecar形式部署java应用
·
k8s部署java应用
一般模式
- 将base 镜像和业务jar直接打包到一个新的镜像中. 类似于
- dockerfile
FROM openjdk:17.0.3-jre-bullseye
ENV LANG en_US.UTF-8
RUN ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
WORKDIR /app
COPY ./xxx/build/apps/*.jar /app/
- k8s
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: demo
name: demo
namespace: dev
spec:
replicas: 1
selector:
matchLabels:
app: demo
template:
metadata:
labels:
app: demo
spec:
containers:
- image: app:latest
name: demo
command:
- "java"
args:
- "-XX:MaxRAMPercentage=90.0"
- "--add-opens"
- "java.base/java.lang=ALL-UNNAMED"
- "--add-opens"
- "java.base/java.io=ALL-UNNAMED"
- "--add-opens"
- "java.base/java.lang.invoke=ALL-UNNAMED"
- "--add-opens"
- "java.base/java.lang.reflect=ALL-UNNAMED"
- "--add-opens"
- "java.base/java.text=ALL-UNNAMED"
- "--add-opens"
- "java.desktop/java.awt.font=ALL-UNNAMED"
- "--add-opens"
- "java.base/java.math=ALL-UNNAMED"
- "--add-opens"
- "java.base/java.net=ALL-UNNAMED"
- "--add-opens"
- "java.base/java.nio=ALL-UNNAMED"
- "--add-opens"
- "java.base/java.security=ALL-UNNAMED"
- "--add-opens"
- "java.base/java.text=ALL-UNNAMED"
- "--add-opens"
- "java.base/java.time=ALL-UNNAMED"
- "--add-opens"
- "java.base/java.util=ALL-UNNAMED"
- "--add-opens"
- "java.base/jdk.internal.access=ALL-UNNAMED"
- "--add-opens"
- "java.base/jdk.internal.misc=ALL-UNNAMED"
- "-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=5005"
- "-jar"
- "-Dspring.profiles.active=test"
- "-Dserver.port=8080"
- "-Duser.timezone=GMT+08"
- "-Dfile.encoding=UTF-8"
- "demo.jar"
livenessProbe:
httpGet:
path: /actuator/health/liveness
port: 8080
httpHeaders:
- name: Authorization
value: 'Basic xxx'
initialDelaySeconds: 60
timeoutSeconds: 2
periodSeconds: 60
successThreshold: 1
failureThreshold: 10
readinessProbe:
httpGet:
path: /actuator/health/readiness
port: 8080
httpHeaders:
- name: Authorization
value: 'Basic xxx'
env:
- name: LANG
value: "zh_CN.UTF-8"
- name: user.language
value: "zh"
- name: user.region
value: "CN"
resources:
limits:
cpu: 2000m
memory: 2Gi
requests:
cpu: 200m
memory: 256m
sidecar 模式
- 将业务jar和openjdk镜像分开. 使用 initContainers + volumes 方式放到一个volumes中.
- dockfile
FROM busybox:latest
COPY ./xxx/build/apps/demo.jar /tmp
- k8s
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: demo
name: demo
namespace: test
spec:
replicas: 1
selector:
matchLabels:
app: demo
template:
metadata:
labels:
app: demo
spec:
initContainers:
- name: biz-demo
image: app:latest
imagePullPolicy: IfNotPresent
command:
- cp
- /tmp/demo.jar
- /app/demo.jar
resources:
limits:
cpu: '1'
memory: 1Gi
requests:
cpu: 200m
memory: 256m
volumeMounts:
- mountPath: /app
name: jar-volume
containers:
- image: openjdk:17.0.2
name: openjdk-demo
resources:
limits:
cpu: 1000m
memory: 1024Mi
requests:
cpu: 200m
memory: 256m
command:
- "java"
args:
- "-XX:+UseContainerSupport"
- "-XX:InitialRAMPercentage=95.0"
- "-XX:MaxRAMPercentage=95.0"
- "-XX:+HeapDumpOnOutOfMemoryError"
- "-XX:HeapDumpPath=./dump-%t.hprof"
- "-XX:+UnlockDiagnosticVMOptions"
- "-XX:+UnlockExperimentalVMOptions"
- "-XX:-OmitStackTraceInFastThrow"
- "-Xlog:gc*=debug:file=./gc-%t.log:utctime,level,tags:filecount=10,filesize=100M"
- "-Xlog:jit+compilation=info:file=./jit_compile-%t.log:utctime,level,tags:filecount=10,filesize=10M"
- "-Xlog:safepoint=debug:file=./safepoint-%t.log:utctime,level,tags:filecount=10,filesize=10M"
- "-XX:+DisableExplicitGC"
- "-XX:GuaranteedSafepointInterval=0"
- "-XX:+UseCountedLoopSafepoints"
- "-XX:StartFlightRecording=disk=true,maxsize=4096m,maxage=3d"
- "-XX:FlightRecorderOptions=maxchunksize=128m"
- "--add-opens"
- "java.base/java.lang=ALL-UNNAMED"
- "--add-opens"
- "java.base/java.io=ALL-UNNAMED"
- "--add-opens"
- "java.base/java.lang.invoke=ALL-UNNAMED"
- "--add-opens"
- "java.base/java.lang.reflect=ALL-UNNAMED"
- "--add-opens"
- "java.base/java.text=ALL-UNNAMED"
- "--add-opens"
- "java.desktop/java.awt.font=ALL-UNNAMED"
- "--add-opens"
- "java.base/java.math=ALL-UNNAMED"
- "--add-opens"
- "java.base/java.net=ALL-UNNAMED"
- "--add-opens"
- "java.base/java.nio=ALL-UNNAMED"
- "--add-opens"
- "java.base/java.security=ALL-UNNAMED"
- "--add-opens"
- "java.base/java.text=ALL-UNNAMED"
- "--add-opens"
- "java.base/java.time=ALL-UNNAMED"
- "--add-opens"
- "java.base/java.util=ALL-UNNAMED"
- "--add-opens"
- "java.base/jdk.internal.access=ALL-UNNAMED"
- "--add-opens"
- "java.base/jdk.internal.misc=ALL-UNNAMED"
- "-Dspring.profiles.active=test"
- "-Dserver.port=8080"
- "-Duser.timezone=GMT+08"
- "-Dfile.encoding=UTF-8"
- "-Djava.security.egd=file:/dev/./urandom"
- "-Dnetworkaddress.cache.ttl=10"
- "-jar"
- "/app/demo.jar"
livenessProbe:
httpGet:
path: /actuator/health/liveness
port: 8080
httpHeaders:
- name: Authorization
value: 'Basic xxx'
initialDelaySeconds: 60
timeoutSeconds: 2
periodSeconds: 60
successThreshold: 1
failureThreshold: 10
readinessProbe:
httpGet:
path: /actuator/health/readiness
port: 8080
httpHeaders:
- name: Authorization
value: 'Basic xxx'
env:
- name: LANG
value: "zh_CN.UTF-8"
- name: user.language
value: "zh"
- name: user.region
value: "CN"
volumeMounts:
- mountPath: /app
name: jar-volume
volumes:
- name: jar-volume
emptyDir: { }
总结
- 一般模式的镜像打包出来比较大. 且无法重用. 打包速度慢
- sidecar 模式. 基础镜像一般是不变的. 所有pod都可以用同一个镜像. 只有业务jar是变化的. 可以减少镜像的大小. 利于发布, 打包速度快
K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容
更多推荐
0
0- 0
已为社区贡献2条内容
所有评论(0)