background
Although the kubernetes service has been used for several years. However, the types of service applications are generally deployment stateuse daemon. As for job cronjob, it has not been used much. Now there is a php application service that needs to be executed every five minutes. You can get familiar with the use of a cronjob!
First, review kubernetes' workload
reference: https://kubernetes.io/zh/docs/concepts/workloads/
- Deployment and ReplicaSet (replace the original resource) ReplicationController ). Deployment is very suitable for managing stateless applications on your cluster. All pods in deployment are equivalent to each other and are replaced when necessary.
- StatefulSet Allows you to run one or more Pods that track application status in some way. For example, if your load will persist data, you can run a stateful set to associate each Pod with a PersistentVolume Corresponding. The code you run in each Pod in the stateful set can copy the data to other pods in the same stateful set to improve the overall service reliability.
- DaemonSet Define Pods that provide local support facilities for nodes. These Pods may be very important for the operation and maintenance of your cluster, for example, as an auxiliary tool for network links or as a network link plug-in unit Part of, etc. Every time you add a new node to the cluster, if the node matches the specification of a DaemonSet, the control surface will schedule a Pod for the DaemonSet to run on the new node.
- Job and CronJob . Define some tasks that run until the end and stop. Job is used to express a one-time task, and CronJob will run repeatedly according to its time plan.
- Third party workload resources, via Custom resource definition (CRD) Add third-party workload resources
- separator
Pods
Of course, the above workloads are ultimately managed by pod, so where should pod be placed_ Pod_ It is the smallest deployable computing unit that can be created and managed in Kubernetes Pod is similar to a set of Docker containers that share namespaces and file system volumes.
reference: https://kubernetes.io/zh/docs/concepts/workloads/pods/
First use of Cronjob
Clarify the requirements
1. Mirror php7 Above 4, you need to install gd mysql dependency
2. Run every five minutes
Basic image construction
Because my php images are packaged with nginx. And this application is a pure php application. You decide to rebuild an image. Refer to dockerhub: https://registry.hub.docker.com/_/php
Dockerfile
FROM php:7.4-fpm
RUN apt-get update && apt-get install -y \
libfreetype6-dev \
libjpeg62-turbo-dev \
libpng-dev \
&& docker-php-ext-configure gd --with-freetype --with-jpeg \
&& docker-php-ext-install -j$(nproc) gd pdo_mysql mysqliIn order to overcome inertia, the working environment is switched to linux, and the screenshot is not convenient. The image warehouse uses the personal version warehouse tcr of Tencent cloud (it seems that it was merged some time ago, and it used to be the personal version warehouse)
Build an image and push the basic image to the basic warehouse:
docker build -t ccr.ccs.tencentyun.com/laya-master/php:7.4-fpm . docker push ccr.ccs.tencentyun.com/laya-master/php:7.4-fpm
jenkins pipeline pipeline construction
Pipeline reference: https://duiniwukenaihe.blog.csdn.net/article/details/116661391
reference: Single choice and multiple choice problem of stage
when judgment for pipeline
when {
environment name: 'XXXX', value: 'true'
}Add Dockerfile under sub project folder
FROM ccr.ccs.tencentyun.com/xxxx/php:7.4-fpm ADD html /var/www/html WORKDIR /var/www/html[
Note: because a new sub file directory is added under the git project, it is not a new project, so the complete pipeline is not written, and only fragments are added!
1. Build and upload image to image warehouse
stage('docker build worldmap-job') {
agent { label "build" }
when {
environment name: 'worldmap-job', value: 'true'
}
steps {
sh " cd worldmap-job&&docker build -t ccr.ccs.tencentyun.com/xxxx/worldmap-job:$data ."
withCredentials([usernamePassword(credentialsId: 'xxxx', passwordVariable: 'dockerPassword', usernameVariable: 'dockerUser')]) {
sh "docker login -u ${dockerUser} -p ${dockerPassword} ccr.ccs.tencentyun.com"
sh "docker push ccr.ccs.tencentyun.com/xxxx/worldmap-job:$data"
}
}
} 2. Deploy application
stage("develop worldmap-job") {
when {
environment name: 'worldmap-job', value: 'true'
}
steps {
sh "sed -e 's/{data}/$data/g' /home/jenkins/workspace/yaml/develop/worldmap-job.tpl > /home/jenkins/workspace/yaml/develop/worldmap-job.yaml"
sh "sed -e 's/{data}/$data/g' /home/jenkins/workspace/yaml/develop/worldmap-job.tpl > /home/jenkins/workspace/yaml/develop/worldmap-job.yaml"
sh "sudo kubectl apply -f /home/jenkins/workspace/yaml/develop/worldmap-job.yaml --namespace=develop"
sh "sudo kubectl apply -f /home/jenkins/workspace/yaml/develop/worldmap-job.yaml --namespace=develop"
}
}Note that the format here may be different from that of ordinary users, because parallel parallel is used for deployment. reference: https://duiniwukenaihe.blog.csdn.net/article/details/116661391
tpl template file
worldmap-job.tpl
apiVersion: batch/v1
kind: CronJob
metadata:
name: worldmap-job
spec:
schedule: "*/5 * * * *"
jobTemplate:
spec:
template:
spec:
containers:
- name: worldmap-job
image: ccr.ccs.tencentyun.com/xxxx/worldmap-job:{data}
imagePullPolicy: IfNotPresent
args:
- /usr/local/bin/php
- /var/www/html/DrawLandsMap.php
- run_job
- "6"
envFrom:
- configMapRef:
name: deploy
env:
- name: PHP_MEM_LIMIT
value: "256M"
resources:
requests:
memory: "256M"
cpu: "250m"
limits:
memory: "1024M"
cpu: "2000m"
imagePullSecrets:
- name: tencent
restartPolicy: OnFailure
Points to note:
schedule: "/5 *" ###5 minutes
imagePullPolicy imagePullPolicy: IfNotPresent imagePullPolicy seems to be necessary. I changed the configuration of copy deployments and didn't add it at the beginning. It seems to be an error
args execution script is still a number, which should be emphasized in quotation marks
envFrom is the variable I referenced in configmap
env limits php limit
sesources imposes resource restrictions
imagePullSecrets image warehouse secret
restartPolicy container restart policy
Now Jenkins triggers the build. Log in to kubernetes cluster for verification:
[root@k8s-master-01 develop]# kubectl get cronjob -n develop NAME SCHEDULE SUSPEND ACTIVE LAST SCHEDULE AGE worldmap-job */5 * * * * False 0 2m36s 28h [root@k8s-master-01 develop]# kubectl get pods -n develop|grep world worldmap-job-27357635-274hp 0/1 Completed 0 12m worldmap-job-27357640-wb459 0/1 Completed 0 7m53s worldmap-job-27357645-cndb4 0/1 Completed 0 2m53s [root@k8s-master-01 develop]# kubectl get jobs --watch -n develop NAME COMPLETIONS DURATION AGE worldmap-job-27357635 1/1 11s 13m worldmap-job-27357640 1/1 11s 8m43s worldmap-job-27357645 1/1 12s 3m43s
It seems so. Only the latest three jobs are available. Of course, if you are interested, can you study how to change the number? (successful jobs history limit: 3) k you can modify it. It is normal to check the pod log once. The trigger time of job 5 minutes is 0, 5 and 10 in this order
Some of my own thoughts:
- cronjob needs to limit resources
- cronjob can also mount configmap
- For task type applications, you can try to apply job or cronjob
- Images still need to be rebuilt, different applications. This can reduce the size of the image and reduce the possibility of vulnerabilities