Kubernetes取代部署失败
我创建了一个NodeJS脚本,用于将审阅应用程序部署到Kubernetes,用于我的GitLab存储库。为此,我正在使用Kubernetes NodeJS客户端。
为了完整起见,我已经包含了对Kubernetes资源的截断定义。
const k8s = require('@kubernetes/client-node');
const logger = require('../logger');
const {
CI_COMMIT_REF_NAME,
CI_ENVIRONMENT_SLUG,
CI_ENVIRONMENT_URL,
CI_REGISTRY_IMAGE,
KUBE_NAMESPACE,
} = process.env;
const { hostname } = new URL(CI_ENVIRONMENT_URL);
const mysqlDeployment = {
apiVersion: 'apps/v1',
kind: 'Deployment',
metadata: {
name: `${CI_ENVIRONMENT_SLUG}-mysql`,
labels: {
app: CI_ENVIRONMENT_SLUG,
tier: 'mysql',
},
},
spec: {
replicas: 1,
selector: {
matchLabels: {
app: CI_ENVIRONMENT_SLUG,
tier: 'mysql',
},
},
template: {
metadata: {
labels: {
app: CI_ENVIRONMENT_SLUG,
tier: 'mysql',
},
},
spec: {
containers: [
{
image: 'mysql:8',
name: 'mysql',
},
],
ports: { containerPort: 3306 },
},
},
},
};
const mysqlService = {
apiVersion: 'v1',
kind: 'Service',
metadata: {
name: `${CI_ENVIRONMENT_SLUG}-mysql`,
labels: {
app: CI_ENVIRONMENT_SLUG,
tier: 'mysql',
},
},
spec: {
ports: [{ port: 3306 }],
selector: {
app: CI_ENVIRONMENT_SLUG,
tier: 'mysql',
},
clusterIP: 'None',
},
};
const appDeployment = {
apiVersion: 'apps/v1',
kind: 'Deployment',
metadata: {
name: `${CI_ENVIRONMENT_SLUG}-frontend`,
labels: {
app: CI_ENVIRONMENT_SLUG,
tier: 'frontend',
},
},
spec: {
replicas: 1,
selector: {
matchLabels: {
app: CI_ENVIRONMENT_SLUG,
tier: 'frontend',
},
},
template: {
metadata: {
labels: {
app: CI_ENVIRONMENT_SLUG,
tier: 'frontend',
},
},
spec: {
containers: [
{
image: `${CI_REGISTRY_IMAGE}:${CI_COMMIT_REF_NAME}`,
imagePullPolicy: 'Always',
name: 'app',
ports: [{ containerPort: 9999 }],
},
],
imagePullSecrets: [{ name: 'registry.gitlab' }],
},
},
},
};
const appService = {
apiVersion: 'v1',
kind: 'Service',
metadata: {
name: `${CI_ENVIRONMENT_SLUG}-frontend`,
labels: {
app: CI_ENVIRONMENT_SLUG,
tier: 'frontend',
},
},
spec: {
ports: [{ port: 9999 }],
selector: {
app: CI_ENVIRONMENT_SLUG,
tier: 'frontend',
},
clusterIP: 'None',
},
};
const ingress = {
apiVersion: 'extensions/v1beta1',
kind: 'Ingress',
metadata: {
name: `${CI_ENVIRONMENT_SLUG}-ingress`,
labels: {
app: CI_ENVIRONMENT_SLUG,
},
annotations: {
'certmanager.k8s.io/cluster-issuer': 'letsencrypt-prod',
'kubernetes.io/ingress.class': 'nginx',
'nginx.ingress.kubernetes.io/proxy-body-size': '50m',
},
},
spec: {
tls: [
{
hosts: [hostname],
secretName: `${CI_ENVIRONMENT_SLUG}-prod`,
},
],
rules: [
{
host: hostname,
http: {
paths: [
{
path: '/',
backend: {
serviceName: `${CI_ENVIRONMENT_SLUG}-frontend`,
servicePort: 9999,
},
},
],
},
},
],
},
};
我使用以下函数将这些资源部署到Kubernetes。
async function noConflict(resource, create, replace) {
const { kind } = resource;
const { name } = resource.metadata;
try {
logger.info(`Creating ${kind.toLowerCase()}: ${name}`);
await create(KUBE_NAMESPACE, resource);
logger.info(`Created ${kind.toLowerCase()}: ${name}`);
} catch (err) {
if (err.response.statusCode !== 409) {
throw err;
}
logger.warn(`${kind} ${name} already exists… Replacing instead.`);
await replace(name, KUBE_NAMESPACE, resource);
logger.info(`Replaced ${kind.toLowerCase()}: ${name}`);
}
}
async function deploy() {
const kc = new k8s.KubeConfig();
kc.loadFromDefault();
const apps = kc.makeApiClient(k8s.Apps_v1Api);
const beta = kc.makeApiClient(k8s.Extensions_v1beta1Api);
const core = kc.makeApiClient(k8s.Core_v1Api);
await noConflict(
mysqlDeployment,
apps.createNamespacedDeployment.bind(apps),
apps.replaceNamespacedDeployment.bind(apps),
);
await noConflict(
mysqlService,
core.createNamespacedService.bind(core),
core.replaceNamespacedService.bind(core),
);
await noConflict(
appDeployment,
apps.createNamespacedDeployment.bind(apps),
apps.replaceNamespacedDeployment.bind(apps),
);
await noConflict(
appService,
core.createNamespacedService.bind(core),
core.replaceNamespacedService.bind(core),
);
await noConflict(
ingress,
beta.createNamespacedIngress.bind(beta),
beta.replaceNamespacedIngress.bind(beta),
);
}
初始部署正常,但是使用以下HTTP请求主体替换mysql服务失败。
{ kind: 'Status',
apiVersion: 'v1',
metadata: {},
status: 'Failure',
message:
'Service "review-fix-kubern-8a4yh2-mysql" is invalid: metadata.resourceVersion: Invalid value: "": must be specified for an update',
reason: 'Invalid',
details:
{ name: 'review-fix-kubern-8a4yh2-mysql',
kind: 'Service',
causes: [Array] },
code: 422 } }
我尝试修改noConflict以获取当前版本,并使用活动的versionResource来替换资源。
async function noConflict(resource, create, get, replace) {
const { kind, metadata } = resource;
const { name } = resource.metadata;
try {
logger.info(`Creating ${kind.toLowerCase()}: ${name}`);
await create(KUBE_NAMESPACE, resource);
logger.info(`Created ${kind.toLowerCase()}: ${name}`);
} catch (err) {
if (err.response.statusCode !== 409) {
throw err;
}
logger.warn(`${kind} ${name} already exists… Replacing instead.`);
const {
body: {
metadata: { resourceVersion },
},
} = await get(name, KUBE_NAMESPACE);
const body = {
...resource,
metadata: {
...metadata,
resourceVersion,
},
};
logger.warn(`${kind} ${name} already exists… Replacing instead.`);
await replace(name, KUBE_NAMESPACE, body);
logger.info(`Replaced ${kind.toLowerCase()}: ${name}`);
}
}
但是,这给了我另一个错误。
{ kind: 'Status',
apiVersion: 'v1',
metadata: {},
status: 'Failure',
message:
'Service "review-prevent-ku-md2ghh-frontend" is invalid: spec.clusterIP: Invalid value: "": field is immutable',
reason: 'Invalid',
details:
{ name: 'review-prevent-ku-md2ghh-frontend',
kind: 'Service',
causes: [Array] },
code: 422 } }
我该怎么做才能更换正在运行的资源?
数据库是否保持不变是一个小细节。
更新
为了解决LouisBaumann的评论:
我已经通过代码更改为以下内容,其中read是每个资源的相应读取调用。
async function noConflict(resource, create, read, replace) {
const { kind } = resource;
const { name } = resource.metadata;
try {
logger.info(`Creating ${kind.toLowerCase()}: ${name}`);
await create(KUBE_NAMESPACE, resource);
logger.info(`Created ${kind.toLowerCase()}: ${name}`);
} catch (err) {
if (err.response.statusCode !== 409) {
throw err;
}
logger.warn(`${kind} ${name} already exists… Replacing instead.`);
const { body: existing } = await read(name, KUBE_NAMESPACE);
await replace(name, KUBE_NAMESPACE, merge(existing, resource));
logger.info(`Replaced ${kind.toLowerCase()}: ${name}`);
}
}
以上内容不会崩溃,但也不会更新审阅环境。
更新
为了解决Crou的答案:
我已经用补丁调用更新了替换调用。所以noConflict函数变成:
async function noConflict(resource, create, patch) {
const { kind } = resource;
const { name } = resource.metadata;
try {
logger.info(`Creating ${kind.toLowerCase()}: ${name}`);
await create(KUBE_NAMESPACE, resource);
logger.info(`Created ${kind.toLowerCase()}: ${name}`);
} catch (err) {
if (err.response.statusCode !== 409) {
throw err;
}
logger.warn(`${kind} ${name} already exists… Patching instead.`);
await patch(name, KUBE_NAMESPACE, resource);
logger.info(`Replaced ${kind.toLowerCase()}: ${name}`);
}
}
我还更改了noConflict调用以传递补丁版本而不是替换函数。
await noConflict(
mysqlDeployment,
apps.createNamespacedDeployment.bind(apps),
apps.patchNamespacedDeployment.bind(apps),
);
// etc
这导致以下错误:
{
"kind": "Status",
"apiVersion": "v1",
"metadata": {},
"status": "Failure",
"message": "415: Unsupported Media Type",
"reason": "UnsupportedMediaType",
"details": {},
"code": 415
}
根据我的理解,你正在使用replace错误。
用filename或stdin替换资源。
接受JSON和YAML格式。如果替换现有资源,则必须提供完整的资源规范。这可以通过以下方式获得
$ kubectl get TYPE NAME -o yaml
如果你在没有从Kubernetes获得yaml的情况下进行替换,那么你就缺少resourceVersion。所以这就是你得到错误的原因:
Service "review-fix-kubern-8a4yh2-mysql" is invalid: metadata.resourceVersion: Invalid value: "": must be specified for an update
如果你只更换部分patch,你应该使用apply或Deployment。