[0031] The present application will be described in more detail below with reference to the accompanying drawings. Although preferred embodiments of the present application are shown in the accompanying drawings, it should be understood that the present application can be implemented in various forms and should not be limited by the embodiments set forth herein. On the contrary, these embodiments are provided to make the application more thorough and complete, and to fully convey the scope of the application to those skilled in the art.
[0032] As mentioned above, kubernetes is of great significance for the application, popularization and promotion of microservices. However, at present, it is necessary to manually deploy kubernetes clusters, resulting in problems such as inconsistent versions of the system environment, increased deployment time, high manual learning cost and difficult transplantation, which brings great difficulties to the application of microservices.
[0033]After in-depth understanding of many technical solutions and their combinations, the applicant chose to introduce ansible into kubernetes cluster deployment, realized the standardized delivery and deployment mode of building kubernetes container platform, significantly increased efficiency and reduced cost, created good technical conditions for the application, popularization and promotion of microservices, and reduced the resource loss of client operating system.
[0034] Ansible is a simple, powerful and agent-free automation language, which is written based on yaml text and easy to read. Ansible requires no agent, and no additional agent (agent) needs to be installed on the host or network device. In addition, ansible also enables cross platform support, which can support Linux, windows, UNIX and network devices. Playbook, play, role, inventory, task and module are all important terms in ansible. PlayBook can be regarded as a task list of roles. It is a script file built based on yaml in ansible. The main function of play is to dress up the hosts that are merged into a group in advance as roles defined through the task in advance. Role is a new feature introduced by ansible since version 1.2. It is used to organize playbooks hierarchically and structurally. Task calls the predefined module in ansible to perform the desired task. A module is a predefined module in ansible. Inventory is the list of roles. Ansible supports both dynamic and static objects. Plugin refers to the code segment added to ansible, which is used to extend ansible platform.
[0035] Figure 1 A flowchart showing a method of automatically building a container platform based on ansible according to an embodiment of the present application. as Figure 1 As shown, the method includes step 102, step 104 and step 106.
[0036] Step 102: configure the playbook, which includes a plurality of plays for installing the kubernetes container platform, and each play corresponds to at least one role.
[0037] In some possible embodiments, the roles corresponding to the plurality of plays include a role for system initialization, a role for installing a container, a role for installing a mirror warehouse, a role for installing an orchestration platform of kubernetes, etc. The layout platform of kubernetes usually includes master and node.
[0038] In some possible embodiments, each role is configured to perform at least one task, and an ansible predefined module can be called to write the task corresponding to each role.
[0039] The deployment task can be divided into multiple plays, and each play corresponds to at least one role. The play will dress up the hosts that are merged into a group as roles defined in advance through the task in ansible. You can call ansible predefined modules to write corresponding tasks. Copy, template, shell, yum, etc. are all frequently called modules in ansible. Copy module, which is used to overwrite the files in the specified directory to the role; Template module, which is used to replace and overwrite the configuration file on the role; Shell module for remote execution of shell script; Yum module for remote installation and uninstallation of software.
[0040] In some possible embodiments, the method further includes: creating a plurality of folders for each role, including a folder storing static files, a folder storing template files, a folder setting variables, a folder group storing at least one task executed by the role, a file group setting variables, and a file group storing at least one task executed by the role.
[0041] You can create files, tasks, templates, vars folders for each role. Files is used to store static files; Templates is used to store template files; Vars is used to set the running variables; Tasks is used to store one or more tasks executed by the role. Predefined modules in ansible can be called in the task file.
[0042] Step 104: configure the host list, and set the IP address corresponding to each role in the host list.
[0043] The IP address corresponding to each role can be set in the host list. The same role can be deployed on multiple servers to realize batch deployment and high availability of the system.
[0044] Step 106, run the playbook and install the kubernetes container platform on the server indicated by the IP address.
[0045] The above server can be a host server or a networking server.
[0046] In some possible embodiments, if the server indicated by the IP address is at the first security level, run the playbook to remotely install the kubernetes container platform on the server. In one example, the kubernetes container platform may be remotely installed on the server indicated by the IP address based on the SSH protocol.
[0047] In some possible embodiments, if the server indicated by the IP address is in the second security level, migrate the playbook to the device connected to the server, and run the playbook on the device to install the kubernetes container platform on the server.
[0048] For servers in ordinary production environment (the first security level), SSH authentication can be used to get through all these container platform servers for remote installation and deployment; After the deployment of the private key to the fortress is completed, the private key is added to the fortress.
[0049] For the server in the network isolation environment (the second security level), you can copy the playbook until the device connected with the server. This device can be other servers in the same network isolation environment with the server, or the server itself; Running playbook on the device to install and deploy on the server; And the playbook on the device can be deleted after installation.
[0050] According to the technical scheme disclosed in the application, the ansible automatic operation and maintenance tool is introduced. By configuring the playbook, configuring the host list, and running the playbook to install the kubernetes container platform on the server, the standardized delivery and deployment mode of building the k8s platform is realized, which significantly improves efficiency and reduces cost, and creates good technical conditions for the application, popularization and promotion of micro services. In addition, using ansible to build kubernetes platform, there is no need to install agents on the client, which can also reduce the resource loss of the client.
[0051]For example, you can define init in a play_ System (system initialization) role, which realizes the unified configuration optimization of operating system initialization, usually including the repair of security vulnerabilities, baseline repair, etc. Through this application, set init in playbook_ System, which can directly cover multiple remote container platform servers: sshd_ config、selinux、localtime、limits. conf、sudo、sysctl. conf、login. defs、pwquality. Conf, you can also upgrade the Linux kernel Kube apiserver, kubelet, Kube controller manager, Kube scheduler, Kube prox, install and delete RPM (RPM package manager), which significantly improves the deployment efficiency and reduces the error rate. In addition, since the agent is not deployed on the client, it will not cause resource loss to its operating system.
[0052] For another example, the deployment of kubernetesdocker, a container platform, is relatively complex. In the existing technology, experienced technicians are required to deploy manually, and the delivery cycle time is also long. By defining the role of installing the docker container in a play, you can create certificates, etcd clusters, master high availability, automatic installation of multiple components, etc. without understanding the internal principle of the container and module call mechanism, you can deliver quickly. In addition, the role is stored in the form of file, which has strong portability and reusability, and can be quickly copied to other projects.
[0053] In some possible embodiments, multiple plays in the playbook can install the kubernetes container platform on the role in a binary manner.
[0054] Binary deployment makes it easier to troubleshoot problems, but its deployment is more complex and error prone. According to this application, automatic deployment in binary mode is realized by introducing ansible, which avoids the defects of cumbersome and error prone modification of configuration file in binary deployment.
[0055] Figure 2 A flow chart for building a container platform according to an exemplary embodiment of the present application is displayed. As shown in the figure, S202 starts to run playbook. S204, execute the play of the corresponding system initialization role. S206, execute the play of the corresponding docker role. S208, execute the play corresponding to installing the role of the mirror warehouse. S210, execute the play corresponding to installing the etcd cluster role. When executing S210, also pull the image in the image warehouse. S212, execute the play corresponding to the installation of the cluster master role. S214, execute the play corresponding to installing the role of the cluster controlled node.
[0056] The embodiments of the present application have been described above. The above description is exemplary, not exhaustive, and is not limited to the disclosed embodiments. Without departing from the scope and spirit of the described embodiments, many modifications and changes are obvious to those skilled in the art.
