Practice — 王磊磊 @TenxCloud Agenda • Our DevOps Expectations • Kubernetes Capabilities/Advantages to Build DevOps Solution • Architecture and Features • CRD and operator design • Pipeline / Stage/ Task availability • Extensibility / Integration • CI/CD examples • Future plan Our DevOps Expectations • Build a platform and easy to integrate with other DevOps/third-party tools • Easy to be customized as Kubernetes Capabilities/Advantages to Build DevOps Solution Pod Job CronJob • k8s itself is NOT a PaaS or DevOps platform，but … • k8s resources that can be used to build DevOps solution Volumes ConfigMap

github.com/GoogleContainerTools/jib Build containers faster with Jib A container image builder for Java applications Our Team Cloud Tools for Java Appu Goundan @coollog @loosebazooka Qingyang ndencies to target/dependencies/ Some more searching github.com/GoogleContainerTools/jib ... <build> com.spotify dockerfile-maven itory> ${project.version} build> ... github.com/GoogleContainerTools/jib What did we do? 1. Write first Dockerfile 2. Reduce

Rancher Labs, Inc. API Aggregation • What API aggregation provides • Extended with additional APIs • Build your own API server • Requirements of aggregation layer • Running Kubernetes 1.7 Cluster • Enable apiserver flags © 2017 Rancher Labs, Inc. Setup an Extension API Server • Use apiserver-builder to build your own API server • https://github.com/Kubernetes-incubator/apiserver-builder • Download and install Then initialize your own resource group, version and kind. • Your API server could be build and run now • Build as an image and run in a cluster © 2017 Rancher Labs, Inc. API Server Aggregation Architecture

Pool 统一的模型层 平台统一“能力池” 模块化的交付系统 - GitOps “应用”配置 Git (as source of truth) 持续集成 ● Build ● Run Unit Tests ● Build Docker Image ● Push Docker Image Image Registry Operational Configs (YAML) Revision 的应用模型 • 围绕 GitOps 的持续交付 = “以应用为中心”的 K8s KubeVela Git (as source of truth) 持续集成 ● Build ● Run Unit Tests ● Build Docker Image ● Push Docker Image Image Registry AutoScaling Controller Rollout

配置版本，发布，回滚，可以更加方便 微服务的开发阶段 统一采用gRPC协议和protobuf编解码 CI check 阶段 • 主要做 pb 的 format、lint、breaking 检查。 CI build 阶段 • 会基于 pb 的注释自动产生文档，并推送至内部的微服务管理系统接口平台中 • 会生成 Go/PHP/Node/Java 桩代码和错误码，推送到指定的仓库 开发阶段 • go get https://ego.gocn.vip/ micro/chapter1/build.ht ml 微服务的部署阶段 注入信息 版本信息 发布版本 • 执行./bin/hello --version • 查看线上使用框架版本 https://ego.gocn.vip/ micro/chapter1/build.ht ml 微服务的部署阶段 注入信息 版本信息 发布版本 • 配置 管理版本信息 管理拓扑关系 管理成本 资料 框架：https://github.com/gotomicro/ego 编译：https://ego.gocn.vip/micro/chapter1/build.html 链路：https://ego.gocn.vip/micro/chapter2/trace.html 限流：https://ego.gocn.vip/frame/client/sentinel

根分区 /home分区 DeviceMapper Docker Volumn LVM  比拟物理磁盘IO性能  磁盘空间隔离  调度扩展磁盘资源  异步清理 Build IMAGE  封装规范Dockerfile  Dockerfile分片，构建编译 和运行环境  CMD固定为Docker-init  环境变量指引功能 Docker-Init 统一监控  数据自动迁移  故障自愈 CI/CD Step1 Branch staging change Condition Action Object Build UT test Staging Job Deploy Staging Job IT Test Staing Job Merge Preview Branch Step2

listen(8080); Dockerfile FROM node:10.20.0 EXPOSE 8080 COPY server.js . CMD node server.js 打包 docker build -t hello-node:v1 . ⽣成镜像如下： docker images # REPOSITORY TAG IMAGE ID CREATED service hello-node 会即刻打开浏览器，显示 “Hello World” 消息。 更新 Nodejs 应⽤镜像和服务 修改 Nodejs 程序并出新镜像： docker build -t hello-node:v2 . Deployment更新镜像 kubectl set image deployment/hello-node hello-node=hello-node:v2

Deployment, CI and CD Local development Gitlab runner Dockerhub Pod Pod Pod -Build -Test -Push to dockerhub -Deploy Application infrastructure The services around Kubernetes Take

Containers, Kubernetes & Helm? • Container • Contains everything needed to run your application • Build once run anywhere • Starts in seconds: Great for scalability • Images are stored in a centralized

Dashboard ... it should follow philosophy of K8s, and should be [the foundation] on which we can build our custom command center.” → Survey response → Cluster Operator, running Kubernetes on-prem and