How do you guys use docker and kubernetes in production?

polaris · · 453 次点击    
这是一个分享于 的资源,其中的信息可能已经有所发展或是发生改变。
<p>Is the information is this article still relevant or are there better ways to get started now?</p> <p><a href="https://blog.golang.org/docker" rel="nofollow">https://blog.golang.org/docker</a></p> <p>How is a go app packaged in docker and used with kubernetes inside google cloud? How do you do CI&amp;D? </p> <hr/>**评论:**<br/><br/>cittatva: <pre><p>I&#39;m a fan of drone for the CI. GitHub.com/drone/drone. Easy self-hosted, and once you get the pattern, it&#39;s really flexible. Commit to github builds, tests, deploys. </p></pre>kidovate: <pre><p>kops to make the cluster or use GCE</p> <p>go in docker - compile the program, then package the static binary in an Alpine container. </p> <p>CI - pick one - Openshift Origin, Spinnaker, other proprietary options. </p></pre>HectorJ: <pre><blockquote> <p>then package the static binary in an Alpine container. </p> </blockquote> <p>Why alpine vs &#34;from scratch&#34;? </p></pre>whizack: <pre><p>it&#39;s not always necessary depending on your orchestration layer, but sometimes being able to ssh onto a prod instance is a godsend.</p></pre>ChristophBerger: <pre><p>Is having an sshd running in every container a good idea, considering security and maintenance efforts? (I have <a href="https://jpetazzo.github.io/2014/06/23/docker-ssh-considered-evil/" rel="nofollow">this blog post</a> in mind.)</p></pre>thockin: <pre><p>You don&#39;t need sshd in every container, just a shell binary, and kubernetes can exec into it. Hopefully in v1.9, you won&#39;t even need the shell - we can inject it dynamically!</p></pre>whizack: <pre><p>in the context of OP&#39;s question (new user getting started), no it&#39;s not the best idea. Having a shell is also mostly unnecessary if you have the infrastructure in place for logs/monitoring.</p> <p>a few places I&#39;ve worked pay the cost of carefully maintaining images and networking for stuff like sshd because they already have systems in place for secured ssh access to prod environments.</p> <p>that said, it&#39;s definitely not where I&#39;d <em>start</em> w/ k8s in GCE.</p></pre>Pagedpuddle65: <pre><p>Yeah we just use scratch. </p></pre>recurrency: <pre><p>jenkins (ugh) running on k8s, runs tests/builds binary in golang build container then add binary to minimal Docker, always looking like so:</p> <p><code>FROM scratch ADD bin/mybinary .</code></p> <p>and then start rcs/whatever using k8s scripts/custom cli written using k8s <code>client-go</code>.</p></pre>michele: <pre><p>I have to production environments running on Kube: one on AWS with kops and the other on GCE. GCE is easier to get started, while kops feels, at least to me, more flexible.</p> <p>On the AWS cluster we have Jenkins (I know, I know ;)) running tests and building the containers on every git push and we then have a multi-stage deploy (dev, staging, production). On the GCE cluster we build using Google Cloud Container Registry&#39;s build triggers.</p> <p>We tried using Drone instead of Jenkins, but we have complex pipelines and requirements which were almost impossible to support.</p> <p>As for containerizing a Go app, you can either use the go image and build the app inside of the container, or build the binary somewhere and then just add it to a bare bones image as suggested by <a href="/u/recurrency" rel="nofollow">/u/recurrency</a></p></pre>titpetric: <pre><p>Docker and docker swarm for me. <a href="https://leanpub.com/12fa-docker-golang" rel="nofollow">12 Factor Apps with Docker and Go</a>.</p> <p>CI and CD are usually done with anything you like, but there are a number of services available. Travis, Jenkins, Codeship, Buildkite, GitLab CI, Bitbucket pipelines,... you can use any to build your stuff and set up a deployment process.</p> <p>Packaging your app is as simple as choosing an appropriate docker image (alpine is a good choice if you need some additional software), and then just add in your binary. For example: <a href="https://github.com/titpetric/pendulum/blob/master/Dockerfile" rel="nofollow">titpetric/pendulum</a>;</p></pre>lexpi: <pre><p>Seems like your link for 12 factor apps is broken </p></pre>titpetric: <pre><p>Fixed, ty</p></pre>

入群交流(和以上内容无关):加入Go大咖交流群,或添加微信:liuxiaoyan-s 备注:入群;或加QQ群:692541889

453 次点击  
加入收藏 微博
暂无回复
添加一条新回复 (您需要 登录 后才能回复 没有账号 ?)
  • 请尽量让自己的回复能够对别人有帮助
  • 支持 Markdown 格式, **粗体**、~~删除线~~、`单行代码`
  • 支持 @ 本站用户;支持表情(输入 : 提示),见 Emoji cheat sheet
  • 图片支持拖拽、截图粘贴等方式上传