Google Cloud Platform I：使用Kubernetes将Docker App部署到Google Container Engine

介绍 ( Introduction )

Google Cloud Platform (GCP) is a cloud computing service by Google that offers a set of enterprise cloud services that leverages the same techologies that are used at Google.

Google Cloud Platform（GCP）是Google提供的一种云计算服务，它提供了一组企业云服务，这些服务利用了Google所使用的相同技术。

Notable aspects of GCP are:

GCP值得注意的方面是：

• Google Compute Engine - Infrastructure as a Service (IaaS) platform that delivers high powered Virtual machines and is comparable to Amazon EC2.
  Google Compute Engine-基础架构即服务（IaaS）平台，可提供功能强大的虚拟机，可与Amazon EC2媲美。
• Google App Engine - Platform as a Service (PaaS) platform for building scalable web applications.
  Google App Engine-平台即服务（PaaS）平台，用于构建可扩展的Web应用程序。
• Google Container Engine - Built on Open source Kubernetes, GKE is a powerful platform for managing and running Docker containers.
  Google容器引擎 -基于开源Kubernetes构建的GKE是用于管理和运行Docker容器的强大平台。
• Cloud Storage, Big Query and real-time data streaming platform Cloud Pub/Sub
  云存储 ， 大查询和实时数据流平台云发布/订阅

In this article, we will be deploying a containerized NodeJS application to GCP with Kubernetes, thanks to the platform's Google Container Engine.

在本文中，由于平台的Google容器引擎，我们将使用Kubernetes将容器化的NodeJS应用程序部署到GCP。

什么是Kubernetes？ ( What Is Kubernetes? )

Kubernetes is an open-source platform for automating deployment, scaling, and operations of application containers across clusters of hosts, providing container-centric infrastructure.

Kubernetes是一个开放源代码平台，用于跨主机群集自动执行应用程序容器的部署，扩展和操作，从而提供以容器为中心的基础架构。

https://kubernetes.io/

https://kubernetes.io/

Developed and powered by Google, Kubernetes provides an efficient way to manage Docker containers. Some it's provisions are:

由Google开发和支持的Kubernetes提供了一种有效的方式来管理Docker容器。 它的一些规定是：

• Deploying Docker containers quickly and predictably.
  快速且可预测地部署Docker容器。
• Scaling your applications depending on the traffic needs on the fly.
  根据动态流量需求扩展应用程序。
• Easily rolling out new features.
  轻松推出新功能。

Some of the few things that make Kubernetes stand out are:

使Kubernetes脱颖而出的一些因素包括：

• Automated rollouts and rollbacks - Easily roll new features to an existing application and rollback in case something goes wrong.
  自动推出和回滚 -轻松将新功能回滚到现有应用程序，并在出现问题时进行回滚。
• Horizontal Scaling - Scale up and down depending on your CPU usage.
  水平缩放 -根据您的CPU使用率进行缩放 。
• Service discovery and load balancing - Use Kubernetes services to externally access containers and distribute the traffic to Kubernetes pods.
  服务发现和负载平衡 -使用Kubernetes服务从外部访问容器并将流量分发到Kubernetes Pod。
• Secret and configuration management - Easy and secure management of sensitive data such as passwords, API keys and Auth tokens without risk of compromise.
  秘密和配置管理 -轻松安全地管理敏感数据，例如密码，API密钥和Auth令牌，而不会受到威胁。
• Healthchecks perfomance. - Constantly perform healthchecks on your applications via HTTP to easily detect and remedy failures.
  健康检查性能。 -通过HTTP对您的应用程序不断执行运行状况检查，以轻松检测和纠正故障。
• Resource Usage Monitoring
  资源使用情况监控

Enough chatter about what Kubernetes can do! The list is endless. Let's get our hands dirty with it.

关于Kubernetes可以做什么的足够的讨论！ 列表是无止境的。 让我们动手吧。

先决条件 ( Prerequisites )

To build and deploy the container, a background in the following is a plus but not necessary.

要构建和部署容器，需要具备以下背景知识，但不是必需的。

• Docker - A lightweight containerization platform.
  Docker-一个轻量级的容器化平台。
• NodeJS - Javascript runtime built on Chrome's V8 JavaScript engine.
  NodeJS-基于Chrome的V8 JavaScript引擎构建的Javascript运行时。
• Kubernetes - An open-source Google managed platform for automating deployment, scaling, and management of containerized applications.
  Kubernetes-一个由Google管理的开源平台，用于自动化容器化应用程序的部署，扩展和管理。

You will also need a Google Cloud Platform Subscription or Trial Account. Currently, Google offers a 60 day free subscription to all GCP services worth 300 dollars.

您还需要一个Google Cloud Platform订阅或试用帐户。 目前，Google提供价值300美元的所有GCP服务的60天免费订阅。

Sweet! Let's get started!

甜！ 让我们开始吧！

安装与设定 ( Installation and Setup )

码头工人 (Docker)

Go to the Docker download page and download the file that suites your Operating System and install.

转到Docker下载页面并下载适合您的操作系统并安装的文件。

If you are on a mac, Simply run

如果您使用的是Mac，只需运行

$ brewinstall docker

gcloud (gcloud)

gcloud is a command-line tool for managing resources on Google Cloud Platform and is provided as part of Google Cloud SDK. To install, download the latest version here and extract it to your local system. Ensure that you have Python 2.7 installed.

gcloud是用于管理Google Cloud Platform上资源的命令行工具，作为Google Cloud SDK的一部分提供。 要安装，请在此处下载最新版本并将其解压缩到本地系统。 确保已安装Python 2.7。

Once downloaded, extract the folder and run the following command to install gcloud and add it to your path.

下载完成后，解压缩该文件夹并运行以下命令以安装gcloud并将其添加到您的路径中。

OS X/Linux users

OS X / Linux用户

./google-cloud-sdk/install.sh

Windows users

Windows用户

.\google-cloud-sdk\install.bat

You can now authenticate gcloud with your Google account on your terminal by running the initialization command.

现在，您可以通过运行初始化命令在您的终端上使用Google帐户对gcloud进行身份验证。

gcloud init

This will authenticate your gcloud environment, set a default project if any, set the default compute engine region (such as us-east1) and zone (such as us-central1-a).

这将对您的gcloud环境进行身份验证，设置默认项目（如果有），设置默认计算引擎区域（例如us-east1 ）和区域（例如us-central1-a ）。

To check your current configurations, run the configuration list command.

要检查当前配置，请运行configuration list命令。

gcloud config list

Kubectl (kubectl)

Kubernetes provides a number of ways to install the kubectl command used to interact with it on your local system. The easiest approach to setup is installing it as part of Google Cloud SDK.

Kubernetes提供了多种方法来在本地系统上安装用于与其交互的kubectl命令。 最简单的设置方法是将其安装为Google Cloud SDK的一部分。

Simply run

只需运行

gcloud componentsinstall kubectl

To verify your installation, check the kubectl version on your command-line. You should get back a response with the version details.

要验证安装，请在命令行上检查kubectl版本。 您应该返回有关版本详细信息的回复。

If you need to install any other provisions of Google Cloud SDK, simply run the command gcloud components list

如果您需要安装Google Cloud SDK的其他任何规定，只需运行命令gcloud components list

创建GCP项目 ( Creating The GCP Project )

Every Google project begins with creating a project on it's dashboard. Once you have your subscription or trial account ready, head over to https://console.cloud.google.com to create your first project.

每个Google项目都从在其仪表板上创建项目开始。 准备好订阅或试用帐户后，请转到https://console.cloud.google.com创建您的第一个项目。

Click on create new project and give it a memorable name. Take note of the project ID as we will be using it across the entire process.

单击创建新项目，并给它一个令人难忘的名称。 注意项目ID，因为我们将在整个过程中使用它。

This may take a while to finish. Once it's done, click on the Products & Services icon and select Container Engine which is where our Docker images will live.

这可能需要一段时间才能完成。 完成后，单击“ 产品和服务”图标，然后选择Container Engine ，这是我们的Docker映像所在的位置。

The Container clusters manages our Google Compute Engine instances also reffered to as nodes.

容器集群管理着我们的Google Compute Engine实例（也称为节点） 。

The Container Registry is a repository for all our Docker images from which containers will be created.

容器注册表是我们所有Docker映像的存储库，将从中创建容器。

准备我们的部署环境 ( Preparing our Deployment Environment )

设置默认项目 (Set default project)

Once we have the gcloud and kubectl command-line tools installed, we can now set the project we created earlier as our default. We can easily do this with the config option.

安装完gcloud和kubectl命令行工具后，我们现在可以将之前创建的项目设置为默认项目。 我们可以使用config选项轻松地做到这一点。

gcloud configset project scotch-155622

Like we mentioned earlier, you can see a list of your configurations by running the gcloud config list command.

就像我们前面提到的，您可以通过运行gcloud config list命令来gcloud config list 。

集群 (Clusters)

A cluster is a group of Google Compute Engine instances running Kubernetes. Pods and Services which we will be looking at later on, all run on top of a cluster.

集群是一组运行Kubernetes的Google Compute Engine实例。 我们将在稍后介绍的Pod和Services全部运行在集群的顶部。

Kubernetes coordinates a highly available cluster of computers that are connected to work as a single unit.

Kubernetes协调连接在一起作为一个单元工作的高可用性计算机集群。

• Creating a cluster
  创建集群

You can create a cluster on the Container Clusters section on the project dashboard by going to Container Engine > Container Clusters > New container cluster or via the command-line using the kubectl command. Simply run

您可以通过以下方式在项目仪表板的“ 容器群集”部分上创建群集：转到“ 容器引擎”>“容器群集”>“新容器群集”，或使用kubectl命令通过命令行。 只需运行

gcloud container clusters create scotch-cluster

The cluster may take some time to complete. Once it's done, again, set it as the default cluster.

群集可能需要一些时间才能完成。 完成后，再次将其设置为默认群集。

gcloud configset container/cluster scotch-cluster

You will notice that the project dashboard console will reflect our newly created cluster.

您会注意到，项目仪表板控制台将反映我们新创建的集群。

• Getting the cluster credentials.
  获取群集凭据。

We now have a Kubernetes cluster on Our GCP project that will contain our containerized application. Let's notify our local setup that we are authorized to use the cluster.

现在，我们的GCP项目上有了一个Kubernetes集群，它将包含我们的容器化应用程序。 让我们通知本地设置，我们已被授权使用群集。

On clicking the connect button shown in the cluster above, you will be presented with the command to configure Kubernetes with the newly created scotch-cluster.

单击上方集群中显示的connect按钮后，将显示命令，以使用新创建的scotch-cluster配置Kubernetes。

Run the command on your terminal and we are now ready to push our Docker container.

在您的终端上运行命令，我们现在可以推送Docker容器了。

看看我们的NodeJS应用程序。 ( A Look At Our NodeJS App. )

Our app is going to be very simple and straight forward. We are going to have a single index.js file that serves 3 routes using express.

我们的应用程序将非常简单直接。 我们将有一个index.js文件，该文件使用express服务3条路由。

We will look at Dockerfile, deployment.yml and service.yml files in later sections.

我们将在后面的部分中查看Dockerfile ， deployment.yml和service.yml文件。

├── .gitignore
├── package.json
├── index.js
├── Dockerfile
├── deployment.yml
├── service.yml

Here is a snapshot of the index.js file.

这是index.js文件的快照。

const app = require('express')();

const port = process.env.PORT || 8000;

app.get('/', (req, res) => {
  res.status(200).json('welcome to root');
});

app.get('/foo', (req, res) => {
  res.status(200).json('welcome to foo');
});

app.get('/bar', (req, res) => {
  res.status(200).json('welcome to bar');
});

app.listen(port, () => console.log('Magic happens on port', port));

module.exports.app = app;

Pretty straightforward, right? Sweet!

很简单吧？ 甜！

Docker化我们的Node App ( Dockerizing Our Node App )

Make sure you have Docker running on your local setup before proceeding. While we will not go to the details of how Docker works, take a look at this article on getting started with Docker.

在继续操作之前，请确保在本地设置上运行Docker。 尽管我们不会详细介绍Docker的工作方式，但请阅读这篇有关Docker入门的文章。

创建一个Docker映像 (Creating a Docker Image)

To create an image for our application, we will use the docker build command which looks for a Dockerfile in the set directory.

要为我们的应用程序创建映像，我们将使用Dockerfile docker build命令，该命令在set目录中查找Dockerfile 。

Here is a look at our Dockerfile.

这是我们的Dockerfile的外观。

#Create our image from Node 6.9-alpine
FROM node:6.9-alpine

MAINTAINER John Kariuki 

#Create a new directory to run our app.
RUN mkdir -p /usr/src/app

#Set the new directory as our working directory
WORKDIR /usr/src/app

#Copy all the content to the working directory
COPY . /usr/src/app

#install node packages to node_modules
RUN npm install

#Our app runs on port 8000. Expose it!
EXPOSE 8000

#Run the application.
CMD npm start

To create our Google Cloud platform-ready Docker image, we have to abide by some rules before it is pushed to the Google Container Registry. The image has to be created in the following format. gcr.io/{$project_id}/{image}:{tag}

要创建支持Google Cloud Platform的Docker映像，在将其推送到Google Container Registry之前，我们必须遵守一些规则。 必须以以下格式创建图像。 gcr.io/{$project_id}/{image}:{tag}

$ docker build -t gcr.io/scotch-155622/node-app:0.0.1.

We should be able to see the newly created image once it's done by running docker images.

运行docker images我们应该能够看到新创建的docker images 。

将Docker映像推送到容器注册表 (Pushing The Docker Image to Container Registry)

With our Docker image ready, pushing it to the Container Registry is simply done with the gcloud command.

准备好我们的Docker映像后，只需使用gcloud命令即可将其推送到Container Registry。

gcloud docker -- push gcr.io/scotch-155622/node-app:0.0.1

This may take a while but once it's done, we should have the image listed on Compute > Container Engine > Container Registry. which can be managed/orchestrated by Kubernetes!

这可能需要一段时间，但一旦完成，我们应该在“ 计算”>“容器引擎”>“容器注册表”上列出该图像。 可以由Kubernetes管理/组织！

部署：从Docker映像实例化容器 ( Deployments: Instantiating A Container From the Docker Image )

All we have now is a Docker image on the Container Registry. To actually run the application, we need to create an instance from the image - A Docker container.

现在我们所拥有的只是Container Registry上的Docker映像。 要实际运行该应用程序，我们需要从该映像创建一个实例-一个Docker容器。

To achieve this, we will create a Kubernetes Deployment which creates a pod for our container.

为了实现这一目标，我们将创建一个Kubernetes部署它创建了一个吊舱我们的容器。

A Kubernetes pod is a group of containers, tied together for the purposes of administration and networking that are always co-located and co-scheduled, and run in a shared context.

Kubernetes容器是一组容器，它们出于管理和网络目的而捆绑在一起，它们始终位于同一位置并共同调度，并在共享上下文中运行。

Containers within a pod share an IP address and port space, and can find each other via localhost

Pod中的容器共享一个IP地址和端口空间，并且可以通过localhost找到彼此

There are two ways to create a deployment using the kubectl command. You can either specify the parameters in a yml file or the command-line.

有两种使用kubectl命令创建部署的方法。 您可以在yml文件中或命令行中指定参数。

Command-line approach

命令行方法

The deployment name is a unique identifier for your deployment that will be used to reference it later on. Specify the image name to create the deployment from and finally a port which will be mapped to our applications port that is exposed (see Dockerfile).

部署名称是您的部署的唯一标识符，以后将用于引用它。 指定映像名称以从中创建部署，最后指定一个端口，该端口将映射到我们公开的应用程序端口（请参阅Dockerfile）。

kubectl run{deployment_name} --image=gcr.io/$PROJECT_ID/{name}:{tag} --port={port}

file approach

文件方式

I personally prefer this approach as it is easier for me to play around with the configurations of the deployment. Here is a look at our Deployment file, subtly named deployment.yml

我个人更喜欢这种方法，因为它使我更容易处理部署的配置。 这是我们的Deployment文件的简称，该文件的名称为deployment.yml

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: scotch-dep
  labels:
    #Project ID
    app: scotch-155622
spec:
  #Run two instances of our application
  replicas: 2
  template:
    metadata:
      labels:
        app: scotch-155622
    spec:
      #Container details
      containers:
        - name: node-app
          image: gcr.io/scotch-155622/node-app:0.0.1
          imagePullPolicy: Always
          #Ports to expose
          ports:
          - containerPort: 8000

One of the interesting aspects is that deployments allows you to set the number of instances for your application. This scaling Kubernetes provision allows you to add or remove instances/replicas/pods depending on the traffic needs of your app.

有趣的方面之一是，部署使您可以设置应用程序的实例数。 这种扩展的Kubernetes条款允许您根据应用程序的流量需求添加或删除实例/副本/容器。

To create the deployment, run:

要创建部署，请运行：

kubectl create -f deployment.yml

You can view the deployment and the created pods by running kubectl get deployments and kubectl get pods respectively. Adding a -w enables us to see how the pods are created.

您可以分别通过运行kubectl get deployments和kubectl get pods来查看部署和创建的pod。 添加-w使我们能够看到如何创建Pod。

服务：将应用程序暴露给外部流量 ( Services: Expose application to External traffic )

Up until this point, there has been no way for us to actually run the application externally. Currently, the deployment is only accessible within the Kubernetes cluster (say, between two services in the same cluster).

到目前为止，我们还没有办法在外部实际运行该应用程序。 当前，只能在Kubernetes群集内（例如，在同一群集中的两个服务之间）访问该部署。

Pods, like containers, can also be created and destroyed anytime, say, when scaling up or down or when rolling to an updated image. This means we cannot rely on the internal IPs since we cannot keep track of them.

像容器一样，容器也可以随时创建和销毁，例如在放大或缩小或滚动到更新的图像时。 这意味着我们不能依赖内部IP，因为我们无法跟踪它们。

Enter left, Services.

输入左，服务。

A Kubernetes Service is an abstraction which defines a logical set of Pods and a policy by which to access them - sometimes called a micro-service. It enables external traffic exposure, load balancing and service discovery for those Pods.

Kubernetes服务是一种抽象，定义了Pod的逻辑集和访问Pod的策略-有时称为微服务。 它为那些Pod启用了外部流量公开，负载平衡和服务发现。

Just like a deployment, You can create a service from a them command-line or from a file.

就像部署一样，您可以从命令行或文件创建服务。

command-line approach

命令行方法

kubectl expose deployment { service_name } --type = "LoadBalancer"

file approach

文件方式

Here is our Service file, again, subtly name service.yml.

再次，这是我们的服务文件，名称为service.yml 。

kind : Service
apiVersion : v1
metadata :
  #Service name
  name : node - app - svc
spec :
  selector :
    app : scotch - 155622
  ports :
    - protocol : TCP
      port : 8000
      targetPort : 8000
  type : LoadBalancer

The Kubernetes master creates the load balancer and related Compute Engine forwarding rules, target pools, and firewall rules to make the service fully accessible from outside of Google Cloud Platform.

Kubernetes主服务器创建负载平衡器以及相关的Compute Engine转发规则，目标池和防火墙规则，以使该服务可以从Google Cloud Platform外部完全访问。

To create the service, run:

要创建服务，请运行：

kubectl create -f service.yml

Once the service is created, we can get the externally accessible IP address by listing all the services (kubectl get services). The external IP may take a few seconds to be visible. You should get this.

创建服务后，我们可以通过列出所有服务（ kubectl get services ）来获取外部可访问的IP地址。 外部IP可能需要几秒钟才能显示。 你应该得到这个。

From this, you can now access your application by visiting the IP address on port 8000 (http://104.198.206.188:8000/) in our case. It works!.

由此，您现在可以通过访问端口8000上的IP地址（ http://104.198.206.188:8000/ ）来访问您的应用程序。 有用！。

Try out the other routes as well.

尝试其他路线。

扩大/缩小您的应用程序 ( Scaling Up/Down your Application )

Like we mentioned, one of the best provisions of Kubernetes is that you can scale your application up and down depending on your traffic requirements. This can be done by running the following command:

就像我们提到的那样，Kubernetes的最佳配置之一是您可以根据流量需求上下扩展应用程序。 这可以通过运行以下命令来完成：

kubectl scale deployment { deployment_name } --replicas = n

In our case, the deployment name is scotch-dep and n can be 3 replicas to scale up from 2 instances or 1 to scale down. You can actually see the pods come alive or get terminated by running the kubectl get pods -w command.

在我们的示例中，部署名称为scotch-dep ， n可以是3个副本以从2个实例按比例扩展，也可以是1个副本以按比例缩小。 通过运行kubectl get pods -w命令，您实际上可以看到Pod活跃起来或被终止。

自动缩放 (Autoscaling)

You can also enable autoscaling in the cluster and set the minimum and maximum number of Pods based on the CPU utilization from the existing pods

您还可以在集群中启用自动扩展，并根据现有Pod中的CPU利用率设置Pod的最小和最大数目。

kubectl autoscale deployment nginx-deployment --min = 5 --max = 10 --cpu-percent = 75

Kubernetes Web UI ( Kubernetes Web UI )

Kubernetes has a very neat web User Interface for every cluster that makes it easy to interact with the Kubernetes functionality - From deploying to autoscaling to managing and monitoring clusters.

Kubernetes每个集群都有一个非常简洁的Web用户界面，可以轻松地与Kubernetes功能进行交互-从部署到自动扩展再到管理和监视集群。

To access the UI locally, run the following command.

要在本地访问UI，请运行以下命令。

$ kubectl proxy

Go to http://localhost:8001/u, you should see a dashboard like this. This particular service section displays all the pods running in the cluster.

转到http：// localhost：8001 / u ，您应该看到这样的仪表板。 该特定服务部分显示集群中运行的所有Pod。

Read more on what you can do on the Kubernetes web UI here.

在此处阅读有关Kubernetes Web UI上的功能的更多信息 。

结论 ( Conclusion )

In this article, we have been able to:

在本文中，我们已经能够：

• Look at a few provisions of Google Cloud Platform,
  看一下Google Cloud Platform的一些规定，
• Understand Kubernetes and it's role in deploying Docker containers to GCP.
  了解Kubernetes及其在将Docker容器部署到GCP中的作用。
• Deploy a simple NodeJS application in a Docker container to GCP.
  在Docker容器中将简单的NodeJS应用程序部署到GCP。
• Understand Kubernetes Deployments, Services and scaling features.
  了解Kubernetes的部署，服务和扩展功能。

There is still a lot more to learn on GCP. Next, we will look at Continous Integration/ Continous Deployment of Docker Containers with CircleCI which will give us the opportunity to automatically roll out upgrades to the application.

有关GCP的知识还有很多。 接下来，我们将研究使用CircleCI进行Docker容器的持续集成/持续部署，这将使我们有机会自动推出对应用程序的升级。

翻译自: https://scotch.io/tutorials/google-cloud-platform-i-deploy-a-docker-app-to-google-container-engine-with-kubernetes