Best practices for production on containerized applications
This article was last updated on: July 24, 2024 am
preface
Lately busy to death, 👻👻👻 . Last week came once more fierce than 996 907
. This Tuesday was finally a little unbearable, take a day off, take a little rest.
At the same time, my hands itch can’t do it, and I sent up the heavy article that I have been preparing for a long time haha. 😆😆😆
However, the time is still a bit rushed, so this time I will start first, and then there will be time to refine it.
Best practices for production on containerized applications
- Check whether the image and container are used
root
Launch as well as configure other privileges. If not necessary, always use ordinary users. - Check the image
LANG
Disposition:LANG = en_US.UTF-8
. Purpose: To avoid problems such as garbled characters in production - Check the mirror time zone configuration:
TZ=Asia/Shanghai
Purpose: To avoid time zone inconsistencies in production - Configure externalization. There are several means of externalization:
- Same image, from test stream to production. Give the mirror a hit
${version}
or${gitCommitId}
Labels for this category. Purpose: Ensure the correct version flow to production by version number or commit id - Discusses each component
- Log output optimization:
- Optionally, install redis/kafka/rabbitmq clusters (and configure exporter monitoring) as needed
- Microservice parameter optimization:
- DevOps pipelines for DEV, TEST, UAT, PRE-PROD, PROD.
- Configure Readiness and Liveness probes.
- Added JMX-exporter monitoring and tracing monitoring.
- NGINX conf suggests adding:
worker_processes 1;
Then adjust the number of replicas as needed. - Optionally, configure the PDB, specifying during the upgrade or reboot:
maxUnavailable
orminAvailable
(Especially suitable for: stateful applications. typical examples: redis, kafka, zookeeper, etc.) - Configure anti-affinity
podAntiAffinity
. Ensure that the same set of microservices/applications/components is as scattered as possible across different nodes.
5-6 Operation steps:
1 |
|
An example of the 11-step step is as follows:
1 |
|
An example of the 14 steps is as follows: (Note the keywords: maxUnavailable
and minAvailable
)
1 |
|
1 |
|
An example of the 15 steps is as follows: (Note the keywords: podAntiAffinity
)
1 |
|
finish
🎉🎉🎉