笔者已开源修改过(并附有完整 DevOps 流程)的源码:Hacker-Linner/nanoserver
熟悉 K8S 的伙伴也可以忽略此文,可以直接上手此项目的 DevOps!可以直接上手此项目的 DevOps!可以直接上手此项目的 DevOps!
相关 Dockerfile 文件准备
Dockerfile.base
准备项目在线 CI 构建基础 Image。
FROM golang:1.15-alpine RUN go env -w GO111MODULE=on RUN go env -w GOPROXY=https://mirrors.aliyun.com/goproxy/,direct RUN mkdir -p /nanoserver/ WORKDIR /nanoserver COPY go.mod go.mod RUN go mod download
生成 Image hackerlinner/nanoserver:base
docker build -f Dockerfile.alpine.base -t hackerlinner/nanoserver:base . --no-cache
Dockerfile.alpine.base
准备项目生产基础 Image。
FROM alpine:3.12 RUN addgroup -S app \ && adduser -S -g app app \ && apk --no-cache add \ ca-certificates curl netcat-openbsd
生成 Image hackerlinner/nanoserver-alpine:base
docker build -f Dockerfile.alpine.base -t hackerlinner/nanoserver-alpine:base . --no-cache
Dockerfile.prod
CI 生产构建所需的 Dockerfile
### nanoserver:base FROM hackerlinner/nanoserver:base as builder WORKDIR /nanoserver COPY . . RUN CGO_ENABLED=0 go build -a -o bin/nanoserver ### nanoserver-alpine:base FROM hackerlinner/nanoserver-alpine:base LABEL maintainer="为少" WORKDIR /home/app COPY --from=builder /nanoserver/bin/nanoserver . COPY ./configs ./configs RUN chown -R app:app ./ RUN ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime RUN echo 'Asia/Shanghai' >/etc/timezone USER app CMD ["./nanoserver"]
相关 Kubernetes 部署文件准备
Helm 3 部署 MySql
相关部署文件在:k8s/mysql
首先在你的集群中分配部署空间,这里我是 nano:
kubectl create ns nano
在你的持久化服务器分配文件夹,我这里用的是 NFS:
# 分配 MySql 文件夹,持久化数据 mkdir -p /data/nfs/nano/nanoserver-mysql chmod -R 777 /data/nfs/nano/nanoserver-mysql
创建 PV & PVC,关联到 NFS
pvc.yaml:k8s/mysql/pvc.yaml
kubectl apply -f pvc.yaml -n nano
部署:
helm install nanoserver-mysql ./mysql -f values.yaml -n nano
数据库创建:
create database
mysql -u root -phacker12345 create database scmj default character set utf8mb4 collate utf8mb4_unicode_ci;
Helm 3 部署 nanoserver
相关部署文件在:k8s/mnanoserverysql
准备 nanoserver 的 configMap,让集群统一管理 Server 配置文件。
apiVersion: v1 kind: ConfigMap metadata: name: nanoserver-config labels: app: nanoserver data: config.toml: |- [core] # enable debug mode debug = true heartbeat = 30 consume = "4/2,8/3,16/4" #房卡消耗, 使用逗号隔开, 局数/房卡数, 例如4局消耗1张, 8局消耗1张, 16局消耗2张, 则为: 4/1,8/1,16/2 #WEB服务器设置 [webserver] addr = "0.0.0.0:12307" #监听地址 enable_ssl = false #是否使用https, 如果为true, 则必须配置cert和key的路径 static_dir = "web/static" #证书设置 [webserver.certificates] cert = "configs/****.crt" #证书路径 key = "configs/****.key" #Key路径 [game-server] host = "nanoserver.your-domain.com" port = 30251 # Redis server config [redis] host = "127.0.0.1" port = 6357 # Mysql server config [database] host = "nanoserver-mysql" port = 3306 dbname = "scmj" password = "hacker12345" username = "root" args = "charset=utf8mb4" buf_size = 10 max_idle_conns = 20 max_open_conns = 15 show_sql = true # 微信 [wechat] appid = "YOUR_WX_APPID" appsecret = "YOUR_APP_SECRET" callback_url = "YOUR_CALLBACK" mer_id = "YOUR_MER_ID" unify_order_url = "https://api.mch.weixin.qq.com/pay/unifiedorder" #Token设置 [token] expires = 21600 #token过期时间 #白名单设置 [whitelist] ip = ["10.10.*", "127.0.0.1", ".*"] #白名单地址, 支持golang正则表达式语法 #分享信息 [share] title = "血战到底" desc = "纯正四川玩法,快捷便利的掌上血战,轻松组局,随时随地尽情游戏" #更新设置 [update] force = true #是否强制更新 version = "1.9.3" android = "https://fir.im/tand" ios = "https://fir.im/tios" #联系设置 [contact] daili1 = "kefuweixin01" daili2 = "kefuweixin01" kefu1 = "kefuweixin01" #语音账号http://gcloud.qq.com/product/6 [voice] appid = "xxx" appkey = "xxx" #广播消息 [broadcast] message = ["系统消息:健康游戏,禁止赌博", "欢迎进入游戏"] #登陆相关 [login] guest = true lists = ["test", "konglai"]
关于 ingressroute-tcp.yaml,因为 nanoserver 本身会启动两个服务器 web 和 game:
apiVersion: traefik.containo.us/v1alpha1 kind: IngressRouteTCP metadata: name: nanoserver-game-route spec: entryPoints: - nanoserver-gm # 需要在 traefik 的部署配置中设置 routes: - match: HostSNI(`*`) kind: Rule services: - name: nanoserver port: 30251
ingressroute-tcp.yaml 是 game 对外的入口,因为我用的是 traefik,所以需要它。
Drone CI/CD 配置
.drone.yml
kind: pipeline type: kubernetes name: NanoServer steps: - name: 更新 Chart.yaml appVersion image: busybox commands: - echo $DRONE_COMMIT - '[ -n "$DRONE_COMMIT" ] && ( sed -i "s/APP_VERSION/${DRONE_COMMIT}/g" k8s/nanoserver/nanoserver/Chart.yaml; )' - cat k8s/nanoserver/nanoserver/Chart.yaml - name: 构建 Docker Image image: plugins/docker settings: debug: true dockerfile: Dockerfile.prod repo: hub.your-domain.com/library/nanoserver tags: ${DRONE_COMMIT} registry: hub.your-domain.com username: from_secret: docker_user password: from_secret: docker_pass - name: 上云(HelmV3) -> K8S Cluster image: pelotech/drone-helm3 settings: helm_command: upgrade chart: ./k8s/nanoserver/nanoserver release: nanoserver vaules_yaml: ./k8s/nanoserver/values.yaml namespace: nano api_server: from_secret: api_server kubernetes_token: from_secret: k8s_token skip_tls_verify: true trigger: branch: - master
关于 api_server 与 k8s_token,玩过 kubernetes 的童鞋应该都知道,我就不赘述了。
