方案思路:
先在docker 容器级别将所需改动完成,然后commit该容器为一个新的镜像到仓库,最后在k8s ds中启用该镜像。
操作流程:
一、定位到apigateway后台docker容器,并进入
[root@hdp1 shanghaibank-hotfix]# docker ps |grep apigateway
923002acb833 63f4ed014d9b "/bin/bash /app/run.…" 35 minutes ago Up 35 minutes k8s_apigateway_apigateway-apigateway-6cchs_prophet_9f25400e-6f15-11ea-96d1-5254006a7ba9_0
21788cfe28e6 172.27.133.80:35000/gcr.io/google-containers/pause-amd64:3.1 "/pause" 35 minutes ago Up 35 minutes k8s_POD_apigateway-apigateway-6cchs_prophet_9f25400e-6f15-11ea-96d1-5254006a7ba9_0
[root@hdp1 shanghaibank-hotfix]# docker exec -it 923002acb833 bash
[root@hdp1 app]# vim listenPaths.conf.template
进行必要的修改。此处是修改apigateway配置文件,文件最后添加的内容
location ^~ /telamon/v1/tables/export/list {
return 200;
}
location ~ /telamon/v1/.*/download {
default_type application/json;
add_header Content-Type 'text/html; charset=utf-8';
return 403 '{"message":"download is forbidden!"}';
}
location ~ /telamon/v1/.*/export {
return 403;
}
二、docker内部操作完成,保存该容器为一个镜像(注意这时还是一个本地镜像)。然后将镜像tag并push到仓库:
[root@hdp1 shanghaibank-hotfix]# docker commit -m 'shanghaibank-guhua-test' -a 'yinyanlu' 923002acb833 apigateway4shanghaiyinhang
sha256:f407add81dcfb25497d566635c493438303d884291e3a7ca63bcb6690d541dfc
[root@hdp1 shanghaibank-hotfix]# docker tag apigateway4shanghaiyinhang 172.27.133.80:35000/env/release/3.6.0/prophet/app/apigateway.tar:shanghaiyinhang
[root@hdp1 shanghaibank-hotfix]# docker push 172.27.133.80:35000/env/release/3.6.0/prophet/app/apigateway.tar:shanghaiyinhang
三、k8s启用该镜像。这里apigateway是ds应用,进入ds进行修改:
[root@hdp3 ~]# k get ds -n prophet --show-labels=true
NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE LABELS
apigateway-apigateway 3 3 3 3 3 prophet.4paradigm.com/system=true 10d app=deploy-apigateway
nameserver 2 2 2 2 2 prophet.4paradigm.com/rtidb-nameserver=true 10d rtidb=nameserver
tablet 2 2 2 2 2 prophet.4paradigm.com/rtidb-tablet=true 10d rtidb=tablet
[root@hdp3 ~]# k edit ds apigateway-apigateway -n prophet
保存退出,观察新pod是否拉起、是否内容文件符合预期、是否网页屏蔽了下载和导出按钮。
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
