是否可以在不实际部署映像的情况下在 GCE 上配置容器优化的 OS VM?

2022-07-02 18:00:29 other 阅读:508
本文介绍了是否可以在不实际部署映像的情况下在 GCE 上配置容器优化的 OS VM?的处理方法,对大家解决问题具有一定的参考价值

问题描述

我想构建一个 CI 管道,其中基础设施阶段使用 Terraform 在 Google Compute Engine 上提供容器优化的操作系统实例将 Docker 化的应用程序上传到 Artifact Registry 并首次部署之前.

I want to build a CI pipeline where the infrastructure stage provisions with Terraform a container-optimised operating system instance on Google Compute Engine before the Dockerized application is uploaded to Artifact Registry and deployed for the first time.

我的 Terraform 配置:

My Terraform config:

data "google_compute_image" "cos" {
  family  = "cos-stable"
  project = "cos-cloud"
}

resource "google_compute_instance" "container_optimized_os_vm" {
  name                      = "container-optimized-os-vm"
  machine_type              = "f1-micro"
  allow_stopping_for_update = true

  network_interface {
    network = "default"
  }

  boot_disk {
    initialize_params {
      image = data.google_compute_image.cos.self_link
    }
  }

  metadata = {
    google-logging-enabled = "true"
    gce-container-declaration =<<EOT
spec:
  containers:
    - image: image-repository/image-name:latest
      name: containervm
      securityContext:
        privileged: false
      stdin: false
      tty: false
      volumeMounts: []
      restartPolicy: Always
      volumes: []
EOT
  }
}

我从 Artifact Registry 部署最新版本映像的命令:

My command to deploy the latest version of my image from Artifact Registry:

gcloud compute instances update-container container-optimized-os-vm 
            --zone europe-west2-b 
            --container-image "europe-west2-docker.pkg.dev/my-project-id/my-image-repository-name/my-image-name:latest"

当我省略 gce-container-declaration 元数据时,我收到以下错误:

When I omit the gce-container-declaration metadata, I get the following error:

ERROR: (gcloud.compute.instances.update-container) Instance doesn't have gce-container-declaration metadata key - it is not a container.

我希望能够在 gce-container-declaration 中不指定图像的情况下配置实例——这可能吗?我担心的是,当检测到基础架构更改时,将部署 gce-container-declaration 中的图像而不是我的应用程序的图像.

I want to be able to provision the instance without specifying an image in gce-container-declaration—is this possible? My worry is that when infrastructure changes are detected, the image in gce-container-declaration will be deployed instead of my application's image.

推荐答案

需要说明的是,容器优化操作系统用于运行 Docker 容器,这意味着您的 VM 实例被创建为 Docker 容器,您的容器化应用程序将如以下文档 [1] 所述,在其上运行.

Just to be clear, the container optimized OS is used for running Docker containers, it means that your VM instance is created as a Docker container and your containerized application will run on top of it, as stated in the following documentation [1].

现在,gce-container-declaration 参数是容器的清单,您可以在其中指定容器化应用程序(包括图像)所需的所有参数.

Now, the gce-container-declaration argument is the manifest of your container, and in which you can specify all the arguments you want for your containerized application (including the image).

运行命令 gcloud compute instances update-container 并将您的应用程序映像路径作为 --container-image 标志只会更改从 image-repository/image-name 部署的原始容器映像:latesteurope-west2-docker.pkg.dev/my-project-id/my-image-repository-name/my-image-name:latest,和你一样首先指定:

Running the command gcloud compute instances update-container with your application image path as the --container-image flag only changes the original container image deployed from image-repository/image-name:latest to europe-west2-docker.pkg.dev/my-project-id/my-image-repository-name/my-image-name:latest, same that you could have specified in the first place:

 metadata = {
    google-logging-enabled = "true"
    gce-container-declaration =<<EOT
spec:
  containers:
    - image: europe-west2-docker.pkg.dev/my-project-id/my-image-repository-name/my-image-name:latest
      name: containervm
      securityContext:
        privileged: false
      stdin: false
      tty: false
      volumeMounts: []
      restartPolicy: Always
      volumes: []
EOT
  }

您遇到的错误是因为一旦您取出 gce-container-declaration 标志,VM 实例就不再作为容器创建,而只是一个普通的 VM;因此错误.

The error you are getting is because once you take out the gce-container-declaration flag the VM instance is no longer created as a container but just a normal VM; hence the error.

当两者都可以并行完成时,我不明白为什么要创建 VM 实例以便稍后部署应用程序,实际上提供的 terraform 代码就是这样工作的.

I do not see why you want to create the VM instance to later deploy your application when both can be done in parallel, and actually the terraform code provided works that way.

[1] https://cloud.google.com/container-optimized-os/docs/concepts/features-and-benefits

这篇关于是否可以在不实际部署映像的情况下在 GCE 上配置容器优化的 OS VM?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,WP2

admin_action_{$_REQUEST[‘action’]}

do_action( "admin_action_{$_REQUEST[‘action’]}" )动作钩子::在发送“Action”请求变量时激发。Action Hook: Fires when an ‘action’ request variable is sent.目录锚点:#说明#源码说明(Description)钩子名称的动态部分$_REQUEST['action']引用从GET或POST请求派生的操作。源码(Source)更新版本源码位置使用被使用2.6.0 wp-admin/admin.php:...

日期:2020-09-02 17:44:16 浏览:1169

admin_footer-{$GLOBALS[‘hook_suffix’]}

do_action( "admin_footer-{$GLOBALS[‘hook_suffix’]}", string $hook_suffix )操作挂钩:在默认页脚脚本之后打印脚本或数据。Action Hook: Print scripts or data after the default footer scripts.目录锚点:#说明#参数#源码说明(Description)钩子名的动态部分,$GLOBALS['hook_suffix']引用当前页的全局钩子后缀。参数(Parameters)参数类...

日期:2020-09-02 17:44:20 浏览:1070

customize_save_{$this->id_data[‘base’]}

do_action( "customize_save_{$this-&gt;id_data[‘base’]}", WP_Customize_Setting $this )动作钩子::在调用WP_Customize_Setting::save()方法时激发。Action Hook: Fires when the WP_Customize_Setting::save() method is called.目录锚点:#说明#参数#源码说明(Description)钩子名称的动态部分,$this->id_data...

日期:2020-08-15 15:47:24 浏览:806

customize_value_{$this->id_data[‘base’]}

apply_filters( "customize_value_{$this-&gt;id_data[‘base’]}", mixed $default )过滤器::过滤未作为主题模式或选项处理的自定义设置值。Filter Hook: Filter a Customize setting value not handled as a theme_mod or option.目录锚点:#说明#参数#源码说明(Description)钩子名称的动态部分,$this->id_date['base'],指的是设置...

日期:2020-08-15 15:47:24 浏览:898

get_comment_author_url

过滤钩子:过滤评论作者的URL。Filter Hook: Filters the comment author’s URL.目录锚点:#源码源码(Source)更新版本源码位置使用被使用 wp-includes/comment-template.php:32610...

日期:2020-08-10 23:06:14 浏览:930

network_admin_edit_{$_GET[‘action’]}

do_action( "network_admin_edit_{$_GET[‘action’]}" )操作挂钩:启动请求的处理程序操作。Action Hook: Fires the requested handler action.目录锚点:#说明#源码说明(Description)钩子名称的动态部分$u GET['action']引用请求的操作的名称。源码(Source)更新版本源码位置使用被使用3.1.0 wp-admin/network/edit.php:3600...

日期:2020-08-02 09:56:09 浏览:877

network_sites_updated_message_{$_GET[‘updated’]}

apply_filters( "network_sites_updated_message_{$_GET[‘updated’]}", string $msg )筛选器挂钩:在网络管理中筛选特定的非默认站点更新消息。Filter Hook: Filters a specific, non-default site-updated message in the Network admin.目录锚点:#说明#参数#源码说明(Description)钩子名称的动态部分$_GET['updated']引用了非默认的...

日期:2020-08-02 09:56:03 浏览:864

pre_wp_is_site_initialized

过滤器::过滤在访问数据库之前是否初始化站点的检查。Filter Hook: Filters the check for whether a site is initialized before the database is accessed.目录锚点:#源码源码(Source)更新版本源码位置使用被使用 wp-includes/ms-site.php:93910...

日期:2020-07-29 10:15:38 浏览:833

WordPress 的SEO 教学:如何在网站中加入关键字(Meta Keywords)与Meta 描述(Meta Description)?

你想在WordPress 中添加关键字和meta 描述吗?关键字和meta 描述使你能够提高网站的SEO。在本文中,我们将向你展示如何在WordPress 中正确添加关键字和meta 描述。为什么要在WordPress 中添加关键字和Meta 描述?关键字和说明让搜寻引擎更了解您的帖子和页面的内容。关键词是人们寻找您发布的内容时,可能会搜索的重要词语或片语。而Meta Description则是对你的页面和文章的简要描述。如果你想要了解更多关于中继标签的资讯,可以参考Google的说明。Meta 关键字和描...

日期:2020-10-03 21:18:25 浏览:1726

谷歌的SEO是什么

SEO (Search Engine Optimization)中文是搜寻引擎最佳化,意思近于「关键字自然排序」、「网站排名优化」。简言之,SEO是以搜索引擎(如Google、Bing)为曝光媒体的行销手法。例如搜寻「wordpress教学」,会看到本站的「WordPress教学:12个课程…」排行Google第一:关键字:wordpress教学、wordpress课程…若搜寻「网站架设」,则会看到另一个网页排名第1:关键字:网站架设、架站…以上两个网页,每月从搜寻引擎导入自然流量,达2万4千:每月「有机搜...

日期:2020-10-30 17:23:57 浏览:1308