Na rubuta kwanan nan
Abin da ke tattare da tambayar shi ne: sau ɗaya a wani lokaci akwai aiki guda ɗaya, da farko wani ƙaramin monolith ne tare da kayan aiki da rubutu, amma bayan lokaci ya girma, ya kasu kashi a cikin sabis, wanda hakan ya fara rarraba zuwa microservices, kuma sa'an nan aka haɓaka. Da farko, duk wannan an yi shi ne akan VPS mara amfani, hanyoyin kafawa da ƙaddamar da code akan waɗanda aka sarrafa ta atomatik ta amfani da Mai yiwuwa, kuma an haɗa kowane sabis tare da tsarin YAML tare da saitunan da maɓallan da suka wajaba, kuma an yi amfani da fayil ɗin daidaitawa iri ɗaya. ƙaddamar da gida, wanda ya dace sosai, saboda .k an ɗora wannan tsarin a cikin wani abu na duniya, wanda zai iya samuwa daga ko'ina cikin aikin.
Koyaya, haɓakar adadin microservices, haɗin su, da
Dangane da wannan, an canza tsarin aikin ginin abu don samun damar yin aiki tare da babban fayil ɗin daidaitawar mu da kuma sirrin Kuber. An kuma ƙayyadadden tsari mai tsauri, a cikin yaren Python na uku, kamar haka:
Dict[str, Dict[str, Union[str, int, float]]]
Wato, cogfig na ƙarshe ƙamus ne tare da sassa masu suna, kowannensu ƙamus ne mai ƙima daga nau'ikan sauƙi. Kuma sassan suna bayyana tsari da samun dama ga albarkatun wani nau'i. Misalin yanki na tsarin mu:
adminka:
django_secret: "ExtraLongAndHardCode"
db_main:
engine: mysql
host: 256.128.64.32
user: cool_user
password: "SuperHardPassword"
redis:
host: 256.128.64.32
pw: "SuperHardPassword"
port: 26379
smtp:
server: smtp.gmail.com
port: 465
email: [email protected]
pw: "SuperHardPassword"
A lokaci guda, filin engine
Za a iya shigar da bayanan bayanai akan SQLite, kuma redis
saita zuwa mock
, Ƙayyade kuma sunan fayil ɗin don adanawa - waɗannan sigogi ana gane su daidai kuma ana sarrafa su, wanda ke sauƙaƙa gudanar da lambar a cikin gida don yin kuskure, gwajin naúrar da kowane buƙatu. Wannan yana da mahimmanci a gare mu saboda akwai wasu buƙatu da yawa - ɓangaren code ɗinmu an yi shi ne don ƙididdige ƙididdiga daban-daban, yana gudana ba kawai akan sabar tare da ƙungiyar kade-kade ba, har ma da rubutun daban-daban, da kwamfutocin manazarta waɗanda ke buƙatar yin aiki ta hanyar. da kuma gyara rikitattun bututun sarrafa bayanai ba tare da damuwa da matsalolin baya ba. Af, ba zai yi zafi ba don raba cewa manyan kayan aikin mu, gami da lambar shimfidar wuri, an shigar ta ta setup.py
- tare wannan yana haɗa lambar mu zuwa tsarin muhalli guda ɗaya, mai zaman kansa daga dandamali da hanyar amfani.
Bayanin kwafsa na Kubernetes yayi kama da haka:
containers:
- name : enter-api
image: enter-api:latest
ports:
- containerPort: 80
volumeMounts:
- name: db-main-secret-volume
mountPath: /etc/secrets/db-main
volumes:
- name: db-main-secret-volume
secret:
secretName: db-main-secret
Wato kowane sirri yana siffanta sashe ɗaya. Su kansu asirin an halicce su kamar haka:
apiVersion: v1
kind: Secret
metadata:
name: db-main-secret
type: Opaque
stringData:
db_main.yaml: |
engine: sqlite
filename: main.sqlite3
Tare wannan yana haifar da ƙirƙirar fayilolin YAML akan hanya /etc/secrets/db-main/section_name.yaml
Kuma don ƙaddamar da gida, ana amfani da saitin, wanda ke cikin tushen tsarin aikin ko kuma tare da hanyar da aka ƙayyade a cikin yanayin yanayi. Ana iya ganin lambar da ke da alhakin waɗannan abubuwan jin daɗi a cikin mai ɓarna.
config.py
__author__ = 'AivanF'
__copyright__ = 'Copyright 2020, AivanF'
import os
import yaml
__all__ = ['config']
PROJECT_DIR = os.path.abspath(__file__ + 3 * '/..')
SECRETS_DIR = '/etc/secrets'
KEY_LOG = '_config_log'
KEY_DBG = 'debug'
def is_yes(value):
if isinstance(value, str):
value = value.lower()
if value in ('1', 'on', 'yes', 'true'):
return True
else:
if value in (1, True):
return True
return False
def update_config_part(config, key, data):
if key not in config:
config[key] = data
else:
config[key].update(data)
def parse_big_config(config, filename):
'''
Parse YAML config with multiple section
'''
if not os.path.isfile(filename):
return False
with open(filename) as f:
config_new = yaml.safe_load(f.read())
for key, data in config_new.items():
update_config_part(config, key, data)
config[KEY_LOG].append(filename)
return True
def parse_tiny_config(config, key, filename):
'''
Parse YAML config with a single section
'''
with open(filename) as f:
config_tiny = yaml.safe_load(f.read())
update_config_part(config, key, config_tiny)
config[KEY_LOG].append(filename)
def combine_config():
config = {
# To debug config load code
KEY_LOG: [],
# To debug other code
KEY_DBG: is_yes(os.environ.get('DEBUG')),
}
# For simple local runs
CONFIG_SIMPLE = os.path.join(PROJECT_DIR, 'config.yaml')
parse_big_config(config, CONFIG_SIMPLE)
# For container's tests
CONFIG_ENVVAR = os.environ.get('CONFIG')
if CONFIG_ENVVAR is not None:
if not parse_big_config(config, CONFIG_ENVVAR):
raise ValueError(
f'No config file from EnvVar:n'
f'{CONFIG_ENVVAR}'
)
# For K8s secrets
for path, dirs, files in os.walk(SECRETS_DIR):
depth = path[len(SECRETS_DIR):].count(os.sep)
if depth > 1:
continue
for file in files:
if file.endswith('.yaml'):
filename = os.path.join(path, file)
key = file.rsplit('.', 1)[0]
parse_tiny_config(config, key, filename)
return config
def build_config():
config = combine_config()
# Preprocess
for key, data in config.items():
if key.startswith('db_'):
if data['engine'] == 'sqlite':
data['filename'] = os.path.join(PROJECT_DIR, data['filename'])
# To verify correctness
if config[KEY_DBG]:
print(f'** Loaded config:n{yaml.dump(config)}')
else:
print(f'** Loaded config from: {config[KEY_LOG]}')
return config
config = build_config()
Ma'anar a nan abu ne mai sauƙi: muna haɗa manyan saiti daga kundin tsarin aiki da hanyoyi ta hanyar canjin yanayi, da ƙananan sassan saiti daga sirrin Kuber, sannan mu tsara su kaɗan. Da wasu masu canji. Na lura cewa lokacin neman fayiloli daga asirce, ana amfani da ƙayyadaddun ƙayyadaddun ƙayyadaddun bayanai, saboda K8s suna ƙirƙirar babban fayil ɗin ɓoye a cikin kowane sirri inda asirin kansu ke adanawa, kuma kawai hanyar haɗi yana samuwa a matakin mafi girma.
Ina fatan abin da aka bayyana zai zama da amfani ga wani :) Duk wani sharhi da shawarwari game da tsaro ko wasu wurare don inganta ana karɓa. Har ila yau, ra'ayin jama'a yana da ban sha'awa, watakila yana da daraja ƙara goyon baya ga ConfigMaps (aikin mu bai yi amfani da su ba tukuna) da buga lambar akan GitHub / PyPI? Da kaina, ina tsammanin cewa irin waɗannan abubuwa sun kasance daidai da mutum don ayyukan su zama na duniya, da kuma ɗan leƙen ayyukan wasu mutane, kamar wanda aka ba a nan, da tattaunawa game da nuances, tukwici da ayyuka mafi kyau, wanda nake fatan gani a cikin sharhi. , ya isa 😉
Masu amfani da rajista kawai za su iya shiga cikin binciken.
Shin zan iya bugawa azaman aikin / ɗakin karatu?
-
0,0%Ee, zan yi amfani da gudummawar / gudummawa0
-
33,3%Ee, wannan yana da kyau4
-
41,7%A'a, wa ya kamata su yi da kansu a cikin nasu tsarin da kuma dacewa da bukatunsu5
-
25,0%Zan dena amsawa3
12 masu amfani sun kada kuri'a. Masu amfani 3 sun kaurace.
source: www.habr.com