OpenShift nagartacce (aikin sama - Kubernetes: KubeVirt, duba. и ), nee Container-native Virtualization, an gabatar da shi azaman ayyuka na dandalin OpenShift, wanda aka tsara don turawa da sarrafa injina (VMs) azaman ainihin abubuwan Kubernetes. Irin wannan aikin yana da ƙalubale a fasaha saboda bambance-bambancen asali na fasaha. Domin cimma wannan buri, mun yi amfani da fasahohin da aka saba da su bisa Linux Red Hat Enterprise Linux da KVM, wadanda suka kasance tare da mu shekaru da yawa kuma sun tabbatar da ingancin su.
A cikin wannan labarin, za mu kalli fasahohin fasaha na OpenShift wanda ke ba da damar VMs da kwantena su zauna tare a cikin dandamali guda ɗaya wanda ke sarrafa su azaman mahaɗan guda ɗaya.
Ayyukan lissafi
Kwantena suna amfani da hanyoyin kernel na Linux kamar wuraren suna da ƙungiyoyi don keɓe matakai da sarrafa albarkatu. Yawancin lokaci ana fahimtar matakai azaman Python, aikace-aikacen Java ko fayilolin aiwatarwa, amma a zahiri suna iya zama kowane tsari, kamar bash, Emacs ko vim.
Menene injin kama-da-wane? Daga ra'ayi na hypervisor, wannan kuma tsari ne. Amma ba tsarin aikace-aikacen ba, amma tsarin KVM da ke da alhakin aiwatar da takamaiman VM.
Hoton kwandon ya ƙunshi duk kayan aiki, dakunan karatu da fayilolin da ake buƙata don na'urar kama-da-wane ta KVM. Idan muka bincika kwas ɗin VM mai aiki, za mu ga akwai mataimaka da matakan qemu-kvm. Bugu da ƙari, muna da damar yin amfani da kayan aikin KVM don sarrafa injunan kama-da-wane kamar qemu-img, qemu-nbd da virsh.
Tunda na'ura mai kama-da-wane kwafsa ce, ta kan gaji dukkan ayyukan kwafsa a Kubernetes ta atomatik. VM pods, kamar kwafsa na yau da kullun, suna ƙarƙashin tsare-tsaren tsarawa da sharuɗɗa kamar taints, juriya, alaƙa da ƙiyayya. Hakanan kuna samun fa'idodin babban samuwa, da sauransu. Koyaya, akwai bambanci mai mahimmanci guda ɗaya: kwasfa na yau da kullun ba sa ƙaura daga mai masaukin baki zuwa masaukin baki a ma'anar da aka saba. Idan kumburi ya tafi layi, za a ƙare kwas ɗin da ke kan shi kuma a sake sanya shi zuwa wani kumburi a cikin gungu. Kuma game da na'ura mai mahimmanci, muna sa ran ganin ƙaura kai tsaye.
Don magance wannan gibin, an ƙirƙiri ma'anar albarkatu ta al'ada (CDR) don bayyana tsarin ƙaura mai rai wanda ke da alhakin farawa, saka idanu, da sarrafa ƙaura na VMs tsakanin nodes na ma'aikata.
apiVersion: kubevirt.io/v1alpha3
kind: VirtualMachineInstanceMigration
metadata:
name: migration-job
spec:
vmiName: fedora
Lokacin da aka kashe kumburi, ana ƙirƙira ayyukan ƙaura ta atomatik don waɗannan injunan kama-da-wane waɗanda aka saita ƙaura ta Live azaman dabarun korar su. Ta wannan hanyar zaku iya sarrafa halayen injunan kama-da-wane lokacin motsi tsakanin nodes ɗin tari. Kuna iya daidaita ƙaura ta Live da sarrafa VM, kamar duk sauran kwasfan fayiloli.
Network
Duk wani tsarin Kubernetes yana ba da sadarwa tsakanin nodes da pods ta amfani da cibiyoyin sadarwar SDN na software. OpenShift ba banda bane kuma, farawa daga sigar 3, yana amfani da OpenShiftSDN ta tsohuwa don wannan. Bugu da kari, OpenShift 4 yana da wani sabon fasali mai suna Multus, wanda ke ba ka damar samar da hanyoyin sadarwa da yawa da haɗa kwas ɗin zuwa gare su lokaci guda.
Amfani da Multus, mai gudanarwa na iya ayyana ƙarin cibiyoyin sadarwa na CNI, waɗanda za a tura su kuma saita su akan gungu ta Ma'aikacin Cluster Network na musamman. Sannan ana haɗa kwas ɗin zuwa ɗaya ko fiye na waɗannan cibiyoyin sadarwa, yawanci daidaitaccen OpenShiftSDN da ƙarin keɓancewar sadarwa. Na'urorin SR-IOV, daidaitaccen gadar Linux, MACVLAN da na'urorin IPVLAN duk ana iya amfani da su idan VM ɗin ku yana buƙatar sa. Hoton da ke ƙasa yana nuna yadda ake saita Multus CNI don hanyar sadarwar gada akan ƙirar eth1:
apiVersion: operator.openshift.io/v1
kind: Network
metadata:
name: cluster
spec:
additionalNetworks:
- name: multus1
rawCNIConfig: '{ "cniVersion": "0.3.1", "type": "bridge", "master": "eth1", "ipam":
{ "type": "static", "addresses": [ { "address": "191.168.1.1/24" } ] } }'
type: Raw
Dangane da haɓakawa na OpenShift, wannan yana nufin cewa ana iya haɗa VM zuwa cibiyar sadarwar waje kai tsaye, ta ƙetare SDN. Wannan yana da mahimmanci ga injunan kama-da-wane da aka yi ƙaura zuwa OpenShift daga Red Hat Virtualization ko VMware vSphere, tunda idan kuna da damar zuwa Layer OSI na biyu, ba za a sami canji a saitunan cibiyar sadarwa ba. Wannan kuma yana nufin cewa VM na iya samun adireshin cibiyar sadarwa wanda ke ƙetare SDN. Don haka, zamu iya amfani da adaftan cibiyar sadarwa na musamman, ko haɗa kai tsaye zuwa tsarin ajiya akan hanyar sadarwar.
Kuna iya ƙarin koyo game da yadda ake ƙirƙira da haɗa injunan kama-da-wane na OpenShift zuwa cibiyar sadarwa ... Bayan haka, , wanda aka tura a matsayin wani ɓangare na haɓakawa na OpenShift, yana ba da wata hanyar da aka sani don ƙirƙira da sarrafa saitunan cibiyar sadarwa akan nodes na jiki waɗanda ake amfani da su a ƙarƙashin hypervisors.
Storage
Haɗawa da sarrafa fayafai na inji mai kama-da-wane a cikin buɗewar OpenShift ana yin ta ta amfani da ra'ayoyin Kubernetes kamar StorageClasses, PersistentVolumeClaims (PVC) da PersistentVolume (PV), da madaidaitan ka'idojin ajiya don yanayin Kubernetes. Wannan yana ba masu kula da Kubernetes da ƙungiyoyin aikace-aikacen wata hanya ta gama gari, sananne don sarrafa duka kwantena da injina. Kuma ga yawancin masu gudanar da mahallin haɓakawa, wannan ra'ayi na iya zama sananne saboda yana amfani da ƙa'ida ɗaya ta raba fayilolin sanyi da fayafai waɗanda ake amfani da su a cikin OpenStack da sauran dandamalin girgije.
Koyaya, ba za mu iya ƙirƙirar sabon faifai kawai don VM kowane lokaci ba, tunda lokacin ƙaura daga hypervisor zuwa OpenShift, muna buƙatar adana bayanan. Ee, ko da lokacin da muka tura sabon VM, koyaushe yana da sauri don yin shi daga samfuri fiye da ƙirƙirar shi daga karce. Don haka, muna buƙatar aiki don shigo da faifai da ke akwai.
Don sauƙaƙe wannan ɗawainiyar, OpenShift virtualization yana ƙaddamar da aikin Mai shigo da bayanai na Containerized (CDI), wanda ke rage shigo da hotunan faifai na diski daga maɓuɓɓuka da yawa don ƙirƙirar shigarwar PVC.
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: "fedora-disk0"
labels:
app: containerized-data-importer
annotations:
cdi.kubevirt.io/storage.import.endpoint: "http://10.0.0.1/images/Fedora-Cloud-Base-31-1.9.x86_64.qcow2"
spec:
storageClassName: ocs-gold
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 20Gi
Wannan shigarwar ce ke kunna CDI, yana haifar da jerin ayyukan da aka nuna a cikin hoton da ke ƙasa:
Bayan an gama CDI, PVC ɗin za ta ƙunshi faifan injin kama-da-wane da aka shirya don amfani kuma an canza shi zuwa daidaitaccen tsarin OpenShift…
Lokacin aiki tare da haɓakawa na OpenShift, OpenShift Container Storage (OCS), wani bayani na Red Hat dangane da tsarin fayil na Ceph wanda ke aiwatar da ayyukan ajiya na dindindin don kwantena, shima yana da amfani. Baya ga daidaitattun hanyoyin samun damar PVC - RWO (block) da RWX (fayil) - OCS yana ba da RWX don na'urorin toshe albarkatun ƙasa, wanda ke da matukar amfani don raba damar toshe don aikace-aikace tare da buƙatun babban aiki. Bugu da kari, OCS tana goyan bayan sabon ma'aunin da'awar Bucket Bucket, wanda ke ba da damar aikace-aikacen yin amfani da ma'ajin bayanan abu kai tsaye.
Injin na zahiri a cikin kwantena
Idan kuna sha'awar duba yadda yake aiki, to ku sani cewa OpenShift an riga an sami ingantaccen aikin gani a cikin sigar Preview Tech azaman ɓangare na OpenShift 3.11 da sama. Masu mallakar rajista na OpenShift na yanzu na iya amfani da tsarin aikin OpenShift gaba ɗaya kyauta kuma ba tare da ƙarin matakai ba. A lokacin wannan sakon, OpenShift 4.4 da OpenShift virtualization 2.3 suna halin yanzu; idan kuna amfani da nau'ikan da suka gabata, yakamata ku haɓaka don samun sabbin abubuwa. Yakamata a fitar da cikakkiyar sigar ingantaccen tsarin OpenShift a cikin rabin na biyu na 2020.
Don ƙarin bayani, da fatan za a duba don umarnin shigarwa, gami da , wanda ke ba da bayanai game da kafa cibiyoyin sadarwa na waje.
source: www.habr.com