Kubernetes 1.17: ka ʻike o nā mea hou nui

I nehinei, Dekemaba 9, ua hanaia Hoʻokuʻu hou aku o Kubernetes - 1.17. Wahi a ka moʻomeheu i kūkulu ʻia no kā mākou blog, ke kamaʻilio nei mākou e pili ana i nā loli nui loa i ka mana hou.

ʻO ka ʻike i hoʻohana ʻia no ka hoʻomākaukau ʻana i kēia mea i lawe ʻia mai ka hoʻolaha kūhelu, Hoʻonui nā Kubernetes i nā papa hoʻopili, CHANGELOG-1.17 a me nā pilikia pili, nā noi huki, a me nā Kubernetes Enhancement Proposals (KEP). No laila, he aha ka mea hou?..

ʻO ke alahele ʻike topology

Ua kali ka poʻe Kubernetes i kēia hiʻohiʻona no ka manawa lōʻihi - Topology-aware service routing. ^ E Ha yM. Inā KAPA hoʻomaka ia ma ʻOkakopa 2018, a me ka luna holomua - 2 makahiki aku nei, nā pilikia maʻamau (like ia) - a he mau makahiki hou aku ...

ʻO ka manaʻo maʻamau ka hāʻawi ʻana i ka hiki ke hoʻokō i ke ala "local" no nā lawelawe e noho ana ma Kubernetes. ʻO ka "kūlana" ma kēia hihia ʻo ia ka "pae topological like" (ka pae topology), ʻo ia paha:

• node like no nā lawelawe,
• ʻo ka pahu kikowaena like,
• ka aina hookahi
• ka mea hoʻolako kapua hoʻokahi,
• ...

Nā laʻana o ka hoʻohana ʻana i kēia hiʻohiʻona:

• ka mālama ʻana i ke kaʻa i nā hoʻonohonoho ʻana i ke ao me nā ʻāpana loaʻa he nui (multi-AZ) - ʻike. kiʻi hou e hoʻohana ana i ka laʻana o ke kaʻa mai ka ʻāina like, akā nā AZ ʻokoʻa ma AWS;
• haʻahaʻa haʻahaʻa haʻahaʻa haʻahaʻa / ʻoi aku ka maikaʻi;
• kahi lawelawe sharded i loaʻa ka ʻike kūloko e pili ana i ka node i kēlā me kēia shard;
• ke kau ʻana o ka fluentd (a i ʻole nā ​​analogues) ma ka node like me nā noi i hōʻiliʻili ʻia nā lāʻau;
• ...

ʻO kēlā ala ala, ka mea "ʻike" e pili ana i ka topology, ua kapa ʻia ʻo ia ka pili pūnaewele - ma ka hoʻohālikelike me pili puʻupuʻu, pili pili/kue-affinity a i ʻole i ʻike ʻia aole i loihi aku nei Topology-Aware Volume Scheduling (a Hoʻolako Volume). pae hoʻokō o kēia manawa ServiceTopology i Kubernetes - alpha version.

No nā kikoʻī e pili ana i ka hana ʻana o ka hiʻohiʻona a pehea ʻoe e hoʻohana ai iā ia, heluhelu kēiaʻatikala mai kekahi o na mea kakau.

IPv4/IPv6 kākoʻo pūʻulu pālua

Ka holomua nui paa ma kahi hiʻohiʻona pūnaewele ʻē aʻe: kākoʻo like ʻole no ʻelua mau waihona IP, i hoʻokomo mua ʻia i loko K8s 1.16. ʻO ka mea kūikawā, ua lawe mai ka hoʻokuʻu hou i nā loli aʻe:

• ma kube-proxy hoʻokō ʻia hiki i ka hana like ma nā ʻano ʻelua (IPv4 a me IPv6);
• в Pod.Status.PodIPs puka mai kākoʻo no ka API i lalo (i ka manawa like me /etc/hosts i kēia manawa koi lākou i ka mea hoʻokipa e hoʻohui i kahi helu IPv6);
• kākoʻo pūʻulu pālua KIKAI (Kubernetes IN Docker) a kubeadm;
• nā hoʻokolohua e2e hou.

Kii me ka hoʻohana ʻana i ka pālua IPV4/IPv6 ma KIND

Holomua ma CSI

Hōʻike paʻa kākoʻo topology no ka mālama ʻana i ka CSI, i hoʻokomo mua ʻia ma K8s 1.12.

Hoʻomaka no ka neʻe ʻana o nā plugins volume i CSI - ʻO CSI Migration - hiki i ka mana beta. He mea koʻikoʻi kēia hiʻohiʻona no ka unuhi ʻana i nā plugins waiho ʻia (i loko o ka lāʻau) i ke ano o keia wa (CSI, waho o ka lāʻau) ʻike ʻole ʻia e nā mea hoʻohana hope o Kubernetes. Pono nā luna hoʻomalu o Cluster e hiki iā CSI Migration, a laila e hoʻomau ʻia nā kumu waiwai a me nā haʻahaʻa hana e "hana wale" ...

I kēia manawa, ua mākaukau ka neʻe ʻana no nā mea hoʻokele AWS EBS i ka mana beta (kubernetes.io/aws-ebs) a me GCE PD (kubernetes.io/gce-pd). ʻO nā wānana no nā hale mālama ʻē aʻe penei:

Ua kamaʻilio mākou e pili ana i ka hiki ʻana mai o ke kākoʻo mālama "kuʻuna" ma K8 i CSI i loko kēiaʻatikala. A ua hoʻolaʻa ʻia ka hoʻololi o ka neʻe ʻana o CSI i ke kūlana beta hoolaha kaawale ma ka blog papahana.

Eia kekahi, ʻo kahi hana koʻikoʻi ʻē aʻe i ka pōʻaiapili o CSI, ka mea i hoʻokumu ʻia (hoʻokō alpha) ma K1.17s 8, hiki i ke kūlana beta (ʻo ia hoʻi. ka hana ʻana i nā kiʻi paʻi kiʻi a me ka ho'ōla mai iā lākou. Ma waena o nā hoʻololi i hana ʻia i ka Kubernetes Volume Snapshot ma ke ala e hoʻokuʻu ai i ka beta:

• ka hoʻokaʻawale ʻana i ka CSI external-snapshotter sidecar i ʻelua mau mana,
• mea huna no ka holoi ʻana (huna huna) ma ke ʻano he hōʻike i nā mea i loko o kahi kiʻi kiʻi leo,
• mea hoʻopau hou (mea hoʻopau hope) no ka pale ʻana i ka mea snapshot API mai ka holoi ʻia inā he mau pilina i koe.

I ka manawa o ka hoʻokuʻu ʻana 1.17, kākoʻo ʻia ka hiʻohiʻona e ʻekolu mau mea hoʻokele CSI: GCE Persistent Disk CSI Driver, Portworx CSI Driver a me NetApp Trident CSI Driver. Hiki ke loaʻa nā kikoʻī hou aku e pili ana i ka hoʻokō a me ka hoʻohana ʻana ma kēia paʻi ma ka blog.

Nā Lepili Kapua

Nā lepili ʻakomi hāʻawi ʻia i nā nodes a me nā leo i hana ʻia ma muli o ka mea hāʻawi kapua i hoʻohana ʻia, ua loaʻa ma Kubernetes ma ke ʻano he mana beta no ka manawa lōʻihi loa - mai ka hoʻokuʻu ʻia ʻana o K8s 1.2 (ʻApelila 2016!). Hāʻawi ʻia i kā lākou hoʻohana ākea no ka lōʻihi, nā mea hoʻomohala hooholoia, ʻo ia ka manawa e haʻi aku ai i ka hiʻona paʻa (GA).

No laila, ua kapa hou ʻia lākou a pau (e ka topology):

• beta.kubernetes.io/instance-type → node.kubernetes.io/instance-type
• failure-domain.beta.kubernetes.io/zone → topology.kubernetes.io/zone
• failure-domain.beta.kubernetes.io/region → topology.kubernetes.io/region

... akā loaʻa nō ma lalo o ko lākou mau inoa kahiko (no ka hoʻokō ʻana i hope). Eia naʻe, ʻōlelo ʻia nā luna hoʻoponopono āpau e hoʻololi i nā lepili o kēia manawa. Palapala Pili Ua hōʻano hou ʻia nā K8s.

Hoʻopuka ʻia o kubeadm

Hōʻike ʻia ma ka mana alpha no ka manawa mua i hoʻonohonoho ʻia no ka pono kubeadm. Nā palapala i kākoʻo ʻia: JSON, YAML, Go template.

ʻO ke kumu no ka hoʻokō ʻana i kēia hiʻohiʻona (e like me KAPA) ʻo ia:

ʻOiai hiki ke hoʻohana lima ʻia nā Kubernetes, ʻo ka de facto (inā ʻaʻole de jure) maʻamau no kēia hana e hoʻohana i ka kubeadm. Ke hilinaʻi nei nā mea hana hoʻokele ʻōnaehana kaulana e like me Terraform i kubeadm no ka hoʻolaha ʻana o Kubernetes. ʻO ka hoʻomaikaʻi ʻana i hoʻolālā ʻia i ka Cluster API e loaʻa i kahi pūʻolo mele no Kubernetes bootstrapping me kubeadm a me cloud-init.

Me ka ʻole o ka hoʻopuka hoʻonohonoho ʻia, ʻo nā loli maikaʻi ʻole loa i ka nānā mua ʻana e hiki ke wāwahi iā Terraform, Cluster API a me nā polokalamu ʻē aʻe e hoʻohana ana i nā hopena o kubeadm.

Loaʻa i kā mākou mau hoʻolālā koke ke kākoʻo (ma ke ʻano o ka hoʻokumu ʻia ʻana) no kēia mau kauoha kubeadm:

• alpha certs
• config images list
• init
• token create
• token list
• upgrade plan
• version

Hoʻohālike o kahi pane JSON i kahi kauoha kubeadm init -o json:

{
  "node0": "192.168.20.51:443",
  "caCrt": "sha256:1f40ff4bd1b854fb4a5cf5d2f38267a5ce5f89e34d34b0f62bf335d74eef91a3",
  "token": {
    "id":          "5ndzuu.ngie1sxkgielfpb1",
    "ttl":         "23h",
    "expires":     "2019-05-08T18:58:07Z",
    "usages":      [
      "authentication",
      "signing"
    ],
    "description": "The default bootstrap token generated by 'kubeadm init'.",
    "extraGroups": [
      "system:bootstrappers:kubeadm:default-node-token"
    ]
  },
  "raw": "Rm9yIHRoZSBhY3R1YWwgb3V0cHV0IG9mIHRoZSAia3ViZWFkbSBpbml0IiBjb21tYW5kLCBwbGVhc2Ugc2VlIGh0dHBzOi8vZ2lzdC5naXRodWIuY29tL2FrdXR6LzdhNjg2ZGU1N2JmNDMzZjkyZjcxYjZmYjc3ZDRkOWJhI2ZpbGUta3ViZWFkbS1pbml0LW91dHB1dC1sb2c="
}

Hoʻopaʻa i nā hana hou ʻē aʻe

Ma ka laulā, ua hoʻokuʻu ʻia ka Kubernetes 1.17 ma lalo o ka huaʻōlelo "Kūlā" Ua maʻalahi kēia i ka nui o nā hiʻohiʻona i loko (ʻo kā lākou helu helu 14) loaʻa ke kūlana GA. Ma waena o lākou:

• "marking" nodes e like me kekahi mau kūlana (TaintNodesByCondition), ua puka mai ma K8s 1.8;
• Nānā i nā kaha puke - he ʻano hanana hou i loaʻa ka lepili e pili ana nā mea āpau i kahi mana (resourceVersion) ua hana ʻia e ka wati;
• nā waiwai paʻamau (defaulting) no nā Punawai Kuʻuna;
• kaʻana like ma waena o nā pahu i loko o ke kaʻina hana pod namespaces;
• ScheduleDaemonSetPods - hoʻonohonoho i nā pods ma DaemonSet hoʻohana i ka kube-scheduler (ma kahi o ka mea hoʻokele DaemonSet);
• nā palena ikaika ma ka helu o nā puke ma muli o ke ʻano node;
• kākoʻo hoʻololi kaiapuni no nā inoa papa kuhikuhi i kau ʻia e like me subPath;
• Hoʻololi ka puʻuwai Kubelet i kahi API hoʻolimalima kūikawā;
• "palekana hope" (Palekana Finalizer) no nā mea kaulike ukana (e nānā ana i nā kumuwaiwai Service e pili ana ma mua o ka holoi ʻana i nā kumuwaiwai LoadBalancer);
• kube-apiserver optimization i ka hana ʻana me nā wati he nui e nānā ana i nā pūʻulu like o nā mea - loaʻa ma ka pale ʻana i ka serialization mau o nā mea like no kēlā me kēia kiaʻi.

Nā hoʻololi hou aʻe

ʻO ka papa inoa piha o nā mea hou i Kubernetes 1.17, ʻoiaʻiʻo, ʻaʻole i kaupalena ʻia i nā mea i helu ʻia ma luna. Eia kekahi mau mea ʻē aʻe (a no ka papa inoa piha, ʻike HOOLOLI):

• ʻO ka hiʻohiʻona i hōʻike ʻia ma ka hoʻokuʻu hope ua hiki i ka mana beta RunAsUserName no nā puka aniani;
• hoololi like ua ili mai EndpointSlice API (mai K8s 1.16 pū kekahi), akā naʻe, ʻaʻole hiki ke hoʻohana ʻia kēia hoʻonā e hoʻomaikaʻi i ka hana/scalability o ka Endpoint API ma ka paʻamau;
• He mea koʻikoʻi nā pods no ka hana cluster hiki ke hana ʻaʻole wale ma nā papa inoa kube-system (no nā kikoʻī, e ʻike i ka palapala no E kaupalena i ka ʻai ʻana o ka papa hana mua);
• koho hou no kubelet - --reserved-cpus - hiki iā ʻoe ke wehewehe i ka papa inoa o nā CPU i mālama ʻia no ka ʻōnaehana;
• no ka mea, kubectl logs hōʻike ʻia hae hou --prefix, hoʻohui i ka inoa o ka pod a me ka ipu kumu i kēlā me kēia laina o ka lāʻau;
• в label.Selector hoʻohui ʻia RequiresExactMatch;
• nā ipu a pau i kube-dns ke holo nei me nā pono liʻiliʻi;
• hyperkube hoʻokaʻawale ʻia i kahi waihona GitHub ʻokoʻa a ʻaʻole e hoʻokomo hou ʻia i nā hoʻokuʻu Kubernetes;
• nui hoʻomaikaʻi i ka hana kube-proxy no nā awa ʻole UDP.

Hoʻololi pili pili:

• ʻO ka mana CoreDNS i komo i ka kubeadm he 1.6.5;
• hōʻano hou ʻia ka mana cctl i v1.16.1;
• CSI 1.2.0;
• etcd 3.4.3;
• Hoʻonui hou ʻia ka mana Docker hou i 19.03;
• ʻO ka mana liʻiliʻi loa e koi ʻia e kūkulu i Kubernetes 1.17 ʻo 1.13.4.

PS

E heluhelu pū ma kā mākou blog:

• «Kubernetes 1.16: ka ʻike o nā mea hou nui";
• «Kubernetes 1.15: ka ʻike o nā mea hou nui";
• «Kubernetes 1.14: ka ʻike o nā mea hou nui";
• «Kubernetes 1.13: ka ʻike o nā mea hou nui".

Source: www.habr.com