ProHoster > Π‘Π»ΠΎΠ³ > Kev tswj hwm > Kubernetes cov lus qhia & ua kom yuam kev: txog kev txhim kho hauv zos thiab Telepresence

Kubernetes cov lus qhia & ua kom yuam kev: txog kev txhim kho hauv zos thiab Telepresence

Kubernetes cov lus qhia & ua kom yuam kev: txog kev txhim kho hauv zos thiab Telepresence

Peb tau nug ntau ntxiv txog kev txhim kho microservices hauv Kubernetes. Cov neeg tsim tawm, tshwj xeeb tshaj yog cov lus txhais, xav kom kho cov cai sai sai hauv lawv cov IDE nyiam thiab pom qhov tshwm sim yam tsis tau tos rau kev tsim / xa tawm - los ntawm nias F5. Thiab thaum nws los txog rau daim ntawv thov monolithic, nws txaus rau hauv zos nruab ib lub database thiab lub web server (hauv Docker, VirtualBox ...), thiab tom qab ntawd txaus siab rau kev txhim kho. Nrog kev txiav ntawm monoliths rau hauv microservices thiab tuaj txog ntawm Kubernetes, nrog rau cov tsos ntawm kev vam khom rau ib leeg, txhua yam nws tau txais qhov nyuaj me ntsis. Qhov ntau ntawm cov microservices, qhov teeb meem ntau dua. Txhawm rau kom txaus siab rau txoj kev loj hlob ntxiv, koj yuav tsum tau nce ntau dua ib lossis ob lub thawv Docker, thiab qee zaum txawm tias ntau tshaj li lub kaum os... Feem ntau, txhua qhov no tuaj yeem siv sijhawm ntau heev, vim nws tseem yuav tsum tau khaws cia rau hnub tim. .

Lub sijhawm sib txawv peb sim sib txawv cov kev daws teeb meem. Thiab kuv mam li pib nrog cov kev sib sau ua ke lossis tsuas yog "crutches".

1. Crutches

Feem ntau IDEs muaj peev xwm hloov kho cov lej ncaj qha ntawm lub server siv FTP / SFTP. Txoj kev no yog qhov pom tseeb heev thiab peb txiav txim siab siv nws tam sim ntawd. Nws essence boils mus rau hauv qab no:

  1. Nyob rau hauv lub pod ntawm kev loj hlob ib puag ncig (dev / tshuaj xyuas), ib lub thawv ntxiv tau pib nrog SSH nkag thiab xa mus rau pej xeem SSH tus yuam sij ntawm tus tsim tawm uas yuav cog lus / xa daim ntawv thov.
  2. Nyob rau theem pib (hauv lub thawv prepare-app) hloov tus lej rau emptyDirkom muaj kev nkag mus rau cov cai los ntawm cov ntawv thov ntim thiab SSH server.

Kubernetes cov lus qhia & ua kom yuam kev: txog kev txhim kho hauv zos thiab Telepresence

Txhawm rau kom nkag siab zoo dua qhov kev siv ntawm cov tswv yim zoo li no, kuv yuav muab cov khoom seem ntawm YAML kev teeb tsa hauv Kubernetes.

Configurations

1.1. values. yaml

ssh_pub_key:
  vasya.pupkin: <ssh public key in base64>

nws yog vasya.pupkin yog tus nqi ntawm qhov sib txawv ${GITLAB_USER_LOGIN}.

1.2. deployment.yaml

...
{{ if eq .Values.global.debug "yes" }}
      volumes:
      - name: ssh-pub-key
        secret:
          defaultMode: 0600
          secretName: {{ .Chart.Name }}-ssh-pub-key
      - name: app-data
        emptyDir: {}
      initContainers:
      - name: prepare-app
{{ tuple "backend" . | include "werf_container_image" | indent 8 }}
        volumeMounts:
        - name: app-data
          mountPath: /app-data
        command: ["bash", "-c", "cp -ar /app/* /app-data/" ]
{{ end }}
      containers:
{{ if eq .Values.global.debug "yes" }}
      - name: ssh
        image: corbinu/ssh-server
        volumeMounts:
        - name: ssh-pub-key
          readOnly: true
          mountPath: /root/.ssh/authorized_keys
          subPath: authorized_keys
        - name: app-data
          mountPath: /app
        ports:
        - name: ssh
          containerPort: 22
          protocol: TCP
{{ end }}
      - name: backend
        volumeMounts:
{{ if eq .Values.global.debug "yes" }}
        - name: app-data
          mountPath: /app
{{ end }}
        command: ["/usr/sbin/php-fpm7.2", "--fpm-config", "/etc/php/7.2/php-fpm.conf", "-F"]
...

1.3. secret. yaml

{{ if eq .Values.global.debug "yes" }}
apiVersion: v1
kind: Secret
metadata:
  name: {{ .Chart.Name }}-ssh-pub-key
type: Opaque
data:
  authorized_keys: "{{ first (pluck .Values.global.username .Values.ssh_pub_key) }}"
{{ end }}

kov kawg

Tom qab ntawd txhua yam uas tseem tshuav yog hloov mus xav tau gitlab-ci.yml variables:

dev:
  stage: deploy
  script:
   - type multiwerf && source <(multiwerf use 1.0 beta)
   - type werf && source <(werf ci-env gitlab --tagging-strategy tag-or-branch --verbose)
   - werf deploy
     --namespace ${CI_PROJECT_NAME}-stage
     --set "global.env=stage"
     --set "global.git_rev=${CI_COMMIT_SHA}"
     --set "global.debug=yes"
     --set "global.username=${GITLAB_USER_LOGIN}"
 tags:
   - build

Voila: tus tsim tawm uas tau pib xa tawm tuaj yeem txuas los ntawm lub npe kev pabcuam (yuav ua li cas thiaj li tso cai nkag mus rau pawg, peb twb qhia) los ntawm koj lub desktop ntawm SFTP thiab kho cov cai yam tsis tau tos kom xa mus rau pawg.

Qhov no yog ib qho kev daws teeb meem tag nrho, tab sis los ntawm kev siv qhov pom nws muaj qhov tsis zoo:

  • qhov yuav tsum tau ua kom zoo dua daim ntawv Helm, uas ua rau nws nyuaj rau nyeem yav tom ntej;
  • tsuas yog siv tau los ntawm tus neeg siv qhov kev pabcuam;
  • koj yuav tsum nco ntsoov ces synchronize nws nrog lub zos directory nrog cov cai thiab cog lus rau Git.

2. Telepresence

Qhov project Kev sib cog lus tau paub ntev heev, tab sis peb, raws li lawv hais, "tsis tau nyob ib puag ncig los sim nws hauv kev xyaum." Txawm li cas los xij, kev thov tau ua tiav nws txoj haujlwm thiab tam sim no peb zoo siab los qhia peb cov kev paub dhau los, uas yuav muaj txiaj ntsig zoo rau cov neeg nyeem ntawm peb cov blog - tshwj xeeb tshaj yog vim tsis muaj lwm yam ntaub ntawv hais txog Telepresence ntawm lub hub tseem.

Nyob rau hauv luv luv, txhua yam muab tawm mus tsis yog li ntawd txaus ntshai. Peb tau tso tag nrho cov kev ua uas yuav tsum tau ua tiav ntawm ib feem ntawm tus tsim tawm hauv Helm daim ntawv teev cov ntaub ntawv hu ua NOTES.txt. Yog li, tom qab xa cov kev pabcuam rau Kubernetes, tus tsim tawm pom cov lus qhia rau kev tshaj tawm cov dev hauv zos hauv GitLab txoj haujlwm teev tseg:

!!! Π Π°Π·Ρ€Π°Π±ΠΎΡ‚ΠΊΠ° сСрвиса локально, Π² составС Kubernetes !!!

* Настройка окруТСния
* * Π”ΠΎΠ»ΠΆΠ΅Π½ Π±Ρ‹Ρ‚ΡŒ доступ Π΄ΠΎ кластСра Ρ‡Π΅Ρ€Π΅Π· VPN
* * На локальном ПК установлСн kubectl ( https://kubernetes.io/docs/tasks/tools/install-kubectl/ )
* * ΠŸΠΎΠ»ΡƒΡ‡ΠΈΡ‚ΡŒ config-Ρ„Π°ΠΉΠ» для kubectl (ΡΠΊΠΎΠΏΠΈΡ€ΠΎΠ²Π°Ρ‚ΡŒ Π² ~/.kube/config)
* * На локальном ПК установлСн telepresence ( https://www.telepresence.io/reference/install )
* * Π”ΠΎΠ»ΠΆΠ΅Π½ Π±Ρ‹Ρ‚ΡŒ установлСн Docker
* * НСобходим доступ уровня reporter ΠΈΠ»ΠΈ Π²Ρ‹ΡˆΠ΅ ΠΊ Ρ€Π΅ΠΏΠΎΠ·ΠΈΡ‚ΠΎΡ€ΠΈΡŽ https://gitlab.site.com/group/app
* * НСобходимо залогинится Π² registry с Π»ΠΎΠ³ΠΈΠ½ΠΎΠΌ/ΠΏΠ°Ρ€ΠΎΠ»Π΅ΠΌ ΠΎΡ‚ GitLab (дСлаСтся ΠΎΠ΄ΠΈΠ½ Ρ€Π°Π·):

#########################################################################
docker login registry.site.com
#########################################################################

* Запуск окруТСния

#########################################################################
telepresence --namespace {{ .Values.global.env }} --swap-deployment {{ .Chart.Name  }}:backend --mount=/tmp/app --docker-run -v `pwd`:/app -v /tmp/app/var/run/secrets:/var/run/secrets -ti registry.site.com/group/app/backend:v8
#########################################################################

Peb yuav tsis nyob hauv kev nthuav dav ntawm cov kauj ruam uas tau piav qhia hauv cov lus qhia no ... nrog rau qhov kawg ntawm qhov kawg. Yuav ua li cas thaum lub sij hawm tso tawm ntawm Telepresence?

Ua haujlwm nrog Telepresence

Thaum pib (siv cov lus txib kawg uas tau teev tseg hauv cov lus qhia saum toj no), peb teeb tsa:

  • namespace uas lub microservice tab tom khiav;
  • cov npe ntawm kev xa tawm thiab ntim peb xav nkag mus.

Cov lus sib cav ntxiv yog xaiv tau. Yog tias peb qhov kev pabcuam cuam tshuam nrog thiab rau Kubernetes API ServiceAccount tsim, peb yuav tsum tau mount daim ntawv pov thawj / tokens ntawm peb lub desktop. Txhawm rau ua qhov no, siv qhov kev xaiv --mount=true (los yog --mount=/dst_path), uas yuav mount lub hauv paus (/) los ntawm Kubernetes thawv rau peb lub desktop. Tom qab ntawd, peb tuaj yeem (nyob ntawm OS thiab yuav ua li cas cov ntawv thov raug tso tawm) siv "cov yuam sij" los ntawm pawg.

Ua ntej, cia peb saib qhov kev xaiv thoob ntiaj teb tshaj plaws rau kev khiav daim ntawv thov - hauv Docker ntim. Ua li no peb yuav siv tus yuam sij --docker-run thiab mount lub directory nrog code rau hauv lub thawv: -v `pwd`:/app

Thov nco ntsoov tias qhov no xav tias khiav los ntawm qhov project directory. Daim ntawv thov code yuav raug muab tso rau hauv daim ntawv teev npe /app hauv ib lub thawv.

Tom ntej: -v /tmp/app/var/run/secrets:/var/run/secrets - txhawm rau txuas cov npe nrog daim ntawv pov thawj / lub cim rau hauv lub thawv.

Qhov kev xaiv no thaum kawg ua raws li cov duab hauv daim ntawv thov yuav khiav. NB: Thaum tsim cov duab, koj yuav tsum qhia meej CMD los yog ENTRYPOINT!

Dab tsi yuav tshwm sim tom ntej?

  • Hauv Kubernetes, rau qhov kev xa tawm, tus naj npawb ntawm replicas yuav raug hloov mus rau 0. Hloov chaw, yuav pib xa tawm tshiab - nrog lub thawv hloov pauv. backend.
  • 2 lub thawv yuav tso tawm ntawm lub desktop: thawj zaug nrog Telepresence (nws yuav tso npe thov los ntawm / rau Kubernetes), qhov thib ob nrog daim ntawv thov tsim.
  • Yog tias peb ua haujlwm rau hauv lub thawv nrog daim ntawv thov, ces tag nrho cov ENV hloov pauv hloov los ntawm Helm thaum lub sijhawm xa mus yuav muaj rau peb, thiab txhua qhov kev pabcuam tseem yuav muaj. Txhua yam uas tseem tshuav yog hloov kho cov cai hauv koj nyiam IDE thiab txaus siab rau qhov tshwm sim.
  • Thaum kawg ntawm kev ua haujlwm, koj tsuas yog yuav tsum kaw lub davhlau ya nyob twg uas Telepresence tab tom khiav (tawm qhov kev sib tham nrog Ctrl + C) - Docker ntim yuav nres ntawm lub desktop, thiab hauv Kubernetes txhua yam yuav rov qab mus rau nws thawj lub xeev. Txhua yam uas tseem tshuav yog cog lus, teeb tsa MR thiab hloov mus rau kev tshuaj xyuas / sib koom ua ke / ... (nyob ntawm koj cov haujlwm ua haujlwm).

Yog tias peb tsis xav khiav daim ntawv thov hauv lub thawv Docker - piv txwv li, peb tsim tsis nyob hauv PHP, tab sis hauv Go, thiab tseem tsim nws hauv zos - launching Telepresence yuav yooj yim dua:

telepresence --namespace {{ .Values.global.env }} --swap-deployment {{ .Chart.Name  }}:backend --mount=true

Yog tias daim ntawv thov nkag mus rau Kubernetes API, koj yuav tsum tau teeb tsa cov keys directory (https://www.telepresence.io/howto/volumes). Nws muaj qhov siv tau rau Linux hauv paus:

proot -b $TELEPRESENCE_ROOT/var/run/secrets/:/var/run/secrets bash

Tom qab tso tawm Telepresence yam tsis muaj kev xaiv --docker-run txhua qhov kev hloov pauv ib puag ncig yuav muaj nyob rau hauv lub davhlau ya nyob twg tam sim no, yog li daim ntawv thov yuav tsum tau muab tso rau hauv nws.

NB: Thaum siv, piv txwv li, PHP, koj yuav tsum nco ntsoov lov tes taw ntau yam op_cache, apc thiab lwm yam accelerators rau kev txhim kho - txwv tsis pub kho cov cai yuav tsis ua rau qhov xav tau.

Cov txiaj ntsim tau los

Kev txhim kho hauv zos nrog Kubernetes yog ib qho teeb meem uas nws txoj kev daws teeb meem loj hlob nyob rau hauv kev faib ua feem rau kev sib kis ntawm lub platform no. Tau txais cov kev thov cuam tshuam los ntawm cov neeg tsim khoom (los ntawm peb cov neeg siv khoom), peb pib daws lawv nrog thawj qhov muaj peev xwm, uas, txawm li cas los xij, tsis tau ua pov thawj lawv tus kheej dhau lub sijhawm ntev. Hmoov zoo, qhov no tau dhau los ua pom tseeb tsis yog tam sim no thiab tsis yog rau peb xwb, yog li tsim nyog txhais tau tias twb tau tshwm sim hauv ntiaj teb, thiab Telepresence yog cov npe nrov tshaj plaws ntawm lawv (los ntawm txoj kev, kuj muaj. skaffold los ntawm Google). Peb qhov kev paub ntawm kev siv nws tseem tsis tau zoo heev, tab sis nws twb muab peb lub laj thawj los qhia nws rau peb "cov npoj yaig hauv khw" - sim nws!

PS

Lwm yam los ntawm K8s lub tswv yim & tricks series:

Tau qhov twg los: www.hab.com

Ntxiv ib saib