Hlo Habr!
Thaum kawg ntawm lub caij ntuj sov, peb xav kom koj nco ntsoov tias peb txuas ntxiv ua haujlwm ntawm lub ncauj lus thiab tau txiav txim siab tshaj tawm ib tsab xov xwm los ntawm Stackoverflow qhia txog lub xeev ntawm cov xwm txheej hauv qhov project no thaum pib lub Rau Hli.
Txaus siab nyeem!
Thaum lub sijhawm sau tsab xov xwm no, lub hnub nyoog ntawm Kubernetes yog kwv yees. , thiab nyob rau hauv ob xyoos dhau los nws cov koob meej tau loj hlob ntau heev uas nws tau nyob ib puag ncig ntawm platforms. Kubernetes qeb thib peb xyoo no. Txhawm rau rov hais dua: Kubernetes yog lub platform tsim los khiav thiab orchestrate ntim cov khoom ua haujlwm.
Cov thawv ntim tau pib tsim tshwj xeeb rau kev cais cov txheej txheem hauv Linux; ntim tau suav txij li xyoo 2007 , thiab txij li xyoo 2002 - namespaces. Cov thawv ntim tau tsim tau zoo dua los ntawm 2008, thaum nws muaj , thiab Google tau tsim nws tus kheej lub koom haum hauv kev lag luam hu ua , qhov twg "txhua yam haujlwm ua tiav hauv ntim." Los ntawm no peb ceev nrooj mus rau 2013, thaum thawj qhov kev tso tawm ntawm Docker tau tshwm sim, thiab cov thawv thaum kawg tau los ua ib qho kev daws teeb meem nrov. Thaum lub sij hawm ntawd, lub ntsiab cuab tam rau thawv orchestration yog , txawm hais tias nws tsis yog wildly nrov. Kubernetes tau tso tawm thawj zaug hauv xyoo 2015, tom qab ntawd cov cuab yeej no tau dhau los ua tus qauv de facto nyob rau hauv lub tshav pob orchestration.
Yuav kom nkag siab tias yog vim li cas Kubernetes thiaj li nrov, cia peb sim teb ob peb nqe lus nug. Thaum twg yog lub sijhawm kawg cov neeg tsim khoom tuaj yeem pom zoo rau kev xa cov ntawv thov mus rau ntau lawm? Muaj pes tsawg tus tsim tawm koj paub leej twg siv cov cuab yeej raws li lawv tau muab tawm ntawm lub thawv? Muaj pes tsawg tus thawj tswj hwm huab niaj hnub no uas tsis nkag siab tias cov ntawv thov ua haujlwm li cas? Peb yuav saib cov lus teb rau cov lus nug no hauv kab lus no.
Infrastructure li YAML
Nyob rau hauv lub ntiaj teb no uas tau mus los ntawm Puppet thiab kws ua zaub mov rau Kubernetes, ib qho ntawm cov kev hloov loj tshaj plaws yog txav los ntawm "infrastructure li code" mus rau "infrastructure li ntaub ntawv" - tshwj xeeb, zoo li YAML. Tag nrho cov peev txheej hauv Kubernetes, uas suav nrog pods, configurations, deployed instances, volumes, etc., tuaj yeem piav qhia yooj yim hauv YAML cov ntaub ntawv. Piv txwv li:
apiVersion: v1
kind: Pod
metadata:
name: site
labels:
app: web
spec:
containers:
- name: front-end
image: nginx
ports:
- containerPort: 80Qhov kev pom no ua rau nws yooj yim dua rau DevOps lossis SRE cov kws tshaj lij kom nthuav tawm lawv cov haujlwm tag nrho yam tsis tas yuav sau cov lej ua lus xws li Python lossis Javascript.
Lwm qhov zoo ntawm kev teeb tsa infrastructure raws li cov ntaub ntawv suav nrog:
- GitOps lossis Git Operations Version Control. Txoj hauv kev no tso cai rau koj khaws tag nrho Kubernetes YAML cov ntaub ntawv hauv git repositories, yog li koj tuaj yeem taug qab raws nraim thaum hloov pauv, leej twg ua nws, thiab hloov pauv li cas. Qhov no ua rau kom pom tseeb ntawm kev ua haujlwm thoob plaws hauv lub koom haum thiab txhim kho kev ua haujlwm zoo los ntawm kev tshem tawm qhov tsis meej pem, tshwj xeeb tshaj yog nyob rau hauv qhov chaw cov neeg ua haujlwm yuav tsum nrhiav cov peev txheej uas lawv xav tau. Nyob rau tib lub sijhawm, nws yooj yim dua los hloov pauv rau Kubernetes cov peev txheej los ntawm kev sib koom ua ke ib qho kev thov rub.
- Scalability. Thaum cov peev txheej tau txhais tias yog YAML, nws yooj yim heev rau cov tswv lag luam los hloov ib lossis ob tus lej hauv Kubernetes cov peev txheej, yog li hloov nws li cas. Kubernetes muab cov txheej txheem rau kab rov tav autoscaling ntawm cov pods, uas tuaj yeem siv los txiav txim siab seb qhov tsawg kawg nkaus thiab ntau npaum li cas ntawm cov pods yuav tsum tau muaj nyob rau hauv ib qho kev teeb tsa tshwj xeeb los tswj cov tsheb khiav qis thiab siab. Piv txwv li, yog tias koj tau siv qhov kev teeb tsa uas yuav tsum tau muaj peev xwm ntxiv vim muaj qhov nrawm nrawm hauv kev khiav tsheb, ces maxReplicas tuaj yeem hloov pauv ntawm 10 mus rau 20:
apiVersion: autoscaling/v2beta2
kind: HorizontalPodAutoscaler
metadata:
name: myapp
namespace: default
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: myapp-deployment
minReplicas: 1
maxReplicas: 20
metrics:
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 50- Kev ruaj ntseg thiab kev tswj hwm. YAML yog qhov zoo rau kev ntsuas seb cov khoom siv li cas hauv Kubernetes. Piv txwv li, kev txhawj xeeb txog kev nyab xeeb loj yog txhawj xeeb seb koj cov haujlwm puas ua haujlwm raws li tus neeg siv tsis yog tus thawj tswj hwm. Hauv qhov no, peb yuav xav tau cov cuab yeej xws li , YAML/JSON validator, ntxiv rau , tus tswj xyuas txoj cai kom paub meej tias cov ntsiab lus koj cov haujlwm ua haujlwm tsis tso cai rau lub thawv khiav nrog cov cai tswj hwm. Yog tias qhov no xav tau, cov neeg siv tuaj yeem siv txoj cai yooj yim , zoo li no:
package main
deny[msg] {
input.kind = "Deployment"
not input.spec.template.spec.securityContext.runAsNonRoot = true
msg = "Containers must not run as root"
}- Cov kev xaiv rau kev koom ua ke nrog ib tus neeg muab kev pabcuam huab. Ib qho tseem ceeb tshaj plaws hauv kev siv tshuab niaj hnub no yog kev ua haujlwm ntawm cov chaw pabcuam huab cua. Siv cov khoom siv Kubernetes tso cai rau txhua pawg los koom nrog huab cua uas nws khiav. Piv txwv li, yog tias tus neeg siv khiav ib daim ntawv thov hauv Kubernetes ntawm AWS thiab xav nthuav tawm daim ntawv thov ntawd los ntawm kev pabcuam, tus neeg muab kev pabcuam huab pab tsim cov kev pabcuam.
LoadBalanceruas yuav cia li muab lub load balancer kom redirect tsheb mus rau daim ntawv thov pods.
Kev nthuav dav
Kubernetes yog qhov nthuav dav heev thiab cov neeg tsim khoom nyiam nws. Muaj cov txheej txheem muaj peev xwm xws li cov pods, xa tawm, StatefulSets, secrets, ConfigMaps, lwm. Muaj tseeb, cov neeg siv thiab cov tsim tawm tuaj yeem ntxiv lwm cov kev pabcuam hauv daim ntawv .
Piv txwv li, yog tias peb xav txhais cov peev txheej CronTab, ces koj tuaj yeem ua qee yam zoo li no:
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: crontabs.my.org
spec:
group: my.org
versions:
- name: v1
served: true
storage: true
Schema:
openAPIV3Schema:
type: object
properties:
spec:
type: object
properties:
cronSpec:
type: string
pattern: '^(d+|*)(/d+)?(s+(d+|*)(/d+)?){4}$'
replicas:
type: integer
minimum: 1
maximum: 10
scope: Namespaced
names:
plural: crontabs
singular: crontab
kind: CronTab
shortNames:
- ct
Tom qab ntawd peb tuaj yeem tsim CronTab cov peev txheej zoo li no:
apiVersion: "my.org/v1"
kind: CronTab
metadata:
name: my-cron-object
spec:
cronSpec: "* * * * */5"
image: my-cron-image
replicas: 5
Lwm qhov kev xaiv rau kev nthuav dav hauv Kubernetes yog tias tus tsim tawm tuaj yeem sau nws tus kheej cov lus. yog txheej txheem tshwj xeeb hauv Kubernetes pawg uas ua haujlwm raws li "" Nrog kev pab los ntawm tus neeg teb xov tooj, tus neeg siv tuaj yeem hloov kho kev tswj hwm ntawm CRDs (kev cai txhais cov ntsiab lus) los ntawm kev sib pauv cov ntaub ntawv nrog Kubernetes API.
Muaj ntau yam cuab yeej hauv zej zog uas ua kom yooj yim rau cov neeg tsim khoom los tsim lawv tus kheej cov neeg ua haujlwm. Ntawm lawv - thiab nws . SDK no muab lub hauv paus los ntawm tus tsim tawm sai sai pib tsim tus neeg teb xov tooj. Cia peb hais tias koj tuaj yeem pib los ntawm kab hais kom ua tej yam zoo li no:
$ operator-sdk new my-operator --repo github.com/myuser/my-operatorQhov no tsim tag nrho cov boilerplate code rau koj tus neeg teb xov tooj, suav nrog YAML cov ntaub ntawv thiab Golang code:
.
|____cmd
| |____manager
| | |____main.go
|____go.mod
|____deploy
| |____role.yaml
| |____role_binding.yaml
| |____service_account.yaml
| |____operator.yaml
|____tools.go
|____go.sum
|____.gitignore
|____version
| |____version.go
|____build
| |____bin
| | |____user_setup
| | |____entrypoint
| |____Dockerfile
|____pkg
| |____apis
| | |____apis.go
| |____controller
| | |____controller.goTom qab ntawd koj tuaj yeem ntxiv qhov xav tau APIs thiab cov tswj hwm, zoo li qhov no:
$ operator-sdk add api --api-version=myapp.com/v1alpha1 --kind=MyAppService
$ operator-sdk add controller --api-version=myapp.com/v1alpha1 --kind=MyAppServiceTom qab ntawd, thaum kawg, sib sau tus neeg teb xov tooj thiab xa mus rau npe ntawm koj lub thawv:
$ operator-sdk build your.container.registry/youruser/myapp-operator
Yog tias tus tsim tawm xav tau kev tswj hwm ntau dua, lub boilerplate code hauv Go cov ntaub ntawv tuaj yeem hloov pauv. Piv txwv li, txhawm rau hloov kho qhov tshwj xeeb ntawm tus maub los, koj tuaj yeem hloov kho cov ntaub ntawv controller.go.
Lwm qhov project , tso cai rau koj los tsim cov lus siv tsuas yog cov ntaub ntawv tshaj tawm YAML. Piv txwv li, tus neeg teb xov tooj rau Apache Kafka yuav raug txhais kwv yees li . Nrog nws, koj tuaj yeem nruab Kafka pawg rau saum Kubernetes nrog ob peb cov lus txib:
$ kubectl kudo install zookeeper
$ kubectl kudo install kafkaThiab tom qab ntawd teeb tsa nws nrog lwm cov lus txib:
$ kubectl kudo install kafka --instance=my-kafka-name
-p ZOOKEEPER_URI=zk-zookeeper-0.zk-hs:2181
-p ZOOKEEPER_PATH=/my-path -p BROKER_CPUS=3000m
-p BROKER_COUNT=5 -p BROKER_MEM=4096m
-p DISK_SIZE=40Gi -p MIN_INSYNC_REPLICAS=3
-p NUM_NETWORK_THREADS=10 -p NUM_IO_THREADS=20
Tswvyim
Ob peb xyoos dhau los, Kubernetes tseem ceeb tshaj tawm tau tawm txhua ob peb lub hlis - uas yog, peb mus rau plaub qhov kev tshaj tawm loj hauv ib xyoos. Tus naj npawb ntawm cov yam ntxwv tshiab qhia hauv lawv txhua tus tsis txo qis. Ntxiv mus, tsis muaj cov cim qhia ntawm kev qeeb qeeb txawm tias nyob rau lub sijhawm nyuaj no - saib seb qhov xwm txheej tam sim no yog dab tsi .
Kev muaj peev xwm tshiab tso cai rau koj los hloov pauv ntau qhov kev ua haujlwm hauv cov haujlwm sib txawv. Tsis tas li ntawd, cov programmers nyiam kev tswj hwm ntau dua thaum xa cov ntawv thov ncaj qha rau kev tsim khoom.
Zej Zog
Lwm qhov tseem ceeb ntawm Kubernetes cov koob npe yog lub zog ntawm nws cov zej zog. Hauv 2015, thaum mus txog version 1.0, Kubernetes tau txhawb nqa los ntawm .
Tseem muaj ntau lub zej zog (Cov Pab Pawg Txaus Siab Tshwj Xeeb) tau tsom mus rau kev ua haujlwm ntawm ntau qhov chaw ntawm Kubernetes raws li qhov project hloov zuj zus. Cov pab pawg no niaj hnub ntxiv cov yam ntxwv tshiab, ua haujlwm nrog Kubernetes yooj yim dua thiab yooj yim dua.
Cloud Native Foundation tseem tuav CloudNativeCon / KubeCon, uas, thaum lub sijhawm sau ntawv, yog lub rooj sib tham qhib loj tshaj plaws hauv ntiaj teb. Feem ntau tuav peb zaug hauv ib xyoos, nws coj ntau txhiab tus kws tshaj lij uas xav txhim kho Kubernetes thiab nws cov ecosystem, nrog rau kawm cov yam ntxwv tshiab uas tshwm sim txhua peb lub hlis.
Ntxiv mus, Cloud Native Foundation muaj , uas, ua ke nrog SIGs, tshuaj xyuas cov tshiab thiab uas twb muaj lawm cov nyiaj tsom mus rau huab ecosystem. Feem ntau ntawm cov haujlwm no pab txhim kho lub zog ntawm Kubernetes.
Thaum kawg, kuv ntseeg tias Kubernetes yuav tsis ua tiav raws li qhov tsis muaj kev paub txog kev siv zog ntawm tag nrho cov zej zog, qhov chaw uas tib neeg nyob ua ke tab sis tib lub sij hawm txais tos cov neeg tuaj tshiab rau hauv lub rooj.
Yav tom ntej
Ib qho ntawm cov teeb meem tseem ceeb uas cov neeg tsim khoom yuav tsum tau daws yav tom ntej yog lub peev xwm los tsom rau cov ntsiab lus ntawm cov cai nws tus kheej, thiab tsis yog ntawm cov txheej txheem uas nws khiav. Nws ua tau raws li cov qauv no , uas yog ib qho ntawm cov thawj coj niaj hnub no. Advanced moj khaum twb muaj lawm, eg. ΠΈ , uas siv Kubernetes kom paub daws teeb cov txheej txheem los ntawm tus tsim tawm.
Hauv tsab xov xwm no, peb tsuas yog khawb qhov chaw ntawm lub xeev Kubernetes tam sim no - qhov tseeb, nws tsuas yog lub taub dej khov xwb. Cov neeg siv Kubernetes muaj ntau lwm yam kev pab, muaj peev xwm, thiab teeb tsa ntawm lawv qhov chaw pov tseg.
Tau qhov twg los: www.hab.com