A haziri nsụgharị nke isiokwu ahụ n'abalị nke mmalite nke ọmụmụ ahụ .
Otu esi echekwa ego igwe ojii mgbe ị na-arụ ọrụ na Kubernetes? Enweghị otu ngwọta ziri ezi, mana isiokwu a na-akọwa ọtụtụ ngwaọrụ nwere ike inyere gị aka ijikwa ihe onwunwe gị nke ọma ma belata ụgwọ ọrụ igwe ojii.
Edere m akụkọ a na Kubernetes maka AWS n'uche, mana ọ ga-etinye (fọrọ nke nta ka ọ bụrụ) otu ụzọ ahụ na ndị na-eweta igwe ojii ndị ọzọ. M na-eche na ụyọkọ gị ahazilarị autoscaling (). Iwepu akụrụngwa na iwetu ibu ọrụ gị ga-azọpụta gị naanị ego ma ọ bụrụ na ọ na-ebelata ọnụ ọgụgụ ndị ọrụ gị (ihe atụ EC2).
Akụkọ a ga-ekpuchi:
- ihicha akụrụngwa ejighi ya ()
- Belata akpịrịkpa n'oge awa anaghị arụ ọrụ ()
- iji kwụ ọtọ autoscaling (HPA),
- mbelata ndoputa akụrụngwa gabigara ókè (, VPA)
- iji ihe atụ Spot
Na-ehicha akụrụngwa ejighi eji
Ịrụ ọrụ na gburugburu ebe a na-agba ọsọ ọsọ dị mma. Anyị chọrọ ụlọ ọrụ teknụzụ . Nbufe ngwanrọ ngwa ngwa pụtakwara ibunye PR karịa, gburugburu nlegharị anya, ihe nlere anya na ngwọta nyocha. A na-etinye ihe niile na Kubernetes. Kedu onye nwere oge iji aka ya hichaa ebe nlele ule? Ọ dị mfe ichefu maka ihichapụ nnwale were otu izu. Ụgwọ igwe ojii ga-ejedebe na-ebili n'ihi ihe anyị chefuru imechi:
(Henning Jacobs:
Zhiza:
Corey Quinn:
Echiche Ụgha: Akaụntụ AWS gị bụ ọrụ nke ọnụọgụ ndị ọrụ ị nwere.
Eziokwu: Akara AWS gị bụ ọrụ nke ọnụọgụ ndị injinia ị nwere.
Ivan Kurnosov (na nzaghachi):
Ezigbo eziokwu: Akara AWS gị bụ ọrụ nke ọnụọgụ ihe ị chefuru iji gbanyụọ / ihichapụ.)
(kube-janitor) na-enyere aka hichaa ụyọkọ gị. Nhazi onye nlekọta na-agbanwe agbanwe maka ojiji zuru ụwa ọnụ na nke mpaghara:
- Iwu ụyọkọ nwere ike ịkọwapụta oge na-adị ndụ (TTL) maka mbugharị PR/ule ule.
- Enwere ike iji janitor/ttl kọwaa akụrụngwa nke ọ bụla, dịka ọmụmaatụ iwepu spike/prototype ozugbo ụbọchị 7 gachara.
A kọwapụtara iwu izugbe na faịlụ YAML. Ụzọ ya na-agafe na paramita --rules-file na kube-njenitor. Nke a bụ ụkpụrụ iwu iji wepụ oghere aha niile -pr- n'aha mgbe ụbọchị abụọ gachara:
- id: cleanup-resources-from-pull-requests
resources:
- namespaces
jmespath: "contains(metadata.name, '-pr-')"
ttl: 2dIhe atụ na-esote na-ahazi iji akara ngwa dị na Deployment and StatefulSet pods maka Nkwanye/StatefulSet ọhụrụ na 2020, mana n'otu oge ahụ na-enye ohere ịme ule na-enweghị akara a otu izu:
- id: require-application-label
# удалить deployments и statefulsets без метки "application"
resources:
- deployments
- statefulsets
# см. http://jmespath.org/specification.html
jmespath: "!(spec.template.metadata.labels.application) && metadata.creationTimestamp > '2020-01-01'"
ttl: 7dGbaa ngosi ngosi nwere obere oge maka nkeji 30 na ụyọkọ kube-janitor na-agba ọsọ:
kubectl run nginx-demo --image=nginx
kubectl annotate deploy nginx-demo janitor/ttl=30mIsi mmalite ọzọ na-abawanye ọnụ ahịa bụ mpịakọta na-adịgide adịgide (AWS EBS). Ihichapụ Kubernetes StatefulSet anaghị ehichapụ mpịakọta ya na-adịgide adịgide (PVC - PersistentVolumeClaim). Mpịakọta EBS ejighi ya nwere ike ịkpata ọnụ ahịa narị narị dollar kwa ọnwa. Kubernetes Janitor nwere atụmatụ iji hichaa PVC ndị na-ejighị ya. Dịka ọmụmaatụ, iwu a ga-ewepụ PVC niile na-ejighị modul na nke StatefulSet ma ọ bụ CronJob na-edeghị ya:
# удалить все PVC, которые не смонтированы и на которые не ссылаются StatefulSets
- id: remove-unused-pvcs
resources:
- persistentvolumeclaims
jmespath: "_context.pvc_is_not_mounted && _context.pvc_is_not_referenced"
ttl: 24hKubernetes Janitor nwere ike inyere gị aka idobe ụyọkọ gị ọcha ma gbochie ụgwọ ịgbakọ igwe ojii ka ọ ghara iji nwayọọ nwayọọ na-agbakọta. Maka ntinye na ntuziaka nhazi, soro .
Belata ncha n'oge awa anaghị arụ ọrụ
A na-achọkarị usoro ule na nhazi ka ọ rụọ ọrụ naanị n'oge awa azụmahịa. Ụfọdụ ngwa mmepụta, dị ka azụ ọrụ/ngwa ọrụ nchịkwa, na-achọkwa naanị ohere dị oke ma nwee ike nwee nkwarụ n'otu abalị.
(kube-downscaler) na-enye ohere ka ndị ọrụ na ndị na-arụ ọrụ belata usoro ahụ n'oge awa anaghị arụ ọrụ. Nkwanye na StatefulSets nwere ike ịba ụba ruo efu oyiri. Enwere ike kwụsịtụrụ CronJobs. A haziri Kubernetes Downscaler maka ụyọkọ dum, otu oghere aha ma ọ bụ karịa, ma ọ bụ akụrụngwa onye ọ bụla. Ị nwere ike ịtọ "oge ọrụ" ma ọ bụ, ọzọ, "oge ọrụ". Dịka ọmụmaatụ, iji belata ihe nrịbama dị ka o kwere mee n'abalị na ngwụsị izu:
image: hjacobs/kube-downscaler:20.4.3
args:
- --interval=30
# не отключать компоненты инфраструктуры
- --exclude-namespaces=kube-system,infra
# не отключать kube-downscaler, а также оставить Postgres Operator, чтобы исключенными БД можно было управлять
- --exclude-deployments=kube-downscaler,postgres-operator
- --default-uptime=Mon-Fri 08:00-20:00 Europe/Berlin
- --include-resources=deployments,statefulsets,stacks,cronjobs
- --deployment-time-annotation=deployment-timeNke a bụ eserese maka ịgbakọ ọnụ ọnụ ndị ọrụ ụyọkọ na ngwụsị izu:
Mbelata site na ~ 13 ruo 4 ọnụ ọnụ ndị ọrụ na-eme ka ọdịiche pụtara ìhè na ụgwọ AWS gị.
Ma gịnị ma ọ bụrụ na m kwesịrị ịrụ ọrụ n'oge ụyọkọ "downtime"? Enwere ike ịwepụ ụfọdụ nrụnye na-adịgide adịgide site na nchacha site n'ịgbakwunye downscaler/wepu: ezi nkọwa. Enwere ike wepu ọrụ nwa oge site na iji downscaler/wepu-ruo mgbe nkọwapụta nwere stampụ oge zuru oke n'ụdị YYYY-MM-DD HH:MM (UTC). Ọ bụrụ na ọ dị mkpa, enwere ike iwetu ụyọkọ ahụ dum site n'itinye pọd nwere nkọwa downscaler/force-uptimeDịka ọmụmaatụ, site na ịmalite nginx oghere:
kubectl run scale-up --image=nginx
kubectl annotate deploy scale-up janitor/ttl=1h # удалить развертывание через час
kubectl annotate pod $(kubectl get pod -l run=scale-up -o jsonpath="{.items[0].metadata.name}") downscaler/force-uptime=trueLee , ma ọ bụrụ na ị nwere mmasị na ntinye ntụziaka na nhọrọ ndị ọzọ.
Jiri kehoraizin autoscaling
Ọtụtụ ngwa / ọrụ na-arụkọ ọrụ n'ụdị nbudata dị ike: mgbe ụfọdụ modul ha anaghị arụ ọrụ, ma mgbe ụfọdụ ha na-arụ ọrụ zuru oke. Ịrụ ụgbọ mmiri pọd na-adịgide adịgide iji nagide ibu kachasị elu abụghị nke akụ na ụba. Kubernetes na-akwado ntule akpaaka kwụ ọtọ n'ofe akụrụngwa (HPA). Ojiji CPU na-abụkarị ihe ngosi dị mma maka ịchacha:
apiVersion: autoscaling/v2beta2
kind: HorizontalPodAutoscaler
metadata:
name: my-app
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: my-app
minReplicas: 3
maxReplicas: 10
metrics:
- type: Resource
resource:
name: cpu
target:
averageUtilization: 100
type: UtilizationZalando emepụtala akụrụngwa iji jikọọ metric omenala maka ịchacha: (kube-metrics-adapter) bụ ihe nkwụnye metrics jeneriki maka Kubernetes nke nwere ike ịnakọta ma jee ozi metrics omenala na nke mpụga maka mbelata autoscaling nke pọd. Ọ na-akwado scaling dabere na Prometheus metrics, SQS queues, na ntọala ndị ọzọ. Dịka ọmụmaatụ, iji tụọ ntinye gị na metrik omenala nke ngwa n'onwe ya nọchiri anya ya dị ka JSON na / metrik na-eji:
apiVersion: autoscaling/v2beta2
kind: HorizontalPodAutoscaler
metadata:
name: myapp-hpa
annotations:
# metric-config.<metricType>.<metricName>.<collectorName>/<configKey>
metric-config.pods.requests-per-second.json-path/json-key: "$.http_server.rps"
metric-config.pods.requests-per-second.json-path/path: /metrics
metric-config.pods.requests-per-second.json-path/port: "9090"
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: myapp
minReplicas: 1
maxReplicas: 10
metrics:
- type: Pods
pods:
metric:
name: requests-per-second
target:
averageValue: 1k
type: AverageValueỊhazi autoscaling kwụ ọtọ na HPA kwesịrị ịbụ otu n'ime omume ndabara iji melite arụmọrụ maka ọrụ enweghị obodo. Spotify nwere ihe ngosi nwere ahụmịhe na ndụmọdụ ha maka HPA: .
Belata ntinye akwụkwọ gabiga ókè
Ibu ọrụ Kubernetes na-ekpebi mkpa CPU / ebe nchekwa ha site na “arịrịọ akụrụngwa.” A na-atụ akụrụngwa CPU na cores mebere ma ọ bụ karịa na "millicores", dịka ọmụmaatụ 500m na-egosi 50% vCPU. A na-atụ ihe nchekwa na bytes, enwere ike iji suffixes nkịtị, dị ka 500Mi, nke pụtara 500 megabyte. Arịrịọ akụrụngwa "mkpọchi" ikike na ọnụ ndị ọrụ, nke pụtara pọd nwere arịrịọ CPU 1000m na ọnụ nwere 4 vCPU ga-ahapụ naanị 3 vCPU dị na pọd ndị ọzọ.
Slack (oke nchekwa) bụ ihe dị iche n'etiti akụrụngwa a rịọrọ na ojiji n'ezie. Dịka ọmụmaatụ, pọd na-arịọ 2 GiB nke ebe nchekwa mana naanị na-eji 200 MiB nwere ~ 1,8 GiB nke ebe nchekwa "oke". Ngafe na-efu ego. Otu nwere ike ime atụmatụ na 1 GiB nke ebe nchekwa anaghị akwụ ụgwọ na-efu ~ $10 kwa ọnwa.
(kube-resource-report) na-egosiputa oke nchekwa ma nwee ike inyere gị aka ikpebi ikike ichekwa ego:
na-egosi ngafe agbakọtara site na ngwa na iwu. Nke a na-enye gị ohere ịchọta ebe enwere ike ibelata ihe onwunwe chọrọ. Akụkọ HTML ewepụtara na-enye naanị foto ojiji akụrụngwa. Ị kwesịrị ileba anya na ojiji CPU/ncheta ka oge na-aga iji chọpụta arịrịọ akụrụngwa zuru oke. Nke a bụ eserese Grafana maka ọrụ “nke a na-ahụkarị” CPU: pọd niile na-eji obere ihe na-erughị cores CPU 3 chọrọ:
Mbelata arịrịọ CPU site na 3000m ruo ~ 400m na-ewepụta akụrụngwa maka ibu ọrụ ndị ọzọ ma na-enye ohere ka ụyọkọ ahụ dị ntakịrị.
"Nkezi ojiji CPU nke ihe omume EC2 na-agbadakarị n'ogo pasentị otu ọnụọgụ," . Maka EC2 Ịgbanwe ụfọdụ ajụjụ akụrụngwa Kubernetes na faịlụ YAML dị mfe ma nwee ike iweta nnukwu ego.
Mana anyị chọrọ n'ezie ka ndị mmadụ na-agbanwe ụkpụrụ na faịlụ YAML? Mba, igwe nwere ike ime ya nke ọma! Kubernetes (VPA) na-eme nke ahụ: na-emegharị arịrịọ akụrụngwa na ihe mgbochi dịka oke ọrụ si dị. Nke a bụ eserese atụ nke arịrịọ Prometheus CPU (ahịrị na-acha anụnụ anụnụ) nke VPA mebere ka oge na-aga:
maka akụrụngwa akụrụngwa. Ngwa na-adịghị mkpa nwekwara ike iji VPA.
sitere na Fairwind bụ ngwá ọrụ na-emepụta VPA maka ntinye ọ bụla n'ime oghere aha wee gosipụta nkwanye VPA na dashboard ya. Ọ nwere ike inyere ndị mmepe aka ịtọ ezi arịrịọ CPU/ebe nchekwa maka ngwa ha:
M dere obere na 2019, na nso nso a .
Iji ihe atụ EC2 Spot
N'ikpeazụ ma ọ dịghị ihe ọzọ, AWS EC2 nwere ike ibelata site na iji ọnọdụ Spot dị ka ndị ọrụ Kubernetes. . Ọnọdụ ntụpọ dị na mbelata ruru 90% ma e jiri ya tụnyere ọnụ ahịa achọrọ. Na-agba ọsọ Kubernetes na EC2 Spot bụ ezigbo ngwakọta: ịkwesịrị ịkọwapụta ọtụtụ ụdị ihe atụ dị iche iche maka ịdị elu dị elu, nke pụtara na ị nwere ike nweta ọnụ ọnụ buru ibu maka otu ọnụ ahịa ma ọ bụ ọnụ ala, yana ike abawanye nwere ike iji ya rụọ ọrụ Kubernetes.
Otu esi agba Kubernetes na EC2 Spot? Enwere ọtụtụ nhọrọ: jiri ọrụ ndị ọzọ dị ka SpotInst (nke a na-akpọ "Spot", ajụla m ihe kpatara ya), ma ọ bụ tinye naanị Spot AutoScalingGroup (ASG) na ụyọkọ gị. Dịka ọmụmaatụ, nke a bụ snippet CloudFormation maka Spot ASG nwere "ike-arụ ọrụ" nwere ọtụtụ ụdị ihe atụ:
MySpotAutoScalingGroup:
Properties:
HealthCheckGracePeriod: 300
HealthCheckType: EC2
MixedInstancesPolicy:
InstancesDistribution:
OnDemandPercentageAboveBaseCapacity: 0
SpotAllocationStrategy: capacity-optimized
LaunchTemplate:
LaunchTemplateSpecification:
LaunchTemplateId: !Ref LaunchTemplate
Version: !GetAtt LaunchTemplate.LatestVersionNumber
Overrides:
- InstanceType: "m4.2xlarge"
- InstanceType: "m4.4xlarge"
- InstanceType: "m5.2xlarge"
- InstanceType: "m5.4xlarge"
- InstanceType: "r4.2xlarge"
- InstanceType: "r4.4xlarge"
LaunchTemplate:
LaunchTemplateId: !Ref LaunchTemplate
Version: !GetAtt LaunchTemplate.LatestVersionNumber
MinSize: 0
MaxSize: 100
Tags:
- Key: k8s.io/cluster-autoscaler/node-template/label/aws.amazon.com/spot
PropagateAtLaunch: true
Value: "true"Ụfọdụ ndetu maka iji Spot na Kubernetes:
- Ịkwesịrị ijikwa nkwụsị ntụpọ, dịka ọmụmaatụ site na ijikọ ọnụ mgbe ihe atụ akwụsị
- Zalando na-eji Ụyọkọ gọọmentị autoscaling nwere ihe ndị ga-ebute ụzọ ọdọ mmiri ọnụ
- Ọnụ ntụpọ nabata "ndebanye aha" nke ibu ọrụ iji rụọ ọrụ na Spot
Nchịkọta
Enwere m olileanya na ị ga-ahụ ụfọdụ ngwaọrụ ndị ewepụtara bara uru n'ibelata ụgwọ igwe ojii gị. Ị nwekwara ike ịhụ ọtụtụ ọdịnaya nke akụkọ ahụ na .
Kedu omume gị kacha mma maka ịchekwa ọnụ ahịa igwe ojii na Kubernetes? Biko mee ka m mara na .
N'ezie, ihe na-erughị 3 vCPU ga-anọgide na-eji ya eme ihe ka a na-ebelata ntinye ọnụ site na akụrụngwa sistemụ echekwara. Kubernetes na-ama ọdịiche dị n'etiti ikike ọnụ anụ ahụ na akụrụngwa "nyere" ().
Ihe atụ mgbako: otu m5.large nwere 8 GiB nke ebe nchekwa bụ ~$84 kwa ọnwa (eu-central-1, On-Demand), i.e. igbochi 1/8 ọnụ bụ ihe dịka $ 10 / ọnwa.
Enwere ọtụtụ ụzọ iji belata ụgwọ EC2 gị, dị ka oge echekwara, atụmatụ ego, wdg - Agaghị m ekpuchi isiokwu ndị ahụ ebe a, mana ị ga-enyocharịrị ha!
isi: www.habr.com