Ki a Rook kaore ranei ki a Rook - koinei te patai

I te timatanga o tenei marama, i te 3 o Haratua, i panuitia te tukunga nui o te "punaha whakahaere mo te rokiroki raraunga tohatoha ki Kubernetes" - Rook 1.0.0. Neke atu i te kotahi tau ki muri kua matou whakaputaina tirohanga whānui o Rook. Katahi ka tonohia kia korero mo ana wheako whakamahi i roto i te mahi — a inaianei, i te wa tika mo tetahi tohu nui i roto i te hitori o te kaupapa, kei te harikoa matou ki te whakapuaki i o maatau whakaaro kua kohia.

Hei poto, he huinga a Rook kaiwhakahaere mo Kubernetes, e whakahaere katoa ana i te whakatakotoranga, te whakahaere, te whakaora aunoa i nga otinga rokiroki raraunga penei i a Ceph, EdgeFS, Minio, Cassandra, CockroachDB.

I tenei wa ko nga mea tino whakawhanakehia (me kotahi anake в pūmau atamira) ko te otinga rook-ceph-operator.

parau: I roto i nga huringa nui i roto i te tuku Rook 1.0.0 e pa ana ki a Ceph, ka taea e matou te tuhi i te tautoko mo Ceph Nautilus me te kaha ki te whakamahi i te NFS mo nga peere CephFS, RGW ranei. Ko te mea e tu ana i roto i etahi atu ko te matuatanga o te tautoko EdgeFS ki te taumata beta.

Na, i roto i tenei tuhinga ka:

• Me whakautu te patai mo nga painga ka kitea e tatou ki te whakamahi i te Rook ki te tuku Ceph ki roto i te roopu Kubernetes;
• Ka tohatohahia o maatau wheako me o maatau whakaaro mo te whakamahi i te Rook i roto i te hanga;
• Me korero atu ki a koe he aha tatou i kii ai “Ae!” ki a Rook, me o tatou whakaaro mo ia.

Me timata ki nga ariā whanui me nga ariā.

"He painga taku mo te Rook kotahi!" (kaikaro chess unknown)

Ko tetahi o nga painga nui o Rook ko te mahi tahi me nga toa raraunga ka mahia ma nga tikanga Kubernetes. Ko te tikanga kaore koe e hiahia ki te kape i nga whakahau ki te whirihora i a Ceph mai i te rau ki te papatohu.

— Kei te pirangi koe ki te tuku CephFS ki roto i te tautau? Tuhia noa he konae YAML!
- He aha? Kei te pirangi ano koe ki te tuku i tetahi toa ahanoa me te S3 API? Tuhia noa he konae YAML tuarua!

Ka hangaia te Rook i runga i nga ture katoa o te kaiwhakahaere angamaheni. Ko te taunekeneke ki a ia ka puta ma te whakamahi CRD (Whakamaramatanga Rauemi Ritenga), i roto i te whakaahua i nga ahuatanga o nga hinonga Ceph e hiahiatia ana e matou (i te mea koinei anake te whakatinanatanga pumau, ma te taunoa ka korero tenei tuhinga mo Ceph, mena kaore i tino whakahuahia). E ai ki nga tawhā kua tohua, ka mahia aunoa e te kaiwhakahaere nga whakahau e tika ana mo te whirihoranga.

Me titiro ki nga korero motuhake ma te whakamahi i te tauira o te hanga i tetahi Toa Ahanoa, engari - CephObjectStoreUser.

apiVersion: ceph.rook.io/v1
kind: CephObjectStore
metadata:
  name: {{ .Values.s3.crdName }}
  namespace: kube-rook
spec:
  metadataPool:
    failureDomain: host
    replicated:
      size: 3
  dataPool:
    failureDomain: host
    erasureCoded:
      dataChunks: 2
      codingChunks: 1
  gateway:
    type: s3
    sslCertificateRef:
    port: 80
    securePort:
    instances: 1
    allNodes: false
---
apiVersion: ceph.rook.io/v1
kind: CephObjectStoreUser
metadata:
  name: {{ .Values.s3.crdName }}
  namespace: kube-rook
spec:
  store: {{ .Values.s3.crdName }}
  displayName: {{ .Values.s3.username }}

Ko nga tawhā e tohuhia ana i roto i te raarangi he tino paerewa me te kore e hiahia korero, engari he mea tika kia aro nui ki nga mea kua tohaina ki nga taurangi tauira.

Ko te kaupapa nui o te mahi ka heke iho ki te "whakatakoto" rauemi na roto i te konae YAML, ma te kaiwhakahaere e whakahaere nga whakahau e tika ana, ka whakahoki mai i te mea ngaro "kaore i te tino" ka taea e taatau te mahi ano. (tirohia ki raro). A, mai i nga taurangi kua whakarārangihia i runga ake nei, ka whakahiatohia te whakahau me te ingoa ngaro.

He aha tenei momo kapa? I te wa e hanga ana i tetahi kaiwhakamahi mo te rokiroki ahanoa, ka mahia e te kaiwhakahaere Rook i roto i te pod nga mea e whai ake nei:

radosgw-admin user create --uid="rook-user" --display-name="{{ .Values.s3.username }}"

Ko te hua o te whakahaere i tenei whakahau he hanganga JSON:

{
    "user_id": "rook-user",
    "display_name": "{{ .Values.s3.username }}",
    "keys": [
        {
           "user": "rook-user",
           "access_key": "NRWGT19TWMYOB1YDBV1Y",
           "secret_key": "gr1VEGIV7rxcP3xvXDFCo4UDwwl2YoNrmtRlIAty"
        }
    ],
    ...
}

Keys - he aha nga tono a meake nei kia uru atu ki te rokiroki ahanoa ma te S3 API. Ka whiriwhiria e te Rook operator, ka hoatu ki roto i tana mokowā ingoa i roto i te ahua o te mea ngaro me te ingoa rook-ceph-object-user-{{ $.Values.s3.crdName }}-{{ $.Values.s3.username }}.

Hei whakamahi i nga raraunga mai i tenei mea ngaro, taapiri noa ki te ipu hei taurangi taiao. Hei tauira, ka hoatu e ahau he tauira mo Job, ka hanga aunoa tatou i nga peere mo ia taiao kaiwhakamahi:

{{- range $bucket := $.Values.s3.bucketNames }}
apiVersion: batch/v1
kind: Job
metadata:
  name: create-{{ $bucket }}-bucket-job
  annotations:
    "helm.sh/hook": post-install
    "helm.sh/hook-weight": "2"
spec:
  template:
    metadata:
      name: create-{{ $bucket }}-bucket-job
    spec:
      restartPolicy: Never
      initContainers:
      - name: waitdns
        image: alpine:3.6
        command: ["/bin/sh", "-c", "while ! getent ahostsv4 rook-ceph-rgw-{{ $.Values.s3.crdName }}; do sleep 1; done" ]
      - name: config
        image: rook/ceph:v1.0.0
        command: ["/bin/sh", "-c"]
        args: ["s3cmd --configure --access_key=$(ACCESS-KEY) --secret_key=$(SECRET-KEY) -s --no-ssl --dump-config | tee /config/.s3cfg"]
        volumeMounts:
        - name: config
          mountPath: /config
        env:
        - name: ACCESS-KEY
          valueFrom:
            secretKeyRef:
              name: rook-ceph-object-user-{{ $.Values.s3.crdName }}-{{ $.Values.s3.username }}
              key: AccessKey
        - name: SECRET-KEY
          valueFrom:
            secretKeyRef:
              name: rook-ceph-object-user-{{ $.Values.s3.crdName }}-{{ $.Values.s3.username }}
              key: SecretKey
      containers:
      - name: create-bucket
        image: rook/ceph:v1.0.0
        command: 
        - "s3cmd"
        - "mb"
        - "--host=rook-ceph-rgw-{{ $.Values.s3.crdName }}"
        - "--host-bucket= "
        - "s3://{{ $bucket }}"
        ports:
        - name: s3-no-sll
          containerPort: 80
        volumeMounts:
        - name: config
          mountPath: /root
      volumes:
      - name: config
        emptyDir: {}
---
{{- end }}

Ko nga mahi katoa kua whakarārangihia i roto i tenei Hopa i mahia i roto i te anga o Kubernetes. Ko nga hanganga e whakaahuatia ana i roto i nga konae YAML ka rongoa ki roto i te putunga Git ka whakamahia ano i nga wa maha. Ki ta maatau he taapiri nui tenei mo nga miihini DevOps me te mahinga CI / CD katoa.

Harikoa me Rook me Rados

Ma te whakamahi i te whakakotahitanga Ceph + RBD ka whakatauhia etahi here mo te whakauru i nga rōrahi ki nga poro.

Ina koa, me uru ki te mokowā ingoa he mea ngaro mo te uru atu ki a Ceph kia pai ai nga tono whaimana. He pai mena kei a koe nga taiao 2-3 kei o raatau ingoa: ka taea e koe te haere ki te kape i te mea ngaro ma te ringa. Engari he aha mena ka hangaia he taiao motuhake mo ia ahuatanga me ona ake ingoa mokowhiti mo nga kaihanga?

I whakatauhia e maatau tenei raru ma te whakamahi anga-kaiwhakahaere, i kape aunoa i nga mea ngaro ki nga mokowā ingoa hou (he tauira o taua matau kua whakaahuatia i roto tenei tuhinga).

#! /bin/bash

if [[ $1 == “--config” ]]; then
   cat <<EOF
{"onKubernetesEvent":[
 {"name": "OnNewNamespace",
  "kind": "namespace",
  "event": ["add"]
  }
]}
EOF
else
    NAMESPACE=$(kubectl get namespace -o json | jq '.items | max_by( .metadata.creationTimestamp ) | .metadata.name')
    kubectl -n ${CEPH_SECRET_NAMESPACE} get secret ${CEPH_SECRET_NAME} -o json | jq ".metadata.namespace="${NAMESPACE}"" | kubectl apply -f -
fi

Heoi, i te wa e whakamahi ana i a Rook kaore noa tenei raru. Ko te tukanga whakapuru ka puta ma te whakamahi i ona ake taraiwa i runga i Te rōrahi ranei CSI (kei roto tonu i te waahanga beta) na reira kaore e hiahiatia he mea ngaro.

Ka whakaoti aunoa a Rook i nga raru maha, e akiaki ana i a maatau ki te whakamahi i nga kaupapa hou.

Te whakapaenga o Rook

Me whakaoti te waahanga mahi ma te tuku i a Rook me Ceph kia taea e tatou te whakahaere i a tatou ake whakamatautau. Kia ngawari ake te awhiowhio i tenei pourewa e kore e taea te whakakore, kua whakaritea e nga kaihanga he kete Helm. Me tiki ake:

$ helm fetch rook-master/rook-ceph --untar --version 1.0.0

I roto i te kōnae rook-ceph/values.yaml ka kitea e koe he maha nga tautuhinga rereke. Ko te mea tino nui ko te tohu i nga kaaetanga mo nga kaihoko me te rapu. I whakaahuahia e matou he aha te tikanga ka taea te whakamahi mo nga taatete/whakaaetanga tenei tuhinga.

I te poto, kaore matou e hiahia kia noho nga putea tono a te kiritaki ki runga i nga pona rite ki nga kōpae rokiroki raraunga. He ngawari noa te take: na tenei ka kore te mahi a nga kaihoko Rook e pa ki te tono ake.

Na, whakatuwheratia te kōnae rook-ceph/values.yaml me to etita tino pai me te taapiri i te poraka e whai ake nei ki te mutunga:

discover:
  toleration: NoExecute
  tolerationKey: node-role/storage
agent:
  toleration: NoExecute
  tolerationKey: node-role/storage
  mountSecurityMode: Any

Mo ia node kua rahuitia mo te rokiroki raraunga, taapirihia te taera e rite ana:

$ kubectl taint node ${NODE_NAME} node-role/storage="":NoExecute

Na ka whakauru i te tūtohi Helm me te whakahau:

$ helm install --namespace ${ROOK_NAMESPACE} ./rook-ceph

Inaianei me hanga e koe he tautau me te tautuhi i te waahi OSD:

apiVersion: ceph.rook.io/v1
kind: CephCluster
metadata:
  clusterName: "ceph"
  finalizers:
  - cephcluster.ceph.rook.io
  generation: 1
  name: rook-ceph
spec:
  cephVersion:
    image: ceph/ceph:v13
  dashboard:
    enabled: true
  dataDirHostPath: /var/lib/rook/osd
  mon:
    allowMultiplePerNode: false
    count: 3
  network:
    hostNetwork: true
  rbdMirroring:
    workers: 1
  placement:
    all:
      tolerations:
      - key: node-role/storage
        operator: Exists
  storage:
    useAllNodes: false
    useAllDevices: false
    config:
      osdsPerDevice: "1"
      storeType: filestore
    resources:
      limits:
        memory: "1024Mi"
      requests:
        memory: "1024Mi"
    nodes:
    - name: host-1
      directories:
      - path: "/mnt/osd"
    - name: host-2
      directories:
      - path: "/mnt/osd"
    - name: host-3
      directories:
      - path: "/mnt/osd"

Te tirotiro i te mana o Ceph - me tumanako ka kite koe HEALTH_OK:

$ kubectl -n ${ROOK_NAMESPACE} exec $(kubectl -n ${ROOK_NAMESPACE} get pod -l app=rook-ceph-operator -o name -o jsonpath='{.items[0].metadata.name}') -- ceph -s

I te wa ano, me tirotirohia ko nga pene me te tono a te kiritaki kaore e mutu ki runga i nga waahanga kua rahuitia mo Ceph:

$ kubectl -n ${APPLICATION_NAMESPACE} get pods -o custom-columns=NAME:.metadata.name,NODE:.spec.nodeName

I tua atu, ka taea te whirihora etahi atu waahanga ki te hiahia. Ko etahi atu korero mo ratou ka tohua i roto tuhinga. Mo te whakahaerenga, ka tino tūtohu kia whakauruhia te papatohu me te pouaka taputapu.

Rook and matau: he ranea te Rook mo nga mea katoa?

Kei te kite koe, kei te tere haere te whanaketanga o Rook. Engari he raru tonu kaore e taea e taatau te whakarere i te whirihoranga a-ringa a Ceph:

• No Rook Driver kaore e taea inenga kaweake i runga i te whakamahi i nga poraka kua whakairihia, e kore ai e aro turuki.
• Flexvolume me CSI kaore e mohio ki te pehea huri i te rahi o nga pukapuka (he rereke ki te RBD kotahi), na reira ka ngaro a Rook i tetahi taputapu whai hua (me etahi wa e tino hiahiatia ana!).
• Ko te Rook kaore ano kia rite ki a Ceph. Mena kei te pirangi matou ki te whirihora i te puna mo nga metadata CephFS ki te penapena i runga i te SSD, me nga raraunga ano kia penapena ki runga HDD, me rehita a ringa ki nga roopu taputapu motuhake ki nga mapi CRUSH.
• Ahakoa te mea ko te rook-ceph-operator e kiia ana he pumau, he raru kei te wa e whakahou ana a Ceph mai i te putanga 13 ki te 14.

kitenga

"I tenei wa ka kati a Rook mai i te ao o waho e nga pawns, engari e whakapono ana matou tera tetahi ra ka whai waahi nui ia ki te keemu!" (Korero i hangaia mo tenei tuhinga)

Ko te kaupapa Rook e kore e kore i toa i o matou ngakau - e whakapono ana matou [me ona pai me ona huakore] e tika ana kia aro mai koe.

Ko o maatau mahere mo meake nei ka huri ki te hanga rook-ceph hei waahanga mo addon-kaiwhakahaere, ka kaha ake te whakamahi i roto i a maatau huinga maha o Kubernetes he ngawari ake, he watea ake.

PS

Pānuihia hoki i runga i ta maatau blog:

• «Rook - whare putunga raraunga "whaiaro" mo Kubernetes";
• «Waihangahia he putunga tohe me te whakarato ki Kubernetes i runga i a Ceph";
• «Nga Raraunga Raraunga me nga Kubernetes (te arotake me te purongo ataata)";
• «Te whakauru anga-kaiwhakahaere: kua ngawari ake te hanga i nga kaiwhakahaere mo Kubernetes";
• «Kaiwhakahaere mo Kubernetes: me pehea te whakahaere i nga tono mana".

Source: will.com