Pulogalamu ya ProHoster > Blog > Ulamuliro > Kubernetes 1.16: Zowonetsa zatsopano

Kubernetes 1.16: Zowonetsa zatsopano

Kubernetes 1.16: Zowonetsa zatsopano

Lero, Lachitatu, zichitika kutulutsidwa kotsatira kwa Kubernetes - 1.16. Malinga ndi mwambo womwe wapanga blog yathu, ino ndi nthawi yokumbukira zaka khumi zomwe tikukamba za kusintha kwakukulu mu mtundu watsopano.

Zomwe zimagwiritsidwa ntchito pokonzekera nkhaniyi zatengedwa Kubernetes amawonjezera matebulo otsata, KUSINTHA-1.16 ndi zofananira, zopempha zokoka, ndi Kubernetes Enhancement Proposals (KEP). Ndiye tiyeni!..

Mfundo

Chiwerengero chachikulu chazinthu zatsopano zodziwika bwino (mu mawonekedwe a alpha) zimaperekedwa kumbali ya ma K8s cluster node (Kubelet).

Choyamba, otchedwa «zotengera za ephemeral» (Zotengera za Ephemeral), yopangidwa kuti ikhale yosavuta kukonza zolakwika mu ma pod. Makina atsopanowa amakulolani kuti mutsegule zotengera zapadera zomwe zimayambira m'malo amadzi omwe alipo ndikukhala kwakanthawi kochepa. Cholinga chawo ndikulumikizana ndi ma pod ndi zotengera zina kuti athetse mavuto aliwonse ndikusintha. Lamulo latsopano lakhazikitsidwa pankhaniyi kubectl debug, zofanana kwenikweni ndi kubectl exec: m'malo mongoyendetsa njira mu chidebe (monga mu exec) imatsegula chidebe mumtsuko. Mwachitsanzo, lamulo ili lilumikiza chidebe chatsopano ku pod:

kubectl debug -c debug-shell --image=debian target-pod -- bash

Tsatanetsatane wa zotengera za ephemeral (ndi zitsanzo zakugwiritsa ntchito) zitha kupezeka mkati zogwirizana ndi KEP. Kukhazikitsa kwapano (mu K8s 1.16) ndi mtundu wa alpha, ndipo mwa njira zosinthira ku mtundu wa beta ndi "kuyesa Ephemeral Containers API pakutulutsa 2 kwa [Kubernetes]."

NB: M'malo mwake komanso dzina lake, mawonekedwewa akufanana ndi pulogalamu yowonjezera yomwe ilipo kale kubectl-debugza zomwe ife adalemba kale. Zikuyembekezeka kuti pobwera nkhokwe za ephemeral, kupangidwa kwa pulogalamu yowonjezera yakunja kutha.

Chinanso chatsopano - PodOverhead - idapangidwa kuti ipereke ndondomeko yowerengera mtengo wamtengo wapatali wa pods, zomwe zingasiyane kwambiri malinga ndi nthawi yogwiritsira ntchito. Mwachitsanzo, olemba izi KEP zotsatira mu Kata Containers, zomwe zimafuna kuyendetsa kernel ya alendo, wothandizira kata, init system, ndi zina. Kupitilira apo kumakhala kokulirapo, sikunganyalanyazidwe, zomwe zikutanthauza kuti payenera kukhala njira yoti muganizire za magawo ena, kukonzekera, ndi zina. Kuti mugwiritse ntchito PodSpec munda wawonjezedwa Overhead *ResourceList (kuyerekeza ndi data in RuntimeClass, ngati wina agwiritsidwa ntchito).

Chinanso chodziwika bwino ndi node topology manager (Woyang'anira Node Topology), yopangidwa kuti igwirizanitse njira yokonzekera bwino kugawidwa kwazinthu za hardware zamagulu osiyanasiyana ku Kubernetes. Ntchitoyi imayendetsedwa ndi kufunikira kokulirapo kwa machitidwe osiyanasiyana amakono (kuchokera kumunda wa matelefoni, kuphunzira makina, ntchito zachuma, ndi zina zotero) pakugwiritsa ntchito kwambiri makompyuta ofananirako komanso kuchepetsa kuchedwa kwa magwiridwe antchito, omwe amagwiritsa ntchito CPU yapamwamba komanso hardware mathamangitsidwe mphamvu. Kukhathamiritsa kotereku ku Kubernetes mpaka pano kwakwaniritsidwa chifukwa cha magawo osiyanasiyana (woyang'anira CPU, woyang'anira Chipangizo, CNI), ndipo tsopano adzawonjezedwa mawonekedwe amodzi amkati omwe amagwirizanitsa njirayo ndikuthandizira kulumikizana kwatsopano - chotchedwa topology- kudziwa - zigawo za mbali ya Kubelet. Tsatanetsatane - mu zogwirizana ndi KEP.

Kubernetes 1.16: Zowonetsa zatsopano
Chithunzi cha Woyang'anira Topology

Chotsatira - kuyang'ana zotengera pamene zikuyenda (kafukufuku woyamba). Monga mukudziwira, pazotengera zomwe zimatenga nthawi yayitali kuti zikhazikitsidwe, zimakhala zovuta kuti zitsimikizike zaposachedwa: mwina "zimaphedwa" zisanayambe kugwira ntchito, kapena zimatha kwa nthawi yayitali. Cheke chatsopano (chothandizidwa kudzera pachipata chotchedwa StartupProbeEnabled) amaletsa - kapena m'malo, amachedwetsa - zotsatira za cheke china chilichonse mpaka pomwe pod yatha. Pachifukwa ichi, mawonekedwewo adatchedwa poyamba poyambira moyo-kufufuza kukakamira. Kwa ma pod omwe amatenga nthawi yayitali kuti ayambe, mutha kuvotera boma pakanthawi kochepa.

Kuphatikiza apo, kusintha kwa RuntimeClass kumapezeka nthawi yomweyo mu beta, ndikuwonjezera chithandizo cha "magulu osiyanasiyana". C Kukonzekera kwa RuntimeClass Tsopano sikofunikira konse kuti node iliyonse ikhale ndi chithandizo pa RuntimeClass iliyonse: pamapodo mutha kusankha RuntimeClass osaganizira zamagulu amagulu. M'mbuyomu, kuti akwaniritse izi - kotero kuti ma pod amatha kukhala pa node ndi chithandizo cha zonse zomwe amafunikira - kunali koyenera kupereka malamulo oyenerera ku NodeSelector ndi kulekerera. MU KAPA Imalankhula za zitsanzo zogwiritsira ntchito komanso, zowonadi, tsatanetsatane wa kukhazikitsa.

Mtanda

Zinthu ziwiri zofunika pa intaneti zomwe zidawonekera koyamba (mu mtundu wa alpha) ku Kubernetes 1.16 ndi:

  • thandizo maukonde apawiri - IPv4/IPv6 - ndi "kumvetsetsa" kwake kofananira pamlingo wa pods, node, mautumiki. Zimaphatikizapo IPv4-to-IPv4 ndi IPv6-to-IPv6 kugwirizana pakati pa ma pod, kuchokera ku pods kupita ku ntchito zakunja, zowonetsera (mkati mwa Bridge CNI, PTP CNI ndi Host-Local IPAM mapulagini), komanso kubwereranso Kugwirizana ndi magulu a Kubernetes omwe akuyenda. IPv4 kapena IPv6 yokha. Tsatanetsatane wa kakhazikitsidwe ali mkati KAPA.

    Chitsanzo chosonyeza ma adilesi a IP amitundu iwiri (IPv4 ndi IPv6) pamndandanda wamapodo:

    kube-master# kubectl get pods -o wide
NAME               READY     STATUS    RESTARTS   AGE       IP                          NODE
nginx-controller   1/1       Running   0          20m       fd00:db8:1::2,192.168.1.3   kube-minion-1
kube-master#

  • API Yatsopano ya Endpoint - EndpointSlice API. Imathetsa nkhani zogwirira ntchito / zowonongeka za Endpoint API yomwe ilipo yomwe imakhudza zigawo zosiyanasiyana mu ndege yolamulira (apiserver, etcd, endpoints-controller, kube-proxy). API yatsopanoyo idzawonjezedwa ku gulu la Discovery API ndipo idzatha kugwiritsa ntchito masauzande masauzande a backend endpoints pa ntchito iliyonse mumagulu omwe ali ndi masauzande a node. Kuti muchite izi, Ntchito iliyonse imajambulidwa ku zinthu za N EndpointSlice, iliyonse yomwe mwachisawawa ilibe mathero opitilira 100 (mtengo wake ndi wosinthika). The EndpointSlice API iperekanso mwayi wa chitukuko chake chamtsogolo: kuthandizira ma adilesi angapo a IP pa pod iliyonse, mayiko atsopano omaliza (osati kokha Ready и NotReady), kusintha kosinthika kwa ma endpoints.

Zomwe zidatulutsidwa komaliza zafika ku mtundu wa beta womaliza, dzina service.kubernetes.io/load-balancer-cleanup ndi kumangirizidwa ku utumiki uliwonse ndi mtundu LoadBalancer. Pa nthawi yochotsa ntchito yotereyi, imalepheretsa kuchotsedwa kwenikweni kwa gwero mpaka "kuyeretsa" kwazinthu zonse zoyenera kutha.

Makina a API

"Chokhazikika chokhazikika" chili mdera la seva ya Kubernetes API ndikulumikizana nayo. Izi zidachitika makamaka chifukwa kusamutsira ku chikhalidwe chokhazikika iwo omwe safuna kuzindikiritsa mwapadera CustomResourceDefinitions (CRD), omwe akhala ndi beta kuyambira masiku akutali a Kubernetes 1.7 (ndipo iyi ndi June 2017!). Kukhazikika komweku kunabwera kuzinthu zofananira:

  • "subresources" ndi /status и /scale za CustomResources;
  • kutembenuka mitundu ya CRD, yotengera webhook yakunja;
  • posachedwapa (mu K8s 1.15) zokhazikika (zosasintha) ndi zodziwikiratu kumunda kuchotsa (kudulira) za CustomResources;
  • mwayi pogwiritsa ntchito OpenAPI v3 schema kupanga ndi kusindikiza zolemba za OpenAPI zomwe zimagwiritsidwa ntchito kutsimikizira zothandizira za CRD kumbali ya seva.

Njira ina yomwe yadziwika kale kwa oyang'anira Kubernetes: kuvomereza webhook - adakhalanso mu beta kwa nthawi yayitali (kuyambira K8s 1.9) ndipo tsopano akulengezedwa kukhala wokhazikika.

Zina ziwiri zafika pa beta: seva-mbali ntchito и penyani ma bookmark.

Ndipo chidziwitso chokhacho chofunikira mu mtundu wa alpha chinali kukana от SelfLink - URI yapadera yoyimira chinthu chomwe chatchulidwa ndikukhala gawo lake ObjectMeta и ListMeta (ie gawo la chinthu chilichonse ku Kubernetes). N’chifukwa chiyani akuzisiya? Kulimbikitsa m'njira yosavuta mawu monga kusakhalapo kwa zifukwa zenizeni (zokulirapo) za gawoli kukhalabe. Zifukwa zomveka bwino ndikuwongolera magwiridwe antchito (pochotsa gawo losafunikira) ndikuchepetsa ntchito ya generic-apiserver, yomwe imakakamizika kugwira gawo loterolo mwanjira yapadera (iyi ndi gawo lokhalo lomwe limayikidwa patsogolo pa chinthucho. ndi serialized). Kutha kwenikweni (mkati mwa beta) SelfLink zidzachitika ndi Kubernetes mtundu 1.20, ndipo chomaliza - 1.21.

Kusunga deta

Ntchito yayikulu m'malo osungiramo, monga momwe zidatulutsira kale, imawonedwa m'derali Thandizo la CSI. Zosintha zazikulu apa zinali:

  • kwa nthawi yoyamba (mu mtundu wa alpha) adawonekera Thandizo la CSI plugin la Windows worker node: njira yamakono yogwirira ntchito ndi yosungirako idzalowetsanso mapulagini amtengo wapatali mu Kubernetes core ndi FlexVolume mapulagini ochokera ku Microsoft ozikidwa pa Powershell;

    Kubernetes 1.16: Zowonetsa zatsopano
    Chiwembu chokhazikitsa mapulagini a CSI ku Kubernetes a Windows

  • mwayi kusintha ma voliyumu a CSI, yobweretsedwanso mu K8s 1.12, yakula kukhala mtundu wa beta;
  • "Kutsatsa" kofananako (kuchokera ku alpha kupita ku beta) kudatheka chifukwa chotha kugwiritsa ntchito CSI kupanga ma ephemeral volumes (CSI Inline Volume Support).

Adayambitsidwa mu mtundu wakale wa Kubernetes Voliyumu cloning ntchito (pogwiritsa ntchito PVC yomwe ilipo ngati DataSource kupanga PVC yatsopano) yalandilanso mawonekedwe a beta.

Wopanga dongosolo

Zosintha ziwiri zodziwika pakukonza (zonse mu alpha):

  • EvenPodsSpreading - mwayi gwiritsani ntchito ma pod m'malo mwa magawo omveka bwino ogwiritsira ntchito "kugawa moyenera" katundu (monga Deployment ndi ReplicaSet) ndikusintha kugawa uku (monga kufunikira kolimba kapena ngati chikhalidwe chofewa, mwachitsanzo, chofunika kwambiri). Chiwonetserochi chidzakulitsa kuthekera kogawa komwe kulipo kwa ma pods omwe adakonzedwa, omwe ali ochepa ndi zosankha PodAffinity и PodAntiAffinity, kupatsa oyang'anira kuwongolera bwino pankhaniyi, zomwe zikutanthauza kupezeka kwapamwamba komanso kugwiritsa ntchito bwino zinthu. Tsatanetsatane - mu KAPA.
  • Gwiritsani ntchito Ndondomeko ya BestFit в RequestedToCapacityRatio Priority Function pakupanga ma pod, zomwe zingalole kutsatira kulongedza katundu ("kunyamula zotengera") pazofunikira zonse (purosesa, kukumbukira) ndi zowonjezera (monga GPU). Kuti mudziwe zambiri, onani KAPA.

    Kubernetes 1.16: Zowonetsa zatsopano
    Kukonzekera ma pod: musanagwiritse ntchito ndondomeko yoyenera (mwachindunji kudzera pa ndondomeko yosasintha) ndikugwiritsa ntchito (kudzera pa scheduler extender)

Komanso, yoyimiriridwa ndi kuthekera kopanga mapulagini anu okonzekera kunja kwa mtengo waukulu waku Kubernetes (kunja kwa mtengo).

Zosintha zina

Komanso mu Kubernetes 1.16 kumasulidwa mukhoza kuzindikira initiative for kubweretsa ma metric omwe amapezeka mwadongosolo lonse, kapena ndendende, molingana ndi malamulo ovomerezeka ku zida za K8s. Iwo makamaka amadalira zogwirizana Zolemba za Prometheus. Kusagwirizana kudayamba pazifukwa zosiyanasiyana (mwachitsanzo, ma metric ena adangopangidwa malangizo apano asanawonekere), ndipo opanga adaganiza kuti inali nthawi yoti abweretse chilichonse pamlingo umodzi, "mogwirizana ndi chilengedwe chonse cha Prometheus." Kukhazikitsidwa kwaposachedwa kwa ntchitoyi kuli mu alpha, yomwe ipititsidwa patsogolo pang'onopang'ono m'matembenuzidwe otsatirawa a Kubernetes kukhala beta (1.17) komanso okhazikika (1.18).

Kuphatikiza apo, zosintha zotsatirazi zitha kuzindikirika:

  • Kusintha kwa chithandizo cha Windows с maonekedwe Zothandizira za Kubeadm za OS iyi (mtundu wa alpha), mwayi RunAsUserName kwa zotengera za Windows (mtundu wa alpha), kusintha Akaunti Yoyang'anira Gulu la Gulu (gMSA) imathandizira mpaka mtundu wa beta, chithandizo khazikitsani / phatikizani ma voliyumu a vSphere.
  • Zobwezerezedwanso Deta compression mechanism mumayankho a API. M'mbuyomu, fyuluta ya HTTP idagwiritsidwa ntchito pazifukwa izi, zomwe zidayika zoletsa zingapo zomwe zidalepheretsa kuyimitsa mwachisawawa. "Transparent request compression" tsopano ikugwira ntchito: makasitomala kutumiza Accept-Encoding: gzip pamutu, amalandira yankho la GZIP-compressed ngati kukula kwake kupitirira 128 KB. Makasitomala a Go amathandizira okha kukanikiza (kutumiza mutu wofunikira), kuti azindikire kuchepa kwa magalimoto nthawi yomweyo. (Kusintha pang'ono kungafunike m'zinenero zina.)
  • Zinakhala zotheka kukulitsa HPA kuchokera/mpaka ziro potengera ma metric akunja. Ngati mukulitsa potengera zinthu / ma metric akunja, ndiye kuti ntchito ikapanda ntchito mutha kungofikira ku 0 replicas kuti musunge zinthu. Izi ziyenera kukhala zothandiza makamaka pazochitika zomwe ogwira ntchito amapempha zothandizira za GPU, ndipo chiwerengero cha mitundu yosiyanasiyana ya ogwira ntchito opanda pake chimaposa chiwerengero cha ma GPU omwe alipo.
  • Makasitomala atsopano - k8s.io/client-go/metadata.Client - kuti mupeze "zambiri" kuzinthu. Idapangidwa kuti ipeze metadata mosavuta (mwachitsanzo, kagawo kakang'ono metadata) kuchokera kumagulu amagulu ndikuchita nawo ntchito yotolera zinyalala.
  • Pangani Kubernetes tsopano mungathe opanda cholowa ("chomangidwa" mumtengo) opereka mitambo (mtundu wa alpha).
  • Kwa kubeadm utility anawonjezera luso loyesera (mtundu wa alpha) wogwiritsa ntchito makonda pakugwira ntchito init, join и upgrade. Dziwani zambiri za momwe mungagwiritsire ntchito mbendera --experimental-kustomize, mu KAPA.
  • Mapeto atsopano a apiserver - readyz, - amakulolani kutumiza zambiri za kukonzekera kwake. Seva ya API ilinso ndi mbendera --maximum-startup-sequence-duration, kukulolani kuti muwongolere kuyambiranso kwake.
  • Awiri mawonekedwe a Azure adalengeza kukhala okhazikika: thandizo madera opezeka (Magawo Opezeka) ndi cross resources group (RG). Kuphatikiza apo, Azure adawonjezera:
  • AWS tsopano ili nayo thandizo kwa EBS pa Windows ndi wokometsedwa EC2 API mafoni DescribeInstances.
  • Kubeadm tsopano ndi wodziyimira pawokha amasamuka Kusintha kwa CoreDNS mukamakweza mtundu wa CoreDNS.
  • Binary etcd mu chithunzi chofananira cha Docker ndachita world-executable, yomwe imakulolani kuyendetsa chithunzichi popanda kufunikira kwa maufulu a mizu. Komanso, etcd migration image anaima etcd2 mtundu thandizo.
  • В Cluster Autoscaler 1.16.0 kusinthidwa kugwiritsa ntchito distroless ngati chithunzi choyambira, kuchita bwino, kuwonjezera opereka mtambo atsopano (DigitalOcean, Magnum, Packet).
  • Zosintha zamapulogalamu ogwiritsidwa ntchito/odalira: Pitani 1.12.9, etcd 3.3.15, CoreDNS 1.6.2.

PS

Werenganinso pa blog yathu:

Source: www.habr.com

Kuwonjezera ndemanga