Kubernetes 1.17: Zowonetsa zatsopano

Dzulo, December 9, chinachitika kutulutsidwa kotsatira kwa Kubernetes - 1.17. Malinga ndi mwambo womwe wapanga pabulogu yathu, timalankhula za kusintha kwakukulu mu mtundu watsopano.

Zomwe zimagwiritsidwa ntchito pokonzekera nkhaniyi zatengedwa kuchokera ku chilengezo chovomerezeka, Kubernetes amawonjezera matebulo otsata, KUSINTHA-1.17 ndi zofananira, zopempha zokoka, ndi Kubernetes Enhancement Proposals (KEP). Ndiye, chatsopano ndi chiyani? ..

Topology-njira yodziwa

Gulu la Kubernetes lakhala likudikirira izi kwa nthawi yayitali - Topology-aware service routing. ngati KAPA idayamba mu Okutobala 2018, ndi mkuluyo Kupititsa patsogolo - 2 zaka zapitazo, mwachizolowezi nkhani (monga izo) -ndipo kwa zaka zingapo ...

Lingaliro lalikulu ndikupereka kuthekera kokhazikitsa njira "zako" pazantchito zomwe zikukhala ku Kubernetes. "Locality" pankhaniyi ikutanthauza "mulingo womwewo wa topological" (Topology level), zomwe zingakhale:

• node yofanana ndi mautumiki,
• seva yofanana,
• dera lomwelo
• wopereka mtambo yemweyo,
• ...

Zitsanzo zogwiritsa ntchito izi:

• kupulumutsa pamagalimoto pamakhazikitsidwe amtambo okhala ndi magawo angapo opezeka (multi-AZ) - onani. fanizo latsopano pogwiritsa ntchito chitsanzo cha magalimoto ochokera kudera lomwelo, koma ma AZ osiyanasiyana mu AWS;
• kutsika kwanthawi yayitali / kutulutsa bwino;
• ntchito yowongoka yomwe ili ndi chidziwitso cha komweko za node mu shard iliyonse;
• kuyika bwino (kapena ma analogue) pamalo omwewo ndi mapulogalamu omwe zipika zawo zimasonkhanitsidwa;
• ...

Mayendedwe otere, omwe "amadziwa" za topology, amatchedwanso network affinity - fanizo ndi mgwirizano wa node, kugwirizana kwa pod / anti-affinity kapena kuwoneka osati kale kwambiri Topology-Aware Volume Kukonzekera (ndi Kupereka Voliyumu). Mlingo wamakono wa kukhazikitsa ServiceTopology mu Kubernetes - alpha version.

Kuti mudziwe zambiri za momwe ntchitoyi imagwirira ntchito komanso momwe mungagwiritsire ntchito kale, werengani nkhaniyi kuchokera kwa m'modzi mwa olemba.

IPv4/IPv6 thandizo lapawiri stack

Kupita patsogolo kwakukulu okhazikika mu mawonekedwe ena a netiweki: kuthandizira munthawi yomweyo ma stacks awiri a IP, omwe adayambitsidwa koyamba K8s 1.16. Makamaka, kumasulidwa kwatsopano kunabweretsa zosintha zotsatirazi:

• mu kube-proxy zakhazikitsidwa kuthekera kogwira ntchito munthawi imodzi munjira zonse ziwiri (IPv4 ndi IPv6);
• в Pod.Status.PodIPs adawonekera kuthandizira kutsika kwa API (nthawi yomweyo monga in /etc/hosts tsopano amafuna wolandirayo kuti awonjezere adilesi ya IPv6);
• chithandizo chapawiri stack KIND (Kubernetes IN Docker) ndi kubeadm;
• zosinthidwa mayeso a e2e.

Chitsanzo kugwiritsa ntchito mapaipi apawiri IPV4/IPv6 mu KIND

Kupititsa patsogolo pa CSI

Adanenedwa kukhala okhazikika chithandizo cha topology zosungirako zochokera ku CSI, zomwe zidayambitsidwa koyamba K8s 1.12.

Initiative kwa kusamuka kwa mapulagini a voliyumu kupita ku CSI - Kusamuka kwa CSI - yafikira mtundu wa beta. Izi ndizofunikira kwambiri kuti mumasulire mapulagini omwe alipo kale (mumtengo) ku mawonekedwe amakono (CSI, kunja kwa mtengo) zosawoneka kwa ogwiritsa ntchito mapeto a Kubernetes. Oyang'anira ma Cluster adzangofunika kuthandizira CSI Migration, pambuyo pake zida zomwe zilipo kale komanso ntchito zambiri zidzapitirizabe "kungogwira ntchito" ... koma kugwiritsa ntchito madalaivala atsopano a CSI m'malo mwa okalamba omwe akuphatikizidwa pachimake cha Kubernetes.

Pakadali pano, kusamuka kwa madalaivala a AWS EBS ndikokonzeka mu mtundu wa beta (kubernetes.io/aws-ebsndi GCE PD (kubernetes.io/gce-pd). Zoneneratu za malo ena osungira ndi motere:

Tinakambirana za momwe chithandizo chosungirako "chikale" mu K8s chinafikira ku CSI mkati nkhaniyi. Ndipo kusintha kwa CSI kusamuka kupita ku beta kumaperekedwa kufalitsa kosiyana pa blog ya polojekiti.

Kuphatikiza apo, magwiridwe antchito ena ofunikira pamalingaliro a CSI, omwe amayambira (kukhazikitsa kwa alpha) mu K1.17s 8, adafika pa beta (ie kuthandizidwa mwachisawawa) pakutulutsidwa kwa Kubernetes 1.12 - kupanga zithunzi ndi kuchira kwa iwo. Zina mwa zosintha zomwe zidapangidwa ku Kubernetes Volume Snapshot panjira yotulutsidwa ndi beta:

• kugawaniza CSI-snapshotter sidecar kukhala owongolera awiri,
• chinsinsi chowonjezera kuti chichotsedwe (chinsinsi chochotsa) monga chidziwitso cha zomwe zili mu chithunzithunzi cha voliyumu,
• chomaliza chatsopano (womaliza) kuteteza chithunzithunzi cha API chinthu kuti zichotsedwa ngati pali otsala kugwirizana.

Panthawi yotulutsidwa 1.17, mawonekedwewa amathandizidwa ndi madalaivala atatu a CSI: GCE Persistent Disk CSI Driver, Portworx CSI Driver ndi NetApp Trident CSI Driver. Zambiri zokhudzana ndi kukhazikitsidwa kwake ndikugwiritsa ntchito zitha kupezeka mu chofalitsidwa ichi pa blog.

Cloud Provider Labels

Amalemba kuti basi amapatsidwa ma node opangidwa ndi ma voliyumu kutengera wopereka mtambo wogwiritsidwa ntchito, zakhala zikupezeka ku Kubernetes ngati mtundu wa beta kwa nthawi yayitali kwambiri - kuyambira pomwe K8s 1.2 idatulutsidwa. (Epulo 2016!). Popeza kugwiritsidwa ntchito kwawo kwakukulu kwa nthawi yayitali, opanga anaganiza, kuti ndi nthawi yoti mulengeze kuti mawonekedwewo ndi okhazikika (GA).

Chifukwa chake, onse adasinthidwa molingana (ndi topology):

• beta.kubernetes.io/instance-type → node.kubernetes.io/instance-type
• failure-domain.beta.kubernetes.io/zone → topology.kubernetes.io/zone
• failure-domain.beta.kubernetes.io/region → topology.kubernetes.io/region

... koma akupezekabe pansi pa mayina awo akale (kuti agwirizane kumbuyo). Komabe, oyang'anira onse akulimbikitsidwa kuti asinthe zilembo zamakono. Zolemba Zogwirizana K8s zasinthidwa.

Kutulutsa kopangidwa kwa kubeadm

Zaperekedwa mu mtundu wa alpha koyamba zotuluka zokonzedwa za kubeadm utility. Mawonekedwe othandizidwa: JSON, YAML, Go template.

Kulimbikitsa kugwiritsa ntchito izi (malinga ndi KAPA) ndi:

Ngakhale Kubernetes atha kutumizidwa pamanja, de facto (ngati sichoncho) muyezo wa ntchitoyi ndikugwiritsa ntchito kubeadm. Zida zoyang'anira machitidwe otchuka monga Terraform amadalira kubeadm pakutumiza kwa Kubernetes. Kusintha kokonzekera kwa Cluster API kumaphatikizapo phukusi la Kubernetes bootstrapping ndi kubeadm ndi cloud-init.

Popanda zotulutsa zokonzedwa, ngakhale zosintha zopanda vuto poyang'ana koyamba zitha kuswa Terraform, Cluster API ndi mapulogalamu ena omwe amagwiritsa ntchito zotsatira za kubeadm.

Zolinga zathu zaposachedwa zikuphatikiza kuthandizira (m'mawonekedwe opangidwa) pamalamulo awa a kubeadm:

• alpha certs
• config images list
• init
• token create
• token list
• upgrade plan
• version

Chitsanzo cha kuyankha kwa JSON ku lamulo kubeadm init -o json:

{
  "node0": "192.168.20.51:443",
  "caCrt": "sha256:1f40ff4bd1b854fb4a5cf5d2f38267a5ce5f89e34d34b0f62bf335d74eef91a3",
  "token": {
    "id":          "5ndzuu.ngie1sxkgielfpb1",
    "ttl":         "23h",
    "expires":     "2019-05-08T18:58:07Z",
    "usages":      [
      "authentication",
      "signing"
    ],
    "description": "The default bootstrap token generated by 'kubeadm init'.",
    "extraGroups": [
      "system:bootstrappers:kubeadm:default-node-token"
    ]
  },
  "raw": "Rm9yIHRoZSBhY3R1YWwgb3V0cHV0IG9mIHRoZSAia3ViZWFkbSBpbml0IiBjb21tYW5kLCBwbGVhc2Ugc2VlIGh0dHBzOi8vZ2lzdC5naXRodWIuY29tL2FrdXR6LzdhNjg2ZGU1N2JmNDMzZjkyZjcxYjZmYjc3ZDRkOWJhI2ZpbGUta3ViZWFkbS1pbml0LW91dHB1dC1sb2c="
}

Kukhazikika kwazinthu zina zatsopano

Nthawi zambiri, kutulutsidwa kwa Kubernetes 1.17 kunachitika pansi pa mawu akuti "Khazikika" Izi zidatheka chifukwa cha zinthu zambiri momwemo (chiwerengero chawo chonse ndi 14) adalandira udindo wa GA. Mwa iwo:

• "kuyika chizindikiro" mfundo molingana ndi zikhalidwe zina (TaintNodesByCondition), adawonekera mkati K8s 1.8;
• Onani Mabukumaki - mtundu watsopano wa zochitika zomwe zili ndi chizindikiro kuti zinthu zonse zili ndi mtundu wina (resourceVersion) zakonzedwa kale ndi ulonda;
• zokhazikika (zosasinthika) za Custom Resources;
• kugawana pakati pa zotengera mu mawonekedwe a pod process namespaces;
• ScheduleDaemonSetPods - kukonza ma pod mu DaemonSet kugwiritsa ntchito kube-scheduler (m'malo mwa DaemonSet controller);
• malire amphamvu pa kuchuluka kwa voliyumu kutengera mtundu wa node;
• chithandizo chosinthika cha chilengedwe kwa mayina a chikwatu chokwezedwa ngati subPath;
• Kubelet heartbeats transfer ku API yapadera yobwereketsa;
• "chitetezo chomaliza" (Chitetezo cha Finalzer) zolemetsa zolemetsa (kuyang'ana zofunikira za Service musanayambe kuchotsa zothandizira za LoadBalancer);
• kube-apiserver kukhathamiritsa pogwira ntchito pogwira ntchito ndi mawotchi angapo kuwunika zinthu zofanana - zomwe zimatheka popewa kusanja mobwerezabwereza zinthu zomwezo kwa wowonera aliyense.

Zosintha zina

Mndandanda wazinthu zatsopano ku Kubernetes 1.17, ndithudi, sizongowonjezera zomwe zatchulidwa pamwambapa. Nawa ena (ndi mndandanda wathunthu, onani Kusintha):

• Chiwonetsero chomwe chatulutsidwa komaliza chafika pa mtundu wa beta RunAsUserName chifukwa Windows;
• kusintha kofanana zidachitika EndpointSlice API (komanso kuchokera ku K8s 1.16), komabe pakali pano yankho ili kuti lipititse patsogolo ntchito / scalability ya Endpoint API sichimaloledwa mwachisawawa;
• ma pods tsopano ndi ofunikira pakugwira ntchito kwamagulu akhoza kupangidwa osati m'malo a mayina okha kube-system (kuti mumve zambiri, onani zolemba za Chepetsani magwiritsidwe a Gawo Lofunika Kwambiri);
• njira yatsopano ya kubelet - --reserved-cpus - imakupatsani mwayi wofotokozera momveka bwino mndandanda wa ma CPU omwe amasungidwa pamakina;
• chifukwa kubectl logs zoperekedwa mbendera yatsopano --prefix, kuwonjezera dzina la pod ndi chidebe choyambira pamzere uliwonse wa chipikacho;
• в label.Selector anawonjezera RequiresExactMatch;
• zotengera zonse mu kube-dns akuthamanga tsopano ndi mwayi wochepa;
• hyperkube opatulidwa m'malo osiyana a GitHub ndipo sadzaphatikizidwanso ku Kubernetes zotulutsidwa;
• kwambiri ntchito bwino kube-proxy kwa madoko omwe si a UDP.

Kusintha kwa kudalira:

• Mtundu wa CoreDNS wophatikizidwa mu kubeadm ndi 1.6.5;
• mtundu wa crictl wasinthidwa kukhala v1.16.1;
• CSI 1.2.0;
• ndi 3.4.3;
• Mtundu waposachedwa wa Docker woyesedwa mpaka 19.03;
• Mtundu wocheperako wa Go wofunikira kuti mupange Kubernetes 1.17 ndi 1.13.4.

PS

Werenganinso pa blog yathu:

• «Kubernetes 1.16: Zowonetsa zatsopano";
• «Kubernetes 1.15: Zowonetsa zatsopano";
• «Kubernetes 1.14: Zowonetsa zatsopano";
• «Kubernetes 1.13: Zowonetsa zatsopano".

Source: www.habr.com