Zomwe zimachitika mukakhazikitsa CI / CD ku Kubernetes: pulogalamuyo iyenera kuvomereza zopempha zatsopano zamakasitomala musanayime kwathunthu, ndipo koposa zonse, kumaliza zomwe zilipo kale.
Kutsatira chikhalidwechi kumakupatsani mwayi wopeza zero panthawi yotumiza. Komabe, ngakhale mutagwiritsa ntchito mitolo yodziwika bwino (monga NGINX ndi PHP-FPM), mutha kukumana ndi zovuta zomwe zingayambitse kuchuluka kwa zolakwika pakutumiza kulikonse ...
Chiphunzitso. Moyo wa pod
Tasindikiza kale mwatsatanetsatane za moyo wa pod . Pankhani ya mutu womwe ukukambidwa, tili ndi chidwi ndi izi: panthawi yomwe pod imalowa m'boma Kuthetsa, zopempha zatsopano zimasiya kutumizidwa kwa izo (pod kuchokera pamndandanda wa mathero a utumiki). Chifukwa chake, kuti tipewe kutsika panthawi yotumiza, ndikokwanira kuti tithane ndi vuto loyimitsa pulogalamuyo moyenera.
Muyeneranso kukumbukira kuti nthawi yachisomo yokhazikika ndi : zitatha izi, pod idzathetsedwa ndipo ntchitoyo iyenera kukhala ndi nthawi yokonza zopempha zonse nthawiyi isanafike. ndemanga: ngakhale pempho lililonse lomwe limatenga masekondi 5-10 ndilovuta kale, ndipo kutseka kwachisomo sikungathandizenso ...
Kuti mumvetse bwino zomwe zimachitika pamene pod yatha, ingoyang'anani chithunzichi:
A1, B1 - Kulandila zosintha pazakudya
A2 - Kunyamuka SIGTERM
B2 - Kuchotsa poto kuchokera kumapeto
B3 - Kulandila zosintha (mndandanda wazomaliza wasintha)
B4 - Sinthani malamulo a iptables
Chonde dziwani: kufufuta podi yomaliza ndikutumiza SIGTERM sikuchitika motsatizana, koma mofanana. Ndipo chifukwa chakuti Ingress salandira nthawi yomweyo mndandanda wa Endpoints, zopempha zatsopano kuchokera kwa makasitomala zidzatumizidwa ku pod, zomwe zingayambitse cholakwika cha 500 pakutha kwa pod. (kuti mudziwe zambiri pankhaniyi, ife ). Vutoli liyenera kuthetsedwa m'njira izi:
- Tumizani Lumikizani: Tsekani pamitu yakuyankha (ngati izi zikukhudza ntchito ya HTTP).
- Ngati sizingatheke kusintha ma code, ndiye kuti nkhani yotsatirayi ikufotokoza yankho lomwe lingakuthandizeni kuti muthe kuyankha zopempha mpaka kumapeto kwa nthawi yachisomo.
Chiphunzitso. Momwe NGINX ndi PHP-FPM zimatsitsira njira zawo
NGINX
Tiyeni tiyambe ndi NGINX, popeza zonse ndizowoneka bwino nazo. Kulowa mu chiphunzitsocho, tikuphunzira kuti NGINX ili ndi njira imodzi yokha komanso "ogwira ntchito" angapo - awa ndi njira za ana zomwe zimayendetsa zopempha za kasitomala. Njira yabwino imaperekedwa: kugwiritsa ntchito lamulo nginx -s <SIGNAL> tsimitsani njira mwina ndikutseka mwachangu kapena kutsekereza mwachisomo. Mwachionekere, ndi njira yomalizira imene yatisangalatsa.
Ndiye zonse ndi zophweka: muyenera kuwonjezera lamulo lomwe lidzatumiza chizindikiro chotseka chokhazikika. Izi zitha kuchitika mu Deployment, mu block block:
lifecycle:
preStop:
exec:
command:
- /usr/sbin/nginx
- -s
- quitTsopano, pod ikatseka, tiwona zotsatirazi muzolemba za NGINX:
2018/01/25 13:58:31 [notice] 1#1: signal 3 (SIGQUIT) received, shutting down
2018/01/25 13:58:31 [notice] 11#11: gracefully shutting down
Ndipo izi zikutanthauza zomwe tikufuna: NGINX imadikirira kuti zopempha zitheke, kenako ndikupha ndondomekoyi. Komabe, pansipa tiwonanso vuto lomwe limakhalapo chifukwa chake, ngakhale ndi lamulo nginx -s quit ndondomekoyi ikutha molakwika.
Ndipo pa sitejiyi tachita ndi NGINX: osachepera kuchokera ku zipika mungathe kumvetsetsa kuti chirichonse chikugwira ntchito momwe chiyenera kukhalira.
Kodi pali vuto ndi PHP-FPM? Kodi imayendetsa bwanji kutseka kwabwino? Tiyeni tiganizire.
PHP-FPM
Pankhani ya PHP-FPM, pali zambiri zochepa. Ngati mumaganizira kwambiri malinga ndi PHP-FPM, idzanena kuti zizindikiro zotsatirazi za POSIX ndizovomerezeka:
-
SIGINT,SIGTERM- kutseka kwachangu; -
SIGQUIT- kutsekeka kwachisomo (zomwe tikufuna).
Zizindikiro zotsalira sizikufunika mu ntchitoyi, kotero tidzasiya kusanthula kwawo. Kuti muthetse ntchitoyi molondola, muyenera kulemba mbedza yotsatirayi ya preStop:
lifecycle:
preStop:
exec:
command:
- /bin/kill
- -SIGQUIT
- "1"Poyang'ana koyamba, izi ndizo zonse zomwe zimafunika kuti mutseke bwino m'mabokosi onse awiri. Komabe, ntchitoyi ndi yovuta kuposa momwe ikuwonekera. M'munsimu muli zochitika ziwiri zomwe kutsekedwa mwachisomo sikunagwire ntchito ndipo kunachititsa kuti ntchitoyi isapezeke pakanthawi kochepa.
Yesetsani. Mavuto omwe angakhalepo ndi kutseka kwabwino
NGINX
Choyamba, ndikofunikira kukumbukira: kuwonjezera pakuchita lamulo nginx -s quit Pali gawo linanso lomwe liyenera kusamala. Tidakumana ndi vuto pomwe NGINX imatumizabe SIGTERM m'malo mwa chizindikiro cha SIGQUIT, zomwe zimapangitsa kuti zopempha zisamalize bwino. Nkhani zofananira zitha kupezeka, mwachitsanzo, . Tsoka ilo, sitinathe kudziwa chifukwa chenicheni cha khalidweli: panali kukayikira za NGINX version, koma sizinatsimikizidwe. Chizindikiro chinali chakuti mauthenga adawonedwa muzolemba za NGINX: "socket yotsegula # 10 yotsalira polumikizana 5", pambuyo pake pod inayima.
Titha kuwona vuto lotere, mwachitsanzo, kuchokera pamayankho a Ingress omwe tikufuna:
Zizindikiro za zizindikiro pa nthawi yotumizidwa
Pankhaniyi, timangolandira khodi yolakwika ya 503 kuchokera ku Ingress yokha: sikungathe kupeza chidebe cha NGINX, chifukwa sichikupezekanso. Mukayang'ana zipika za NGINX, zili ndi izi:
[alert] 13939#0: *154 open socket #3 left in connection 16
[alert] 13939#0: *168 open socket #6 left in connection 13Pambuyo posintha chizindikiro choyimitsa, chidebecho chimayamba kuyima bwino: izi zimatsimikiziridwa ndi chakuti cholakwika cha 503 sichinawonedwenso.
Mukakumana ndi vuto lofananalo, ndizomveka kudziwa kuti chizindikiro choyimitsa chomwe chimagwiritsidwa ntchito m'chidebecho ndi chiyani komanso kuti mbedza ya preStop imawoneka bwanji. Ndi zotheka kuti chifukwa chagona ndendende mu izi.
PHP-FPM... ndi zina
Vuto la PHP-FPM limafotokozedwa mopepuka: silimadikirira kumalizidwa kwa njira za ana, zimawathetsa, chifukwa chake zolakwika za 502 zimachitika pakutumiza ndi ntchito zina. Pali malipoti angapo a cholakwika pa bugs.php.net kuyambira 2005 (mwachitsanzo ΠΈ ), lomwe limafotokoza vuto ili. Koma mwina simudzawona chilichonse muzolemba: PHP-FPM ilengeza kutha kwa ntchito yake popanda zolakwika kapena zidziwitso za gulu lachitatu.
Ndikoyenera kufotokozera kuti vutoli palokha likhoza kudalira pang'ono kapena kukulirapo pa ntchito yokha ndipo silingadziwonetsere, mwachitsanzo, pakuwunika. Mukakumana nazo, njira yosavuta yosinthira imabwera m'maganizo: onjezani mbedza ya preStop ndi sleep(30). Ikuthandizani kuti mumalize zopempha zonse zomwe zidalipo kale (ndipo sitikuvomereza zatsopano, popeza pod kale wokhoza Kuthetsa), ndipo pambuyo pa masekondi a 30 pod yokha idzatha ndi chizindikiro SIGTERM.
Izo zikutanthauza kuti lifecycle pakuti chotengeracho chidzawoneka chonchi:
lifecycle:
preStop:
exec:
command:
- /bin/sleep
- "30"
Komabe, chifukwa cha 30-sekondi sleep ife kwambiri tidzawonjezera nthawi yotumizira, popeza pod iliyonse idzathetsedwa osachepera 30 masekondi, zomwe ziri zoipa. Kodi chingachitike nβchiyani pa zimenezi?
Tiyeni titembenukire ku chipani chomwe chimayang'anira ntchitoyo mwachindunji. Kwa ife zili choncho PHP-FPM, zomwe mwachikhazikitso sichiyang'anira machitidwe a mwana wake: Ndondomekoyi imathetsedwa nthawi yomweyo. Mutha kusintha izi pogwiritsa ntchito malangizo process_control_timeout, yomwe imatchula malire a nthawi kuti mwana adikire zizindikiro kuchokera kwa mbuye. Ngati muyika mtengo kukhala masekondi a 20, izi zidzayankha mafunso ambiri omwe ali mumtsuko ndipo adzayimitsa njirayo ikamalizidwa.
Ndi chidziwitso ichi, tiyeni tibwerere ku vuto lathu lomaliza. Monga tafotokozera, Kubernetes si nsanja ya monolithic: kulankhulana pakati pa zigawo zake zosiyana kumatenga nthawi. Izi ndizowona makamaka tikaganizira za ntchito ya Ingresses ndi zigawo zina zokhudzana ndi izi, chifukwa chifukwa cha kuchedwa koteroko panthawi yotumizira kumakhala kosavuta kupeza zolakwika za 500. Mwachitsanzo, vuto likhoza kuchitika panthawi yotumiza pempho kumtunda, koma "kuchedwa" kwa mgwirizano pakati pa zigawozo ndi zazifupi - zosakwana sekondi imodzi.
Choncho, Zonse ndi malangizo omwe atchulidwa kale process_control_timeout mutha kugwiritsa ntchito zomangamanga zotsatirazi lifecycle:
lifecycle:
preStop:
exec:
command: ["/bin/bash","-c","/bin/sleep 1; kill -QUIT 1"]
Pankhaniyi, tidzabwezera kuchedwa ndi lamulo sleep ndipo musaonjeze kwambiri nthawi yotumizira: pali kusiyana kowoneka bwino pakati pa masekondi 30 ndi imodzi?.. M'malo mwake, ndiye process_control_timeoutndi lifecycle amagwiritsidwa ntchito ngati "ukonde wachitetezo" pakachedwa.
Nthawi zambiri machitidwe omwe akufotokozedwa ndi momwe amagwirira ntchito sikugwira ntchito ku PHP-FPM yokha. Zofananazo zitha kuchitika mwanjira ina mukamagwiritsa ntchito zilankhulo zina. Ngati simungathe kukonza kutsekeka mwachisomo m'njira zina - mwachitsanzo, polembanso kachidindo kuti pulogalamuyo igwire bwino ma siginecha oletsa - mutha kugwiritsa ntchito njira yomwe yafotokozedwayo. Izo sizingakhale zokongola kwambiri, koma zimagwira ntchito.
Yesetsani. Kuyesa kwa katundu kuti awone ntchito ya pod
Kuyesa katundu ndi njira imodzi yowonera momwe chidebe chimagwirira ntchito, chifukwa njirayi imayandikitsa kufupi ndi zochitika zenizeni zankhondo pomwe ogwiritsa ntchito amayendera tsambalo. Kuti muyese zomwe zili pamwambazi, mungagwiritse ntchito : Imakwaniritsa zosowa zathu zonse mwangwiro. Zotsatirazi ndi malangizo ndi malingaliro oyesera ndi chitsanzo chomveka bwino kuchokera kuzomwe takumana nazo chifukwa cha ma graph a Grafana ndi Yandex.Tank yokha.
Chofunika kwambiri apa ndi fufuzani zosintha sitepe ndi sitepe. Pambuyo powonjezera kukonza kwatsopano, yesani kuyesa ndikuwona ngati zotsatira zasintha poyerekeza ndi kuthamanga kotsiriza. Kupanda kutero, zidzakhala zovuta kuzindikira mayankho osagwira ntchito, ndipo m'kupita kwanthawi zitha kuvulaza (mwachitsanzo, kuwonjezera nthawi yotumiza).
Wina nuance ndi kuyang'ana zipika za chidebe pamene kutha kwake. Kodi zambiri zakutseka kwabwino zalembedwa pamenepo? Kodi pali zolakwika zilizonse m'zipika mukamapeza zinthu zina (mwachitsanzo, ku chidebe chapafupi cha PHP-FPM)? Zolakwa pakugwiritsa ntchito (monga momwe zilili ndi NGINX zomwe zafotokozedwa pamwambapa)? Ndikukhulupirira kuti zoyambira za nkhaniyi zikuthandizani kumvetsetsa zomwe zimachitika pachidebecho pakutha kwake.
Kotero, kuyesa koyamba kunachitika popanda lifecycle ndipo popanda malangizo owonjezera a seva yofunsira (process_control_timeout mu PHP-FPM). Cholinga cha mayesowa chinali kudziwa kuchuluka kwa zolakwika (komanso ngati zilipo). Komanso, kuchokera pazidziwitso zowonjezera, muyenera kudziwa kuti nthawi yayitali yotumizira pa pod iliyonse inali pafupifupi masekondi 5-10 mpaka itakonzeka. Zotsatira zake ndi:
Gulu lazidziwitso la Yandex.Tank likuwonetsa zolakwika za 502, zomwe zidachitika panthawi yotumizidwa ndipo zidatha pafupifupi masekondi 5. Mwinamwake izi zinali chifukwa chakuti zopempha zomwe zinalipo ku pod yakale zinali kuthetsedwa pamene zinali kuthetsedwa. Pambuyo pake, zolakwika za 503 zidawonekera, zomwe zinali chifukwa cha chidebe choyimitsidwa cha NGINX, chomwe chinagwetsanso maulumikizidwe chifukwa cha backend (chomwe chinalepheretsa Ingress kugwirizana nacho).
Tiyeni tione mmene tingachitire process_control_timeout mu PHP-FPM itithandiza kuyembekezera kukwaniritsidwa kwa njira za ana, i.e. konzani zolakwika zotere. Ikaninso pogwiritsa ntchito malangizo awa:
Palibenso zolakwika pakutumizidwa kwa 500! Kutumiza kwayenda bwino, kutseka kwabwino kumagwira ntchito.
Komabe, ndikofunikira kukumbukira nkhaniyi ndi zotengera za Ingress, zolakwa zochepa zomwe titha kulandira chifukwa chakuchedwa. Kuti mupewe iwo, chomwe chatsala ndikuwonjezera kapangidwe kake sleep ndi kubwereza kutumiza. Komabe, m'malo athu, palibe zosintha zomwe zidawoneka (kachiwiri, palibe zolakwika).
Pomaliza
Kuti tithetse ntchitoyi mokoma mtima, tikuyembekezera zotsatirazi kuchokera pakugwiritsa ntchito:
- Dikirani pang'ono ndikusiya kuvomereza maulumikizidwe atsopano.
- Yembekezerani kuti zopempha zonse zimalize ndikutseka maulumikizidwe onse omwe sakufunsa.
- Malizitsani ndondomeko yanu.
Komabe, si mapulogalamu onse omwe angagwire ntchito motere. Njira imodzi yothetsera vuto mu Kubernetes zenizeni ndi:
- kuwonjezera mbedza yoyimitsa yomwe idzadikire masekondi angapo;
- kuphunzira fayilo yosinthira ya backend yathu pazigawo zoyenera.
Chitsanzo ndi NGINX chikuwonekera momveka bwino kuti ngakhale ntchito yomwe imayenera kukonza zizindikiro zothetsa molondola sizingatero, choncho ndikofunikira kuyang'ana zolakwika za 500 panthawi yogwiritsira ntchito. Izi zimakulolani kuti muyang'anenso vutoli mozama komanso osayang'ana pa pod kapena chidebe chimodzi, koma yang'anani zowonongeka zonse.
Monga chida choyesera, mungagwiritse ntchito Yandex.Tank mogwirizana ndi njira iliyonse yowunikira (kwa ife, deta inatengedwa kuchokera ku Grafana ndi Prometheus backend kuti ayesedwe). Mavuto okhala ndi kutsekeka kwabwino amawonekera bwino pansi pa katundu wolemetsa womwe benchmark imatha kupanga, ndipo kuyang'anira kumathandizira kusanthula mwatsatanetsatane momwe mayesowo akuyendera kapena pambuyo pake.
Poyankha ndemanga pa nkhaniyi: ndi bwino kunena kuti mavuto ndi zothetsera zikufotokozedwa pano pokhudzana ndi NGINX Ingress. Kwa zina, pali njira zina, zomwe tingaganizire muzinthu zotsatirazi za mndandanda.
PS
Zina kuchokera pamndandanda waupangiri wa K8s:
- Β«";
- Β«";
- Β«";
- Β«".
Source: www.habr.com