- wrapper kwa , zomwe zimakupatsani mwayi wofotokozera zotulutsa zambiri za helm pamalo amodzi, sinthani ma chart awo m'malo angapo, ndikukhazikitsanso dongosolo la kutumizidwa kwawo.
Mutha kuwerenga za helmfile yokha ndi zitsanzo za ntchito yake mu и .
Tidzadziwa njira zosadziwika bwino zofotokozera kumasulidwa mu helmfile
Tinene kuti tili ndi ma chart a helm (mwachitsanzo, tinene ma postgres ndi ntchito ina yakumbuyo) ndi malo angapo (magulu angapo a kubernetes, malo angapo a mayina, kapena angapo a onse awiri). Timatenga helmfile, werengani zolembazo ndikuyamba kufotokoza malo athu ndi kutulutsa:
.
├── envs
│ ├── devel
│ │ └── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
│ └── production
│ └── values
│ ├── backend.yaml
│ └── postgres.yaml
└── helmfile.yamlhelmfile.yaml
environments:
devel:
production:
releases:
- name: postgres
labels:
app: postgres
wait: true
chart: stable/postgresql
version: 8.4.0
values:
- envs/{{ .Environment.Name }}/values/postgres.yaml
- name: backend
labels:
app: backend
wait: true
chart: private-helm-repo/backend
version: 1.0.5
needs:
- postgres
values:
- envs/{{ .Environment.Name }}/values/backend.yamlTinamaliza ndi 2 chilengedwe: kukweza, Kupanga - chilichonse chimakhala ndi zake zake pama chart otulutsa helm. Tidzapereka kwa iwo motere:
helmfile -n <namespace> -e <env> applyMitundu yosiyanasiyana ya ma chart a helm m'malo osiyanasiyana
Nanga bwanji ngati tikufuna kutulutsa mitundu yosiyanasiyana ya backend kumadera osiyanasiyana? Momwe mungakhazikitsire mtundu womasulidwa? Makhalidwe achilengedwe omwe amapezeka kudzera {{ .Values }}
helmfile.yaml
environments:
devel:
+ values:
+ - charts:
+ versions:
+ backend: 1.1.0
production:
+ values:
+ - charts:
+ versions:
+ backend: 1.0.5
...
- name: backend
labels:
app: backend
wait: true
chart: private-helm-repo/backend
- version: 1.0.5
+ version: {{ .Values.charts.versions.backend }}
...Ntchito zosiyanasiyana m'malo osiyanasiyana
Zabwino, koma bwanji ngati sitiyenera kutero production tulutsani ma postgres, chifukwa tikudziwa kuti sitifunika kukankhira nkhokwe mu k8s ndipo pogulitsa tili ndi gulu lapadera la postgres? Kuti tithane ndi vutoli tili ndi zilembo
helmfile -n <namespace> -e devel apply
helmfile -n <namespace> -e production -l app=backend applyIzi ndizabwino, koma pandekha ndimakonda kufotokoza kuti ndi mapulogalamu ati oti agwiritse ntchito m'malo osagwiritsa ntchito mikangano yoyambira, koma pofotokoza zomwe zikuchitika. Zoyenera kuchita? Mutha kuyika mafotokozedwe omasulidwa mufoda yosiyana, pangani mndandanda wazofunikira pazofotokozera za chilengedwe ndi "kunyamula" zofunikira zokha, osanyalanyaza zina zonse.
.
├── envs
│ ├── devel
│ │ └── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
│ └── production
│ └── values
│ ├── backend.yaml
│ └── postgres.yaml
+ ├── releases
+ │ ├── backend.yaml
+ │ └── postgres.yaml
└── helmfile.yaml
helmfile.yaml
environments:
devel:
values:
- charts:
versions:
backend: 1.1.0
- apps:
- postgres
- backend
production:
values:
- charts:
versions:
backend: 1.0.5
- apps:
- backend
- releases:
- - name: postgres
- labels:
- app: postgres
- wait: true
- chart: stable/postgresql
- version: 8.4.0
- values:
- - envs/{{ .Environment.Name }}/values/postgres.yaml
- - name: backend
- labels:
- app: backend
- wait: true
- chart: private-helm-repo/backend
- version: {{ .Values.charts.versions.backend }}
- needs:
- - postgres
- values:
- - envs/{{ .Environment.Name }}/values/backend.yaml
+ ---
+ bases:
+ {{- range .Values.apps }}
+ - releases/{{ . }}.yaml
+ {{- end }}releases/postgres.yaml
releases:
- name: postgres
labels:
app: postgres
wait: true
chart: stable/postgresql
version: 8.4.0
values:
- envs/{{ .Environment.Name }}/values/postgres.yamlreleases/backend.yaml
releases:
- name: backend
labels:
app: backend
wait: true
chart: private-helm-repo/backend
version: {{ .Values.charts.versions.backend }}
needs:
- postgres
values:
- envs/{{ .Environment.Name }}/values/backend.yamlKalata
Mukamagwiritsa ntchito bases: m'pofunika kugwiritsa ntchito yaml separator ---, kuti mutha kutulutsa ma template (ndi magawo ena, monga helmDefaults) okhala ndi zikhalidwe zochokera kumadera
Pankhaniyi, kutulutsidwa kwa postgres sikungaphatikizidwenso m'mafotokozedwe akupanga. Momasuka kwambiri!
Makhalidwe apamwamba padziko lonse lapansi pazotulutsa
Zachidziwikire, ndizabwino kuti mutha kukhazikitsa ma chart a helm pa chilengedwe chilichonse, koma bwanji ngati tili ndi malo angapo ofotokozedwa, ndipo tikufuna, mwachitsanzo, kukhazikitsa chimodzimodzi kwa onse. affinity, koma sitikufuna kuyikonza mwachisawawa m'matchati omwe, omwe amasungidwa mu turnips.
Pankhaniyi, pakumasulidwa kulikonse titha kutchula mafayilo 2 okhala ndi mikhalidwe: yoyamba yokhala ndi zikhalidwe zosasinthika, zomwe zimatsimikizira mtengo wa tchati palokha, ndipo chachiwiri ndi makonda a chilengedwe, chomwe chidzapitilira osakhazikika.
.
├── envs
+ │ ├── default
+ │ │ └── values
+ │ │ ├── backend.yaml
+ │ │ └── postgres.yaml
│ ├── devel
│ │ └── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
│ └── production
│ └── values
│ ├── backend.yaml
│ └── postgres.yaml
├── releases
│ ├── backend.yaml
│ └── postgres.yaml
└── helmfile.yamlreleases/backend.yaml
releases:
- name: backend
labels:
app: backend
wait: true
chart: private-helm-repo/backend
version: {{ .Values.charts.versions.backend }}
needs:
- postgres
values:
+ - envs/default/values/backend.yaml
- envs/{{ .Environment.Name }}/values/backend.yamlenvs/default/values/backend.yaml
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 1
podAffinityTerm:
labelSelector:
matchExpressions:
- key: app.kubernetes.io/name
operator: In
values:
- backend
topologyKey: "kubernetes.io/hostname"Kufotokozera zapadziko lonse lapansi pama chart a helm pazotulutsa zonse pamlingo wachilengedwe
Tiyerekeze kuti timapanga ma ingress angapo muzotulutsa zingapo - titha kutanthauzira pamanja pa tchati chilichonse hosts:, koma m’malo mwathu malowo ndi ofanana, ndiye bwanji osaliika m’mitundu ina yapadziko lonse ndi kungoika mtengo wake m’machati? Kuti tichite izi, mafayilo omwe ali ndi zofunikira zomwe tikufuna kuziyika ziyenera kukhala zowonjezera .gotmpl, kotero kuti helmfile ikudziwa kuti iyenera kuyendetsedwa kudzera mu injini ya template.
.
├── envs
│ ├── default
│ │ └── values
- │ │ ├── backend.yaml
- │ │ ├── postgres.yaml
+ │ │ ├── backend.yaml.gotmpl
+ │ │ └── postgres.yaml.gotmpl
│ ├── devel
│ │ └── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
│ └── production
│ └── values
│ ├── backend.yaml
│ └── postgres.yaml
├── releases
│ ├── backend.yaml
│ └── postgres.yaml
└── helmfile.yamlhelmfile.yaml
environments:
devel:
values:
- charts:
versions:
backend: 1.1.0
- apps:
- postgres
- backend
+ - global:
+ ingressDomain: k8s.devel.domain
production:
values:
- charts:
versions:
backend: 1.0.5
- apps:
- backend
+ - global:
+ ingressDomain: production.domain
---
bases:
{{- range .Values.apps }}
- releases/{{ . }}.yaml
{{- end }}envs/default/values/backend.yaml.gotmpl
ingress:
enabled: true
paths:
- /api
hosts:
- {{ .Values.global.ingressDomain }}envs/default/values/postgres.yaml.gotmpl
ingress:
enabled: true
paths:
- /
hosts:
- postgres.{{ .Values.global.ingressDomain }}Kalata
Mwachiwonekere, ingress mu tchati cha postgres ndichinthu chokayikitsa kwambiri, kotero nkhaniyi imaperekedwa mophweka ngati chitsanzo chozungulira mu vacuum komanso kuti asawonetse kutulutsidwa kwatsopano m'nkhaniyo chifukwa chongofotokozera ingress.
Kusintha zinsinsi zochokera ku chilengedwe
Poyerekeza ndi chitsanzo chapamwambachi, mutha kulowetsa zobisika pogwiritsa ntchito matanthauzo. M'malo mopanga fayilo yathu yachinsinsi pa kumasulidwa kulikonse, momwe tingafotokozere zobisika za tchati, titha kutanthauzira mu kumasulidwa default.yaml.gotmpl zomwe zidzatengedwa kuchokera kumitundu yofotokozedwa pa mlingo chilengedwe. Ndipo zikhulupiriro zomwe sitiyenera kubisira aliyense zitha kufotokozedwanso mosavuta pazotulutsa m'malo enaake.
.
├── envs
│ ├── default
│ │ └── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
│ ├── devel
│ │ ├── values
│ │ │ ├── backend.yaml
│ │ │ └── postgres.yaml
+ │ │ └── secrets.yaml
│ └── production
│ ├── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
+ │ └── secrets.yaml
├── releases
│ ├── backend.yaml
│ └── postgres.yaml
└── helmfile.yamlhelmfile.yaml
environments:
devel:
values:
- charts:
versions:
backend: 1.1.0
- apps:
- postgres
- backend
- global:
ingressDomain: k8s.devel.domain
+ secrets:
+ - envs/devel/secrets.yaml
production:
values:
- charts:
versions:
backend: 1.0.5
- apps:
- backend
- global:
ingressDomain: production.domain
+ secrets:
+ - envs/production/secrets.yaml
---
bases:
{{- range .Values.apps }}
- releases/{{ . }}.yaml
{{- end }}envs/devel/secrets.yaml
secrets:
elastic:
password: ENC[AES256_GCM,data:hjCB,iv:Z1P6/6xBJgJoKLJ0UUVfqZ80o4L84jvZfM+uH9gBelc=,tag:dGqQlCZnLdRAGoJSj63rBQ==,type:int]
...envs/production/secrets.yaml
secrets:
elastic:
password: ENC[AES256_GCM,data:ZB/VpTFk8f0=,iv:EA//oT1Cb5wNFigTDOz3nA80qD9UwTjK5cpUwLnEXjs=,tag:hMdIUaqLRA8zuFBd82bz6A==,type:str]
...envs/default/values/backend.yaml.gotmpl
elasticsearch:
host: elasticsearch
port: 9200
password: {{ .Values | getOrNil "secrets.elastic.password" | default "password" }}envs/devel/values/backend.yaml
elasticsearch:
host: elastic-0.devel.domainenvs/production/values/backend.yaml
elasticsearch:
host: elastic-0.production.domainKalata
Mwa njira, getOrNil - ntchito yapadera yopita ma templates mu helmfile, yomwe, ngakhale .Values.secrets sichidzakhalapo, sichidzataya cholakwika, koma chidzalola zotsatira pogwiritsa ntchito ntchitoyi default mtengo wolowa m'malo
Pomaliza
Zinthu zomwe zafotokozedwa zikuwoneka zomveka bwino, koma chidziwitso chofotokozera bwino za kutumizidwa kumadera angapo pogwiritsa ntchito helmfile ndi chosowa kwambiri, ndipo ndimakonda IaC (Infrastructure-as-Code) ndipo ndikufuna kukhala ndi kufotokozera momveka bwino za momwe akutumizidwira.
Pomaliza, ndikufuna kuwonjezera kuti zosintha zamalo osasinthika zimathanso kutsatiridwa ndi kusintha kwa chilengedwe cha OS ya wothamanga wina komwe kutumizidwako kudzayambika, ndipo motero kupeza malo osinthika.
helmfile.yaml
environments:
default:
values:
- global:
clusterDomain: {{ env "CLUSTER_DOMAIN" | default "cluster.local" }}
ingressDomain: {{ env "INGRESS_DOMAIN" }}Source: www.habr.com