Istio ndi chida chothandizira kulumikiza, kuteteza ndi kuyang'anira mapulogalamu omwe amagawidwa. Istio imagwiritsa ntchito matekinoloje osiyanasiyana kuyendetsa ndikuwongolera mapulogalamu pamlingo waukulu, kuphatikiza zotengera kuyika ma code ogwiritsira ntchito ndi zodalira kuti zitumizidwe, ndi Kubernetes kuyang'anira zotengerazo. Chifukwa chake, kuti mugwire ntchito ndi Istio muyenera kudziwa momwe pulogalamu yokhala ndi mautumiki angapo kutengera matekinolojewa amagwirira ntchito popanda Istio. Ngati zida ndi mfundozi mukuzidziwa kale, khalani omasuka kudumpha phunziroli ndikupita kugawoli kapena kukhazikitsa chowonjezera .
Ichi ndi chiwongolero cha sitepe ndi sitepe kumene tidzayendamo ndondomeko yonse kuchokera ku code code kupita ku chidebe cha GKE kuti tikupatseni chidziwitso choyambirira cha matekinolojewa kudzera mu chitsanzo. Muwonanso momwe Istio imathandizira mphamvu zamaukadaulo awa. Izi zikuganiza kuti simukudziwa chilichonse chokhudza zotengera, Kubernetes, ma meshes a service, kapena Istio.
ntchito
Mu phunziro ili, mudzamaliza ntchito zotsatirazi:
- Kuphunzira pulogalamu yosavuta yapadziko lonse lapansi yokhala ndi ntchito zingapo.
- Yambitsani pulogalamuyi kuchokera pamakhodi oyambira.
- Kuyika pulogalamuyo muzotengera.
- Kupanga gulu la Kubernetes.
- Kuyika zotengera mu cluster.
Musanayambe
Tsatirani malangizowa kuti mutsegule Kubernetes Engine API:
- Pitani ku mu Google Cloud Platform console.
- Pangani kapena sankhani polojekiti.
- Dikirani mpaka API ndi ntchito zofananira zitayatsidwa. Izi zitha kutenga mphindi zingapo.
- Onetsetsani kuti zolipira zakhazikitsidwa pulojekiti yanu ya Google Cloud Platform. .
Mu phunziro ili, mungagwiritse ntchito Cloud Shell, yomwe imakonzekera makina enieni ndi Debian-based Linux, kapena Linux kapena macOS kompyuta.
Njira A: Kugwiritsa Ntchito Cloud Shell
Ubwino wogwiritsa ntchito Cloud Shell:
- Python 2 ndi Python 3 malo otukuka (kuphatikiza virtualenv) amakonzedwa mokwanira.
- Command Line Zida gcloud, docker, Pitani ΠΈ kubctl, zomwe tidzagwiritse ntchito zidakhazikitsidwa kale.
- Muli ndi zingapo zoti musankhe :
- , yomwe imatsegulidwa ndi chithunzi chosinthira pamwamba pawindo la Cloud Shell.
- Emacs, Vim kapena Nano, yomwe imatsegulidwa kuchokera pamzere wolamula mu Cloud Shell.
Kugwiritsa ntchito :
- Pitani ku GCP console.
- atolankhani Yambitsani Cloud Shell (Yambitsani Cloud Shell) pamwamba pa zenera la GCP console.
M'munsi gawo Gawo la Cloud Shell lomwe lili ndi mzere wolamula lidzatsegulidwa pawindo latsopano.
Njira B: Kugwiritsa Ntchito Zida Zamzere Wam'deralo kwanuko
Ngati mukugwira ntchito pa kompyuta yomwe ikuyenda ndi Linux kapena macOS, muyenera kukonza ndikuyika izi:
-
Sinthani .
-
ndi chida cholamula gcloud.
-
Khazikitsani kubctl - Chida cha mzere wolamula kuti mugwiritse ntchito .
gcloud components install kubectl -
Khazikitsani . Mudzagwiritsa ntchito chida cha mzere wolamula dockerkuti mupange zithunzi zachidebe kuti mugwiritse ntchito chitsanzo.
-
Ikani chida kuti mupeze chitsanzo kuchokera ku GitHub.
Koperani chitsanzo kodi
-
Tsitsani kachidindo kochokera helloserver:
git clone https://github.com/GoogleCloudPlatform/istio-samples -
Pitani ku chikwatu cha code code:
cd istio-samples/sample-apps/helloserver
Kuwona pulogalamu yokhala ndi ntchito zingapo
Chitsanzocho chimalembedwa mu Python ndipo chimakhala ndi zigawo ziwiri zomwe zimagwiritsa ntchito :
- seva: seva yosavuta yokhala ndi mapeto amodzi GET, /, yomwe imasindikiza "hello world" ku console.
- loadgen: script yomwe imatumiza traffic ku seva, ndi chiwerengero chosinthika cha zopempha pamphindikati.
Kuyendetsa ntchito kuchokera ku code code
Kuti muwone chitsanzo cha pulogalamuyo, yesani mu Cloud Shell kapena pa kompyuta yanu.
1) Mu catalog istio-samples/sample-apps/helloserver thamanga seva:
python3 server/server.pyPoyambira seva zotsatirazi zikuwonetsedwa:
INFO:root:Starting server...2) Tsegulani zenera lina lakutsogolo kuti mutumize zopempha seva. Ngati mukugwiritsa ntchito Cloud Shell, dinani chizindikiro chowonjezera kuti mutsegule gawo lina.
3) Tumizani pempho kwa seva:
curl http://localhost:8080seva mayankho:
Hello World!4) Kuchokera pamndandanda womwe mudatsitsirako nambala yachitsanzo, pitani ku chikwatu chomwe chili loadgen:
cd YOUR_WORKING_DIRECTORY/istio-samples/sample-apps/helloserver/loadgen5) Pangani zosintha zotsatirazi:
export SERVER_ADDR=http://localhost:8080
export REQUESTS_PER_SECOND=56) Thamangani virtualenv:
virtualenv --python python3 env7) Yambitsani chilengedwe chenicheni:
source env/bin/activate8) Khazikitsani zofunikira za loadgen:
pip3 install -r requirements.txt9) Thamangani loadgen:
python3 loadgen.pyPoyambira loadgen akuwonetsa china chake monga meseji ili:
Starting loadgen: 2019-05-20 10:44:12.448415
5 request(s) complete to http://localhost:8080Muwindo lina la terminal seva imatulutsa mauthenga otsatirawa ku console:
127.0.0.1 - - [21/Jun/2019 14:22:01] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: localhost:8080
User-Agent: python-requests/2.22.0
Accept-Encoding: gzip, deflate
Accept: */*Kuchokera pamawonedwe apa intaneti, pulogalamu yonseyi imagwira ntchito pagulu limodzi (kompyuta yakomweko kapena makina a Cloud Shell). Chifukwa chake mutha kugwiritsa ntchito localhostkutumiza zopempha kwa seva.
10) Kuti asiye loadgen ΠΈ seva, kulowa Ctrl-c pawindo lililonse la terminal.
11) Mu terminal zenera loadgen thimitsani chilengedwe:
deactivateKuyika pulogalamu muzotengera
Kuti mugwiritse ntchito pulogalamuyi pa GKE, muyenera kuyika chitsanzo cha ntchito - seva ΠΈ loadgen - mkati . Chidebe ndi njira yopangira pulogalamu kuti isiyanitse ndi chilengedwe.
Kuti mupange pulogalamu mu chidebe, muyenera Dockerfile. Dockerfile ndi fayilo yomwe imatanthauzira malamulo opangira ma source code a pulogalamuyo ndi zodalira zake Mukangomangidwa, mumakweza chithunzicho ku registry yachidebe monga Docker Hub kapena .
Chitsanzo chachitika kale Dockerfile chifukwa seva ΠΈ loadgen ndi malamulo onse ofunikira kusonkhanitsa zithunzi. Pansi - Dockerfile chifukwa seva:
FROM python:3-slim as base
FROM base as builder
RUN apt-get -qq update
&& apt-get install -y --no-install-recommends
g++
&& rm -rf /var/lib/apt/lists/*
# Enable unbuffered logging
FROM base as final
ENV PYTHONUNBUFFERED=1
RUN apt-get -qq update
&& apt-get install -y --no-install-recommends
wget
WORKDIR /helloserver
# Grab packages from builder
COPY --from=builder /usr/local/lib/python3.7/ /usr/local/lib/python3.7/
# Add the application
COPY . .
EXPOSE 8080
ENTRYPOINT [ "python", "server.py" ]- timu KUCHOKERA pa python:3-slim monga maziko amauza Docker kuti agwiritse ntchito zaposachedwa ngati maziko.
- timu KOPI. . amakopera mafayilo oyambira ku bukhu lomwe likugwira ntchito pano (kwa ife kokha seva.py) ku fayilo ya chidebecho.
- ENTRYPOINT imatanthauzira lamulo lomwe likugwiritsidwa ntchito poyambitsa chidebecho. Kwa ife, lamulo ili ndi lofanana ndi lomwe munkayendetsa seva.py kuchokera ku source kodi.
- timu ONERA zikusonyeza kuti seva amadikirira deta kudzera padoko 8080. Timu iyi sichoncho . Uwu ndi mtundu wina wa zolemba zomwe zimafunikira kuti mutsegule doko 8080 poyambira chidebecho.
Kukonzekera kuyika pulogalamu yanu
1) Khazikitsani zosintha zotsatirazi. M'malo PROJECT_ID ku ID yanu ya projekiti ya GCP.
export PROJECT_ID="PROJECT_ID"export GCR_REPO="preparing-istio"Kugwiritsa ntchito mfundo zofunika PROJECT_ID ΠΈ GCR_REPO mumayika chithunzi cha Docker mukachimanga ndikuchikankhira ku Registry yachinsinsi ya Container.
2) Khazikitsani pulojekiti ya GCP yachida cha mzere wolamula gcloud.
gcloud config set project $PROJECT_ID3) Khazikitsani zone yokhazikika ya chida cha mzere wolamula gcloud.
gcloud config set compute/zone us-central1-b4) Onetsetsani kuti ntchito ya Container Registry yayatsidwa mu projekiti ya GCP.
gcloud services enable containerregistry.googleapis.comContainerization seva
-
Pitani ku chikwatu kumene chitsanzo chili seva:
cd YOUR_WORKING_DIRECTORY/istio-samples/sample-apps/helloserver/server/ -
Sonkhanitsani chithunzicho pogwiritsa ntchito Dockerfile ndi zosintha zachilengedwe zomwe mwafotokoza kale:
docker build -t gcr.io/$PROJECT_ID/$GCR_REPO/helloserver:v0.0.1 .
chizindikiro -t imayimira chizindikiro cha Docker. Ili ndi dzina la chithunzi chomwe mumagwiritsa ntchito potumiza chidebecho.
- Kwezani chithunzichi ku Container Registry:
docker push gcr.io/$PROJECT_ID/$GCR_REPO/helloserver:v0.0.1
Containerization ya loadgen
1) Pitani ku chikwatu komwe chitsanzocho chili loadgen:
cd ../loadgen2) Sungani chithunzi:
docker build -t gcr.io/$PROJECT_ID/$GCR_REPO/loadgen:v0.0.1 .3) Kwezani chithunzichi ku Registry Container:
docker push gcr.io/$PROJECT_ID/$GCR_REPO/loadgen:v0.0.1Onani mndandanda wazithunzi
Onaninso mndandanda wazithunzi zomwe zili munkhokwe ndikutsimikizira kuti zithunzizo zidakwezedwa:
gcloud container images list --repository gcr.io/$PROJECT_ID/preparing-istioLamuloli likuwonetsa mayina azithunzi zomwe zidakwezedwa kumene:
NAME
gcr.io/PROJECT_ID/preparing-istio/helloserver
gcr.io/PROJECT_ID/preparing-istio/loadgenKupanga gulu la GKE.
Zotengerazi zitha kuyendetsedwa pamakina a Cloud Shell kapena pakompyuta ndi lamulo docker akuthamanga. Koma m'malo opanga, muyenera njira yopangira zida zapakati. Mwachitsanzo, mufunika makina omwe amaonetsetsa kuti zotengera zikuyenda nthawi zonse, ndipo mufunika njira yowonjezerera ndikuwonjezera zotengera zina ngati kuchuluka kwa magalimoto kumawonjezeka.
Kuti mugwiritse ntchito mapulogalamu omwe ali ndi zida zomwe mungagwiritse ntchito . GKE ndi nsanja yoyimba chidebe yomwe imaphatikiza makina enieni kukhala gulu. Makina aliwonse odziwika amatchedwa node. Magulu a GKE amachokera ku Open source Kubernetes cluster management system. Kubernetes imapereka njira zolumikizirana ndi gulu.
Kupanga gulu la GKE:
1) Pangani gulu:
gcloud container clusters create istioready
--cluster-version latest
--machine-type=n1-standard-2
--num-nodes 4timu gcloud imapanga gulu la istioready mu projekiti ya GCP ndi zone yokhazikika yomwe mudatchula. Kuti tiyendetse Istio, timalimbikitsa kukhala ndi ma node osachepera 4 ndi makina enieni .
Gulu limapanga gululo mumphindi zochepa. Gulu likakonzeka, lamulo limatulutsa motere .
2) Perekani zidziwitso mu chida cha mzere wolamula kuti mugwiritse ntchito kuyendetsa masango:
gcloud container clusters get-credentials istioready3) Tsopano mutha kulumikizana ndi Kubernetes kudzera kubctl. Mwachitsanzo, lamulo ili limatha kudziwa momwe ma node alili:
kubectl get nodesLamulo limapanga mndandanda wa node:
NAME STATUS ROLES AGE VERSION
gke-istoready-default-pool-dbeb23dc-1vg0 Ready <none> 99s v1.13.6-gke.13
gke-istoready-default-pool-dbeb23dc-36z5 Ready <none> 100s v1.13.6-gke.13
gke-istoready-default-pool-dbeb23dc-fj7s Ready <none> 99s v1.13.6-gke.13
gke-istoready-default-pool-dbeb23dc-wbjw Ready <none> 99s v1.13.6-gke.13Malingaliro Ofunika a Kubernetes
Chithunzichi chikuwonetsa ntchito pa GKE:
Musanatumize zotengera ku GKE, phunzirani mfundo zazikuluzikulu za Kubernetes. Pali maulalo kumapeto kwenikweni ngati mukufuna kudziwa zambiri.
- Nodes ndi masango. Mu GKE, node ndi makina enieni. Pamapulatifomu ena a Kubernetes, node ikhoza kukhala kompyuta kapena makina enieni. Cluster ndi gulu la ma node omwe atha kuwonedwa ngati gawo limodzi pomwe mumayika pulogalamu yokhala ndi zida.
- Mabedi. Ku Kubernetes, zotengera zimayenda m'matumba. Pod ku Kubernetes ndi gawo losawoneka. Pod imakhala ndi chidebe chimodzi kapena zingapo. Mumatumiza zotengera za seva ndi loadgen m'malo osiyanasiyana. Pakakhala zotengera zingapo mu pod (mwachitsanzo, seva yogwiritsira ntchito ndi ), zotengera zimayendetsedwa ngati chinthu chimodzi ndikugawana zothandizira.
- Deployments. Ku Kubernetes, kutumizidwa ndi chinthu chomwe chimasonkhanitsa ma pod ofanana. Kutumiza kumayambitsa mitundu ingapo ya ma pod omwe amagawidwa m'magulumagulu. Kutumiza kumalowetsa m'malo mwa ma pod omwe alephera kapena osalabadira.
- Kubernetes service. Mukamagwiritsa ntchito kachidindo ka GKE, kulumikizana pakati loadgen ΠΈ seva. Mutayamba ntchito pamakina apakompyuta kapena pakompyuta ya Cloud Shell, mudatumiza zopempha kwa seva ndi adilesi localhost: 8080. Akatumizidwa ku GKE, ma pods amachitidwa pa node zomwe zilipo. Mwachikhazikitso, mulibe ulamuliro pa node yomwe pod ikuyendetsa, kotero inu palibe ma adilesi a IP okhazikika.
Kuti mupeze adilesi ya IP ya seva, muyenera kufotokozera zamtundu wa netiweki pamwamba pa ma pod. Ndi chimene icho chiri . Utumiki wa Kubernetes umapereka mathero osalekeza a ma pod. Pali ochepa . seva amagwiritsa LoadBalancer, yomwe imapereka adilesi yakunja ya IP kuti mulumikizane nayo seva kuchokera kunja kwa tsango.
Kubernetes ilinso ndi makina omangidwira a DNS omwe amapereka mayina a DNS (mwachitsanzo, helloserver.default.cluster.local) ntchito. Chifukwa cha izi, makoko omwe ali mkati mwa tsango amalumikizana ndi makoko ena pagulu pa adilesi yokhazikika. Dzina la DNS silingagwiritsidwe ntchito kunja kwa tsango, monga mu Cloud Shell kapena pakompyuta.
Kubernetes akuwonetsa
Mukayendetsa pulogalamuyi kuchokera kugwero, mudagwiritsa ntchito lamulo lofunikira python3
seva.py
Kufunika kumatanthauza mneni: "chita izi."
Kubernetes amagwiritsa ntchito . Izi zikutanthauza kuti sitikuuza Kubernetes zomwe ayenera kuchita, koma kufotokoza dziko lomwe tikufuna. Mwachitsanzo, Kubernetes akuyamba ndikuyimitsa ma pod ngati pakufunika kuti dongosolo lenileni la dongosololi likhale logwirizana ndi zomwe mukufuna.
Mumawonetsa zomwe mukufuna mu mawonetsero kapena mafayilo . Fayilo ya YAML ili ndi zofotokozera za chinthu chimodzi kapena zingapo za Kubernetes.
Chitsanzocho chili ndi fayilo ya YAML ya seva ΠΈ loadgen. Fayilo iliyonse ya YAML imatchula malo omwe mukufuna kutumizira ndi ntchito ya Kubernetes.
seva.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: helloserver
spec:
selector:
matchLabels:
app: helloserver
replicas: 1
template:
metadata:
labels:
app: helloserver
spec:
terminationGracePeriodSeconds: 5
restartPolicy: Always
containers:
- name: main
image: gcr.io/google-samples/istio/helloserver:v0.0.1
imagePullPolicy: Always- Zokoma zimasonyeza mtundu wa chinthu.
- metadata.name imatchula dzina lotumizidwa.
- Munda woyamba masuliridwe lili ndi kufotokoza za dziko lofunidwa.
- zofotokozera zikuwonetsa nambala yomwe mukufuna.
- Gawo spec.template amatanthauzira pod template. Pali gawo mu pod specifications chithunzi, yomwe imatchula dzina la chithunzi chomwe chiyenera kuchotsedwa ku Container Registry.
Ntchitoyi imafotokozedwa motere:
apiVersion: v1
kind: Service
metadata:
name: hellosvc
spec:
type: LoadBalancer
selector:
app: helloserver
ports:
- name: http
port: 80
targetPort: 8080- LoadBalancer: Makasitomala amatumiza zopempha ku adilesi ya IP ya chojambulira katundu, chomwe chili ndi adilesi ya IP yosalekeza ndipo imapezeka kuchokera kunja kwa gululo.
- targetPort: monga mukukumbukira, gulu EXPOSE 8080 Π² Dockerfile sanapereke madoko. Mumapereka doko 8080kuti mutha kulumikizana ndi chidebecho seva kunja kwa tsango. Kwa ife hellosvc.default.cluster.local:80 (dzina lalifupi: hellosvc) zimagwirizana ndi doko 8080 Ma adilesi a IP a Pod helloserver.
- doko: Iyi ndi nambala ya doko pomwe mautumiki ena pagulu adzatumiza zopempha.
loadgen.yaml
Chinthu chotumizira ku loadgen.yaml woneka ngati seva.yaml. Kusiyana kwake ndikuti chinthu chotumizira chimakhala ndi gawo kutumiza. Imatanthauzira zosintha zachilengedwe zomwe zimafunikira loadgen ndi zomwe mudaziyika mukamayendetsa pulogalamuyi kuchokera kugwero.
apiVersion: apps/v1
kind: Deployment
metadata:
name: loadgenerator
spec:
selector:
matchLabels:
app: loadgenerator
replicas: 1
template:
metadata:
labels:
app: loadgenerator
spec:
terminationGracePeriodSeconds: 5
restartPolicy: Always
containers:
- name: main
image: gcr.io/google-samples/istio/loadgen:v0.0.1
imagePullPolicy: Always
env:
- name: SERVER_ADDR
value: "http://hellosvc:80/"
- name: REQUESTS_PER_SECOND
value: "10"
resources:
requests:
cpu: 300m
memory: 256Mi
limits:
cpu: 500m
memory: 512MiKamodzi loadgen sichivomereza zopempha zomwe zikubwera, zamunda mtundu zikuwonetsedwa ClusterIP. Mtundu uwu umapereka adilesi ya IP yosalekeza yomwe ntchito zamagulu angagwiritse ntchito, koma adilesi ya IP iyi simawonekera kwa makasitomala akunja.
apiVersion: v1
kind: Service
metadata:
name: loadgensvc
spec:
type: ClusterIP
selector:
app: loadgenerator
ports:
- name: http
port: 80
targetPort: 8080Kutumiza Containers ku GKE
1) Pitani ku chikwatu komwe chitsanzocho chili seva:
cd YOUR_WORKING_DIRECTORY/istio-samples/sample-apps/helloserver/server/2) Tsegulani seva.yaml mu text editor.
3) Sinthani dzina m'munda chithunzi ku dzina la chithunzi chanu cha Docker.
image: gcr.io/PROJECT_ID/preparing-istio/helloserver:v0.0.1M'malo PROJECT_ID ku ID yanu ya projekiti ya GCP.
4) Sungani ndi kutseka seva.yaml.
5) Tumizani fayilo ya YAML ku Kubernetes:
kubectl apply -f server.yamlMukamaliza bwino, lamulo limapanga code iyi:
deployment.apps/helloserver created
service/hellosvc created6) Pitani ku chikwatu kumene loadgen:
cd ../loadgen7) Tsegulani loadgen.yaml mu text editor.
8) Sinthani dzina m'munda chithunzi ku dzina la chithunzi chanu cha Docker.
image: gcr.io/PROJECT_ID/preparing-istio/loadgenv0.0.1M'malo PROJECT_ID ku ID yanu ya projekiti ya GCP.
9) Sungani ndi kutseka loadgen.yaml, tsekani zolemba zosintha.
10) Tumizani fayilo ya YAML ku Kubernetes:
kubectl apply -f loadgen.yamlMukamaliza bwino, lamulo limapanga code iyi:
deployment.apps/loadgenerator created
service/loadgensvc created11) Onani momwe ma pod:
kubectl get podsLamulo likuwonetsa mawonekedwe:
NAME READY STATUS RESTARTS AGE
helloserver-69b9576d96-mwtcj 1/1 Running 0 58s
loadgenerator-774dbc46fb-gpbrz 1/1 Running 0 57s12) Chotsani zipika za ntchito kuchokera pa pod loadgen. M'malo POD_ID kupita ku chizindikiritso kuchokera ku yankho lapitalo.
kubectl logs loadgenerator-POD_ID13) Pezani ma adilesi akunja a IP hellosvc:
kubectl get serviceLamulo la lamulo likuwoneka motere:
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
hellosvc LoadBalancer 10.81.15.158 192.0.2.1 80:31127/TCP 33m
kubernetes ClusterIP 10.81.0.1 <none> 443/TCP 93m
loadgensvc ClusterIP 10.81.15.155 <none> 80/TCP 4m52s14) Tumizani pempho kwa hellosvc: sinthani EXTERNAL_IP ku adilesi yakunja ya IP hellosvc.
curl http://EXTERNAL_IPTiyeni titenge Istio
Muli ndi kale ntchito yotumizidwa ku GKE. loadgen angagwiritse ntchito Kubernetes DNS (uwu:80) kutumiza zopempha kwa sevandipo mutha kutumiza zopempha kwa seva ndi adilesi yakunja ya IP. Ngakhale Kubernetes ali ndi zambiri, pali zina zomwe zikusowa pazantchitozi:
- Kodi mautumiki amalumikizana bwanji? Kodi pali maubwenzi otani pakati pa mautumiki? Kodi magalimoto amayenda bwanji pakati pa mautumiki? Kodi mukudziwa zimenezo loadgen amatumiza zopempha ku seva, koma yerekezani kuti simukudziwa kalikonse za pulogalamuyi. Kuti tiyankhe mafunsowa, tiyeni tiwone mndandanda wa ma pod mu GKE.
- Metrics. Motalika bwanji seva imayankha pempho lomwe likubwera? Kodi zopempha zingati pa sekondi imodzi zimalandiridwa ndi seva? Kodi imapereka mauthenga olakwika?
- Information Security. Magalimoto pakati loadgen ΠΈ seva zimangodutsa HTTP kapena mwa ?
Istio amayankha mafunso onsewa. Kuti muchite izi, Istio imayika woyimira wam'mbali mu gulu lililonse. Proxy ya Envoy imaletsa magalimoto onse omwe akubwera ndi otuluka kuzinthu zofunsira. Izo zikutanthauza kuti seva ΠΈ loadgen landirani kudzera pa sidecar proxy Envoy, ndi magalimoto onse ochokera loadgen ΠΊ seva amadutsa mu projekiti ya Envoy.
Kulumikizana pakati pa Envoy proxies kumapanga mauna a service. Zomangamanga za ma mesh a service zimapereka chiwongolero pamwamba pa Kubernetes.
Popeza ma proxies a Envoy amayenda m'mitsuko yawo, Istio ikhoza kukhazikitsidwa pamwamba pa gulu la GKE popanda kusintha kulikonse pamakina ogwiritsira ntchito. Koma mwachitapo kanthu kuti pulogalamu yanu ikonzekere kuyendetsedwa ndi Istio:
- Ntchito zotengera zonse. Ku deployments seva ΠΈ loadgen wolumikizidwa ku ntchito ya Kubernetes. Ngakhale loadgen, yomwe sichilandira zopempha zomwe zikubwera, pali ntchito.
- Madoko muzantchito ayenera kukhala ndi mayina. Ngakhale madoko a ntchito amatha kusiyidwa osadziwika ku GKE, Istio ikufuna kuti mufotokozere molingana ndi ndondomeko yake. Mu fayilo ya YAML doko la seva wotchedwa httpchifukwa seva imagwiritsa ntchito protocol HTTP... Ngati utumiki ntchito gRPC, mungatchule doko gpc.
- Kutumizidwa kumasonyezedwa. Chifukwa chake, mutha kugwiritsa ntchito mawonekedwe owongolera magalimoto a Istio, monga kugawa magalimoto pakati pamitundu yautumiki womwewo.
Kukhazikitsa Istio
Pali njira ziwiri zoyika Istio. Mutha kapena pa cluster. Ndi Istio pa GKE, mutha kuyang'anira kuyika kwa Istio mosavuta ndikukweza pagulu lonse la GKE. Ngati mukufuna mtundu waposachedwa wa Istio kapena kuwongolera zambiri pakusintha kwa gulu lanu la Istio, yikani mawonekedwe otseguka m'malo mwa Istio pa kukulitsa kwa GKE. Kuti musankhe njirayo, werengani nkhaniyi .
Sankhani njira, onaninso kalozera woyenera, ndikutsatira malangizo oti muyike Istio pagulu lanu. Ngati mukufuna kugwiritsa ntchito Istio ndi pulogalamu yanu yatsopano, kwa namespace chosasintha.
Kuyeretsa
Kupewa kulipiritsidwa ku akaunti yanu ya Google Cloud Platform pazida zomwe mudagwiritsa ntchito m'phunziroli, chotsani gulu la zotengera mukangoyika Istio ndikusewera ndi pulogalamu yachitsanzo. Izi zidzachotsa zinthu zonse zamagulu, monga ma compute, disks, ndi maukonde.
Kodi yotsatira?
-
Onani matekinoloje awa:
-
Onani zida zotsatirazi:
-
Phunzirani mfundo za Kubernetes:
Source: www.habr.com