Momwe Dailymotion amagwiritsira ntchito Kubernetes: Kugwiritsa Ntchito Ntchito
Ife ku Dailymotion tinayamba kugwiritsa ntchito Kubernetes pakupanga zaka 3 zapitazo. Koma kutumiza mapulogalamu m'magulu angapo ndikosangalatsa, kotero pazaka zingapo zapitazi takhala tikuyesera kukonza zida zathu ndi kayendedwe ka ntchito.
Zinayambira pati
Apa tiwona momwe timatumizira mapulogalamu athu m'magulu angapo a Kubernetes padziko lonse lapansi.
Kuyika zinthu zingapo za Kubernetes nthawi imodzi, timagwiritsa ntchito , ndipo ma chart athu onse amasungidwa munkhokwe imodzi ya git. Kuti tigwiritse ntchito stack yathunthu kuchokera ku mautumiki angapo, timagwiritsa ntchito zomwe zimatchedwa tchati chachidule. Kwenikweni, ichi ndi tchati chomwe chimalengeza kudalira ndikukulolani kuti muyambe API ndi ntchito zake ndi lamulo limodzi.
Tinalembanso zolemba zazing'ono za Python pamwamba pa Helm kuti tifufuze, kupanga ma chart, kuwonjezera zinsinsi, ndi kutumiza mapulogalamu. Ntchito zonsezi zimachitika papulatifomu yapakati ya CI pogwiritsa ntchito chithunzi cha docker.
Tiyeni tifike ku mfundo.
Zindikirani. Mukamawerenga izi, woyamba kumasulidwa kwa Helm 3 adalengezedwa kale. Mtundu waukulu uli ndi zosintha zambiri kuti zithetse mavuto omwe tidakumana nawo m'mbuyomu.
Njira yopangira ma chart
Timagwiritsa ntchito nthambi pofunsira, ndipo tidasankha kugwiritsa ntchito njira yomweyo pama chart.
- Nthambi dev amagwiritsidwa ntchito popanga ma chart omwe adzayesedwe pamagulu otukuka.
- Pamene pempho lachikoka laperekedwa kwa mbuye, amafufuzidwa mu siteji.
- Pamapeto pake, timapanga pempho kukoka kuti tichite zosintha kunthambi kapulidwe ndi kuwagwiritsa ntchito popanga.
Malo aliwonse ali ndi malo ake omwe amasungira ma chart athu, ndipo timagwiritsa ntchito ndi ma API othandiza kwambiri. Mwanjira iyi timawonetsetsa kuti pali kudzipatula pakati pa madera ndikuyesa zenizeni zenizeni za ma chart tisanawagwiritse ntchito popanga.
Zosungiramo ma chart m'malo osiyanasiyana
Ndizofunikira kudziwa kuti opanga akakankhira nthambi ya dev, mtundu wa tchati wawo umakankhidwira ku dev Chartmuseum. Chifukwa chake, opanga onse amagwiritsa ntchito malo omwewo, ndipo muyenera kufotokozera mosamalitsa mtundu wanu wa tchati kuti musagwiritse ntchito mwangozi zosintha za wina.
Kuphatikiza apo, script yathu yaying'ono ya Python imatsimikizira zinthu za Kubernetes motsutsana ndi Kubernetes OpenAPI. , musanawasindikize pa Chartmusem.
Kufotokozera kwachidule kwa kachitidwe kachitukuko
- Kupanga ntchito zamapaipi molingana ndi momwe zimakhalira pakuwongolera khalidwe (lint, unit-test).
- Kukankhira chithunzi cha docker ndi zida za Python zomwe zimatumiza mapulogalamu athu.
- Kukhazikitsa chilengedwe ndi dzina la nthambi.
- Kutsimikizira mafayilo a Kubernetes yaml pogwiritsa ntchito Kubeval.
- Onjezani zokha mtundu wa tchati ndi matchati ake akulu (matchati omwe amadalira tchati chomwe chasinthidwa).
- Kutumiza tchati ku Chartmuseum yomwe ikufanana ndi malo ake
Kusamalira zosiyanasiyana m'magulumagulu
Federation of Clusters
Panali nthawi yomwe timagwiritsa ntchito , pomwe zinthu za Kubernetes zitha kulengezedwa kuchokera kumapeto kwa API imodzi. Koma panabuka mavuto. Mwachitsanzo, zinthu zina za Kubernetes sizingapangidwe kumapeto kwa federation, zomwe zimapangitsa kuti zikhale zovuta kusunga zinthu zamagulu ndi zinthu zina zamagulu.
Kuti tithane ndi vutoli, tidayamba kuyang'anira maguluwo paokha, zomwe zidapangitsa kuti ntchitoyi ikhale yosavuta (tinagwiritsa ntchito mtundu woyamba wachitaganya; china chake chikanasintha chachiwiri).
Geo-kugawa nsanja
Pulatifomu yathu pano ikugawidwa m'zigawo 6 - 3 kwanuko ndi 3 mumtambo.
Kugawidwa Kwamagawo
Mtengo wa Global Helm
4 Miyezo yapadziko lonse ya Helm imakupatsani mwayi wozindikira kusiyana pakati pamagulu. Ma chart athu onse ali ndi zinsinsi zochepera.
global:
cloud: True
env: staging
region: us-central1
clusterName: staging-us-central1Mfundo zapadziko lonse lapansi
Mfundozi zimathandizira kutanthauzira zomwe tikugwiritsa ntchito ndipo zimagwiritsidwa ntchito pazifukwa zosiyanasiyana: kuyang'anira, kufufuza, kudula mitengo, kuyimba mafoni akunja, makulitsidwe, etc.
- "mtambo": Tili ndi nsanja yosakanizidwa ya Kubernetes. Mwachitsanzo, API yathu imayikidwa m'magawo a GCP komanso m'malo athu a data.
- "env": Mfundo zina zitha kusintha m'malo osapanga. Mwachitsanzo, matanthauzo azinthu ndi masinthidwe a autoscaling.
- "region": Izi zimathandiza kudziwa komwe gululi lilili ndipo lingagwiritsidwe ntchito kudziwa malekezero apafupi a ntchito zakunja.
- "clusterName": ngati komanso pamene tikufuna kufotokozera mtengo wa gulu limodzi.
Nachi chitsanzo chapadera:
{{/* Returns Horizontal Pod Autoscaler replicas for GraphQL*/}}
{{- define "graphql.hpaReplicas" -}}
{{- if eq .Values.global.env "prod" }}
{{- if eq .Values.global.region "europe-west1" }}
minReplicas: 40
{{- else }}
minReplicas: 150
{{- end }}
maxReplicas: 1400
{{- else }}
minReplicas: 4
maxReplicas: 20
{{- end }}
{{- end -}}Helm template chitsanzo
Mfundo iyi imatanthauzidwa mu template yothandizira kuti mupewe kusokoneza Kubernetes YAML.
Chilengezo cha Ntchito
Zida zathu zotumizira zimachokera pamafayilo angapo a YAML. Pansipa pali chitsanzo cha momwe timalengezera ntchito ndi makulitsidwe ake (nambala yofananira) mumagulu.
releases:
- foo.world
foo.world: # Release name
services: # List of dailymotion's apps/projects
foobar:
chart_name: foo-foobar
repo: [email protected]:dailymotion/foobar
contexts:
prod-europe-west1:
deployments:
- name: foo-bar-baz
replicas: 18
- name: another-deployment
replicas: 3Tanthauzo la Utumiki
Ichi ndi chidule cha masitepe onse omwe amafotokoza momwe ntchito yathu ikugwiritsidwira ntchito. Gawo lomaliza limapereka ntchito kumagulu angapo ogwira ntchito nthawi imodzi.
Masitepe a Jenkins Deployment
Nanga bwanji zinsinsi?
Ponena za chitetezo, timatsata zinsinsi zonse kuchokera kumalo osiyanasiyana ndikuzisunga m'chipinda chapadera ku Paris.
Zida zathu zotumizira zimatulutsa zinsinsi kuchokera ku Vault ndipo, ikafika nthawi, ikani mu Helm.
Kuti tichite izi, tidafotokozera mapu pakati pa zinsinsi za Vault ndi zinsinsi zomwe mapulogalamu athu amafunikira:
secrets:
- secret_id: "stack1-app1-password"
contexts:
- name: "default"
vaultPath: "/kv/dev/stack1/app1/test"
vaultKey: "password"
- name: "cluster1"
vaultPath: "/kv/dev/stack1/app1/test"
vaultKey: "password"- Tafotokozera malamulo ofunikira kutsatira pojambula zinsinsi ku Vault.
- Ngati chinsinsi chikugwira ntchito ku nkhani kapena gulu linalake, muyenera kuwonjezera malo enieni. (Apa cluster1 ili ndi phindu lake pachinsinsi chachinsinsi-app1-password).
- Apo ayi mtengo umagwiritsidwa ntchito mosalephera.
- Pa chinthu chilichonse chomwe chili pamndandandawu Chinsinsi cha Kubernetes mtengo wamtengo wapatali wayikidwa. Choncho, template yachinsinsi m'ma chart athu ndi yophweka kwambiri.
apiVersion: v1
data:
{{- range $key,$value := .Values.secrets }}
{{ $key }}: {{ $value | b64enc | quote }}
{{ end }}
kind: Secret
metadata:
name: "{{ .Chart.Name }}"
labels:
chartVersion: "{{ .Chart.Version }}"
tillerVersion: "{{ .Capabilities.TillerVersion.SemVer }}"
type: OpaqueMavuto ndi zolephera
Kugwira ntchito ndi ma repositories ambiri
Tsopano timalekanitsa chitukuko cha ma chart ndi ntchito. Izi zikutanthauza kuti opanga akuyenera kugwira ntchito m'malo awiri a git: imodzi yogwiritsira ntchito, ndi ina yofotokozera kutumizidwa ku Kubernetes. 2 git repositories amatanthawuza 2 workflows, ndipo ndizosavuta kwa newbie kusokonezeka.
Kuwongolera ma chart a generalized ndizovuta
Monga tanenera kale, ma chart a generic ndi othandiza kwambiri pakuzindikiritsa zodalira ndikutumiza mwachangu mapulogalamu angapo. Koma timagwiritsa ntchito --reuse-valueskupewa kudutsa zikhalidwe zonse nthawi iliyonse tikatumiza pulogalamu yomwe ili gawo la tchatichi.
Pakutumiza mosalekeza, timangokhala ndi zinthu ziwiri zomwe zimasintha pafupipafupi: kuchuluka kwa zofananira ndi tag (mtundu). Zina, zokhazikika zokhazikika zimasinthidwa pamanja, ndipo izi ndizovuta. Komanso, kulakwitsa kumodzi potumiza tchati chokhazikika kungayambitse kulephera kwakukulu, monga momwe tawonera kuchokera ku zomwe takumana nazo.
Kusintha mafayilo amasinthidwe angapo
Wopanga mapulogalamu akawonjezera pulogalamu yatsopano, amayenera kusintha mafayilo angapo: chilengezo cha pulogalamu, mndandanda wa zinsinsi, ndikuwonjezera pulogalamuyo ngati yodalira ngati ikuphatikizidwa mu tchati chokhazikika.
Zilolezo za Jenkins ndizowonjezedwa ku Vault
Tsopano tili ndi imodzi , yomwe imawerenga zinsinsi zonse kuchokera ku Vault.
Njira yobweza ngongole singodzichitira zokha
Kuti mubwezere, muyenera kuyendetsa lamulo pamagulu angapo, ndipo izi zadzaza ndi zolakwika. Timachita izi pamanja kuti tiwonetsetse kuti ID yolondola yatchulidwa.
Tikupita ku GitOps
Cholinga chathu
Tikufuna kubweza tchati kunkhokwe ya pulogalamu yomwe imatumiza.
Njira yogwirira ntchito idzakhala yofanana ndi yachitukuko. Mwachitsanzo, pamene nthambi ikukankhidwa kuti ikhale yabwino, kutumizidwa kumayambika kokha. Kusiyana kwakukulu pakati pa njira iyi ndi kayendetsedwe ka ntchito kameneka kangakhale kotere zonse zidzayendetsedwa mu git (ntchito yokhayo komanso momwe imagwiritsidwira ntchito ku Kubernetes).
Pali zabwino zingapo:
- Zambiri momveka bwino kwa wopanga. Ndikosavuta kuphunzira momwe mungasinthire zosintha mu tchati chapafupi.
- Tanthauzo la kagwiritsidwe ntchito ka ntchito litha kufotokozedwa malo omwewo ndi code ntchito.
- Kuwongolera kuchotsa ma chart a generalized. Utumikiwu udzakhala ndi kumasulidwa kwake kwa Helm. Izi zikuthandizani kuti muzitha kuyang'anira moyo wa pulogalamu (kubweza, kukweza) pamlingo wocheperako, kuti musakhudze ntchito zina.
- Ubwino wa git kwa kasamalidwe ka tchati: sinthani kusintha, chipika chowerengera, ndi zina zambiri. Ngati mukufuna kusintha kusintha kwa tchati, mutha kuchita izi pogwiritsa ntchito git. Kutumiza kumayamba basi.
- Mutha kuganiza zopititsa patsogolo chitukuko chanu ndi zida monga Skaffold, yomwe opanga amatha kuyesa kusintha komwe kuli pafupi ndi kupanga.
Kusamuka kwa magawo awiri
Madivelopa athu akhala akugwiritsa ntchito njira iyi kwa zaka 2 tsopano, kotero tikufuna kusamuka kusakhale kopweteka momwe tingathere. Chifukwa chake, tasankha kuwonjezera sitepe yapakatikati panjira yopita ku cholinga.
Gawo loyamba ndi losavuta:
- Timasunga dongosolo lofananira pokhazikitsa kutumizidwa kwa mapulogalamu, koma mu chinthu chimodzi chotchedwa DailymotionRelease.
apiVersion: "v1"
kind: "DailymotionRelease"
metadata:
name: "app1.ns1"
environment: "dev"
branch: "mybranch"
spec:
slack_channel: "#admin"
chart_name: "app1"
scaling:
- context: "dev-us-central1-0"
replicas:
- name: "hermes"
count: 2
- context: "dev-europe-west1-0"
replicas:
- name: "app1-deploy"
count: 2
secrets:
- secret_id: "app1"
contexts:
- name: "default"
vaultPath: "/kv/dev/ns1/app1/test"
vaultKey: "password"
- name: "dev-europe-west1-0"
vaultPath: "/kv/dev/ns1/app1/test"
vaultKey: "password"- Kutulutsidwa kwa 1 pa pulogalamu iliyonse (popanda ma chart amtundu uliwonse).
- Ma chart mu git repository ya pulogalamuyo.
Talankhula ndi onse okonza, kotero kuti kusamuka kwayamba kale. Gawo loyamba likuyendetsedwabe pogwiritsa ntchito nsanja ya CI. Ndilembanso positi ina posachedwa za gawo lachiwiri: momwe tidasunthira kumayendedwe a GitOps . Ndikuuzani momwe timakhazikitsira zonse ndi zovuta zomwe tidakumana nazo (zosungira zambiri, zinsinsi, ndi zina). Tsatirani nkhani.
Apa tayesera kufotokoza momwe tikuyendera pamayendedwe otumizira ntchito zaka zapitazi, zomwe zidapangitsa kuti tiganizire za njira ya GitOps. Sitinafikirebe cholingacho ndipo tidzafotokozera zotsatira zake, koma tsopano tili otsimikiza kuti tinachita zoyenera pamene tinaganiza zofewetsa zonse ndikuzibweretsa pafupi ndi zizolowezi za opanga.
Source: www.habr.com