🥇Kubernetes 1.17: vaaiga lautele o mea fou fou

O ananafi, Tesema 9, na tupu le isi faʻasalalauga o Kubernetes - 1.17. E tusa ai ma tu masani na atiaʻe mo la matou blog, matou te talanoa e uiga i suiga sili ona taua i le lomiga fou.

Kubernetes 1.17: va'aiga lautele o mea fou fou

O faʻamatalaga faʻaaoga e saunia ai lenei mea e maua mai i le faʻasalalauga aloaia, Kubernetes fa'aleleia laulau su'ega, SUIGA-1.17 ma mataupu fa'afeso'ota'i, toso talosaga, ma Kubernetes Enhancement Proposals (KEP). O lea la, o le a le mea fou?..

Topology-alaga ala

Ua leva ona faatalitali le nuu o Kubernetes mo lenei vaega - Topology-aware 'au'aunaga ta'avale. Afai MATA e afua mai ia Oketopa 2018, ma le aloaia Faaleleia atili — 2 tausaga talu ai, o mataupu masani (pei na) - ma o ni nai tausaga e sili atu ...

O le manatu lautele o le tuʻuina atu lea o le tomai e faʻatino ai auala "faʻalotoifale" mo auaunaga o loʻo nofo i Kubernetes. “Tulaga” i le tulaga lea o lona uiga “le tulaga tutusa topological” (tulaga fa'afanua), e mafai ona:

node tutusa mo auaunaga,
le fata e tasi,
le itulagi lava e tasi
le tu'uina atu o ao,
...

Fa'ata'ita'iga o le fa'aogaina o lenei vaega:

fa'apolopolo i luga o fefa'ataua'iga i ao fa'apipi'i fa'atasi ma le tele o sone avanoa (multi-AZ) - va'ai. ata fou fa'aaoga le fa'ata'ita'iga o fefa'ataua'iga mai le itulagi e tasi, ae 'ese'ese AZ i AWS;
fa'aitiitia le fa'agaioiga fa'agaoioiga/sili atu le gaosiga;
o se 'au'aunaga tu'ufa'atasi o lo'o iai fa'amatalaga fa'apitonu'u e uiga i le node i so'oga ta'itasi;
fa'apipi'i o le fluentd (po'o analogues) i luga o le node tutusa ma tusi talosaga o lo'o aoina mai o latou ogalaau;
...

O ia auala, lea e "iloa" e uiga i le topology, e taʻua foi o fesoʻotaʻiga fesoʻotaʻiga - e ala i le faʻatusa ma node affinity, pod affinity/anti-affinity pe faaali mai e le'i leva atu Topology-Aware Volume Scheduling (ma Tulaga Volume). Tulaga o lo'o iai nei ServiceTopology i le Kubernetes - fa'ailoga alafa.

Mo faʻamatalaga i le auala e galue ai le faʻaaliga ma pe faʻapefea ona e faʻaaogaina, faitau lenei tusiga mai se tasi o tusitala.

IPv4/IPv6 lagolago lua faaputuga

Taua le alualu i luma mautu i se isi fesoʻotaiga fesoʻotaʻiga: lagolago faʻatasi mo faʻaputu IP lua, lea na muamua faʻafeiloaʻi i totonu K8s 1.16. Aemaise lava, o le faʻasalalauga fou na aumaia ai suiga nei:

i le kube-proxy faatinoina mafai ona fa'agaioi fa'atasi i auala uma e lua (IPv4 ma IPv6);
в Pod.Status.PodIPs faaali mai lagolago mo API i lalo (i le taimi lava e tasi e pei o /etc/hosts i le taimi nei latou te manaʻomia le talimalo e faʻaopoopo se tuatusi IPv6);
lagolago faaputuga lua TAMAITI (Kubernetes IN Docker) ma kubeadm;
fa'afouina su'ega e2e.

Kubernetes 1.17: va'aiga lautele o mea fou fou
Ata faʻatusa fa'aoga lua fa'aputuga IPV4/IPv6 i KIND

Alualu i luma ile CSI

Faailoa mautu lagolago topology mo le teuina o le CSI, muamua faʻafeiloaʻi i totonu K8s 1.12.

Auala mo femalagaiga o le tele plugins i le CSI - CSI Migration - taunuu i le lomiga beta. O lenei vaega e taua tele ina ia mafai ai ona fa'aliliu plugini teuina o iai (i totonu o le la'au) i se atina'e fa'aonaponei (CSI, i fafo o le laau) e le vaaia e tagata fa'au'uga Kubernetes. O le a naʻo le manaʻomia e le pulega o Cluster le faʻatagaina o le CSI Migration, pe a maeʻa ona faʻaauau pea ona "galue" punaoa o loʻo i ai nei ma galuega mamafa ... ae faʻaaoga taʻavale CSI lata mai nai lo mea tuai o loʻo aofia i le Kubernetes core.

I le taimi nei, o femalagaiga mo avetaʻavale AWS EBS ua sauni i le beta version (kubernetes.io/aws-ebs) ma le GCE PD (kubernetes.io/gce-pd). O faʻamatalaga mo isi nofoaga e teu ai e faʻapea:

Kubernetes 1.17: va'aiga lautele o mea fou fou

Na matou talanoa e uiga i le auala na oʻo mai ai le "aganuʻu" lagolago i K8s i le CSI i totonu lenei tusiga. Ma o le suiga o le CSI migration i le tulaga beta ua tuuto atu i lomiga eseese i luga ole blog ole poloketi.

E le gata i lea, o le isi galuega taua i le tulaga o le CSI, lea na afua mai (faʻatinoina o le alpha) i le K1.17s 8, na oʻo i le tulaga o le beta (e mafai ona faʻaogaina) i le faʻasalalauga Kubernetes 1.12 - fatuina ata ma le toe faaleleia mai ia i latou. Faatasi ai ma suiga na faia i le Kubernetes Volume Snapshot i luga o le auala e tatala ai le beta:

vaevae le CSI fafo-snapshotter sidecar i ni pule se lua,
faaopoopo mealilo mo le tapeina (tapē ese mealilo) e fai ma fa'amatalaga i mea o lo'o i totonu o se ata pu'upu'u,
fa'auma fou (fa'ai'uga) e puipuia ai le mea fa'apipi'i API mai le tapeina pe afai o lo'o totoe feso'ota'iga.

I le taimi o le faʻamalolo 1.17, o le faʻaaliga e lagolagoina e le tolu CSI avetaavale: GCE Persistent Disk CSI Avetaavale, Portworx CSI Avetaavale ma NetApp Trident CSI Avetaavale. E mafai ona maua nisi faʻamatalaga e uiga i lona faʻatinoga ma le faʻaaogaina lenei lolomiga luga ole blog.

Fa'aigoa o le Cloud Provider

Fa'ailoga e otometi tofia i nodes ma voluma e fa'atatau i le fa'aogaina o le ao, ua maua i Kubernetes o se kopi beta mo se taimi umi lava - talu mai le tatalaina o le K8s 1.2 (Aperila 2016!). Tuuina atu lo latou faʻaaogaina lautele mo se taimi umi, atinaʻe tonu, ua oʻo i le taimi e faʻaalia ai le tulaga mautu (GA).

O le mea lea, na toe faʻaigoaina uma i latou (e ala i le topology):

beta.kubernetes.io/instance-type → node.kubernetes.io/instance-type
failure-domain.beta.kubernetes.io/zone → topology.kubernetes.io/zone
failure-domain.beta.kubernetes.io/region → topology.kubernetes.io/region

... ae o loʻo avanoa pea i lalo o latou igoa tuai (mo le fetaui i tua). Ae ui i lea, e fautuaina uma pule e sui i igoa o loʻo iai nei. Fa'amaumauga Fa'atatau K8s ua faʻafouina.

Fa'atulagaina galuega a kubeadm

Tuuina atu i le alpha version mo le taimi muamua galuega fa'atulagaina mo le aoga kubeadm. Faiga lagolago: JSON, YAML, Go template.

Fa'aosofiaga mo le fa'atinoina o lenei vaega (e tusa ai ma le MATA) o le:

E ui o Kubernetes e mafai ona faʻapipiʻiina ma le lima, o le mea moni (pe a le o le de jure) tulaga masani mo lenei gaioiga o le faʻaaogaina lea o le kubeadm. Ta'uta'ua faiga fa'atonu meafaigaluega pei Terraform fa'alagolago i le kubeadm mo le fa'aogaina o Kubernetes. Fuafuaga faʻaleleia ile Cluster API e aofia ai se pusa faʻapipiʻi mo Kubernetes bootstrapping ma kubeadm ma cloud-init.
A aunoa ma le faʻatulagaina o galuega, e oʻo lava i suiga sili ona leaga i le tepa muamua e mafai ona motusia Terraform, Cluster API ma isi polokalama faʻaoga e faʻaogaina ai taunuuga o le kubeadm.

O a matou fuafuaga vave e aofia ai le lagolago (i le tulaga o galuega faʻatulagaina) mo tulafono kubeadm nei:

alpha certs
config images list
init
token create
token list
upgrade plan
version

Fa'ata'ita'iga o se tali a le JSON i se fa'atonuga kubeadm init -o json:

{
  "node0": "192.168.20.51:443",
  "caCrt": "sha256:1f40ff4bd1b854fb4a5cf5d2f38267a5ce5f89e34d34b0f62bf335d74eef91a3",
  "token": {
    "id":          "5ndzuu.ngie1sxkgielfpb1",
    "ttl":         "23h",
    "expires":     "2019-05-08T18:58:07Z",
    "usages":      [
      "authentication",
      "signing"
    ],
    "description": "The default bootstrap token generated by 'kubeadm init'.",
    "extraGroups": [
      "system:bootstrappers:kubeadm:default-node-token"
    ]
  },
  "raw": "Rm9yIHRoZSBhY3R1YWwgb3V0cHV0IG9mIHRoZSAia3ViZWFkbSBpbml0IiBjb21tYW5kLCBwbGVhc2Ugc2VlIGh0dHBzOi8vZ2lzdC5naXRodWIuY29tL2FrdXR6LzdhNjg2ZGU1N2JmNDMzZjkyZjcxYjZmYjc3ZDRkOWJhI2ZpbGUta3ViZWFkbS1pbml0LW91dHB1dC1sb2c="
}

Fa'amautu o isi fa'afouga

I se tulaga lautele, o le tatalaina o Kubernetes 1.17 na faia i lalo o le mautauave "Tausiga" Na faafaigofieina e le mea moni o le tele o vaega i totonu (o latou numera atoa o 14) maua le tulaga GA. Faatasi ai ma i latou:

“faailogaina” nodes e tusa ai ma nisi tulaga (TaintNodesByCondition), na aliali mai i totonu K8s 1.8;
Matamata Faailoga - se ituaiga fou o mea na tutupu e iai se faʻailoga e faʻatatau uma mea i se faʻamatalaga patino (resourceVersion) ua uma ona fa'agasolo e le uati;
tau fa'aletonu (defaulting) mo Punaoa Faaleaganuu;
fefa'asoaa'i i va o koneteina i le pod process namespaces;
ScheduleDaemonSetPods - fa'atulagaina pods i DaemonSet faʻaaoga kube-scheduler (nai lo le DaemonSet pule);
tapula'a malosi i luga o le numera o voluma e faʻatatau i le ituaiga node;
lagolago fesuia'i siosiomaga mo igoa fa'atonu fa'apipi'i e pei subPath;
Kubelet fatu fatu fe'avea'i i se API Lisi fa'apitoa;
"puipuiga faaiu" (Puipuiga Fa'ai'u) mo le paleni o uta (siaki o punaoa a le Auaunaga a'o le'i tapeina punaoa LoadBalancer);
kube-apiserver optimization i le faatinoga pe a galue i le tele o uati mataituina seti tutusa o mea faitino - ausia e ala i le aloese mai le faasolosolo faasolosolo o mea lava e tasi mo tagata matamata taitasi.

Isi suiga

O le lisi atoa o faʻafouga i le Kubernetes 1.17, ioe, e le faʻatapulaʻaina i latou o loʻo lisiina i luga. O nisi nei (ma mo se lisi sili atu ona atoatoa, tagai SILIFILI):

O le vaega o loʻo faʻaalia i le faʻasalalauga mulimuli ua oʻo i le beta version RunAsUserName mo Windows;
suiga faapena na tupu EndpointSlice API (fa'apena mai K8s 1.16), peita'i mo le taimi nei o lenei fofo e fa'aleleia ai le fa'atinoga/scalability o le Endpoint API e le'o mafai ona fa'aletonu;
ua taua tele fo'i pods mo le fa'agaioiina o fa'aputuga e mafai ona faia e le gata i igoa avanoa kube-system (mo fa'amatalaga, va'ai le fa'amaumauga mo Fa'agata le taumafaina o Vasega Fa'amuamua);
filifiliga fou mo kubelet - --reserved-cpus - faʻatagaina oe e faʻamalamalama manino le lisi o PPU faʻaagaga mo le faiga;
mo kubectl logs tuuina atu fu'a fou --prefix, fa'aopoopo le igoa o le pusa ma le pusa puna i laina ta'itasi o le ogalaau;
в label.Selector faʻaopoopo RequiresExactMatch;
pusa uma i kube-dns ua tamo'e nei ma avanoa itiiti;
hyperkube tu'ueseese i totonu o se isi faleteuoloa GitHub ma o le a le toe aofia i fa'asalalauga Kubernetes;
taua faaleleia le faatinoga kube-proxy mo ports e le o ni UDP.

Suiga fa'alagolago:

CoreDNS version o lo'o aofia i le kubeadm o le 1.6.5;
crictl version faafou i le v1.16.1;
CSI 1.2.0;
ma isi 3.4.3;
Fa'ata'ita'iga fou fa'ata'ita'iga Docker fa'aleleia i le 19.03;
Ole la'ititi ole Go version e mana'omia e fausia ai le Kubernetes 1.17 ole 1.13.4.

SALA

Faitau foi i la matou blog:

puna: www.habr.com