- afifi mo , lea e mafai ai e oe ona faʻamatalaina le tele o faʻamalolo foʻi i se nofoaga e tasi, faʻavasega a latou siata mo le tele o siʻosiʻomaga, ma faʻatulaga foi le faʻatonuga o latou faʻapipiʻiina.
E mafai ona e faitau e uiga i le helmfile lava ia ma faʻataʻitaʻiga o lona faʻaogaina i totonu и .
O le a tatou masani i auala e le o manino e faʻamatala ai faʻasalalauga i le helmfile
Fa'apea o lo'o i ai sau fa'ailoga o siata foeuli (mo se fa'ata'ita'iga, se'i fai postgres ma nisi fa'aoga pito i tua) ma le tele o si'osi'omaga (tele kubernetes fuifui, tele igoa, po'o le tele o mea uma e lua). Matou te ave le faila, faitau faʻamaumauga ma amata ona faʻamatalaina o matou siosiomaga ma faʻasalalauga:
.
├── envs
│ ├── devel
│ │ └── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
│ └── production
│ └── values
│ ├── backend.yaml
│ └── postgres.yaml
└── helmfile.yamlhelmfile.yaml
environments:
devel:
production:
releases:
- name: postgres
labels:
app: postgres
wait: true
chart: stable/postgresql
version: 8.4.0
values:
- envs/{{ .Environment.Name }}/values/postgres.yaml
- name: backend
labels:
app: backend
wait: true
chart: private-helm-repo/backend
version: 1.0.5
needs:
- postgres
values:
- envs/{{ .Environment.Name }}/values/backend.yamlNa matou i'u i le 2 siosiomaga: tuputupu aʻe, faiga - o lo'o i ai i latou ta'itasi ona lava fa'atauga mo siata fa'asa'oloto fo'i. O le a matou tuʻuina atu ia i latou e pei o lenei:
helmfile -n <namespace> -e <env> applyEseese lomiga o siata foeuli i siosiomaga eseese
Ae fa'afefea pe a tatou mana'omia le ta'avale ese'esega o le pito i tua i si'osi'omaga 'ese'ese? E fa'afefea ona fa'amauina le fa'asalalauga fa'asao? O tau fa'alesiosiomaga e maua ile {{ .Values }}
helmfile.yaml
environments:
devel:
+ values:
+ - charts:
+ versions:
+ backend: 1.1.0
production:
+ values:
+ - charts:
+ versions:
+ backend: 1.0.5
...
- name: backend
labels:
app: backend
wait: true
chart: private-helm-repo/backend
- version: 1.0.5
+ version: {{ .Values.charts.versions.backend }}
...Eseese seti o talosaga i siosiomaga eseese
Lelei, ae a pe a tatou le manaʻomia production taʻavale i fafo postgres, aua matou te iloa matou te le manaʻomia le tuleia o le database i k8s ma mo le faʻatau atu o loʻo i ai a matou faʻaputuga eseese postgres matagofie? Ina ia foia lenei faafitauli ua i ai a matou igoa
helmfile -n <namespace> -e devel apply
helmfile -n <namespace> -e production -l app=backend applyE lelei tele lenei mea, ae o le tagata lava ia ou te manaʻo e faʻamatala poʻo fea talosaga e faʻapipiʻi i totonu o le siosiomaga e le faʻaaogaina finauga faʻalauiloa, ae i le faʻamatalaga o siosiomaga latou lava. O le a le mea e fai? E mafai ona e tuʻuina faʻamatalaga tuʻufaʻatasia i totonu o se isi faila, fatuina se lisi o faʻasalalauga talafeagai i le faʻamatalaga o le siosiomaga ma "aʻe" naʻo faʻasalalauga talafeagai, le amanaʻiaina o isi.
.
├── envs
│ ├── devel
│ │ └── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
│ └── production
│ └── values
│ ├── backend.yaml
│ └── postgres.yaml
+ ├── releases
+ │ ├── backend.yaml
+ │ └── postgres.yaml
└── helmfile.yaml
helmfile.yaml
environments:
devel:
values:
- charts:
versions:
backend: 1.1.0
- apps:
- postgres
- backend
production:
values:
- charts:
versions:
backend: 1.0.5
- apps:
- backend
- releases:
- - name: postgres
- labels:
- app: postgres
- wait: true
- chart: stable/postgresql
- version: 8.4.0
- values:
- - envs/{{ .Environment.Name }}/values/postgres.yaml
- - name: backend
- labels:
- app: backend
- wait: true
- chart: private-helm-repo/backend
- version: {{ .Values.charts.versions.backend }}
- needs:
- - postgres
- values:
- - envs/{{ .Environment.Name }}/values/backend.yaml
+ ---
+ bases:
+ {{- range .Values.apps }}
+ - releases/{{ . }}.yaml
+ {{- end }}releases/postgres.yaml
releases:
- name: postgres
labels:
app: postgres
wait: true
chart: stable/postgresql
version: 8.4.0
values:
- envs/{{ .Environment.Name }}/values/postgres.yamlreleases/backend.yaml
releases:
- name: backend
labels:
app: backend
wait: true
chart: private-helm-repo/backend
version: {{ .Values.charts.versions.backend }}
needs:
- postgres
values:
- envs/{{ .Environment.Name }}/values/backend.yamlO le tusi
Faʻaaogaina bases: e manaʻomia le faʻaogaina o le yaml separator ---, ina ia mafai ona e faʻataʻitaʻiina faʻasalalauga (ma isi vaega, e pei o le helmDefaults) faʻatasi ai ma tulaga taua mai siosiomaga
I lenei tulaga, o le faʻasalalauga postgres o le a le aofia ai i le faʻamatalaga mo le gaosiga. Fa'amalieina tele!
Fa'aleaogaina taua fa'alelalolagi mo fa'asalalauga
Ioe, e manaia tele le mafai ona e setiina tulaga taua mo siata foeuli mo siosiomaga taʻitasi, ae faʻapefea pe a fai e tele ni a matou siosiomaga e faʻamatalaina, ma matou te mananaʻo, mo se faʻataʻitaʻiga, e seti tutusa mo tagata uma. affinity, ae matou te le manaʻo e faʻapipiʻi e ala i le faaletonu i totonu o siata lava latou, o loʻo teuina i turnips.
I lenei tulaga, mo faʻasalalauga taʻitasi e mafai ona matou faʻamaonia faila 2 ma tau: o le muamua ma le faʻaogaina o tau, lea o le a fuafua ai le tau o le siata lava ia, ma le lona lua faʻatasi ai ma tau mo le siosiomaga, lea o le a faʻaumatia ai le i latou ua faaletonu.
.
├── envs
+ │ ├── default
+ │ │ └── values
+ │ │ ├── backend.yaml
+ │ │ └── postgres.yaml
│ ├── devel
│ │ └── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
│ └── production
│ └── values
│ ├── backend.yaml
│ └── postgres.yaml
├── releases
│ ├── backend.yaml
│ └── postgres.yaml
└── helmfile.yamlreleases/backend.yaml
releases:
- name: backend
labels:
app: backend
wait: true
chart: private-helm-repo/backend
version: {{ .Values.charts.versions.backend }}
needs:
- postgres
values:
+ - envs/default/values/backend.yaml
- envs/{{ .Environment.Name }}/values/backend.yamlenvs/default/values/backend.yaml
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 1
podAffinityTerm:
labelSelector:
matchExpressions:
- key: app.kubernetes.io/name
operator: In
values:
- backend
topologyKey: "kubernetes.io/hostname"Fa'amatalaina o tulaga taua o le lalolagi mo siata foeuli o fa'asalalauga uma ile tulaga o le si'osi'omaga
Fa'apea tatou te faia ni nai fa'aoga i le tele o fa'asalalauga - e mafai ona tatou fa'amalamalamaina ma le lima mo siata ta'itasi hosts:, ae i la tatou tulaga e tutusa le domain, aisea la e le tuʻuina ai i se fesuiaiga o le lalolagi ma na o le suia o lona tau i totonu o siata? Ina ia faia lenei mea, o faila ma mea taua tatou te mananaʻo e faʻavasegaina e tatau ona i ai le faʻaopoopoga .gotmpl, ina ia iloa e le helmfile e manaʻomia ona faʻatautaia i le afi faʻataʻitaʻiga.
.
├── envs
│ ├── default
│ │ └── values
- │ │ ├── backend.yaml
- │ │ ├── postgres.yaml
+ │ │ ├── backend.yaml.gotmpl
+ │ │ └── postgres.yaml.gotmpl
│ ├── devel
│ │ └── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
│ └── production
│ └── values
│ ├── backend.yaml
│ └── postgres.yaml
├── releases
│ ├── backend.yaml
│ └── postgres.yaml
└── helmfile.yamlhelmfile.yaml
environments:
devel:
values:
- charts:
versions:
backend: 1.1.0
- apps:
- postgres
- backend
+ - global:
+ ingressDomain: k8s.devel.domain
production:
values:
- charts:
versions:
backend: 1.0.5
- apps:
- backend
+ - global:
+ ingressDomain: production.domain
---
bases:
{{- range .Values.apps }}
- releases/{{ . }}.yaml
{{- end }}envs/default/values/backend.yaml.gotmpl
ingress:
enabled: true
paths:
- /api
hosts:
- {{ .Values.global.ingressDomain }}envs/default/values/postgres.yaml.gotmpl
ingress:
enabled: true
paths:
- /
hosts:
- postgres.{{ .Values.global.ingressDomain }}O le tusi
E manino lava, o le ulufale atu i le postgres siata o se mea e matua masalosalo lava, o lea o lenei tusiga ua tuʻuina atu e pei o se faʻataʻitaʻiga faʻataʻitaʻi i totonu o se vacuum ma ina ia aua neʻi faʻaofiina se faʻasalalauga fou i totonu o le tusiga naʻo le faʻamatalaina o le faʻaogaina.
Suia mealilo mai tulaga taua o le siosiomaga
E ala i le faʻatusa ma le faʻataʻitaʻiga o loʻo i luga, e mafai ona e suitulaga faʻailoga faʻaoga uiga. Nai lo le fatuina oa tatou lava faila faalilolilo mo faʻasalalauga taʻitasi, lea e mafai ai ona tatou faʻamalamalamaina tau faʻailoga mo le siata, e mafai ona tatou faʻamalamalamaina i le faʻamalolo default.yaml.gotmpl tau o le a aveesea mai fesuiaiga o loʻo faʻamatalaina i le tulaga o le siosiomaga. Ma o tulaga taua tatou te le manaʻomia e natia mai soʻo se tasi e mafai ona faigofie ona toe faʻamalamalamaina i le faʻasaʻoina o tau i se siosiomaga patino.
.
├── envs
│ ├── default
│ │ └── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
│ ├── devel
│ │ ├── values
│ │ │ ├── backend.yaml
│ │ │ └── postgres.yaml
+ │ │ └── secrets.yaml
│ └── production
│ ├── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
+ │ └── secrets.yaml
├── releases
│ ├── backend.yaml
│ └── postgres.yaml
└── helmfile.yamlhelmfile.yaml
environments:
devel:
values:
- charts:
versions:
backend: 1.1.0
- apps:
- postgres
- backend
- global:
ingressDomain: k8s.devel.domain
+ secrets:
+ - envs/devel/secrets.yaml
production:
values:
- charts:
versions:
backend: 1.0.5
- apps:
- backend
- global:
ingressDomain: production.domain
+ secrets:
+ - envs/production/secrets.yaml
---
bases:
{{- range .Values.apps }}
- releases/{{ . }}.yaml
{{- end }}envs/devel/secrets.yaml
secrets:
elastic:
password: ENC[AES256_GCM,data:hjCB,iv:Z1P6/6xBJgJoKLJ0UUVfqZ80o4L84jvZfM+uH9gBelc=,tag:dGqQlCZnLdRAGoJSj63rBQ==,type:int]
...envs/production/secrets.yaml
secrets:
elastic:
password: ENC[AES256_GCM,data:ZB/VpTFk8f0=,iv:EA//oT1Cb5wNFigTDOz3nA80qD9UwTjK5cpUwLnEXjs=,tag:hMdIUaqLRA8zuFBd82bz6A==,type:str]
...envs/default/values/backend.yaml.gotmpl
elasticsearch:
host: elasticsearch
port: 9200
password: {{ .Values | getOrNil "secrets.elastic.password" | default "password" }}envs/devel/values/backend.yaml
elasticsearch:
host: elastic-0.devel.domainenvs/production/values/backend.yaml
elasticsearch:
host: elastic-0.production.domainO le tusi
I le ala, getOrNil - o se galuega faʻapitoa mo faʻataʻitaʻiga alu i le helmfile, lea, e tusa lava pe .Values.secrets o le a le i ai, o le a le lafoina se mea sese, ae o le a faʻatagaina le iʻuga e faʻaaoga ai le galuega default sui le tau fa'aletonu
iʻuga
O mea o loʻo faʻamatalaina e foliga mai e matua manino lava, ae o faʻamatalaga i luga o se faʻamatalaga faigofie o le faʻapipiʻiina i le tele o siosiomaga e faʻaaoga ai le helmfile e matua le lava, ma ou te alofa ia IaC (Infrastructure-as-Code) ma ou te manaʻo e maua se faʻamatalaga manino o le tulaga faʻapipiʻi.
I le faaiuga, ou te fia faaopoopo atu o fesuiaiga mo le siosiomaga le lelei e mafai, i le isi itu, ona faʻavasegaina ma fesuiaiga o le siosiomaga o le OS o se tagata tamoʻe mai lea o le a faʻalauiloaina ai le faʻapipiʻiina, ma maua ai ni siosiomaga malosi.
helmfile.yaml
environments:
default:
values:
- global:
clusterDomain: {{ env "CLUSTER_DOMAIN" | default "cluster.local" }}
ingressDomain: {{ env "INGRESS_DOMAIN" }}puna: www.habr.com