Kubvumbi 27 pamusangano , sechikamu chechikamu che "DevOps", chirevo "Auto-scaling uye resource management muKubernetes" yakapihwa. Inotaura nezve mashandisiro aungaite maK8s kuve nechokwadi chekuwanikwa kwepamusoro kwekushandisa kwako uye kuve nechokwadi chepamusoro pekuita.
Nechivanhu, tinofara kupa (44 maminetsi, zvakanyanya kudzidzisa kupfuura chinyorwa) uye pfupiso huru muchimiro chemavara. Enda!
Ngationgororei musoro weshumo izwi neshoko uye titange kubva kumagumo.
Kubernetes
Ngatitii tine midziyo yeDocker pane yedu yatinogamuchira. Yechii? Kuve nechokwadi chekudzokorora uye kuzviparadzanisa nevamwe, izvo zvinobvumira kuti zvive nyore uye zvakanaka kutumira, CI/CD. Tine mota zhinji dzakadai dzine macontainer.
Chii chinopa Kubernetes munyaya iyi?
- Isu tinomira kufunga nezvemichina iyi totanga kushanda ne "gore" sumbu remidziyo kana mapodhi (mapoka emidziyo).
- Uyezve, isu hatitombofungi nezvemapodhi ega, asi tonga zvakawandaΠΎmapoka makuru. Vakadaro primitives yepamusoro-soro titendere kuti titaure kuti pane template yekumhanyisa rimwe basa rekuita, uye heino nhamba inodiwa yezviitiko kuti iite. Kana isu tazoshandura template, zvese zviitiko zvinoshanduka.
- Nekubatsirwa kwe declarative API Panzvimbo pekuita nhevedzano yemirairo chaiyo, isu tinotsanangura "chimiro chenyika" (muYAML), icho chinogadzirwa naKubernetes. Uye zvakare: kana tsananguro yachinja, kuratidza kwayo chaiko kuchachinja.
Resource management
CPU
Ngatimhanye nginx, php-fpm uye mysql pane server. Aya masevhisi anozove ane mamwe maitiro anoshanda, imwe neimwe inoda komputa zviwanikwa:
(nhamba dziri pachisiraidhi "maparrots", izvo zvisingatarisirwi zvega yega maitiro emagetsi ekombuta)
Kuita kuti zvive nyore kushanda neizvi, zvine musoro kusanganisa maitiro mumapoka (somuenzaniso, ese nginx maitiro muboka rimwe "nginx"). Nzira iri nyore uye iri pachena yekuita izvi kuisa boka rega rega mumudziyo:
Kuti uenderere mberi, unofanirwa kuyeuka kuti mudziyo chii (muLinux). Chitarisiko chavo chakaitwa nekuda kwezvinhu zvitatu zvakakosha mukernel, yakaitwa kare kare: , ΠΈ . Uye kumwe kusimudzira kwakafambiswa nehumwe matekinoroji (kusanganisira "shells" ari nyore seDocker):
Muchirevo chechinyorwa, isu tinongofarira chete cgroups, nekuti mapoka ekudzora ndiwo chikamu chekushanda kwemidziyo (Docker, nezvimwewo) iyo inoshandisa manejimendi manejimendi. Maitiro akasanganiswa mumapoka, sezvataida, mapoka ekutonga.
Ngatidzokerei kune zvinodiwa neCPU kune aya maitiro, uye ikozvino kumapoka emaitiro:
(Ndinodzokorora kuti nhamba dzese iratidziro isinganzwisisike yekudiwa kwezviwanikwa)
Panguva imwecheteyo, iyo CPU pachayo ine imwe inopera sosi (mumuenzaniso izvi 1000), izvo zvingashaikwa nemunhu wese (huwandu hwezvinodiwa zvemapoka ese 150+850+460=1460). Chii chichaitika munyaya iyi?
Iyo kernel inotanga kugovera zviwanikwa uye inozviita "zvakanaka", ichipa huwandu hwakafanana hwezviwanikwa kune rimwe nerimwe boka. Asi mune yekutanga kesi, kune akawanda ayo kupfuura anodiwa (333> 150), saka iyo yakawandisa (333-150 = 183) inoramba yakachengetwa, iyo zvakare yakagoverwa zvakaenzana pakati pezvimwe midziyo miviri:
Somugumisiro: ndiro yekutanga yakanga ine zvigadziro zvakakwana, yechipiri - yakanga isina zvigadziro zvakakwana, chechitatu - yakanga isina zvigadziro zvakakwana. Uyu ndiwo mugumisiro wezviito "kutendeseka" kuronga muLinux - . Kushanda kwayo kunogona kugadziriswa uchishandisa basa racho zviyero imwe neimwe yemidziyo. Semuenzaniso, seizvi:
Ngatitarisei nyaya yekushaikwa kwezviwanikwa mumudziyo wechipiri (php-fpm). Zvese zviwanikwa zvemidziyo zvinogovaniswa zvakaenzana pakati pemaitiro. Nekuda kweizvozvo, iyo master process inoshanda zvakanaka, asi vese vashandi vanononoka, vachigamuchira isingasviki hafu yezvavanoda:
Aya ndiwo mashandiro anoita CFS scheduler. Tichazodaidza zvakare huremu hwatinopa kumidziyo zvikumbiro. Sei izvi zvakadaro - ona zvimwe.
Ngatitarisei mamiriro ese kubva kune rimwe divi. Sezvaunoziva, migwagwa yese inoenda kuRoma, uye kana iri komputa, kuCPU. Imwe CPU, akawanda mabasa - iwe unoda mwenje wetraffic. Nzira iri nyore yekubata zviwanikwa ndeye "chiedza chetraffic": ivo vakapa imwe nzira nguva yakatarwa yekuwana kuCPU, kozotevera inotevera, nezvimwe.
Iyi nzira inonzi hard quotas (zvakaoma kudzikisira). Ngatizvirangarire zviri nyore se limits. Nekudaro, kana iwe ukagovera miganho kumidziyo yese, dambudziko rinomuka: mysql yaityaira munzira uye pane imwe nguva kudiwa kwayo kweCPU kwakapera, asi mamwe maitiro ese anomanikidzwa kumirira kusvika CPU. idle.
Ngatidzokerei kuLinux kernel uye kudyidzana kwayo neCPU - iwo mufananidzo wakazara wakadai:
cgroup ine marongero maviri - chaizvo aya maviri akareruka "twist" anotendera iwe kuti uone:
- uremu hwemudziyo (zvikumbiro) ndizvo mugove;
- muzana yehuwandu hweCPU nguva yekushanda pamidziyo mabasa (miganhu) ndeye quota.
Nzira yekuyera sei CPU?
Pane nzira dzakasiyana:
- chii parrots, hapana anoziva - unoda kutaurirana nguva dzose.
- Kufarira zvakajeka, asi hama: 50% ye server ine 4 cores uye ine 20 cores zvinhu zvakasiyana zvachose.
- Iwe unogona kushandisa izvo zvatotaurwa zviyero, iyo Linux inoziva, asi ivo zvakare vane hama.
- Sarudzo yakanyanya kukwana ndeyekuyera zviwanikwa zvekombuta mukati seconds. Avo. mumasekonzi enguva yeprocessor inoenderana nemasekonzi enguva chaiyo: 1 sekondi yenguva ye processor yakapihwa pasekondi imwe chaiyo - iyi ndiyo imwe yakazara CPU core.
Kuti kutaura kuve nyore, vakatanga kuyera mukati kernels, zvichireva kuti ivo nguva imwechete yeCPU inoenderana neiyo chaiyo. Sezvo Linux ichinzwisisa uremu, asi kwete yakawanda CPU nguva / cores, nzira yaidiwa kushandura kubva kune imwe kuenda kune imwe.
Ngatitarisei muenzaniso wakapfava nesevha ine 3 CPU cores, apo mapodhi matatu achapihwa huremu (500, 1000 uye 1500) anoshandurwa zviri nyore kuzvikamu zvinowirirana zvemacores akagoverwa kwavari (0,5, 1 uye 1,5).
Kana iwe ukatora sevha yechipiri, apo pachava nekaviri macores akawanda (6), uye kuisa mapodhi mamwechete ipapo, kugoverwa kwemacores kunogona kuverengwa nyore nyore nekungowedzera ne 2 (1, 2 uye 3, maererano). Asi nguva inokosha inoitika apo podhi yechina inooneka pane iyi sevha, iyo uremu hwayo, kuitira nyore, huchava 3000. Inobvisa chikamu cheCUU zviwanikwa (hafu yemacores), uye kune mapodhi akasara anoverengwazve (hafu):
Kubernetes uye CPU zviwanikwa
MuKubernetes, CPU zviwanikwa zvinowanzoyerwa mukati miliadrax, i.e. 0,001 cores inotorwa sehuremu hwaro. (Iyo chinhu chimwe chete muLinux/cgroups terminology inonzi CPU share, kunyangwe, zvakanyanya, 1000 millicores = 1024 CPU shares.) K8s inova nechokwadi chekuti haiise mapodhi akawanda pane sevha pane kune CPU zviwanikwa zvehuwandu hwehuremu hwemapodhi ese.
Izvi zvinoitika sei? Paunowedzera sevha kune Kubernetes cluster, zvinonzi mangani maCPU cores ayo aripo. Uye kana uchigadzira podhi nyowani, Kubernetes scheduler anoziva kuti macores mangani iyi pod ichada. Nekudaro, iyo pod ichapihwa kune server uko kune akakwana cores.
Chii chichaitika kana kwete chikumbiro chinotsanangurwa (kureva kuti iyo pod haina nhamba yakatsanangurwa yemacores yainoda)? Ngationei kuti Kubernetes anowanzo kuverenga sei zviwanikwa.
Kune pod iwe unogona kutsanangura zvese zvikumbiro (CFS scheduler) uye miganhu (yeuka traffic traffic?):
- Kana ivo vakatsanangurwa zvakaenzana, ipapo pod inopihwa kirasi yeQoS avimbiswa. Iyi nhamba yemacores inogara iripo kwairi inovimbiswa.
- Kana chikumbiro chiri pasi pemuganhu - QoS kirasi kuputika. Avo. Isu tinotarisira kuti pod, semuenzaniso, kugara ichishandisa 1 musimboti, asi kukosha uku hakusi kuganhurirwa kwairi: dzimwe nguva pod inogona kushandisa zvakawanda (kana sevha ine zviwanikwa zvemahara zveizvi).
- Kune zvakare kirasi yeQoS kuedza kwakanyanya - inosanganisira iwo mapodhi chaiwo ayo chikumbiro chisina kutaurwa. Zvishandiso zvinopihwa kwavari kwekupedzisira.
ndangariro
Nekuyeuka, mamiriro acho akafanana, asi akasiyana zvishoma - shure kwezvose, maitiro ezviwanikwa izvi zvakasiyana. Kazhinji, kuenzanisa kunotevera:
Ngationei kuti zvikumbiro zvinoitwa sei mundangariro. Rega mapodhi ararame pane sevha, achichinja ndangariro kushandiswa, kusvikira imwe yadzo yakura zvekuti inopera mundangariro. Muchiitiko ichi, mhondi yeOOM inoonekwa uye inouraya maitiro makuru:
Izvi hazvisi nguva dzose zvakatikodzera, saka zvinokwanisika kugadzirisa maitiro anokosha kwatiri uye haafaniri kuurayiwa. Kuti uite izvi, shandisa parameter ooom_score_adj.
Ngatidzokerei kumakirasi eQoS eCPU uye tidhirowe fananidzo neoom_score_adj hunhu hunotaridza kurangarira kushandiswa kwekutanga kune pods:
- Iyo yakaderera oom_score_adj kukosha kwepodhi - -998 - zvinoreva kuti pod yakadai inofanira kuurayiwa kwekupedzisira, izvi avimbiswa.
- Iyo yepamusoro-soro - 1000 - ndiyo kuedza kwakanyanya, mapodhi akadaro anotanga kuurayiwa.
- Kuverenga iyo yakasara kukosha (kuputika) pane muteuro, hunhu hwacho hunowira pakuti kana pod yakumbira zviwanikwa zvakawanda, kashoma kuti iurawe.
Yechipiri "monyorora" - limit_in_bytes - nokuda kwemiganhu. Nayo, zvese zviri nyore: isu tinongopa huwandu hwakanyanya hweyekuyeuka yakapihwa, uye pano (kusiyana neCPU) hapana mubvunzo wekuti ungaiyera sei (ndangariro).
Total
Imwe neimwe pod muKubernetes inopihwa requests ΠΈ limits - ese ma paramita eCPU uye ndangariro:
- zvichibva pane zvikumbiro, iyo Kubernetes scheduler inoshanda, iyo inogovera pods pakati pemaseva;
- zvichibva pane ese ma paramita, iyo pod's QoS kirasi yakatemwa;
- Huremu hwehukama hunoverengerwa zvichienderana nezvikumbiro zveCPU;
- iyo CFS scheduler inogadziriswa zvichienderana nezvikumbiro zveCPU;
- OOM killer inogadziriswa zvichibva pane zvikumbiro zvendangariro;
- "chiedza chetraffic" chinogadziriswa zvichienderana neCPU miganhu;
- Zvichienderana nemiganhu yendangariro, muganho wakagadzirirwa kuboka.
Kazhinji, mufananidzo uyu unopindura mibvunzo yese pamusoro pekuti chikamu chikuru chekutonga zviwanikwa chinoitika sei muKubernetes.
Autoscaling
K8s cluster-autoscaler
Ngatimbofungidzira kuti sumbu rese rakatogarwa uye podhi nyowani inoda kugadzirwa. Nepo iyo pod isingagone kuoneka, inorembera muchimiro kudzamara. Kuti ionekwe, tinogona kubatanidza sevha itsva kune cluster kana ... install cluster-autoscaler, iyo ichatiitira isu: ronga muchina chaiwo kubva kune cloud provider (uchishandisa chikumbiro che API) uye uibatanidze kune boka. , mushure mezvo podhi ichawedzerwa.
Uku ndiko autoscaling yeKubernetes cluster, inoshanda zvikuru (mune ruzivo rwedu). Nekudaro, sekumwe kumwe, kune mamwe nuances pano ...
Chero bedzi isu takawedzera saizi yesumbu, zvese zvaive zvakanaka, asi chii chinoitika kana sumbu akatanga kuzvisunungura? Dambudziko nderekuti kutama mapodhi (kusunungura mauto) kwakaoma kwazvo uye kunodhura maererano nezviwanikwa. Kubernetes anoshandisa nzira yakasiyana zvachose.
Funga nezveboka remaseva matatu ane Deployment. Iyo ine 3 pods: ikozvino kune 6 kune yega yega server. Nechimwe chikonzero taida kudzima imwe yeseva. Kuti tiite izvi tichashandisa murairo kubectl drain, izvo:
- inorambidza kutumira mapodhi matsva kune ino server;
- ichadzima mapodhi aripo pane server.
Sezvo Kubernetes ane basa rekuchengetedza huwandu hwemapods (6), zviri nyore ichagadzira patsva iwo kune mamwe ma node, asi kwete pane ari kuremara, sezvo yakatomakwa seisingawanikwe pakutambira mapodhi matsva. Iyi ndiyo yakakosha mechanic yeKubernetes.
Zvisinei, pane nuance pano zvakare. Mune mamiriro akafanana, kune StatefulSet (panzvimbo yeDeployment), zviito zvichave zvakasiyana. Iye zvino tatova neyakajeka application - semuenzaniso, mapodhi matatu ane MongoDB, imwe ine imwe mhando yedambudziko (iyo data yashatiswa kana imwe kukanganisa kunodzivirira pod kutanga nemazvo). Uye isu zvakare tinosarudza kudzima imwe server. Chii chichaitika?
MongoDB aigona kufa nekuti inoda quorum: kune sumbu rekuisa zvitatu, maviri anofanira kushanda. Zvisinei, izvi hazvisi kuitika - ndatenda PodDisruptionBudget. Iyi parameter inosarudza hushoma hunodiwa nhamba yekushanda pods. Kuziva kuti imwe yeMongoDB pods haisisiri kushanda, uye nekuona kuti PodDisruptionBudget yakagadzirirwa MongoDB. minAvailable: 2, Kubernetes haizokubvumiri kuti udzime pod.
Pasi mutsara: kuitira kuti kufamba (uye chaizvoizvo, kugadzirwa patsva) kwepods kushanda zvakanaka apo boka rinobudiswa, zvakakosha kugadzirisa PodDisruptionBudget.
Horizontal scaling
Ngatikurukurei mumwe mamiriro ezvinhu. Pane application inoshanda seDeployment muKubernetes. Mushandisi traffic anouya kune ayo pods (semuenzaniso, kune matatu acho), uye isu tinoyera imwe chiratidzo mavari (ti, CPU mutoro). Kana mutoro ukawedzera, tinoinyora pane purogiramu uye kuwedzera nhamba yepods kugovera zvikumbiro.
Nhasi muKubernetes izvi hazvidi kuitwa nemaoko: kuwedzera otomatiki / kudzikira kwenhamba yepods inogadziriswa zvichienderana nehunhu hweakayerwa mutoro zviratidzo.
Mibvunzo mikuru pano ndeiyi: chii chaizvo chekuyera ΠΈ kududzira sei akawana kukosha (yekuita sarudzo pakuchinja nhamba yemapodhi). Unogona kuyera zvakawanda:
Maitiro ekuita izvi nehunyanzvi - unganidza metrics, nezvimwe. - Ndakataura zvakadzama mumushumo pamusoro . Uye iro zano guru rekusarudza iyo yakakwana paramita ndeye experiment!
kune (Kushandisa Saturation uye Zvikanganiso), zvinoreva zvinotevera. Pahwaro hupi zvine musoro kuyera, semuenzaniso, php-fpm? Kubva pane chokwadi chekuti vashandi vari kupera, izvi ndizvo mashandisirwo. Uye kana vashandi vapera uye kubatana kutsva kusingagamuchirwe, izvi zvatove kuzadza. Ose maviri aya ma paramita anofanirwa kuyerwa, uye zvichienderana nehunhu, kuyera kunofanirwa kuitwa.
Pane mhedziso
Chirevo chine kuenderera mberi: nezve vertical scaling uye maitiro ekusarudza zviwanikwa zvakakodzera. Ini ndichataura nezvazvo mune ramangwana mavhidhiyo pa - nyoresa kuti usarasikirwe!
Vhidhiyo uye masiraidhi
Vhidhiyo kubva pakuita (44 maminitsi):
Mharidzo yemushumo:
PS
Mimwe mishumo nezve Kubernetes pane yedu blog:
- «» (Andrey Polovov; Kubvumbi 8, 2019 paSaint HighLoad++);
- «» (Dmitry Stolyarov; Mbudzi 8, 2018 paHighLoad++);
- «» (Dmitry Stolyarov; Chivabvu 28, 2018 pa RootConf);
- «» (Dmitry Stolyarov; Mbudzi 7, 2017 paHighLoad++);
- «» (Dmitry Stolyarov; June 6, 2017 pa RootConf).
Source: www.habr.com