Rodha kuenzanisa uye kuyera hukama hwekugara kwenguva refu muKubernetes

Ichi chinyorwa chichakubatsira kuti unzwisise kuti kuyera kuyera kunoshanda sei muKubernetes, chii chinoitika kana uchiyera hukama hwekugara kwenguva refu, uye nei uchifanira kufunga nezvevatengi-parutivi kuenzanisa kana ukashandisa HTTP/2, gRPC, RSockets, AMQP, kana mamwe maprotocol anogara kwenguva refu. . 

Zvishoma nezve nzira iyo traffic inogoverwa zvakare muKubernetes 

Kubernetes inopa maviri ari nyore abstractions ekutumira maapplication: Services uye Deployments.

Deployments inotsanangura kuti uye mangani makopi echikumbiro chako anofanirwa kunge achimhanya chero nguva yakapihwa. Imwe neimwe application inoiswa sePod uye inopihwa IP kero.

Masevhisi akafanana mukushanda kune chiyero chemutoro. Iwo akagadzirirwa kugovera traffic kune akawanda pods.

Ngationei kuti inotaridzika sei.

1. Mune dhayagiramu pazasi iwe unogona kuona matatu matatu echishandiso chimwe chete uye muyero wemutoro:

   

2. Iyo inoremerwa inoyera inonzi Sevhisi uye inopihwa IP kero. Chero chikumbiro chinouya chinotungamirwa kune imwe yemapodhi:

   

3. Mamiriro ekutumirwa anotarisa huwandu hwezviitiko zvekushandisa. Iwe hauzombofa wakafanirwa kuwedzera zvakananga pasi pe:

   

4. Imwe neimwe pod inopihwa yayo IP kero:

   

Zvinobatsira kufunga nezvesevhisi semuunganidzwa wemakero eIP. Pese paunowana sevhisi, imwe kero yeIP inosarudzwa kubva pane iyo rondedzero uye inoshandiswa sekero yekwaunoenda.

Zvinoita seizvi.

1. A curl 10.96.45.152 chikumbiro chinotambirwa kubasa:

   

2. Iyo sevhisi inosarudza imwe yematatu epodhi kero sekwainoenda:

   

3. Traffic inotungamirwa kune chaiyo pod:

   

Kana chikumbiro chako chine yekumberi uye yekumashure, saka iwe uchave uine ese sevhisi uye yekuendesa kune yega yega.

Kana iyo yekumberi ichikumbira kubackend, haifanire kunyatsoziva kuti mangani mapodhi emashure anoshumira: panogona kunge paine imwe, gumi, kana zana.

Zvakare, iyo yekumberi haina chainoziva nezve kero dzepods dzinoshandira backend.

Kana iyo yekumberi ichikumbira kubackend, inoshandisa IP kero yebasa rekumashure, iyo isingachinji.

Izvi ndizvo zvazvinoita.

1. Pasi pe1 inokumbira chikamu chemukati chemashure. Panzvimbo pekusarudza imwe chaiyo yekumashure, inoita chikumbiro kune sevhisi:

   

2. Iyo sevhisi inosarudza imwe yemashure pods sekero yekuenda:

   

3. Traffic inobva kuPod 1 kuenda kuPod 5, yakasarudzwa nesevhisi:

   

4. Pasi pe1 haazive chaizvo kuti mangani mapodhi senge pasi pe5 akavanzwa kuseri kwesevhisi:

   

Asi sei chaizvo sevhisi inogovera zvikumbiro? Zvinoita sekunge kutenderera-robin kuenzanisa kunoshandiswa? Ngatizvionei. 

Kuenzanisa muKubernetes masevhisi

Kubernetes masevhisi haapo. Iko hakuna maitiro esevhisi anopihwa IP kero uye chiteshi.

Iwe unogona kuona izvi nekupinda mune chero node musumbu uye uchimhanyisa iyo netstat -ntlp command.

Iwe hauzokwanise kuwana iyo IP kero yakagoverwa kune iyo sevhisi.

Iyo sevhisi IP kero iri mune yekudzora layer, mune controller, uye yakanyorwa mudhatabhesi - etcd. Kero imwechete inoshandiswa nechimwe chikamu - kube-proxy.
Kube-proxy inogamuchira rondedzero ye IP kero yeese masevhisi uye inogadzira seti yemitemo iptables pane imwe neimwe node musumbu.

Mitemo iyi inoti: "Kana tikaona IP kero yesevhisi, isu tinofanirwa kugadzirisa kero yekuenda yechikumbiro uye kuitumira kune imwe yemapods."

Iyo sevhisi IP kero inoshandiswa chete senge yekupinda uye haishandiswe nechero maitiro ekuteerera iyo IP kero uye chiteshi.

Ngatitarisei izvi. 

1. Chimbofunga sumbu ramapfundo matatu. Node imwe neimwe ine pods:

   

2. Akasungwa mapodhi akapendwa beige chikamu chebasa. Nekuti sevhisi haipo senzira, inoratidzwa negrey:

   

3. Iyo yekutanga pod inokumbira sevhisi uye inofanirwa kuenda kune imwe yakabatana pods:

   

4. Asi sevhisi haipo, maitiro haapo. Chinoshanda sei?

   

5. Chikumbiro chisati chasiya node, inoenda kuburikidza nemitemo yeptables:

   

6. Iyo iptables mitemo inoziva kuti sevhisi haipo uye inotsiva iyo IP kero neimwe yeIP kero dzepods dzine chekuita nebasa iroro:

   

7. Chikumbiro chinogashira kero yeIP inoshanda sekero yekuenda uye inogadziriswa sezvakangoita:

   

8. Zvichienderana netiweki topology, chikumbiro chinozopedzisira chasvika pane pod:

   

Inogona iptables kutakura chiyero?

Kwete, ma iptables anoshandiswa kusefa uye haana kugadzirirwa kuenzanisa.

Zvisinei, zvinokwanisika kunyora seti yemitemo inoshanda se pseudo-balancer.

Uye izvi ndizvo chaizvo zvinoitwa muKubernetes.

Kana iwe uine matatu pods, kube-proxy inonyora inotevera mitemo:

1. Sarudza yekutanga sub ine mukana we33%, kana zvisina kudaro enda kune unotevera mutemo.
2. Sarudza yechipiri ine mukana we50%, kana zvisina kudaro enda kune unotevera mutemo.
3. Sarudza wechitatu pazasi.

Iyi sisitimu inoita kuti podhi yega yega isarudzwe paine mukana we33%.

Uye hapana vimbiso yekuti Pod 2 ichasarudzwa inotevera mushure mePod 1.

taura pfungwa: iptables inoshandisa statistical module ine random distribution. Saka, iyo balancing algorithm yakavakirwa pane zvisina kujairika sarudzo.

Zvino zvawanzwisisa kuti masevhisi anoshanda sei, ngatitarisei mamwe anofadza masevhisi mamiriro.

Kubatana kwekugara kwenguva refu muKubernetes haakure nekukasira

Chikumbiro chega chega cheHTTP kubva kumberi kuenda kubackend inoshumirwa neyakasiyana TCP yekubatanidza, iyo inovhurwa uye yakavharwa.

Kana iyo yekumberi ichitumira zvikumbiro zve100 pasekondi kune yekumashure, ipapo 100 akasiyana TCP kubatana anovhurwa nekuvharwa.

Iwe unogona kuderedza chikumbiro chekugadzirisa nguva uye mutoro nekuvhura imwe TCP yekubatanidza uye kuishandisa kune zvese zvinotevera zvikumbiro zveHTTP.

Iyo HTTP protocol ine chinhu chinodaidzwa kuti HTTP chengeta-ichiri mupenyu, kana yekubatanidza kushandisazve. Muchiitiko ichi, imwe TCP yekubatanidza inoshandiswa kutumira uye kugamuchira akawanda HTTP zvikumbiro nemhinduro:

Ichi chimiro hachigoneswe nekusarudzika: zvese sevha uye mutengi zvinofanirwa kugadzirwa zvinoenderana.

Iyo yekuseta pachayo iri nyore uye inowanikwa kune yakawanda programming mitauro uye nharaunda.

Heano mamwe malink emienzaniso mumitauro yakasiyana:

• Chengeta-uchirarama muNode.js
• Chengetedza-mupenyu muSpring boot
• Ramba uri mupenyu muPython
• Ramba uri mupenyu mu.NET

Chii chinoitika kana tikashandisa kuchengetedza-kurarama muKubernetes sevhisi?
Ngatifungei kuti ese ari maviri emberi uye backend anotsigira chengetedza-mupenyu.

Tine kopi imwe yemberi uye matatu makopi ebackend. Iyo yekumberi inoita chikumbiro chekutanga uye inovhura TCP yekubatanidza kune yekumashure. Chikumbiro chinosvika pasevhisi, imwe yemashure pods inosarudzwa sekero yekuenda. Iyo backend inotumira mhinduro, uye iyo yekumberi inoigamuchira.

Kusiyana neyakajairwa mamiriro apo iyo TCP yekubatanidza yakavharwa mushure mekugamuchira mhinduro, iko zvino yachengetwa yakavhurika kune zvimwe zvikumbiro zveHTTP.

Chii chinoitika kana frontend inotumira zvimwe zvikumbiro kune backend?

Kuendesa mberi zvikumbiro izvi, yakavhurika TCP yekubatanidza ichashandiswa, zvikumbiro zvese zvichaenda kune imwechete backend uko chikumbiro chekutanga chakaenda.

Ko iptables haifanire kugoverazve traffic?

Kwete munyaya iyi.

Kana hukama hweTCP hwagadzirwa, hunoenda kuburikidza nemitemo yeptables, iyo inosarudza imwe backend iyo motokari ichaenda.

Sezvo zvikumbiro zvese zvinotevera zviri pane yakatovhurwa TCP yekubatanidza, iyo iptables mitemo haichadanwa.

Ngationei kuti inotaridzika sei.

1. Iyo yekutanga pod inotumira chikumbiro kune sevhisi:

   

2. Unotoziva zvichazoitika. Iyo sevhisi haipo, asi kune iptables mitemo inozogadzirisa chikumbiro:

   

3. Imwe yemapodhi ekumashure ichasarudzwa sekero yekuenda:

   

4. Chikumbiro chinosvika podhi. Panguva ino, kuenderera mberi kweTCP kubatana pakati pemapodhi maviri kuchamiswa:

   

5. Chero chipi chinotevera chikumbiro kubva kune yekutanga pod chinoenda kuburikidza neyakatosimbiswa yekubatanidza:

   

Mhedzisiro yacho inokurumidza kupindura nguva uye yakakwira throughput, asi unorasikirwa nekugona kuyera backend.

Kunyangwe iwe uine maviri mapodhi kumashure, ane anogara achibatana, traffic inogara ichienda kune imwe yacho.

Izvi zvinogona kugadziriswa here?

Sezvo Kubernetes asingazive nzira yekuenzanisa zvinoramba zvichibatana, basa iri rinowira kwauri.

Masevhisi muunganidzwa wemakero eIP uye zviteshi zvinonzi endpoints.

Chikumbiro chako chinogona kuwana runyoro rwemagumo kubva kushumiro uye kusarudza nzira yekugovera zvikumbiro pakati pavo. Iwe unogona kuvhura inoenderera yekubatanidza kune yega yega pod uye zviyero zvikumbiro pakati peizvi zvinongedzo uchishandisa round-robin.

Kana kuti shandisa zvakawanda yakaoma kuenzanisa algorithms.

Iyo mutengi-padivi kodhi iyo ine basa rekuenzanisa inofanirwa kutevedzera iyi pfungwa:

1. Tora runyoro rwemagumo kubva kusevhisi.
2. Vhura chinongedzo chinoramba chiripo kune yega yega yekupedzisira.
3. Kana chikumbiro chichida kuitwa, shandisa imwe yekubatanidza yakavhurika.
4. Gara uchivandudza rondedzero yemagumo, gadzira matsva kana kuvhara ekare anoramba akabatana kana rondedzero yachinja.

Izvi ndizvo zvazvichaita.

1. Panzvimbo peiyo yekutanga pod kutumira chikumbiro kushumiro, unogona kuenzanisa zvikumbiro padivi remutengi:

   

2. Iwe unofanirwa kunyora kodhi inobvunza kuti ndeapi mapodhi ari chikamu chesevhisi:

   

3. Kana uchinge wawana rondedzero, ichengetedze padivi remutengi uye uishandise kubatanidza kune pods:

   

4. Iwe une mutoro weiyo mutoro balancing algorithm:

   

Zvino mubvunzo unomuka: dambudziko iri rinongoshanda kune HTTP chengetedza-mupenyu?

Client-side load balancing

HTTP haisiyo yega protocol inogona kushandisa inoenderera TCP kubatana.

Kana chikumbiro chako chichishandisa dhatabhesi, saka kubatana kweTCP hakuna kuvhurwa nguva dzese dzaunoda kuita chikumbiro kana kutora gwaro kubva kudhatabhesi. 

Pane kudaro, inoenderera TCP yekubatanidza kune dhatabhesi inovhurwa uye inoshandiswa.

Kana dhatabhesi yako ikaiswa paKubernetes uye kuwana kuchipihwa sevhisi, ipapo iwe uchasangana nematambudziko akafanana anotsanangurwa muchikamu chakapfuura.

Imwe dhatabhesi replica ichave yakaremerwa kupfuura mamwe. Kube-proxy uye Kubernetes hazvizobatsiri kuenzanisa. Iwe unofanirwa kungwarira kuenzanisa mibvunzo kune yako database.

Zvichienderana neraibhurari ipi yaunoshandisa kubatanidza kune dhatabhesi, unogona kunge uine sarudzo dzakasiyana dzekugadzirisa dambudziko iri.

Pazasi pane muenzaniso wekuwana iyo MySQL dhatabhesi cluster kubva kuNode.js:

var mysql = require('mysql');
var poolCluster = mysql.createPoolCluster();

var endpoints = /* retrieve endpoints from the Service */

for (var [index, endpoint] of endpoints) {
  poolCluster.add(`mysql-replica-${index}`, endpoint);
}

// Make queries to the clustered MySQL database

Kune mamwe akawanda maprotocol anoshandisa anoenderera TCP kubatana:

• WebSockets uye yakachengetedzwa WebSockets
• HTTP / 2
• gRPC
• RSockets
• AMQP

Iwe unofanirwa kunge uchitoziva mazhinji emaprotocol aya.

Asi kana aya maprotocol akakurumbira, nei pasina yakamisikidzwa kuenzanisa mhinduro? Sei iyo mutengi logic ichifanira kuchinja? Pane yemuno Kubernetes mhinduro?

Kube-proxy uye iptables akagadzirirwa kuvhara anowanzo shandiswa makesi kana achiendesa kuKubernetes. Izvi ndezvekurerutsira.

Kana iwe uri kushandisa webhu sevhisi inofumura REST API, une rombo rakanaka - mune iyi nyaya, inoenderera TCP yekubatanidza haina kushandiswa, unogona kushandisa chero Kubernetes sevhisi.

Asi kana iwe uchinge watanga kushandisa inoenderera TCP yekubatanidza, iwe uchafanirwa kufunga nzira yekugovera zvakaenzana mutoro kuseri kwemashure. Kubernetes haina mhinduro dzakagadzirirwa dzenyaya iyi.

Zvisinei, pane zvechokwadi zvingasarudzwa zvinogona kubatsira.

Kuenzanisa hukama hwekugara kwenguva refu muKubernetes

Kune marudzi mana emasevhisi muKubernetes:

1. ClusterIP
2. NodePort
3. LoadBalancer
4. Pasina musoro

Iwo matatu ekutanga masevhisi anoshanda zvichibva pane chaiyo IP kero, iyo inoshandiswa ne kube-proxy kuvaka iptables mitemo. Asi hwaro hwaro hwesevhisi yese ibasa risina musoro.

Iyo isina musoro sevhisi haina chero IP kero yakabatana nayo uye inongopa nzira yekudzoreredza rondedzero yeIP kero uye zviteshi zvepods (endpoints) zvine chekuita nazvo.

Masevhisi ese akavakirwa pasevhisi isina musoro.

Iyo ClusterIP sevhisi ibasa risina musoro rine zvimwe zvekuwedzera: 

1. Iyo manejimendi layer inoipa iyo IP kero.
2. Kube-proxy inogadzira iyo inodiwa iptables mitemo.

Nenzira iyi iwe unogona kufuratira kube-proxy uye zvakananga kushandisa runyorwa rwemagumo anowanikwa kubva kune isina musoro sevhisi kurodha chiyero chekushandisa kwako.

Asi isu tingawedzera sei pfungwa dzakafanana kune ese maapplication akaiswa musumbu?

Kana application yako yatoiswa kare, basa iri ringaita serisingagoneki. Zvisinei, pane imwe sarudzo.

Service Mesh ichakubatsira

Iwe unogona kunge watoona kuti iyo mutengi-parutivi mutoro wekuenzanisa nzira yakajairika.

Kana iyo application inotanga, iyo:

1. Inowana rondedzero yeIP kero kubva kusevhisi.
2. Inovhura uye inochengetedza dziva rekubatanidza.
3. Nguva nenguva inovandudza dziva nekuwedzera kana kubvisa magumo.

Kana iyo application ikangoda kuita chikumbiro, iyo:

1. Inosarudza chinongedzo chiripo uchishandisa imwe pfungwa (eg round-robin).
2. Inoita chikumbiro.

Aya matanho anoshanda kune ese ari maviri WebSockets, gRPC, uye AMQP kubatana.

Iwe unogona kupatsanura iyi logic muraibhurari yakaparadzana uye woishandisa mumashandisirwo ako.

Nekudaro, iwe unogona kushandisa sevhisi meshes seIstio kana Linkerd pachinzvimbo.

Service Mesh inowedzera chikumbiro chako nemaitiro ayo:

1. Inotsvaga kero dzeIP zvesevhisi.
2. Inoedza kubatanidza seWebSockets uye gRPC.
3. Bvisa zvikumbiro uchishandisa protocol chaiyo.

Service Mesh inobatsira kubata traffic mukati mesumbu, asi ine zviwanikwa-yakanyanya. Dzimwe sarudzo dziri kushandisa echitatu-bato raibhurari seNetflix Ribbon kana proxies anorongwa seEnvoy.

Chii chinoitika kana iwe ukafuratira nyaya dzekuenzanisa?

Iwe unogona kusarudza kusashandisa kuyera kuyera uye hausati waona chero shanduko. Ngatitarisei mashoma ekushanda mamiriro.

Kana uine vatengi vakawanda kupfuura maseva, iri harisi dambudziko rakakura kudaro.

Ngatitii kune vatengi vashanu vanobatana kune maviri maseva. Kunyangwe pasina kuenzanisa, ese ari maviri maseva achashandiswa:

Zvisungo zvinogona kunge zvisina kugovaniswa zvakaenzana: pamwe vatengi vana vakabatana kune imwechete sevha, asi pane mukana wakanaka wekuti ese ari maviri maseva achashandiswa.

Chinonyanya kunetsa ndechimwe chiitiko chakapesana.

Kana uine vatengi vashoma uye maseva akawanda, zviwanikwa zvako zvinogona kunge zvisingashandiswe uye zvinogona kuita bhodhoro richaonekwa.

Ngatitii kune vatengi vaviri uye maseva mashanu. Muchiitiko chepamusoro, pachava nekubatanidza kuviri kwechigarire kumaseva maviri kubva pamashanu.

Masevha asara achave asina chaanoita:

Kana maseva maviri aya asingakwanise kubata zvikumbiro zvevatengi, kuyera kuyera hakubatsire.

mhedziso

Kubernetes masevhisi akagadzirirwa kushanda mune akawanda akajairwa webhu application mamiriro.

Nekudaro, kana wangotanga kushanda nemaprotocol ekushandisa anoshandisa zvinoramba zvichibatanidza TCP, senge dhatabhesi, gRPC kana WebSockets, masevhisi haachakodzeri. Kubernetes haipe nzira dzemukati dzekuenzanisa kunoramba kuripo TCP kubatana.

Izvi zvinoreva kuti iwe unofanirwa kunyora zvikumbiro uine mutengi-parutivi kuenzanisa mupfungwa.

Kuturikira kwakagadzirwa nechikwata Kubernetes aaS kubva kuMail.ru.

Chii chimwe chekuverenga pamusoro penyaya:

1. Matanho matatu eautoscaling muKubernetes uye maitiro ekuashandisa nemazvo. 
2. Kubernetes mumweya wepiracy ane template yekushandisa.
3. Yedu Telegraph chiteshi nezve shanduko yedhijitari.

Source: www.habr.com