"Njodzi izita rangu repakati," Austin Powers, murume wepasi rese asinganzwisisike, aigara achitaura. Asi izvo zvinokosheswa nevamiriri vepamusoro uye masevhisi ehungwaru hazvina kukodzera masevhisi emakombuta, uko kufinha kuri nani pane njodzi.
Uye Istio, pamwe neOpenShift uye Kubernetes, inoita kuti kuendesa mamicroservices kufinha uye kufembera - uye ndizvo zvakanaka. Tichataura nezve izvi uye nezvimwe zvakawanda mune yechina uye yekupedzisira positi muIstio nhevedzano.
Kana kufinhwa kuri right
Kwatiri, kufinhwa kunoitika chete muchikamu chekupedzisira, kana chasara kugara uye kuona maitiro. Asi nekuda kweizvi iwe unofanirwa kugadzirisa zvese kutanga, uye zvakawanda zvinonakidza zvinhu zvakakumirira iwe pano.
Paunenge uchitumira imwe vhezheni yesoftware yako, zvakafanira kufunga nezvese sarudzo dzekudzikisa njodzi. Kumhanya kwakafanana inzira ine simba uye inopupurirwa yekuyedza, uye Istio inobvumidza iwe kushandisa "yakavanzika sevhisi" (yakavanzika vhezheni ye microservice yako) kuita izvi pasina kukanganisa hurongwa hwekugadzira. Iko kune kana izwi rakakosha reiyi - "Rima Launch", iro rinobva raitwa nekuita rine zita rakaenzana revasori "traffic mirroring".
Ndokumbira utarise kuti mutsara wekutanga wendima yapfuura unoshandisa izwi rekuti "deploy" pane "kusunungura". Iwe unofanirwa kunyatsokwanisa kuendesa-uye, zvechokwadi, shandisa-microservice yako kakawanda sezvaunoda. Iyi sevhisi inofanirwa kukwanisa kugamuchira uye kugadzirisa traffic, kuburitsa mibairo, uye zvakare kunyora kumatanda uye kutarisa. Asi panguva imwecheteyo, sevhisi iyi pachayo haidi hazvo kuburitswa mukugadzira. Kutumira uye kuburitsa software haisi nguva dzose chinhu chimwe chete. Unogona kuendesa chero paunoda, asi sunungura chete kana wagadzirira.
Kuronga kufinhwa kunonakidza
Tarisa uone unotevera Istio routing mutemo, uyo unofambisa zvese zvikumbiro zveHTTP kune microservice kurudziro v1 (mienzaniso yese yakatorwa kubva ), panguva imwe chete vachivaratidzira kune kurudziro v2 microservice:
Nyatsoteerera kune chinyorwa mirror: pazasi pechidzitiro - ichi ndicho chinoseta traffic mirroring. Hongu, zviri nyore!
Mhedzisiro yemutemo uyu ichave yekuti dhizaini yako yekugadzira (v1) icharamba ichiita zvikumbiro zvinouya, asi zvikumbiro pachazvo zvichange zvichiratidzwa asynchronously kuv2, ndiko kuti, zvadzo zvakapetwa zvichaenda ikoko. Nenzira iyi, unogona kuedza v2 mumamiriro ezvinhu chaiwo - pane chaiyo data uye traffic - pasina kupindira mune chero nzira nekushanda kwegadziriro yekugadzira. Izvi zvinoita kuti kuronga kuyedzwa kuve kunofinha here? Hongu, zvechokwadi. Asi zvinoitwa nenzira inofadza.
Ngatiwedzerei drama
Ndokumbira utarise kuti mune v2 kodhi inofanirwa kupa mamiriro ezvinhu apo zvinouya zvikumbiro zvinogona kutungamira kune shanduko yedata. Izvo zvikumbiro pachazvo zvinoratidzwa zviri nyore uye zvakajeka, asi sarudzo yekugadzirisa nzira muyedzo iri kwauri - uye izvi zvinotinetsa.
Ngatidzokorore pfungwa yakakosha
Kuvhurwa kwakavanzika netraffic mirroring (Rima Launch / Kukumbira Mirroring) inogona kuitwa pasina kukanganisa kodhi chero nzira.
Zvokudya zvekufunga
Zvakadini kana nzvimbo inotariswa zvikumbiro ichitumira zvimwe zvacho kuv1, asi kuv2? Semuenzaniso, chikamu chimwe muzana chezvikumbiro zvese kana kungokumbira kubva kune rimwe boka revashandisi. Uye zvino, uchitotarisa kuti v2 inoshanda sei, zvishoma nezvishoma fambisa zvikumbiro zvese kune iyo nyowani vhezheni. Kana zvinopesana, dzosera zvese kuv1 kana chimwe chinhu chikatadza nev2. Ndinofunga inonzi Canary Deployment. , uye kudai yaiva yemavambo echiRussia, zvimwe yaizova nenongedzero kuna ), uye zvino tichatarisa izvi zvakadzama.
Canary Deployment muIstio: kurerutsa kutumwa
Nokuchenjera uye zvishoma nezvishoma
Iwo musimboti weCanary Deployment deployment modhi iri nyore kwazvo: paunotangisa vhezheni itsva yesoftware yako (tiri isu, microservice), unotanga wapa mukana kune iyo boka diki revashandisi. Kana zvese zvikafamba zvakanaka, unowedzera zvishoma nezvishoma boka iri kusvika iyo vhezheni itsva yatanga kuita, kana - kana ikasadaro - pakupedzisira unotamisa vese vashandisi kwairi. Nekufunga uye zvishoma nezvishoma kuunza vhezheni itsva uye kushandura vashandisi kwairi nenzira inodzorwa, unogona kuderedza njodzi uye kuwedzera mhinduro.
Ehe, Istio inorerutsa Canary Deployment nekupa akati wandei sarudzo dzakanaka dzehungwaru yekukumbira nzira. Uye hongu, zvese izvi zvinogona kuitwa pasina kubata yako sosi kodhi neimwe nzira.
Kusefa bhurawuza
Imwe yeakareruka nzira yekufambisa ndeye browser-based redirection. Ngatiti iwe unoda chete zvikumbiro kubva kuSafari browser kuenda kuv2. Heino maitiro azvinoitwa:
Ngatishandise iyi routing mutemo tobva tashandisa murairo curl Isu tinotevedzera zvikumbiro chaizvo kune iyo microservice mune loop. Sezvauri kuona mune iyo skrini, vese vanoenda kune v1:
Ko traffic pav2 iripi? Sezvo mumuenzaniso wedu zvese zvikumbiro zvakauya kubva kune yedu yekuraira mutsara, haipo. Asi teerera kune iyo yepasi mitsetse pahwindo iri pamusoro: iyi imhinduro kune chokwadi chekuti isu takaita chikumbiro kubva kuSafari browser, iyo yakazoburitsa izvi:
Unlimited simba
Isu takatonyora kuti mataurirwo enguva dzose anopa masimba ane simba kwazvo ekukumbira nzira. Tarisa pamuenzaniso unotevera (tinofunga kuti uchanzwisisa zvazvinoita):
Parizvino iwe unogona kunge uine zano rezvinogona kuitwa nemazwi enguva dzose.
Act Smart
Smart routing, kunyanya kugadzirisa misoro yepakiti uchishandisa matauriro akajairika, anobvumidza iwe kutungamira traffic nenzira yaunoda. Uye izvi zvinorerutsa kwazvo kuita kwekodhi nyowani - iri nyore, haidi kuchinja kodhi pachayo, uye kana zvichidikanwa, zvese zvinogona kukurumidza kudzoserwa sezvazvaive.
Kufarira?
Iwe une shungu yekuyedza Istio, Kubernetes uye OpenShift pakombuta yako? Team yakagadzirwa zvakanaka pamusoro penyaya iyi uye akaita kuti mafaera ese anoenderana nawo awanikwe pachena. Saka enda mberi uye usazviramba chero chinhu.
β
Istio Egress: buda kuburikidza nechitoro chekuyeuchidza
Nekushandisa Istio pamwe neRed Hat OpenShift uye Kubernetes, unogona kuita kuti hupenyu hwako nemamicroservices huve nyore. Istio's service mesh yakavanzwa mukati meKubernetes pods, uye kodhi yako inomhanya (kazhinji) iri yega. Kuita, nyore kuchinja, kutsvaga, nezvimwewo - zvese izvi zviri nyore kushandisa nekuda kwekushandiswa kwemidziyo yepadivi. Asi ko kana microservice yako ichida kutaurirana nemamwe masevhisi ari kunze kweiyo OpenShift-Kubernetes system?
Apa ndipo panouya Istio Egress kuzonunura. Muchidimbu, zvinongobvumidza iwe kuti uwane zviwanikwa (verenga: "masevhisi") izvo zvisiri chikamu chako cheKubernetes pods. Kana iwe usingaite mamwe magadzirirwo, ipapo muIstio Egress nharaunda traffic inofambiswa chete mukati meboka remapodhi uye pakati pemasumbu akadaro zvichienderana nemukati IP matafura. Uye pupation yakadaro inoshanda zvikuru chero iwe usingade kuwana masevhisi kubva kunze.
Egress inokutendera kuti upfuure ari pamusoro IP matafura, angave akavakirwa pamirau yeEgress kana pane akasiyana eIP kero.
Ngatiti isu tine chirongwa cheJava chinoita chikumbiro cheGET ku httpbin.org/headers.
(httpbin.org ingori sosi iri nyore yekuyedza zvikumbiro zvesevhisi zvinobuda.)
Kana iwe ukapinda pamutsetse wekuraira curl http://httpbin.org/headers, tichaona zvinotevera:
Kana kuti unogona kuvhura kero imwechete mubrowser:
Sezvauri kuona, sevhisi iri ipapo inongodzosera misoro yakapfuudzwa kwairi.
Isu tiri kutsiva kunze kwenyika takanangana
Iye zvino ngatitore kodhi yeJava yebasa iri, kunze kwehurongwa hwedu, uye tiishandise pachedu, apo, yeuka, Istio yakaiswa. (Unogona kuita izvi iwe pachako nekubata .) Tavaka mufananidzo wakakodzera uye takautanga papuratifomu yeOpenShift, tichadaidza iyi sevhisi nemurairo curl egresshttpbin-istioegress.$(minishift ip).nip.io, mushure mezvo tichaona izvi pachiratidziro:
Oops, chii chaitika? Zvese zvakangoshanda. Ko Not Found zvinorevei? Takangomuitira curl.
Kuwedzera IP matafura kuInternet yese
Istio inofanira kupomerwa (kana kutenda) nokuda kweizvi. Mushure mezvose, Istio ingori midziyo yepadivi ine basa rekuona uye nzira (uye zvimwe zvakawanda zvimwe zvinhu zvatakambotaura nezvazvo). Nechikonzero ichi, IP matafura anongoziva zviri mukati mecluster system yako. Uye httpbin.org iri kunze uye saka haisvikike. Uye apa ndipo panouya Istio Egress kuzonunura - pasina kana shanduko kune yako sosi kodhi.
Mutemo weEgress pazasi unomanikidza Istio kutsvaga (kana zvichidikanwa, ipapo muInternet yese) yebasa rinodiwa, mune iyi nyaya, httpbin.org. Sezvauri kuona kubva pane iyi faira (egress_httpbin.yml), kushanda kuri pano kuri nyore:
Chasara kushandisa mutemo uyu:
istioctl create -f egress_httpbin.yml -n istioegress
Iwe unogona kuona Egress mitemo nemirairo istioctl get egressrules:
Uye pakupedzisira, tinomhanya murairo zvakare curl they - uye tinoona kuti zvese zvinoshanda:
Tinofunga pachena
Sezvauri kuona, Istio inobvumidza iwe kuronga kudyidzana nenyika yekunze. Mune mamwe mazwi, iwe unogona kugadzira OpenShift masevhisi uye woatonga kuburikidza neKubernetes, uchichengeta zvese mumapods anokwira nekudzika sezvinodiwa. Uye panguva imwecheteyo, iwe unogona kuwana zvakachengeteka masevhisi ekunze kune yako nharaunda. Uye hongu, tinodzokorora zvakare kuti izvi zvese zvinogona kuitwa pasina kubata kodhi yako chero nzira.
Iyi yaive yekupedzisira positi munhevedzano paIstio. Ramba wakatarisa - kune zvakawanda zvinonakidza zvinhu pamberi!
Source: www.habr.com