Platform inokubvumira kuti ugadzirise kugadzirwa , kusanganisira mune zvivakwa zvevanopa masevhisi egore, pamapuratifomu ekuonana kana mune isina-simbi masisitimu. Kuti tigadzire yechokwadi gore-yakavakirwa papuratifomu, taifanira kutora kwakasimba kutonga kwezvinhu zvese zvakashandiswa uye nekudaro kuwedzera kuvimbika kweiyo yakaoma automation process.
Mhinduro iri pachena yaive yekushandisa Red Hat Enterprise Linux CoreOS (yakasiyana yeRed Hat Enterprise Linux) uye CRI-O seyakajairwa, uye hechi chikonzero ...
Sezvo musoro wekufamba nechikepe uri wakanaka kwazvo wekutsvaga analogies pakutsanangura basa reKubernetes nemidziyo, ngatiedzei kutaura nezvematambudziko ebhizinesi anogadziriswa neCoreOS neCRI-O, tichishandisa muenzaniso. . Muna 1803, Marc Brunel akapiwa basa rekugadzira 100 zvidhinha zvekubira zvinodiwa nemauto eBritish aikura. Rigging block (rigging block) imhando yemhando yetambo inoshandiswa kubatanidza tambo kumaseiri. Kusvikira pakutanga kwezana ramakore rechi 19, zvidhinha izvi zvakaitwa nemaoko, asi Brunel akakwanisa kugadzira otomatiki uye akatanga kugadzira zvidhinha zvakamisikidzwa vachishandisa maturusi emuchina. Kuita otomatiki kwekuita uku kwaireva kuti mabhuroko aikonzeresa aive akafanana, aigona kutsiviwa nyore kana akatyoka, uye aigona kugadzirwa muhuwandu.
Iye zvino fungidzira kana Brunel aifanira kuita basa iri kune makumi maviri emhando dzengarava dzakasiyana (Kubernetes shanduro) uye kune mapuraneti mashanu akasiyana ane akasiyana zvachose mafungu egungwa nemhepo (cloud providers). Mukuwedzera, zvaidiwa kuti zvikepe zvose (OpenShift clusters), pasinei nemapuraneti ekufambisa kunoitwa, kubva pakuona kwevatungamiri (vashandi vanotarisira kushanda kwemasumbu) vanoita zvakafanana. Kuti uenderere mberi nekuenzanisa kwemugungwa, vatungamiri vezvikepe havana hanya zvachose kuti ndeapi rudzi rwematombo (CRI-O) anoshandiswa pazvikepe zvavo - chinhu chikuru kwavari ndechokuti zvivharo izvi zvakasimba uye zvakavimbika.
OpenShift 4, sepuratifomu yegore, inotarisana nedambudziko rakafanana rebhizinesi. Node itsva dzinofanirwa kugadzirwa panguva yekugadzira masumbu, kana paine kukundikana mune imwe yemanodhi, kana pakuyera sumbu. Kana node itsva yagadzirwa uye yatangwa, zvakakosha mauto zvikamu, kusanganisira CRI-O, zvinofanirwa kugadzirwa zvinoenderana. Sezvimwe mune chero imwe kugadzirwa, "zvakagadzirwa" zvinofanirwa kupihwa pakutanga. Panyaya yezvikepe, zvigadzirwa zvesimbi nematanda. Nekudaro, kana iri nyaya yekugadzira mugadziri wekutumira midziyo muOpenShift 4 cluster, unofanirwa kuve nemafaira ekugadzirisa uye maseva akapihwa neAPI sekuisa. OpenShift inozopa iyo inodiwa nhanho yeotomatiki mukati mehupenyu hwese kutenderera, ichipa inodiwa chigadzirwa rutsigiro kupedzisa vashandisi uye nekudaro kudzoreredza mari mupuratifomu.
OpenShift 4 yakagadzirwa nenzira yekupa kugona kugadzirisa zviri nyore sisitimu mukati mehupenyu hwese kutenderera kwepuratifomu (yeshanduro 4.X) kune ese makuru makuru emakomputa vanopa, mapuratifomu ekuona uye kunyange isina masimbi masisitimu. Kuti uite izvi, node dzinofanirwa kugadzirwa pahwaro hwezvinhu zvinochinjika. Kana cluster ichida vhezheni nyowani yeKubernetes, inogamuchirawo inoenderana vhezheni yeCRI-O paCoreOS. Sezvo iyo CRI-O vhezheni yakasungirirwa zvakananga kuKubernetes, izvi zvinorerutsa zvakanyanya chero mvumo yekuyedza, kugadzirisa matambudziko, kana kutsigira zvinangwa. Mukuwedzera, nzira iyi inoderedza mari yevashandisi vekupedzisira uye Red Hat.
Iyi inzira nyowani yekufunga nezveKubernetes masumbu uye inoisa hwaro hwekuronga zvimwe zvinobatsira uye zvinomanikidza zvinhu zvitsva. CRI-O (Container Runtime Interface - Vhura Container Initiative, yakapfupikiswa CRI-OCI) yakave sarudzo yakabudirira kwazvo pakugadzirwa kwemanodhi anodiwa kushanda neOpenShift. CRI-O ichatsiva yaimboshandiswa Docker injini, ichipa OpenShift vashandisi - hongu, wakanzwa zvakanaka - injini inofinha yemidziyo yakagadzirwa yakanangana nekushanda naKubernetes.
Nyika yemidziyo yakavhurika
Nyika yanga ichienda kumidziyo yakavhurika kwenguva yakareba. Kunyangwe muKubernetes, kana pamazinga akaderera, inoguma neiyo ecosystem yeinnovation pamatanho ese.
Zvese zvakatanga nekugadzirwa kweOpen Containers Initiative . Panguva iyi yekutanga yebasa, zvirevo zvemidziyo zvakaumbwa ΠΈ . Izvi zvakaita kuti maturusi akwanise kushandisa chiyero chimwe chete uye chimiro chakabatana chekushanda navo. Zvinotaurwa zvakazowedzerwa , zvichibvumira vashandisi kugovana zviri nyore .
Nharaunda yeKubernetes yakabva yagadzira imwe chiyero che pluggable interface, inonzi . Nekuda kweizvi, vashandisi veKubernetes vakakwanisa kubatanidza injini dzakasiyana kushanda nemidziyo kuwedzera kuDocker.
Mainjiniya kuRed Hat neGoogle vakaona kudiwa kwemusika kweinjini yemidziyo inogona kugamuchira zvikumbiro zveKubelet pamusoro peiyo CRI protocol uye yakaunza midziyo yaienderana neiyo OCI yakataurwa pamusoro. Saka . Asi ndiregerereiwo, hatina kutaura here kuti chinyorwa ichi chichakumikidzwa kuCRI-O? Chaizvoizvo ndizvo, chete nekusunungurwa chirongwa ichi chakanzi CRI-O.
Mufananidzo: gumi neshanu.
Innovation neCRI-O uye CoreOS
Nekutangwa kweiyo OpenShift 4 papuratifomu, yakashandurwa , yakashandiswa nekusarudzika papuratifomu, uye Docker yakatsiviwa neCRI-O, ichipa inodhura-inoshanda, yakagadzikana, yakapusa uye inofinha nharaunda yekumhanyisa mudziyo unokura uchienderana neKubernetes. Izvi zvinorerutsa zvikuru rutsigiro rwemasumbu uye kumisikidzwa. Kugadziriswa kweinjini yemidziyo uye muenzi, pamwe nehutungamiriri hwavo, inova otomatiki mukati meOpenShift 4.
Mira, zviri sei izvi?
Ndizvozvo, nekuuya kweOpenShift 4, hapasisina chikonzero chekubatanidza kune mumwe munhu anotambira uye nekuisa injini yemidziyo, gadzirisa kuchengetedza, gadzira maseva ekutsvaga kana kugadzirisa network. Iyo OpenShift 4 chikuva yakagadziridzwa zvachose kuti ishandise iyo kwete chete maererano nemashandisirwo ekupedzisira-mushandisi, asi zvakare maererano neakakosha epuratifomu-chikamu mashandiro akadai sekuendesa mifananidzo, kugadzirisa sisitimu, kana kuisa zvigadziriso.
Kubernetes yagara ichibvumira vashandisi kutonga maapplication nekutsanangura yaidiwa nyika uye kushandisa , kuve nechokwadi chekuti nyika chaiyo inoenderana nenzvimbo yakatariswa zvakanyanya sezvinobvira. Izvi inovhura mikana mikuru kubva kune zvese kusimudzira uye maitiro ekuona. Vagadziri vanogona kutsanangura nyika inodiwa ne kumushandisi ari muchimiro cheYAML kana JSON faira, uye ipapo mushandisi anogona kugadzira inodiwa application muenzaniso munzvimbo yekugadzira, uye mamiriro ekushanda echiitiko ichi anowirirana zvizere neakatsanangurwa.
Nekushandisa Operators papuratifomu, OpenShift 4 inounza iyi paradigm nyowani (ichishandisa pfungwa yekuseta uye chaiyo mamiriro) kune manejimendi eRHEL CoreOS uye CRI-O. Iwo mabasa ekugadzirisa uye kugadzirisa shanduro dzeiyo inoshanda sisitimu uye enjini yemidziyo inogadzirwa otomatiki uchishandisa iyo inonzi . MCO inorerutsa zvakanyanya basa re cluster administrator, ichinyanya kuita otomatiki nhanho dzekupedzisira dzekuisa, pamwe neanotevera-yekumisikidza mashandiro (zuva repiri kushanda). Zvese izvi zvinoita kuti OpenShift 4 ive yechokwadi gore chikuva. Tichapinda mune izvi zvishoma gare gare.
Kumhanya midziyo
Vashandisi vakawana mukana wekushandisa injini yeCRI-O mupuratifomu yeOpenShift kubvira vhezheni 3.7 muTech Preview mamiriro uye kubva muvhezheni 3.9 muChimiro Chinongowanikwa (ichiri kutsigirwa). Mukuwedzera, Red Hat inoshandisa zvakanyanya muOpenShift Online kubvira vhezheni 3.10. Zvese izvi zvakabvumira timu inoshanda paCRI-O kuwana ruzivo rwakakura mukutakura midziyo yakawanda pamasumbu makuru eKubernetes. Kuti uwane nzwisiso yekutanga yekuti Kubernetes anoshandisa sei CRI-O, ngatitarisei pamufananidzo unotevera, unoratidza mashandiro anoita chivakwa.
Mupunga. 2. Mashandiro anoita midziyo muKubernetes cluster
CRI-O inorerutsa kusikwa kwevagadziri vemidziyo mitsva nekubatanidza iyo yese yepamusoro nhanho paunotanga node nyowani, uye kana uchiburitsa shanduro nyowani dzeOpenShift chikuva. Kudzokororwa kwepuratifomu yese inobvumira kushandurana / kudzoreredza, uye zvakare inodzivirira yakafa muhutsamira pakati pemudziyo muswe wemukati, injini yemidziyo, node (Kubelets) uye Kubernetes Master node. Nepakati pekutonga zvikamu zvese zvepuratifomu, nekutonga uye kushandura, panogara paine nzira yakajeka kubva kudunhu A kuenda kudunhu B. Izvi zvinorerutsa maitiro ekuvandudza, anovandudza chengetedzo, anonatsiridza mashandiro ekuita, uye zvinobatsira kuderedza mutengo wekuvandudza uye kuiswa kweshanduro itsva. .
Kuratidza simba rekutsiva zvinhu
Sezvambotaurwa, kushandisa Machine Config Operator kubata mudziyo wemidziyo uye injini yemidziyo muOpenShift 4 inopa nhanho nyowani yeotomatiki yaisambogoneka papuratifomu yeKubernetes. Kuratidza zvinhu zvitsva, ticharatidza maitiro aungaite kuchinja kufaira recrio.conf. Kuti udzivise kuvhiringika nemashoko, edza kutarisa pane zvabuda.
Kutanga, ngatigadzire iyo inonzi mudziyo wekumhanyisa nguva yekumisikidza - Container Runtime Config. Funga nezvayo seKubernetes sosi inomiririra kurongeka kweCRI-O. Muchokwadi, ishanduro yakasarudzika yechinhu chinodaidzwa kuti MachineConfig, inova chero gadziriso inoiswa kumuchina weRHEL CoreOS sechikamu cheOpenShift cluster.
Ichi chitubu chetsika, chinodaidzwa kuti ContainerRuntimeConfig, chakagadzirwa kuti zvive nyore kune vatariri vemapoka kugadzirisa CRI-O. Ichi chishandiso chine simba zvakakwana zvekuti chinogona kungoiswa kune mamwe ma node zvinoenderana neMachineConfigPool marongero. Funga nezvayo seboka remichina inoshanda chinangwa chimwe chete.
Ziva mitsara miviri yekupedzisira yatichachinja mu /etc/crio/crio.conf faira. Iyi mitsetse miviri yakafanana nemitsara iri mucrio.conf faira, ndeiyi:
vi ContainerRuntimeConfig.yaml
Mhedziso:
apiVersion: machineconfiguration.openshift.io/v1
kind: ContainerRuntimeConfig
metadata:
name: set-log-and-pid
spec:
machineConfigPoolSelector:
matchLabels:
debug-crio: config-log-and-pid
containerRuntimeConfig:
pidsLimit: 2048
logLevel: debug
Zvino ngatisundirei iyi faira kuKubernetes cluster uye tarisa kuti yakanyatsogadzirwa. Ndokumbira utarise kuti iko kushanda kwakafanana nechero imwe Kubernetes sosi:
oc create -f ContainerRuntimeConfig.yaml
oc get ContainerRuntimeConfig
Mhedziso:
NAME AGE
set-log-and-pid 22h
Kana tangogadzira iyo ContainerRuntimeConfig, isu tinofanirwa kugadzirisa imwe yeMachineConfigPools kusaina kuKubernetes kuti isu tinoda kuisa iyi gadziriso kune rimwe boka remichina musumbu. Mune ino kesi isu tichachinja iyo MachineConfigPool kune master node:
oc edit MachineConfigPool/master
Mhedziso (kujekesa, chinhu chikuru chasara):
...
metadata:
creationTimestamp: 2019-04-10T23:42:28Z
generation: 1
labels:
debug-crio: config-log-and-pid
operator.machineconfiguration.openshift.io/required-for-upgrade: ""
...
Panguva ino, MCO inotanga kugadzira iyo itsva crio.conf faira yesumbu. Mune ino kesi, iyo yakapedzwa zvachose yekumisikidza faira inogona kutariswa uchishandisa Kubernetes API. Rangarira, ContainerRuntimeConfig ingori vhezheni yakasarudzika yeMachineConfig, saka tinogona kuona mhedzisiro nekutarisa mitsara yakakodzera muMachineConfigs:
oc get MachineConfigs | grep rendered
Mhedziso:
rendered-master-c923f24f01a0e38c77a05acfd631910b 4.0.22-201904011459-dirty 2.2.0 16h
rendered-master-f722b027a98ac5b8e0b41d71e992f626 4.0.22-201904011459-dirty 2.2.0 4m
rendered-worker-9777325797fe7e74c3f2dd11d359bc62 4.0.22-201904011459-dirty 2.2.0 16h
Ndokumbira utarise kuti iyo faira yekumisikidza faira yema master node yaive vhezheni nyowani pane yekutanga magadzirirwo. Kuti uione, shandisa murairo unotevera. Mukufamba, tinoona kuti iyi ingangove imwe yeakanakisa-liner munhoroondo yeKubernetes:
python3 -c "import sys, urllib.parse; print(urllib.parse.unquote(sys.argv[1]))" $(oc get MachineConfig/rendered-master-f722b027a98ac5b8e0b41d71e992f626 -o YAML | grep -B4 crio.conf | grep source | tail -n 1 | cut -d, -f2) | grep pid
Mhedziso:
pids_limit = 2048
Zvino ngative nechokwadi chekuti dhizaini yaiswa kune ese master node. Kutanga tinowana rondedzero yemanodhi musumbu:
oc get node | grep master
Output:
ip-10-0-135-153.us-east-2.compute.internal Ready master 23h v1.12.4+509916ce1
ip-10-0-154-0.us-east-2.compute.internal Ready master 23h v1.12.4+509916ce1
ip-10-0-166-79.us-east-2.compute.internal Ready master 23h v1.12.4+509916ce1
Zvino ngatitarisei faira yakaiswa. Iwe uchaona kuti iyo faira yakagadziridzwa nehutsva hutsva hwepid uye debug mirairo yatakatsanangura muContainerRuntimeConfig resource. Elegance pachayo:
oc debug node/ip-10-0-135-153.us-east-2.compute.internal β cat /host/etc/crio/crio.conf | egrep 'debug||pidβ
Mhedziso:
...
pids_limit = 2048
...
log_level = "debug"
...
Idzi shanduko dzese kusumbu dzakaitwa pasina kana kumhanya SSH. Basa rose rakaitwa nekuwana Kuberentes master node. Kureva, aya maparamita matsva akagadziriswa chete pane master node. Nzvimbo dzevashandi hadzina kuchinja, izvo zvinoratidza mabhenefiti eiyo Kubernetes nzira yekushandisa yakatsanangurwa uye chaiyo nyika zvine chekuita nemidziyo inotakura uye injini dzemidziyo ine zvinhu zvinochinjika.
Muenzaniso uri pamusoro unoratidza kugona kuita shanduko kune diki OpenShift Container Platform 4 cluster ine matatu ekugadzira node kana hombe yekugadzira cluster ine 3000 node. Chero zvazvingava, huwandu hwebasa huchange hwakafanana - uye hudiki kwazvo - ingo gadzirisa iyo ContainerRuntimeConfig faira, uye shandura imwe zita muMachineConfigPool. Uye iwe unogona kuita izvi nechero vhezheni yeOpenShift Container Platform 4.X inomhanya Kubernetes mukati mehupenyu hwayo hwose.
Kazhinji makambani etekinoroji anoshanduka nekukurumidza zvekuti hatikwanise kutsanangura kuti sei tichisarudza matekinoroji ezvikamu zviri pasi. Injini dzemuContainer zvakagara chiri chikamu icho vashandisi vanodyidzana nacho zvakananga. Sezvo kufarirwa kwemidziyo kwakangotanga nekuuya kweinjini dzemidziyo, vashandisi vanowanzoratidza kufarira mazviri. Ichi ndicho chimwe chikonzero nei Red Hat yakasarudza CRI-O. Makoni ari kusimukira aine tarisiro iko zvino pane orchestration, uye takaona kuti CRI-O inopa yakanakisa chiitiko kana uchishanda neOpenShift 4.
Source: www.habr.com