Chiitiko chedu mukugadzira mutyairi weCSI muKubernetes yeYandex.Cloud

Isu tinofara kuzivisa kuti Flant iri kuwedzera mupiro wayo kune Open Source maturusi eKubernetes nekuburitsa alpha vhezheni yemutyairi weCSI (Container Storage Interface) yeYandex.Cloud.

Asi tisati taenderera kune ruzivo rwekuita, ngatipindure mubvunzo kuti sei izvi zvichidikanwa zvachose kana Yandex yatova nebasa. Managed Service yeKubernetes.

Nhanganyaya

Sei izvi?

Mukati mekambani yedu, kubva pakutanga kwekushandisa Kubernetes mukugadzira (kureva kwemakore akati wandei ikozvino), tanga tichigadzira yedu chishandiso (deckhouse), iyo, nenzira, isu tinorongawo kuti munguva pfupi iwanikwe seOpen Source chirongwa. . Nerubatsiro rwayo, isu tinogadzirisa zvakafanana uye nekugadzirisa masumbu edu ese, uye parizvino atova anopfuura zana awo, pane akasiyana siyana ekugadzirisa hardware uye mune ese anowanikwa makore masevhisi.

Masumbu anoshandisa deckhouse ane zvese zvinodikanwa pakushanda: mabharanzi, kutarisa nemachati ari nyore, metrics uye zviziviso, kuvimbiswa kwemushandisi kuburikidza nevanopa vekunze kuti vawane kune ese madhibhodhi, zvichingodaro. Iko hakuna chikonzero chekuisa yakadaro "pumped up" cluster mune inogadziriswa mhinduro, sezvo izvi kazhinji zvingave zvisingagoneki kana kuti zvinotungamirira kune kudiwa kwekudzima hafu yezvikamu.

NB: Ichi ndicho chiitiko chedu, uye chakanyatsojeka. Isu hatisi nzira yekukurudzira kuti munhu wese atumire Kubernetes masumbu ega pane kushandisa akagadzirira-akagadzirwa mhinduro. Nenzira, isu hatina ruzivo rwechokwadi mukushanda Kubernetes kubva kuYandex uye hatisi kuzopa chero kuongororwa kwebasa iri munyaya ino.

Chii uye nokuda kwaani?

Saka, takatotaura nezve nzira yemazuva ano yekuchengetedza muKubernetes: CSI inoshanda sei? и nzanga yakauya sei kunzira iyi.

Parizvino, vazhinji vakakura sevhisi sevhisi yegore vakagadzira vatyairi vekushandisa kwavo makore disks sePersistent Vhoriyamu muKubernetes. Kana mutengesi asina mutyairi akadaro, asi mabasa ese anodiwa anopiwa kuburikidza neAPI, saka hapana chinokutadzisa kuita mutyairi iwe pachako. Izvi ndizvo zvakaitika neYandex.Cloud.

Takatora sehwaro hwebudiriro CSI mutyairi weDigitalOcean gore uye mazano maviri kubva vatyairi veGCP, sezvo kushamwaridzana ne API yemakore aya (Google neYandex) ine huwandu hwakafanana. Kunyanya, iyo API uye GCP,uye y Yandex dzorera chinhu Operation kutarisa mamiriro ekushanda kwenguva refu (somuenzaniso, kugadzira disk itsva). Kudyidzana neYandex.Cloud API, shandisa Yandex.Cloud Go SDK.

Mugumisiro webasa rakaitwa yakabudiswa paGitHub uye inogona kubatsira kune avo, nekuda kwechimwe chikonzero, vanoshandisa yavo Kubernetes yekumisikidza paYandex.Cloud virtual machines (asi kwete yakagadzirira-yakagadzirwa yakagadziriswa cluster) uye vanoda kushandisa (kurongeka) disks kuburikidza neCSI.

Kutevedzera

Zvinhu zvakakosha

Parizvino mutyairi anotsigira zvinotevera mabasa:

• Kuraira madhisiki munzvimbo dzese dzesumbu zvinoenderana netopology yemanodhi musumbu;
• Kubvisa madhisiki akatemerwa kare;
• Offline resize yemadhisiki (Yandex.Cloud musatsigira kuwedzera ma disks akaiswa kumuchina chaiwo). Kuti uwane ruzivo rwekuti mutyairi aifanira kugadziridzwa sei kuita kuti saizi isingarwadze sezvinobvira, ona pazasi.

Mune ramangwana, isu tinoronga kushandisa rutsigiro rwekugadzira uye kudzima disk snapshots.

Dambudziko guru uye kuti ungarikunda sei

Kushaikwa kwekukwanisa kuwedzera madhisiki munguva chaiyo muYandex.Cloud API iganhuriro iyo inoomesesa resize mashandiro ePV (Persistent Volume): mune iyi kesi, zvinodikanwa kuti iyo application pod inoshandisa dhisiki imire, uye izvi zvinogona kukonzera downtime applications.

Maererano ne CSI tsanangudzo, kana mutongi weCSI akashuma kuti anogona kugadzirisa madhisiki chete "isina online" (VolumeExpansion.OFFLINE), ipapo maitiro ekuwedzera diski anofanira kuenda seizvi:

Kana iyo plugin ine chete VolumeExpansion.OFFLINE Kuwedzera kugona uye vhoriyamu parizvino yakaburitswa kana kuwanikwa pane node ipapo ControllerExpandVolume INOFANIRA kudaidzwa CHETE mushure mezvose:

• Iyo plugin ine controller PUBLISH_UNPUBLISH_VOLUME kugona uye ControllerUnpublishVolume yadaidzwa zvinobudirira.

KANA KUTI

• Plugin haina controller PUBLISH_UNPUBLISH_VOLUME kugona, iyo plugin ine node STAGE_UNSTAGE_VOLUME kugona, uye NodeUnstageVolume yapedzwa zvinobudirira.

KANA KUTI

• Plugin haina controller PUBLISH_UNPUBLISH_VOLUME kugona, kana node STAGE_UNSTAGE_VOLUME kugona, uye NodeUnpublishVolume apedza zvinobudirira.

Izvi zvinoreva kuti unofanirwa kubvisa dhisiki kubva kumushini chaiwo usati wawedzera.

Zvisinei, zvinosuruvarisa kuita Iyo CSI yakatarwa kuburikidza nemasidecars haizadzise izvi zvinodiwa:

• Mumudziyo wemotokari yepadivi csi-attacher, iyo inofanirwa kuve nemhosva yekuvepo kweiyo gap inodiwa pakati pema mounts, basa iri harina kungoitwa mukusarudzika resize. Nhaurirano pamusoro paikoku yakatangwa pano.
• Chii chaizvo chinonzi sidecar mudziyo mune ino mamiriro? Iyo CSI plugin pachayo haidyidzane neKubernetes API, asi inongopindura kune gRPC mafoni anotumirwa kwairi nemidziyo yepadivi. Latest zviri kuvandudzwa neKubernetes community.

Kwatiri (CSI plugin), kushanda kwekuwedzera dhisiki kunoratidzika seizvi:

1. Tinogashira runhare rwe gRPC ControllerExpandVolume;
2. Tiri kuedza kuwedzera dhisiki muAPI, asi tinogamuchira kukanganisa pamusoro pekusaita kwekuita basa nokuti dhisiki yakasimudzwa;
3. Isu tinochengeta dhisiki identifier mumepu, iyo ine madhisiki ayo ekuwedzera oparesheni inoda kuitwa. Pazasi, kupfupika, tichadaidza mepu iyi se volumeResizeRequired;
4. Bvisa nemaoko podhi iri kushandisa dhisiki. Kubernetes achaitangazve. Saka kuti dhisiki haina nguva yekukwira (ControllerPublishVolume) tisati tapedza kushanda kwekuwedzera paunenge uchiedza kukwira, tinotarisa kuti disk yakapiwa ichiri mukati volumeResizeRequired uye kudzorera kukanganisa;
5. Mutyairi weCSI anoedza kuitazve mashandiro eresize. Kana kushanda kwakabudirira, zvino bvisa disk kubva volumeResizeRequired;
6. Nokuti Disk ID haipo kubva volumeResizeRequired, ControllerPublishVolume inopfuura zvinobudirira, dhisiki yakasimudzwa, iyo pod inotanga.

Zvese zvinotaridzika zvakapfava zvakakwana, asi senguva dzose pane misungo. Inowedzera disks kunze-resizer, iyo kana paine kukanganisa panguva yekushanda inoshandisa mutsara nekuwedzera kwekuwedzera munguva yekupedza nguva kusvika kumasekonzi 1000:

func DefaultControllerRateLimiter() RateLimiter {
  return NewMaxOfRateLimiter(
  NewItemExponentialFailureRateLimiter(5*time.Millisecond, 1000*time.Second),
  // 10 qps, 100 bucket size.  This is only for retry speed and its only the overall factor (not per item)
  &BucketRateLimiter{Limiter: rate.NewLimiter(rate.Limit(10), 100)},
  )
}

Izvi zvinogona kuita nguva nenguva kuti dhisiki yekuwedzera iwedzere kwe15+ maminetsi uye, nekudaro, iyo inoenderana pod isingawanikwe.

Sarudzo yega yaititendera zviri nyore uye zvisina kurwadza kudzikisa nguva yaigona kunge iri kushandiswa kweshanduro yedu yekunze-resizer ine yakanyanya nguva yekubuda muganho. mumasekonzi mashanu:

workqueue.NewItemExponentialFailureRateLimiter(5*time.Millisecond, 5*time.Second)

Hatina kuona zvakakodzera kuti titange nhaurirano nekuchimbidza uye kupeta iyo yekunze-resizer, nekuti kusarudzika kwema disks kudzoreredza kudzosera kumashure kunozonyangarika kubva kune vese vanopa makore.

Ungatanga sei kushandisa?

Mutyairi anotsigirwa paKubernetes vhezheni 1.15 uye yepamusoro. Kuti mutyairi ashande, zvinotevera zvinodikanwa zvinofanirwa kuzadzikiswa:

• Flag --allow-privileged set to value true ye API server uye kubelet;
• Included --feature-gates=VolumeSnapshotDataSource=true,KubeletPluginsWatcher=true,CSINodeInfo=true,CSIDriverRegistry=true ye API server uye kubelet;
• Mount propagation (mount propagation) inofanira kugoneswa pane cluster. Paunenge uchishandisa Docker, iyo daemon inofanirwa kugadzirwa kuti ibvumire akagovaniswa mamoiri.

Matanho ose anodiwa ekuiswa pachayo inotsanangurwa mu README. Kuiswa kunosanganisira kugadzira zvinhu muKubernetes kubva kumamanifesiti.

Kuti mutyairi ashande iwe uchada zvinotevera:

• Taura dhairekitori identifier mu manifest (folder-idYandex.Cloud (ona zvinyorwa);
• Kuti uwirirane neYandex.Cloud API, mutyairi weCSI anoshandisa account yebasa. Mumanifesiti, Chakavanzika chinofanira kupfuudzwa makiyi ane mvumo kubva kuakaundi yebasa. Muzvinyorwa akatsanangura, maitiro ekugadzira account yebasa uye kuwana makiyi.

Zvese muzvese - edza, uye isu tichafara kugamuchira mhinduro uye nyaya itsvakana ukasangana nematambudziko!

Kuwedzera rutsigiro

Nekuda kweizvozvo, tinoda kuziva kuti takashandisa mutyairi weCSI uyu kwete nekuda kwechido chikuru chekunakidzwa nekunyora zvikumbiro muGo, asi nekuda kwekudiwa kwekukurumidzira mukati mekambani. Zvinoita sezvisingashande kwatiri kuchengetedza isu pachedu kuita, saka kana Yandex ikaratidza kufarira uye ikasarudza kuramba ichitsigira mutyairi, isu tichafara kuendesa repository kwavari.

Uye zvakare, Yandex ingangove ine yayo yekumisikidza yeCSI mutyairi mune inochengetedzwa Kubernetes cluster, iyo inogona kuburitswa mu Open Source. Isu tinoonawo iyi sarudzo yekusimudzira seyakanaka - nharaunda ichakwanisa kushandisa mutyairi akavimbiswa kubva kune anopa sevhisi, uye kwete kubva kune yechitatu-bato kambani.

PS

Verenga zvakare pablog yedu:

• «Vhoriyamu plugins yeKubernetes kuchengetedza: kubva kuFlexvolume kuenda kuCSI";
• «Isu tinonzwisisa iyo Container Storage Interface (muKubernetes uye kwete chete)";
• «Zviri nyore uye zviri nyore kugadzirira Kubernetes cluster? Kuzivisa addon-operator";
• «Kuwedzera uye kuzadzisa Kubernetes (wongororo uye vhidhiyo mushumo)".

Source: www.habr.com