- kuputira kwe , iyo inokutendera iwe kutsanangura akawanda helm kuburitswa munzvimbo imwechete, parameterize machati avo kune akati wandei nharaunda, uye zvakare kuseta kurongeka kwekutumirwa kwavo.
Iwe unogona kuverenga nezve helmfile pachayo uye mienzaniso yekushandiswa kwayo mukati и .
Tichajairana nenzira dzisiri pachena dzekutsanangura kuburitswa muhelmfile
Ngatitii isu tine paki yemachati ehelm (semuenzaniso, ngatitii postgres uye imwe backend application) uye akati wandei nharaunda (anoverengeka kubernetes masumbu, akati wandei mazita, kana akati wandei). Isu tinotora iyo helmfile, verenga zvinyorwa uye tanga kutsanangura nharaunda uye kuburitswa kwedu:
.
├── envs
│ ├── devel
│ │ └── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
│ └── production
│ └── values
│ ├── backend.yaml
│ └── postgres.yaml
└── helmfile.yamlhelmfile.yaml
environments:
devel:
production:
releases:
- name: postgres
labels:
app: postgres
wait: true
chart: stable/postgresql
version: 8.4.0
values:
- envs/{{ .Environment.Name }}/values/postgres.yaml
- name: backend
labels:
app: backend
wait: true
chart: private-helm-repo/backend
version: 1.0.5
needs:
- postgres
values:
- envs/{{ .Environment.Name }}/values/backend.yamlTakapedzisira ne 2 nharaunda: develop, Kubudisa - chimwe nechimwe chine zvimiro zvayo zvehelm kuburitsa machati. Isu tinotumira kwavari seizvi:
helmfile -n <namespace> -e <env> applyMhando dzakasiyana dzemachati ehelm munzvimbo dzakasiyana
Ko kana isu tichida kuburitsa mavhezheni akasiyana ebackend kunzvimbo dzakasiyana? Nzira yekuisa sei parameter kusunungurwa vhezheni? Iwo ezvakatipoteredza kukosha anowanikwa kuburikidza {{ .Values }}
helmfile.yaml
environments:
devel:
+ values:
+ - charts:
+ versions:
+ backend: 1.1.0
production:
+ values:
+ - charts:
+ versions:
+ backend: 1.0.5
...
- name: backend
labels:
app: backend
wait: true
chart: private-helm-repo/backend
- version: 1.0.5
+ version: {{ .Values.charts.versions.backend }}
...Yakasiyana seti yemashandisirwo munzvimbo dzakasiyana
Hongu, asi ko kana isu tisingade production buritsa postgres, nekuti isu tinoziva kuti isu hatifanire kusundira dhatabhesi mumak8 uye kutengeswa isu tine inoshamisa yakaparadzana postgres cluster? Kugadzirisa dambudziko iri tine mavara
helmfile -n <namespace> -e devel apply
helmfile -n <namespace> -e production -l app=backend applyIzvi zvakanaka, asi ini pachangu ndinosarudza kutsanangura kuti ndeapi maapplication ekuisa munzvimbo isingashandisi nharo dzekuvhura, asi mutsanangudzo yenzvimbo pachadzo. Kuita sei? Iwe unogona kuisa tsananguro yekuburitsa mune imwe folda yakaparadzana, gadzira runyorwa rwezvakakosha kuburitswa mutsanangudzo yenharaunda uye "tora" chete zvinodikanwa zvinoburitswa, uchiregeredza zvimwe.
.
├── envs
│ ├── devel
│ │ └── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
│ └── production
│ └── values
│ ├── backend.yaml
│ └── postgres.yaml
+ ├── releases
+ │ ├── backend.yaml
+ │ └── postgres.yaml
└── helmfile.yaml
helmfile.yaml
environments:
devel:
values:
- charts:
versions:
backend: 1.1.0
- apps:
- postgres
- backend
production:
values:
- charts:
versions:
backend: 1.0.5
- apps:
- backend
- releases:
- - name: postgres
- labels:
- app: postgres
- wait: true
- chart: stable/postgresql
- version: 8.4.0
- values:
- - envs/{{ .Environment.Name }}/values/postgres.yaml
- - name: backend
- labels:
- app: backend
- wait: true
- chart: private-helm-repo/backend
- version: {{ .Values.charts.versions.backend }}
- needs:
- - postgres
- values:
- - envs/{{ .Environment.Name }}/values/backend.yaml
+ ---
+ bases:
+ {{- range .Values.apps }}
+ - releases/{{ . }}.yaml
+ {{- end }}releases/postgres.yaml
releases:
- name: postgres
labels:
app: postgres
wait: true
chart: stable/postgresql
version: 8.4.0
values:
- envs/{{ .Environment.Name }}/values/postgres.yamlreleases/backend.yaml
releases:
- name: backend
labels:
app: backend
wait: true
chart: private-helm-repo/backend
version: {{ .Values.charts.versions.backend }}
needs:
- postgres
values:
- envs/{{ .Environment.Name }}/values/backend.yamlMutsamba
Paunoshandisa bases: zvakakosha kushandisa yaml separator ---, kuitira kuti iwe ugone template kuburitswa (uye zvimwe zvikamu, senge helmDefaults) ine kukosha kubva kunharaunda.
Mune ino kesi, iyo postgres kuburitswa haitomboverengerwe mune tsananguro yekugadzirwa. Zvakanaka kwazvo!
Kuwedzereka kwepasirese kukosha kwekuburitswa
Ehe, zvakanaka kuti iwe unogona kuseta kukosha kwemachati ehelm kune yega yega nharaunda, asi ko kana isu tine akati wandei nharaunda dzakatsanangurwa, uye isu tinoda, semuenzaniso, kumisa zvakafanana kune vese. affinity, asi isu hatidi kuigadzirisa nekukasira mumachati pachawo, ayo akachengetwa mumaturnips.
Muchiitiko ichi, pakusunungurwa kwega kwega tinogona kutsanangura mafaera maviri ane hunhu: yekutanga ine default values, iyo inotsanangura kukosha kwechati pachayo, uye yechipiri ine kukosha kwezvakatipoteredza, izvo zvinozopfuura izvo. default ndivo.
.
├── envs
+ │ ├── default
+ │ │ └── values
+ │ │ ├── backend.yaml
+ │ │ └── postgres.yaml
│ ├── devel
│ │ └── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
│ └── production
│ └── values
│ ├── backend.yaml
│ └── postgres.yaml
├── releases
│ ├── backend.yaml
│ └── postgres.yaml
└── helmfile.yamlreleases/backend.yaml
releases:
- name: backend
labels:
app: backend
wait: true
chart: private-helm-repo/backend
version: {{ .Values.charts.versions.backend }}
needs:
- postgres
values:
+ - envs/default/values/backend.yaml
- envs/{{ .Environment.Name }}/values/backend.yamlenvs/default/values/backend.yaml
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 1
podAffinityTerm:
labelSelector:
matchExpressions:
- key: app.kubernetes.io/name
operator: In
values:
- backend
topologyKey: "kubernetes.io/hostname"Kutsanangura kukosha kwepasirese kwehelm machati ezvese zvaburitswa padanho renharaunda
Ngatiti isu tinogadzira akati wandei mune akati wandei kuburitswa - isu taigona kutsanangura nemaoko kune yega chati hosts:, asi kwatiri nzvimbo yacho yakafanana, saka wadii kuiisa mune imwe shanduko yepasi rose uye kungoisa kukosha kwayo mumachati? Kuti tiite izvi, iwo mafaera ane hunhu hwatinoda parameterize anofanirwa kuve nekuwedzera .gotmpl, kuitira kuti helmfile izive kuti inoda kumhanyirwa ne template injini.
.
├── envs
│ ├── default
│ │ └── values
- │ │ ├── backend.yaml
- │ │ ├── postgres.yaml
+ │ │ ├── backend.yaml.gotmpl
+ │ │ └── postgres.yaml.gotmpl
│ ├── devel
│ │ └── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
│ └── production
│ └── values
│ ├── backend.yaml
│ └── postgres.yaml
├── releases
│ ├── backend.yaml
│ └── postgres.yaml
└── helmfile.yamlhelmfile.yaml
environments:
devel:
values:
- charts:
versions:
backend: 1.1.0
- apps:
- postgres
- backend
+ - global:
+ ingressDomain: k8s.devel.domain
production:
values:
- charts:
versions:
backend: 1.0.5
- apps:
- backend
+ - global:
+ ingressDomain: production.domain
---
bases:
{{- range .Values.apps }}
- releases/{{ . }}.yaml
{{- end }}envs/default/values/backend.yaml.gotmpl
ingress:
enabled: true
paths:
- /api
hosts:
- {{ .Values.global.ingressDomain }}envs/default/values/postgres.yaml.gotmpl
ingress:
enabled: true
paths:
- /
hosts:
- postgres.{{ .Values.global.ingressDomain }}Mutsamba
Zviripachena, ingress mune postgres chati chimwe chinhu chinokahadzika zvakanyanya, saka chinyorwa ichi chinopihwa zvakangoita semuenzaniso wedenderedzwa mune vacuum uye kuitira kuti usaunze kumwe kuburitswa kutsva muchinyorwa nekuda kwekutsanangura ingress.
Kutsiva zvakavanzika kubva kune zvakatipoteredza zvakakosha
Nekufananidza nemuenzaniso uri pamusoro, unogona kutsiva iwo akavharidzirwa uchishandisa zvinoreva. Panzvimbo pekugadzira yedu yakavanzika faira yekuburitswa kwega kwega, umo isu tinogona kutsanangura yakavharidzirwa kukosha kwechati, isu tinogona kungotsanangura mukuburitsa default.yaml.gotmpl kukosha kunozotorwa kubva kune akasiyana anotsanangurwa pa. nharaunda level. Uye hunhu hwatisingade kuvanza kubva kune chero munhu hunogona kutsanangurwa zviri nyore muhuwandu hwekuburitsa mune yakasarudzika nharaunda.
.
├── envs
│ ├── default
│ │ └── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
│ ├── devel
│ │ ├── values
│ │ │ ├── backend.yaml
│ │ │ └── postgres.yaml
+ │ │ └── secrets.yaml
│ └── production
│ ├── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
+ │ └── secrets.yaml
├── releases
│ ├── backend.yaml
│ └── postgres.yaml
└── helmfile.yamlhelmfile.yaml
environments:
devel:
values:
- charts:
versions:
backend: 1.1.0
- apps:
- postgres
- backend
- global:
ingressDomain: k8s.devel.domain
+ secrets:
+ - envs/devel/secrets.yaml
production:
values:
- charts:
versions:
backend: 1.0.5
- apps:
- backend
- global:
ingressDomain: production.domain
+ secrets:
+ - envs/production/secrets.yaml
---
bases:
{{- range .Values.apps }}
- releases/{{ . }}.yaml
{{- end }}envs/devel/secrets.yaml
secrets:
elastic:
password: ENC[AES256_GCM,data:hjCB,iv:Z1P6/6xBJgJoKLJ0UUVfqZ80o4L84jvZfM+uH9gBelc=,tag:dGqQlCZnLdRAGoJSj63rBQ==,type:int]
...envs/production/secrets.yaml
secrets:
elastic:
password: ENC[AES256_GCM,data:ZB/VpTFk8f0=,iv:EA//oT1Cb5wNFigTDOz3nA80qD9UwTjK5cpUwLnEXjs=,tag:hMdIUaqLRA8zuFBd82bz6A==,type:str]
...envs/default/values/backend.yaml.gotmpl
elasticsearch:
host: elasticsearch
port: 9200
password: {{ .Values | getOrNil "secrets.elastic.password" | default "password" }}envs/devel/values/backend.yaml
elasticsearch:
host: elastic-0.devel.domainenvs/production/values/backend.yaml
elasticsearch:
host: elastic-0.production.domainMutsamba
Nenzira, getOrNil - basa rakakosha rekuenda matemplate muhelmfile, iyo, kunyangwe kana .Values.secrets haizovepo, haizokanda chikanganiso, asi ichabvumira mhedzisiro uchishandisa basa default tsiva default kukosha
mhedziso
Izvo zvinhu zvinotsanangurwa zvinoita sezviri pachena, asi ruzivo rwekutsanangurwa kuri nyore kwekuendeswa kune akati wandei nharaunda uchishandisa helmfile kushomeka kwazvo, uye ini ndinoda IaC (Infrastructure-as-Code) uye ndinoda kuve netsananguro yakajeka yenzvimbo yekutumirwa.
Mukupedzisa, ndinoda kuwedzera kuti izvo zvinosiyana zvenzvimbo yakasarudzika zvinogona, zvakare, kuenzaniswa nemamiriro ekunze eOS yemumwe mumhanyi kubva kwaanozotangwa, uye nekudaro kuwana nharaunda dzine simba.
helmfile.yaml
environments:
default:
values:
- global:
clusterDomain: {{ env "CLUSTER_DOMAIN" | default "cluster.local" }}
ingressDomain: {{ env "INGRESS_DOMAIN" }}Source: www.habr.com