Kusuma Helm 3

Cherechedza. transl.: Chivabvu 16 wegore rino chiratidzo chakakosha mukuvandudzwa kwepakeji maneja weKubernetes - Helm. Pazuva rino, yekutanga alpha kuburitswa kweiyo ramangwana guru vhezheni yeprojekiti - 3.0 - yakaratidzwa. Kuburitswa kwayo kuchaunza shanduko dzakakosha uye dzakamirirwa kwenguva refu kuHelm, iyo vazhinji munharaunda yeKubernetes vane tariro huru. Isu pachedu tiri chimwe cheizvi, sezvo isu tichishingairira kushandisa Helm pakuisa application: isu takaibatanidza muchombo chedu chekushandisa CI/CD. werf uye nguva nenguva tinoita mupiro wedu mukusimudzira kumusoro kwerwizi. Iyi shanduro inobatanidza zvinyorwa zve7 kubva kuHelm blog yepamutemo, iyo yakatsaurirwa kune yekutanga alpha kubudiswa kweHelm 3 uye inotaura nezvenhoroondo yeprojekti uye zvinhu zvikuru zveHelm 3. Munyori wavo ndiMat "bacongobbler" Fisher, mushandi weMicrosoft. uye mumwe wevanochengetedza Helm.

Pana Gumiguru 15, 2015, chirongwa chave kunzi Helm chakazvarwa. Kwangopera gore mushure mekuvambwa kwayo, nharaunda yeHelm yakabatana naKubernetes, ichiri kushanda nesimba paHelm 2. Muna Chikumi 2018, Helm. akabatana neCNCF sepurojekiti yekusimudzira (incubating). Nekukurumidza kumberi kune ikozvino, uye yekutanga alpha kuburitswa kweHelm 3 nyowani iri munzira. (kusunungurwa uku zvakatoitika pakati paMay - approx. transl.).

Muchikamu chino, ndichataura nezve kwazvakatangira, kuti takasvika sei patiri nhasi, kusuma zvimwe zvezvakasiyana zvinowanikwa mukutanga kuburitswa kwealpha kweHelm 3, uye kutsanangura maitiro atinoronga kufambira mberi.

Pfupiso:

• nhoroondo yekusikwa kweHelm;
• kuoneka zvakanaka kuna Tiller;
• chart repositories;
• release management;
• kuchinja mukutsamira kwechati;
• machati eraibhurari;
• chii chinotevera?

Nhoroondo yeHelm

Kuberekwa

Helm 1 yakatanga seOpen Source project yakagadzirwa naDeis. Takanga tave kutanga zvishoma absorbed Microsoft muchirimo 2017. Yedu imwe Open Source project, inonziwo Deis, yaive nechokushandisa deisctl, iyo yakashandiswa (pakati pezvimwe zvinhu) kuisa uye kushandisa Deis chikuva mukati Fleet cluster. Panguva iyoyo, Fleet yaive imwe yekutanga midziyo yekuimba mapuratifomu.

Pakati pe-2015, takafunga kuchinja nzira uye takatamisa Deis (panguva iyoyo yakanzi Deis Workflow) kubva kuFleet kuenda Kubernetes. Imwe yedzakatanga kugadziridzwa yaive mudziyo wekuisa. deisctl. Isu takaishandisa kuisa uye kubata Deis Workflow muFleet cluster.

Helm 1 yakagadzirwa mumufananidzo weane mukurumbira mapakeji mamaneja akadai seHomebrew, apt uye yum. Chinangwa chayo chikuru chaive chekurerutsa mabasa akadai sekurongedza uye kuisa maapplication paKubernetes. Helm yakaunzwa zviri pamutemo muna 2015 pamusangano weKubeCon muSan Francisco.

Kuedza kwedu kwekutanga neHelm kwakashanda, asi kwaive kusiri pasina miganhu yakakomba. Akatora seti yeKubernetes inoratidzira, yakavhenekerwa nemajenareta seyekutanga YAML blocks. (mberi-nyaya)*, uye kurodha zvabuda muKubernetes.

* Cherechedza. transl.: Kubva pavhezheni yekutanga yeHelm, syntax yeYAML yakasarudzwa kutsanangura zviwanikwa zveKubernetes, uye matemplate eJinja uye zvinyorwa zvePython zvakatsigirwa pakunyora zvigadziriso. Isu takanyora zvimwe nezve izvi uye chimiro cheiyo yekutanga vhezheni yeHelm mune chitsauko "A Brief History of Helm" zvinhu izvi.

Semuenzaniso, kutsiva munda muYAML faira, waifanira kuwedzera zvinotevera kuvaka kune manifest:

#helm:generate sed -i -e s|ubuntu-debootstrap|fluffy-bunny| my/pod.yaml

Zvakanaka kuti template injini dziripo nhasi, handizvo here?

Nezvikonzero zvakawanda, iyi yekutanga Kubernetes installer yaida yakaomeswa-coded rondedzero yemafifesiti mafaera uye yakangoita diki, yakatemerwa kutevedzana kwezviitiko. Zvakanga zvakaoma kushandisa zvekuti Deis Workflow R&D timu yakave nenguva yakaoma pavakaedza kuendesa chigadzirwa chavo kuchikuva ichi - zvisinei, mhodzi dzepfungwa dzakatodyarwa. Kuedza kwedu kwekutanga kwaive mukana wakanaka wekudzidza: takaona kuti taida chaizvo kugadzira maturusi epragmatic anogadzirisa matambudziko ezuva nezuva kune vashandisi vedu.

Zvichienderana neruzivo rwezvikanganiso zvekare, takatanga kugadzira Helm 2.

Kugadzira Helm 2

Pakupera kwa2015, timu yeGoogle yakatibata. Vaishanda pachishandiswa chakafanana cheKubernetes. Deployment Manager weKubernetes yaive chiteshi chemudziyo waivepo waishandiswa kuGoogle Cloud Platform. “Tingada here,” vakabvunza kudaro, “kupedza mazuva mashomanene tichikurukura fanano nokusiyana?”

Muna Ndira 2016, Helm uye Deployment Manager zvikwata zvakasangana muSeattle kuti vachinjane mazano. Nhaurirano dzakapera nechirongwa chekuda: kubatanidza mapurojekiti ese ari maviri kugadzira Helm 2. Pamwe chete naDeis neGoogle, vakomana vanobva SkippBox (ikozvino chikamu cheBitnami - approx. transl.), uye takatanga kushanda paHelm 2.

Taida kuchengetedza kushandisa kwaHelm nyore, asi wedzera zvinotevera:

• chati matemplate ekugadzirisa;
• intra-cluster management yezvikwata;
• nyika-kirasi chati repository;
• yakagadzikana pasuru fomati ine siginecha sarudzo;
• kuzvipira kwakasimba kune semantic shanduro uye kuchengetedza kumashure kuenderana pakati peshanduro.

Kuti uwane izvi zvinangwa, chechipiri chinhu chakawedzerwa kune Helm ecosystem. Iyi intra-cluster chikamu chainzi Tiller uye yaive nebasa rekuisa Helm machati uye nekuagadzirisa.

Kubva pakaburitswa Helm 2 muna 2016, Kubernetes akawedzera akati wandei maitirwo. Yakawedzerwa basa-based access control (RBAC), iyo yakazotsiva Attribute-Based Access Control (ABAC). Mhando nyowani dzezvekushandisa dzakaunzwa (Deployments yaive ichiri mubeta panguva iyoyo). Tsika Resource Tsananguro (yaimbonzi Third Party Resources kana TPRs) dzakagadzirwa. Uye zvinonyanya kukosha, seti yezvakanakisa maitiro yakabuda.

Pakati pese shanduko idzi, Helm yakaramba ichishandira Kubernetes vashandisi nekutendeka. Mushure memakore matatu uye akawanda matsva ekuwedzera, zvaive pachena kuti yaive nguva yekuita shanduko huru kune codebase kuona kuti Helm inogona kuramba ichizadzisa zvinodiwa zvinokura zveecosystem inoshanduka.

Kuonekana zvakanaka kuna Tiller

Panguva yekugadzirwa kweHelm 2, takaunza Tiller sechikamu chekubatanidza kwedu neGoogle's Deployment Manager. Tiller akaita basa rakakosha kune zvikwata zvinoshanda mukati meboka rakafanana: zvakabvumira nyanzvi dzakasiyana dzinoshanda zvivakwa kuti dzidyidzane neseti imwechete yekuburitswa.

Sezvo role-based access control (RBAC) yakagoneswa nekusarudzika muKubernetes 1.6, kushanda naTiller mukugadzira kwakawedzera kuoma. Nekuda kwehuwandu hwakawanda hweanogoneka chengetedzo marongero, chinzvimbo chedu chave chekupa inobvumidza gadziriso nekukasira. Izvi zvakabvumira vatsva kuti vaedze neHelm naKubernetes vasina kunyura mumaseti ekuchengetedza kutanga. Nehurombo, iyi mvumo yekumisikidza inogona kupa mushandisi huwandu hwakakura hwemvumo dzavaisada. DevOps uye SRE mainjiniya aifanira kudzidza mamwe matanho ekushanda pakuisa Tiller mune akawanda-maroja cluster.

Mushure mekudzidza kuti nharaunda yakashandisa sei Helm mumamiriro ezvinhu chaiwo, takaona kuti Tiller's release management system yaisafanira kuvimba ne-intra-cluster component kuchengetedza hurumende kana kushanda sepakati pehubhu yekusunungurwa kwemashoko. Pane kudaro, isu tinogona kungogamuchira ruzivo kubva kuKubernetes API server, kugadzira chati kudivi remutengi, uye kuchengetedza rekodhi yekumisikidza muKubernetes.

Chinangwa chikuru chaTiller chingadai chakaitwa pasina Tiller, saka imwe yesarudzo yedu yekutanga maererano neHelm 3 yaive yekusiya zvachose Tiller.

Tiller aenda, modhi yekuchengetedza yeHelm yakarerutswa zvakanyanya. Helm 3 ikozvino inotsigira kuchengetedzeka kwemazuva ano, kuzivikanwa, uye nzira dzemvumo dzeKubernetes yazvino. Mvumo yeHelm inotemerwa kushandisa kubeconfig file. Vatungamiri veCluster vanogona kuganhurira kodzero dzevashandisi kune chero nhanho yegranularity. Zvinoburitswa zvichiri kuchengetwa mukati mesumbu, uye mamwe emabasa eHelm anoramba akamira.

Chart repositories

Pamwero wepamusoro, cheti repository inzvimbo iyo machati anogona kuchengetwa nekugovaniswa. Iyo Helm mutengi mapakeji uye inotumira machati kune repository. Zvichitaurwa zviri nyore, nzvimbo yekuchengetera machati ndeyekare HTTP sevha ine index.yaml faira uye mamwe machati akaputirwa.

Kunyangwe paine zvimwe zvakanakira iyo Charts Repository API inosangana zvakanyanya zvekutanga zvinodiwa zvekuchengetera, pane zvakare mashoma akashata:

• Chart repositories haienderane neakawanda kuchengetedza maitirwo anodiwa munzvimbo yekugadzira. Kuve neyakajairwa API yehuchokwadi uye mvumo kwakakosha zvakanyanya mukugadzira mamiriro.
• Maturusi eHelm's chart provenance tools, anoshandiswa kusaina, kuratidza kutendeseka uye kuvapo kwechati, inhengo yesarudzo yeChati yekutsikisa maitiro.
• Muzviitiko zvevashandisi vakawanda, chati yakafanana inogona kuiswa nemumwe mushandisi, ichipeta kaviri huwandu hwenzvimbo inodiwa kuchengetedza izvo zvakafanana. Smarter repositories akagadzirwa kuti agadzirise dambudziko iri, asi haasi chikamu cheiyo yakatarwa.
• Kushandisa imwe index faira yekutsvaga, kuchengetedza metadata, uye kudzoreredza machati kwaita kuti zviome kugadzira mashandisirwo akachengeteka evashandisi vakawanda.

Iyo purojekiti Docker Distribution (inozivikanwawo seDocker Registry v2) ndiye anotsiva Docker Registry uye anonyanya kuita seti yezvishandiso zvekurongedza, kutumira, kuchengeta uye kuendesa Docker mifananidzo. Mazhinji mahombe emakore masevhisi anopa Distribution-based products. Nekuda kwekutarisisa uku kwakawedzera, purojekiti yeDistribution yakabatsirwa nemakore ekuvandudza, kuchengetedzwa kwakanakisa maitiro, uye kuedzwa kwemumunda izvo zvaita kuti ive imwe yemagamba akabudirira asina kusimba eOpen Source world.

Asi waizviziva here kuti Distribution Project yakagadzirirwa kugovera chero chimiro chemukati, kwete mifananidzo yemidziyo chete?

Kutenda nekuedza Vhura Container Initiative (kana OCI), Helm machati anogona kuiswa pane chero Distribution muenzaniso. Parizvino, nzira iyi ndeyekuyedza. Tsigiro yekupinda uye zvimwe zvinodikanwa kuti izere Helm 3 ibasa riri kuenderera mberi, asi isu tinofara kudzidza kubva pane zvakawanikwa neOCI neDistribution zvikwata mumakore apfuura. Uye kuburikidza nekudzidziswa kwavo uye kutungamira, tinodzidza kuti zvakaita sei kushandisa sevhisi inowanikwa zvakanyanya pamwero.

Tsananguro yakadzama yedzimwe shanduko dziri kuuya kune Helm chati repositori inowanikwa batanidzo.

Release management

MuHelm 3, mamiriro ekushandisa anoteedzerwa mukati mesumbu nembiri yezvinhu:

• chinhu chinoburitsa - chinomiririra chiitiko chekushandisa;
• vhezheni yekuburitsa chakavanzika - inomiririra mamiriro anodiwa echishandiso pane imwe nguva nenguva (semuenzaniso, kuburitswa kweshanduro nyowani).

Dambudziko helm install inogadzira chinhu chekuburitsa uye kuburitsa vhezheni chakavanzika. Call helm upgrade inoda chinhu chinoburitswa (chainogona kushandura) uye inogadzira chakavanzika chitsva chekuburitswa chine hunyowani hutsva uye kuratidza kwakagadzirirwa.

Kuburitsa chinhu chine ruzivo nezve kuburitswa, uko kuburitswa ndiko kuisirwa kwakasarudzika kwechati ine zita uye kukosha. Ichi chinhu chinotsanangura iyo yepamusoro-level metadata nezve kuburitswa. Chinhu chekuburitsa chinoenderera mukati mehupenyu hwese hwekushandisa uye ndiye muridzi wezvakavanzika zvese zvekuburitswa, pamwe nezvinhu zvese zvinogadzirwa zvakananga neHelm chati.

Yakaburitswa vhezheni chakavanzika inobatanidza kuburitswa nenhevedzano yekudzokorora (kumisikidza, zvigadziriso, kudzoreredza, kudzima).

MuHelm 2, kudzokorora kwaienderana zvakanyanya. Call helm install yakagadzirwa v1, iyo inotevera yekuvandudza (kusimudzira) - v2, zvichingodaro. Kuburitsa uye kuburitsa vhezheni chakavanzika chakapunzika kuita chinhu chimwe chinozivikanwa sekudzokorora. Ongororo dzakachengetwa munzvimbo imwechete yezita saTiller, izvo zvaireva kuti kuburitswa kwega kwega kwaive "pasi rose" maererano nenzvimbo yezita; saka, muenzaniso mumwe chete wezita waigona kushandiswa.

MuHelm 3, kuburitswa kwega kwega kunobatanidzwa nechakavanzika chimwe kana anopfuura ekuburitswa kwevhezheni. Chinhu chekuburitsa chinogara chichitsanangura kuburitswa kwazvino kwakaiswa kuKubernetes. Imwe neimwe yekuburitswa vhezheni chakavanzika inotsanangura imwe chete vhezheni yekuburitswa ikoko. Kukwidziridza, semuenzaniso, kuchagadzira chakavanzika chitsva chekuburitsa uye wozoshandura chinhu chekuburitsa kunongedza kune iyo vhezheni itsva. Kana iri yekudzoreredza, unogona kushandisa zvakavandika zveshanduro yakaburitswa kudzoreredza kuburitsa kune kwakare.

Mushure mekunge Tiller asiyiwa, Helm 3 inochengetedza data munzvimbo imwechete yemazita sekuburitswa. Shanduko iyi inokutendera kuti uise chati ine zita rimwechete rekuburitsa mune imwe nzvimbo yezita, uye iyo data inochengetwa pakati pe cluster updates/reboots in etcd. Semuenzaniso, unogona kuisa WordPress mu "foo" namespace uyezve mu "bar" namespace, uye zvese zvinoburitswa zvinogona kunzi "wordpress".

Shanduko kune zvinoenderana nechati

Machati akarongedzerwa (kushandisa helm package) kuti ishandiswe neHelm 2 inogona kuiswa neHelm 3, zvisinei kuti kufambiswa kwekushanda kwechati kwakanyatsogadziriswa, saka dzimwe shanduko dzinofanira kuitwa kuti dzienderere mberi nekugadzirwa kwechati neHelm 3. Kunyanya, hurongwa hwekutsamira kwechati hwakashanduka.

The chart's dependency management system yakabva requirements.yaml и requirements.lock pamusoro Chart.yaml и Chart.lock. Izvi zvinoreva kuti machati akashandisa murairo helm dependency, inoda kumwe kuseta kuti ushande muHelm 3.

Ngatitarisei muenzaniso. Ngatiwedzere kutsamira kune chati iri muHelm 2 uye tione kuti ndedzipi shanduko kana uchienda kuHelm 3.

MuHelm 2 requirements.yaml zvaiita seizvi:

dependencies:
- name: mariadb
  version: 5.x.x
  repository: https://kubernetes-charts.storage.googleapis.com/
  condition: mariadb.enabled
  tags:
    - database

MuHelm 3, kutsamira kwakafanana kunozoratidzwa mune yako Chart.yaml:

dependencies:
- name: mariadb
  version: 5.x.x
  repository: https://kubernetes-charts.storage.googleapis.com/
  condition: mariadb.enabled
  tags:
    - database

Machati achiri kudhaunirodwa uye anoiswa mudhairekitori charts/, saka subcharts (madiki), akarara mubhuku charts/, icharamba ichishanda pasina shanduko.

Kusuma Raibhurari Chati

Helm 3 inotsigira kirasi yemachati anonzi machati eraibhurari (chati yeraibhurari). Chati iyi inoshandiswa nemamwe machati, asi haigadziri ega zvinhu zvekuburitsa. Library chati matemplate anogona chete kuzivisa zvinhu define. Zvimwe zvirimo zvinongofuratirwa. Izvi zvinobvumira vashandisi kuti vashandise zvakare uye vagovane macode snippets anogona kushandiswa pamachati akawanda, nekudaro kudzivirira kudzokorora uye kutevedzera musimboti. KUOMA.

Machati eraibhurari anoziviswa muchikamu dependencies mufaira Chart.yaml. Kuaisa nekuagadzirisa hakuna kusiyana nemamwe machati.

dependencies:
  - name: mylib
    version: 1.x.x
    repository: quay.io

Isu tinofara nezvemashandisiro ekushandisa chikamu ichi chichavhura kune vanogadzira machati, pamwe neakanakisa maitiro anogona kubuda kubva mumachati eraibhurari.

Chii chinotevera?

Helm 3.0.0-alpha.1 ndiyo nheyo patinotanga kuvaka shanduro itsva yeHelm. Muchinyorwa chandakatsanangura zvimwe zvinonakidza zveHelm 3. Vazhinji vavo vachiri mumatanho ekutanga ekukura uye izvi zvakajairika; Iyo poindi yekuburitswa kwealpha ndeyekuyedza zano, kuunganidza mhinduro kubva kuvashandisi vekutanga, uye kusimbisa fungidziro dzedu.

Pakarepo iyo alpha vhezheni yaburitswa (rangarira kuti izvi ndizvo zvakatoitika - approx. transl.), tichatanga kugamuchira zvigamba zveHelm 3 kubva munharaunda. Iwe unofanirwa kugadzira hwaro hwakasimba hunobvumira mashandiro matsva kugadzirwa uye kugamuchirwa, uye kuti vashandisi vanzwe vachibatanidzwa mukuita nekuvhura matikiti uye kugadzirisa.

Ndakaedza kuratidza kumwe kuvandudzwa kukuru kuri kuuya kuHelm 3, asi runyorwa urwu haruna kukwana. Iyo yakazara nzira yeHelm 3 inosanganisira zvinhu zvakadai sekuvandudzwa kwemaitiro ekugadzirisa, kubatanidzwa kwakadzama neOCI registries, uye kushandiswa kweJSON schemas kusimbisa kukosha kwechati. Isu tinorongawo kuchenesa iyo codebase uye kugadzirisa zvikamu zvayo izvo zvakaregeredzwa kwemakore matatu apfuura.

Kana iwe uchinzwa sekunge pane chimwe chinhu chataputswa, tinoda kunzwa pfungwa dzako!

Joinha nhaurirano pane yedu Slack channels:

• #helm-users kumibvunzo uye nyore kutaura nenharaunda;
• #helm-dev kukurukura zvikumbiro zvekudhonza, kodhi uye tsikidzi.

Iwe unogona zvakare kutaura mune yedu vhiki yePublic Developer Inofona neChina na19:30 MSK. Misangano yakatsaurirwa kukurukura nyaya dziri kushanda nevanokudziridza uye nharaunda, pamwe chete nemisoro yehurukuro yevhiki. Chero ani zvake anogona kupinda uye kutora chikamu mumusangano. Link inowanikwa muSlack chiteshi #helm-dev.

PS kubva kumushanduri

Verenga zvakare pablog yedu:

• «Package maneja weKubernetes - Helm: yapfuura, yazvino, yemberi";
• «Kunyatsotarisa Helm 2: "Izvi ndizvo zvazviri ..."";
• «Inoshanda sumo kune maneja wepakeji yeKubernetes - Helm";
• «Kubernetes matipi & matipi: kuendesa zviwanikwa zvinomhanya musumbu kuHelm 2 manejimendi";
• «Dzidzira nedapp. Chikamu 2. Kuendesa Docker mifananidzo kuKubernetes uchishandisa Helm".

Source: www.habr.com