Codsiyada qaarkood waxay sidoo kale u baahan yihiin inay kaydiyaan xogta, laakiin aad bay ugu qanacsan yihiin xaqiiqda ah in xogta aan la keydin doonin ka dib dib u bilowdo.
Tusaale ahaan, adeegyada kaydinta waxaa xaddidaya RAM, laakiin sidoo kale waxay dhaqaajin kartaa xogta aan dhifka ahayn ee loo isticmaalo kaydinta ka yar RAM, iyada oo aan saameyn yar ku yeelanayn waxqabadka guud. Codsiyada kale waxay u baahan yihiin inay ogaadaan inay jiri karaan wax-akhris-kaliya ee faylasha, sida dejinta ama furayaasha sirta ah.
Kubernetes waxay horey u leedahay dhowr nooc mugga ephemeral, laakiin shaqadoodu waxay ku kooban tahay waxa lagu hirgeliyay K8s.
Ephemeral Mugga CSI loo oggolaaday Kubernetes in lagu kordhiyo darawallada CSI si ay u bixiyaan taageerada mugga maxalliga ah ee fudud. Habkan ayaa suurtagal ah in la isticmaalo qaab-dhismeed aan sabab lahayn: goobaha, siraha, xogta aqoonsiga, doorsoomayaasha, iyo wixii la mid ah. Darawalada CSI waa in wax laga beddelo si ay u taageeraan astaantan Kubernetes, maadaama loo maleynayo in darawallada caadiga ah aysan shaqeyn doonin - laakiin waxaa loo maleynayaa in mugga noocaan ah loo isticmaali karo nood kasta oo loo doorto boodhka.
Tani waxay dhib ku noqon kartaa mugga isticmaala agabka martida loo yahay ama kaydinta laga heli karo martigeliyayaasha qaarkood. Taasi waa sababta Kubernetes 1.19 u soo bandhigto laba astaamood oo mugga tijaabada alfa cusub kuwaas oo la mid ah mugga EmptyDir:
mugga ephemeral ujeedada guud;
CSI raadraaca awoodda kaydinta.
Faa'iidooyinka habka cusub:
kaydinta waxay noqon kartaa mid maxali ah ama waxay ku xiran tahay shabakad;
mugga waxay yeelan karaan cabbir cayiman oo aan la dhaafi karin codsiga;
mugga ayaa laga yaabaa inay lahaadaan xog bilow ah oo ku xidhan darawalka iyo dejinta;
Dhammaan hawlgallada caadiga ah ee leh mugga (abuurista sawir-qaadis, cabbir-beddelid, iwm.) waa la taageerayaa;
mugga waxaa loo isticmaali karaa maamule kasta oo codsi ah oo aqbala moduleka ama qeexida mugga;
Jadwalaha Kubernetes ayaa iskii u doorta qanjidhada ku haboon, markaa ma jirto baahi loo qabo bixinta iyo habaynta jadwalka kordhinta ama wax ka beddelka webhooks.
Codsiyada
Sidaa darteed, mugga ephemeral ujeedada guud waxay ku habboon yihiin xaaladaha soo socda ee isticmaalka:
Xusuusta joogtada ah sida beddelka RAM ee memcached
Siideynta ugu dambeysay ee memcached taageero lagu daray Isticmaalka xusuusta joogtada ah (Intel Optane, iwm., qiyaastii turjumaan) halkii RAM caadiga ah. Markaad geynayso memcached iyada oo loo marayo kontaroolaha arjiga, waxaad isticmaali kartaa mugga ephemeral ujeedada guud si aad u codsato in mugga cabbirka la bixiyay laga qoondeeyo PMEM adoo isticmaalaya darawalka CSI, tusaale ahaan. PMEM-CSI.
Kaydinta gudaha LVM goob shaqo ahaan
Codsiyada ku shaqeeya xogta ka weyn RAM waxa laga yaabaa inay u baahdaan kaydinta maxalliga ah oo leh cabbir cabbir ama cabbir hawleed oo mugga EmptyDir caadiga ah ee Kubernetes aanay bixin karin. Tusaale ahaan, ujeedadan ayaa loo qoray TopoLVM.
Muuqaalka ugu muhiimsan ee mugga ephemeral ujeedada guud waa isha mugga cusub, EphemeralVolumeSource, oo ka kooban dhammaan beeraha si loo abuuro codsi mugga (taariikh ahaan loo yaqaan codsiga mugga joogtada ah, PVC). Xakamaynta cusub ee kube-controller-manager waxay eegaysaa boodhadhka abuura ilo mug leh, ka dibna waxay u abuurtaa PVC galalkaas. Darawalka CSI-da, codsigani waxa uu la mid yahay kuwa kale, markaa taageero gaar ah halkan loogama baahna.
Ilaa inta ay jiraan PVC-yada noocaas ah, waxaa loo isticmaali karaa sida codsiyada kale ee mugga. Gaar ahaan, waxaa loo tixraaci karaa ilaha xogta marka la koobiyaynayo mugga ama la abuurayo sawir mug leh. Shayga PVC wuxuu kaloo ka kooban yahay xaaladda hadda ee mugga.
Magacyada PVC-yada si toos ah loo sameeyay ayaa horay loo sii qeexay: waa isku-darka magaca boodhka iyo magaca mugga, oo ay kala soocaan xaraf-dheer. Magacyada horay loo sii qeexay ayaa fududeynaya in lala falgalo PVC-ga sababtoo ah uma baahnid inaad raadiso haddii aad taqaan magaca boodhka iyo magaca mugga. Dhinaca hoose ayaa ah in magaca laga yaabo in horay loo isticmaalay, kaas oo lagu ogaado Kubernetes oo natiijadu waxay tahay in boodhka laga xannibo inuu bilaabo.
Si loo hubiyo in mugga la tirtiray oo ay la socdaan pods, kontorooluhu wuxuu sameeyaa codsi mugga hoostiisa milkiilaha. Marka boodhka la tirtiro, habka caadiga ah ee ururinta qashinka ayaa shaqeeya, kaas oo tirtiraya codsiga iyo mugga labadaba.
Codsiyada waxaa ku habboon darawalka kaydinta iyada oo loo marayo habka caadiga ah ee fasalka kaydinta. In kasta oo fasallada leh xidhidh degdeg ah iyo kuwo daahay (aka WaitForFirstConsumer) waa la taageeray, mugga ephemeral waxay macno u leedahay in la isticmaalo WaitForFirstConsumer, ka dibna jadwalku wuxuu tixgelin karaa isticmaalka noodhka iyo helitaanka kaydinta labadaba marka la dooranayo noodhka. Muuqaal cusub ayaa halkan ka muuqda.
Dabagalka Awooda Kaydinta
Caadiyan jadwalku wax aqoon ah uma laha halka uu darawalka CSI-ga ku abuuri doono mugga. Sidoo kale ma jirto hab uu jadwalku si toos ah ula xiriiro darawalka si uu u codsado macluumaadkan. Sidaa darteed, jadwal-hayehu wuxu dooranayaa noodhka ilaa uu ka helo mid ka mid ah mugga la geli karo (ku xidhid dambe) ama ka tago doorashada goobta gebi ahaanba darawalka (ku xidhid degdeg ah).
Cusub APICSIStorageCapacity, taas oo ku jirta marxaladda alfa, waxay u ogolaataa xogta lagama maarmaanka ah in lagu kaydiyo iwm si ay u hesho jadwaleeyaha. Si ka duwan taageerada mugga ephemeral ujeedada guud, marka aad geyso darawalka, waa in aad awood u yeelatid raadraaca awoodda kaydinta: external-provisioner waa in ay daabacaan xogta awooda ee laga helay darawalka iyada oo loo marayo si caadi ah GetCapacity.
Haddii jadwalku u baahan yahay in uu u dooro buro mug leh mug aan xidhnayn oo adeegsada xidhidh daahitaan ah, oo darawalku awood u siiyay sifadan inta lagu jiro hawlgelinta isagoo dejinaya calanka CSIDriver.storageCapacity, ka dibna noodhadhka aan lahayn awoodda kaydinta ku filan si toos ah ayaa loo tuurayaa. Tani waxay u shaqeysaa labadaba ujeeddooyinka guud iyo qiyaasaha joogtada ah, laakiin maaha mid loogu talagalay mugga ephemeral CSI sababtoo ah cabbiradooda ma akhrin karo Kubernetes.
Sida caadiga ah, isla markiiba mugga isku xidhan ayaa la abuuraa ka hor inta aan la jadwalsanin boodhadhka, meelayntoodana waxaa dooranaya darawalka kaydinta, markaa marka la isku hagaajinayo external-provisioner Sida caadiga ah, fasallada kaydinta ee leh xidhidh degdeg ah ayaa laga boodaa, maadaama xogtan aan la isticmaali doonin si kastaba.
Maadaama jadwalka kubernetes lagu qasbay inuu la shaqeeyo macluumaadka suurtagalka ah ee dhici doona, ma jirto wax dammaanad ah in awoodda la heli karo xaalad kasta marka mugga la abuuro, laakiin fursadaha in la abuuri doono iyada oo aan dib-u-cusbooneysiin si kastaba ha ahaatee waa la kordhiyaa.
NB Waxaad heli kartaa macluumaad faahfaahsan oo dheeraad ah, iyo sidoo kale si badbaado leh "ku celcelinta bisadaha taagan", iyo haddii ay dhacdo xaalad gebi ahaanba aan la fahmi karin, waxaad ka heli kartaa kaalmo farsamo oo aqoon leh koorsooyin degdeg ah - Saldhigga Kubernetes waxaa la qaban doonaa Sebtembar 28-30, iyo khabiiro aad u horumarsan Kubernetes Mega Oktoobar 14-16.
Amniga
Awoodda kaydinta CSIS
CSIStorageCapacity walxuhu waxay ku nool yihiin meelo magacyo ah; marka la saarayo darawal kasta oo CSI ah magaciisa, waxaa lagu talinayaa in la xaddido xuquuqda RBAC ee CSIstorageCapacity goobtaas maadaama ay caddahay halka xogtu ka imanayso. Kubernetes ma hubiso tan si kastaba, badanaa darawalada waxaa lagu dhejiyaa isla magaca, markaa ugu dambeyntii darawalada waxaa laga filayaa inay shaqeeyaan oo aysan daabicin xog khaldan (waana meesha uu kaadhkaygu ku guuldareystay, qiyaastii turjumaan ku salaysan kaftan gadhka)
Ujeeddada Guud Mugga Ephemeral
Haddii isticmaalayaashu ay leeyihiin xuquuq ay ku abuuraan pod (si toos ah ama si aan toos ahayn), waxay sidoo kale awoodi doonaan inay abuuraan ujeedo guud oo mug leh xitaa haddii aysan lahayn xuquuq ay ku abuuraan codsi mugga. Tani waa sababta oo ah hubinta oggolaanshaha RBAC waxaa lagu dabaqaa kantaroolaha abuuraya PVC, maaha isticmaaleeyaha. Tani waa isbeddelka ugu weyn ee lagu daro akoonkaaga, ka hor inta aysan awood u siin sifadan kutlada halkaasoo isticmaalayaasha aan la aamini karin aysan laheyn xuquuq ay ku abuuraan mugga.
Tusaale:
Kala saar laan PMEM-CSI waxay ka kooban tahay dhammaan isbeddellada lagama maarmaanka ah si loo socodsiiyo kutlada Kubernetes 1.19 gudaha mashiinnada farsamada QEMU oo leh dhammaan astaamaha heerka alfa. Nambarka darawalnimada isma bedelin, kaliya dejinta ayaa isbedelay.
Mashiin ku habboon (Linux, isticmaale caadi ah ayaa isticmaali kara Docker, eeg halkan Faahfaahinta) amaradan ayaa soo kicin doona kooxda oo rakibi doona darawalka PMEM-CSI:
git clone --branch=kubernetes-1-19-blog-post https://github.com/intel/pmem-csi.git
cd pmem-csi
export TEST_KUBERNETES_VERSION=1.19 TEST_FEATURE_GATES=CSIStorageCapacity=true,GenericEphemeralVolume=true TEST_PMEM_REGISTRY=intel
make start && echo && test/setup-deployment.sh
Kadib wax walba oo shaqeeya, wax soo saarka ayaa ka koobnaan doona tilmaamaha isticmaalka:
The test cluster is ready. Log in with [...]/pmem-csi/_work/pmem-govm/ssh.0, run
kubectl once logged in. Alternatively, use kubectl directly with the
following env variable:
KUBECONFIG=[...]/pmem-csi/_work/pmem-govm/kube.config
secret/pmem-csi-registry-secrets created
secret/pmem-csi-node-secrets created
serviceaccount/pmem-csi-controller created
...
To try out the pmem-csi driver ephemeral volumes:
cat deploy/kubernetes-1.19/pmem-app-ephemeral.yaml |
[...]/pmem-csi/_work/pmem-govm/ssh.0 kubectl create -f -
CSIStorageAwoodda walxaha looguma talagalin in ay akhriyaan bini'aadamka, markaa habayn ayaa loo baahan yahay. Shaandhooyinka qaabka Golang waxay tusi doonaan fasallada kaydinta, tusaalahan wuxuu tusi doonaa magaca, topology iyo awoodda:
Aan isku dayno inaan abuurno arji demo leh hal ujeedo guud oo mug ephemeral ah. Waxa ku jira faylka pmem-app-ephemeral.yaml:
# This example Pod definition demonstrates
# how to use generic ephemeral inline volumes
# with a PMEM-CSI storage class.
kind: Pod
apiVersion: v1
metadata:
name: my-csi-app-inline-volume
spec:
containers:
- name: my-frontend
image: intel/pmem-csi-driver-test:v0.7.14
command: [ "sleep", "100000" ]
volumeMounts:
- mountPath: "/data"
name: my-csi-volume
volumes:
- name: my-csi-volume
ephemeral:
volumeClaimTemplate:
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 4Gi
storageClassName: pmem-csi-sc-late-binding
Ka dib abuurista, sida ku cad tilmaamaha kor ku xusan, waxaan hadda haysannaa pod iyo PVC dheeraad ah:
$ kubectl get pods/my-csi-app-inline-volume -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
my-csi-app-inline-volume 1/1 Running 0 6m58s 10.36.0.2 pmem-csi-pmem-govm-worker1 <none> <none>
$ kubectl get pvc/my-csi-app-inline-volume-my-csi-volume
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
my-csi-app-inline-volume-my-csi-volume Bound pvc-c11eb7ab-a4fa-46fe-b515-b366be908823 4Gi RWO pmem-csi-sc-late-binding 9m21s
Haddii codsi kale uu u baahan yahay in ka badan 26620Mi, jadwalku xisaabta ma tixgelin doono pmem-csi-pmem-govm-worker1 xaalad kastaba.
Maxaa ku xiga?
Labada sifo ayaa wali ku jira horumarka. Dhawr codsi ayaa la furay intii lagu jiray tijaabada alfa. Xidhiidhinta soo jeedinta hagaajinta waxay diiwaangelisaa shaqada loo baahan yahay in la qabto si loogu gudbo heerka beta, iyo sidoo kale beddelka hore loo tixgeliyey oo la diiday: