ProHoster > Π‘Π»ΠΎΠ³ > Maamulka > Dulmar kooban iyo habaynta Konteenarada Kata

Dulmar kooban iyo habaynta Konteenarada Kata

Dulmar kooban iyo habaynta Konteenarada Kata
Maqaalkani waxa uu ka hadli doonaa sida ay u shaqeyso Konteenarada Kata, iyo sidoo kale waxaa jiri doona qayb la taaban karo oo ku saabsan xiriirkooda Docker.

Ku saabsan dhibaatooyinka caadiga ah ee Docker iyo xalalkooda horeba ayaa la qoray, maanta waxaan si kooban u qeexi doonaa hirgalinta Konteenarada Kata. Konteenarada Kata waa wakhti weel sugan oo ku salaysan mishiinada farsamada fudud. La shaqaynta iyaga waxay la mid tahay weelasha kale, laakiin waxaa dheer in ay jirto go'doon la isku halayn karo iyadoo la isticmaalayo tignoolajiyada wax-qabadka qalabka. Mashruucu wuxuu bilaabmay 2017, markii bulshada isku magaca ah ay dhamaystirtay isku darka fikradaha ugu wanaagsan ee Intel Clear Containers iyo Hyper.sh RunV, ka dib shaqada ayaa sii waday taageerada naqshadaha kala duwan, oo ay ku jiraan AMD64, ARM, IBM p- iyo z -taxane. Intaa waxaa dheer, shaqada waxaa lagu taageeraa gudaha hypervisors QEMU, Firecracker, waxaana sidoo kale jira la dhexgalka weel. Koodhka ayaa laga heli karaa at GitHub hoos shatiga MIT.

Astaamaha furaha ah

  • La shaqeynta xudunta goonida ah, sidaas darteed bixinta shabakad, xusuusta iyo go'doominta I / O, waxaa suurtagal ah in lagu qasbo isticmaalka go'doominta qalabka iyadoo lagu saleynayo kordhinta farsamada
  • Taageerada heerarka warshadaha oo ay ku jiraan OCI (qaabka weelka), Kubernetes CRI
  • Waxqabadka joogtada ah ee weelasha Linux ee caadiga ah, go'doominta kordhay iyada oo aan la dhaafin waxqabadka VM-yada caadiga ah
  • Baabi'in baahida loo qabo in lagu socodsiiyo weelasha gudaha mashiinnada farsamada gacanta oo dhammaystiran, is-dhexgalka guud ayaa fududeynaya is-dhexgalka iyo bilaabista

Ku rakibida

Waxaa jira badan ikhtiyaarrada rakibaadda, waxaan tixgelin doonaa ka soo dejinta kaydadka, oo ku saleysan nidaamka hawlgalka Centos 7.
muhiim ah: Kata Containers shaqada waxaa lagu taageeraa oo kaliya qalabka, gudbinta wax-qabadka had iyo jeer ma shaqeyso, sidoo kale u baahan sse4.1 taageero ka processor-ka.

Ku rakibida Konteenarada Kata waa wax fudud:

Ku rakib yutiilitida la shaqaynta kaydka:

# yum -y install yum-utils

Disable Selinux (waa sax in la habeeyo, laakiin fududaanteeda waan joojiyaa):

# setenforce 0
# sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config

Waxaan isku xireynaa kaydka oo waxaan sameyneynaa rakibidda

# source /etc/os-release
# ARCH=$(arch)
# BRANCH="${BRANCH:-stable-1.10}"
# yum-config-manager --add-repo "http://download.opensuse.org/repositories/home:/katacontainers:/releases:/${ARCH}:/${BRANCH}/CentOS_${VERSION_ID}/home:katacontainers:releases:${ARCH}:${BRANCH}.repo"
# yum -y install kata-runtime kata-proxy kata-shim

sixitaanka

Waxaan dejin doonaa si aan ula shaqeeyo docker, rakibadeedu waa mid caadi ah, si faahfaahsan ugu sharraxi maayo:

# rpm -qa | grep docker
docker-ce-cli-19.03.6-3.el7.x86_64
docker-ce-19.03.6-3.el7.x86_64
# docker -v
Docker version 19.03.6, build 369ce74a3c

Waxaan ku samaynaa isbedel daemon.json:

# cat <<EOF > /etc/docker/daemon.json
{
  "default-runtime": "kata-runtime",
  "runtimes": {
    "kata-runtime": {
      "path": "/usr/bin/kata-runtime"
    }
  }
}
EOF

Dib u bilaw xidhidhka

# service docker restart

Baaritaanka Caafimaadka

Haddii aad bilowdo weelka ka hor inta aanad dib u bilaabin docker, waxaad arki kartaa in magaca aan la magacaabin uu ku siin doono nooca kernel-ka ee ku shaqeeya nidaamka ugu muhiimsan:

# docker run busybox uname -a
Linux 19efd7188d06 3.10.0-1062.12.1.el7.x86_64 #1 SMP Tue Feb 4 23:02:59 UTC 2020 x86_64 GNU/Linux

Dib u bilaabashada ka dib, nooca kernel-ku wuxuu u eg yahay sidan:

# docker run busybox uname -a
Linux 9dd1f30fe9d4 4.19.86-5.container #1 SMP Sat Feb 22 01:53:14 UTC 2020 x86_64 GNU/Linux

Kooxo badan!

# time docker run busybox mount
kataShared on / type 9p (rw,dirsync,nodev,relatime,mmap,access=client,trans=virtio)
proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)
tmpfs on /dev type tmpfs (rw,nosuid,size=65536k,mode=755)
devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=666)
sysfs on /sys type sysfs (ro,nosuid,nodev,noexec,relatime)
tmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,relatime,mode=755)
cgroup on /sys/fs/cgroup/systemd type cgroup (ro,nosuid,nodev,noexec,relatime,xattr,name=systemd)
cgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (ro,nosuid,nodev,noexec,relatime,cpu,cpuacct)
cgroup on /sys/fs/cgroup/blkio type cgroup (ro,nosuid,nodev,noexec,relatime,blkio)
cgroup on /sys/fs/cgroup/memory type cgroup (ro,nosuid,nodev,noexec,relatime,memory)
cgroup on /sys/fs/cgroup/devices type cgroup (ro,nosuid,nodev,noexec,relatime,devices)
cgroup on /sys/fs/cgroup/perf_event type cgroup (ro,nosuid,nodev,noexec,relatime,perf_event)
cgroup on /sys/fs/cgroup/net_cls,net_prio type cgroup (ro,nosuid,nodev,noexec,relatime,net_cls,net_prio)
cgroup on /sys/fs/cgroup/freezer type cgroup (ro,nosuid,nodev,noexec,relatime,freezer)
cgroup on /sys/fs/cgroup/pids type cgroup (ro,nosuid,nodev,noexec,relatime,pids)
cgroup on /sys/fs/cgroup/cpuset type cgroup (ro,nosuid,nodev,noexec,relatime,cpuset)
mqueue on /dev/mqueue type mqueue (rw,nosuid,nodev,noexec,relatime)
shm on /dev/shm type tmpfs (rw,nosuid,nodev,noexec,relatime,size=65536k)
kataShared on /etc/resolv.conf type 9p (rw,dirsync,nodev,relatime,mmap,access=client,trans=virtio)
kataShared on /etc/hostname type 9p (rw,dirsync,nodev,relatime,mmap,access=client,trans=virtio)
kataShared on /etc/hosts type 9p (rw,dirsync,nodev,relatime,mmap,access=client,trans=virtio)
proc on /proc/bus type proc (ro,relatime)
proc on /proc/fs type proc (ro,relatime)
proc on /proc/irq type proc (ro,relatime)
proc on /proc/sys type proc (ro,relatime)
tmpfs on /proc/acpi type tmpfs (ro,relatime)
tmpfs on /proc/timer_list type tmpfs (rw,nosuid,size=65536k,mode=755)
tmpfs on /sys/firmware type tmpfs (ro,relatime)

real    0m2.381s
user    0m0.066s
sys 0m0.039s

# time docker run busybox free -m
              total        used        free      shared  buff/cache   available
Mem:           1993          30        1962           0           1        1946
Swap:             0           0           0

real    0m3.297s
user    0m0.086s
sys 0m0.050s

Tijaabada culeyska degdega ah

Si loo qiimeeyo khasaaraha ka soo jeeda farsamada - waxaan maamulaa sysbench, sida tusaalooyinka ugu muhiimsan qaado doorashadan.

Ku socodsiinta sysbench iyadoo la adeegsanayo Docker+containerd

Imtixaanka processor-ka

sysbench 1.0:  multi-threaded system evaluation benchmark

Running the test with following options:
Number of threads: 1
Initializing random number generator from current time

Prime numbers limit: 20000

Initializing worker threads...

Threads started!

General statistics:
    total time:                          36.7335s
    total number of events:              10000
    total time taken by event execution: 36.7173s
    response time:
         min:                                  3.43ms
         avg:                                  3.67ms
         max:                                  8.34ms
         approx.  95 percentile:               3.79ms

Threads fairness:
    events (avg/stddev):           10000.0000/0.00
    execution time (avg/stddev):   36.7173/0.00

Imtixaanka RAM

sysbench 1.0:  multi-threaded system evaluation benchmark

Running the test with following options:
Number of threads: 1
Initializing random number generator from current time

Initializing worker threads...

Threads started!

Operations performed: 104857600 (2172673.64 ops/sec)

102400.00 MiB transferred (2121.75 MiB/sec)

General statistics:
    total time:                          48.2620s
    total number of events:              104857600
    total time taken by event execution: 17.4161s
    response time:
         min:                                  0.00ms
         avg:                                  0.00ms
         max:                                  0.17ms
         approx.  95 percentile:               0.00ms

Threads fairness:
    events (avg/stddev):           104857600.0000/0.00
    execution time (avg/stddev):   17.4161/0.00

Ku socodsiinta sysbench iyadoo la adeegsanayo Docker+Kata Containers

Imtixaanka processor-ka

sysbench 1.0:  multi-threaded system evaluation benchmark

Running the test with following options:
Number of threads: 1
Initializing random number generator from current time

Prime numbers limit: 20000

Initializing worker threads...

Threads started!

General statistics:
    total time:                          36.5747s
    total number of events:              10000
    total time taken by event execution: 36.5594s
    response time:
         min:                                  3.43ms
         avg:                                  3.66ms
         max:                                  4.93ms
         approx.  95 percentile:               3.77ms

Threads fairness:
    events (avg/stddev):           10000.0000/0.00
    execution time (avg/stddev):   36.5594/0.00

Imtixaanka RAM

sysbench 1.0:  multi-threaded system evaluation benchmark

Running the test with following options:
Number of threads: 1
Initializing random number generator from current time

Initializing worker threads...

Threads started!

Operations performed: 104857600 (2450366.94 ops/sec)

102400.00 MiB transferred (2392.94 MiB/sec)

General statistics:
    total time:                          42.7926s
    total number of events:              104857600
    total time taken by event execution: 16.1512s
    response time:
         min:                                  0.00ms
         avg:                                  0.00ms
         max:                                  0.43ms
         approx.  95 percentile:               0.00ms

Threads fairness:
    events (avg/stddev):           104857600.0000/0.00
    execution time (avg/stddev):   16.1512/0.00

Mabda 'ahaan, xaaladdu waa horeba way caddahay, laakiin way fiicantahay in la sameeyo imtixaanada dhowr jeer, ka saarida kuwa ka baxsan iyo celceliska natiijooyinka, sidaas darteed weli ma sameeyo baaritaanno dheeraad ah.

natiijooyinka

In kasta oo xaqiiqda ah in weelasha noocan oo kale ah ay qaataan ilaa shan ilaa toban jeer ka dheer si ay u bilaabaan (waqtiga caadiga ah ee socodsiinta amarrada la midka ah marka la isticmaalayo weelku waa wax ka yar seddex meelood meel ilbiriqsi), wali waxay si dhakhso ah u shaqeeyaan haddii aan qaadano wakhtiga bilawga ah (halkaas) waa tusaalayaal sare, amarada lagu sameeyo celcelis ahaan saddex ilbiriqsi). Waa hagaag, natiijooyinka tijaabada degdegga ah ee CPU iyo RAM waxay muujinayaan natiijooyin isku mid ah, kuwaas oo aan ku farxi karin, gaar ahaan marka la eego xaqiiqda ah in go'doominta la bixiyo iyadoo la adeegsanayo habka si wanaagsan loo maamulo sida kvm.

Ogeysiis

Maqaalku waa dib u eegis, laakiin waxa uu ku siinayaa fursad aad ku dareento runtime ka duwan. Meelo badan oo codsi ah lama daboolin, tusaale ahaan, goobta ayaa sharraxaysa awoodda Kubernetes ee dusha sare ee Konteenarada Kata. Intaa waxaa dheer, waxaad sidoo kale samayn kartaa imtixaano taxane ah oo diiradda lagu saarayo helida dhibaatooyinka amniga, dejinta xaddidaadda, iyo waxyaabo kale oo xiiso leh.

Waxaan ka codsanayaa dhammaan kuwa akhriyay oo dib u soo celiyay inay ka qaybqaataan sahanka, daabacaadda mustaqbalka ee mawduucan waxay ku xirnaan doontaa.

Isticmaalayaasha diiwaangashan oo keliya ayaa ka qaybqaadan kara sahanka. Soo gal, soo dhawoow.

Miyaan sii wadaa daabacaadda maqaallada ku saabsan Konteenarada Kata?

  • 80,0%Haa, wax badan qor!28

  • 20,0%Maya, ha yeelin…7

35 isticmaale ayaa u codeeyay. 7 isticmaale ayaa ka aamusay.

Source: www.habr.com

Add a comment