- duubabka loogu talagalay , kaas oo kuu ogolaanaya inaad sharaxdo soo saaris badan oo hal meel ah, oo jaantuskooda ku cabbiraya dhowr deegaan, iyo sidoo kale dejinaya habka loo dirayo.
Waxaad ka akhrisan kartaa helmfile laftiisa iyo tusaalooyinka isticmaalkiisa и .
Waxaan baran doonaa siyaalo aan cad cad oo lagu qeexo siidaynta helmfile
Aynu nidhaahno waxaanu haynaa baakad jaantusyo koofiyad ah (tusaale ahaan, aynu nidhaahno postgres iyo qaar ka mid ah codsiga dhabarka ah) iyo dhawr deegaan (kutooyin badan oo kubernetes ah, magacyo badan, ama dhawr ka mid ah labadaba). Waanu qaadanaa helmfile, akhrina dukumeentiyada oo aanu bilownaa inaanu sharaxno bay'adayada iyo sii dayntayada:
.
├── envs
│ ├── devel
│ │ └── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
│ └── production
│ └── values
│ ├── backend.yaml
│ └── postgres.yaml
└── helmfile.yamlhelmfile.yaml
environments:
devel:
production:
releases:
- name: postgres
labels:
app: postgres
wait: true
chart: stable/postgresql
version: 8.4.0
values:
- envs/{{ .Environment.Name }}/values/postgres.yaml
- name: backend
labels:
app: backend
wait: true
chart: private-helm-repo/backend
version: 1.0.5
needs:
- postgres
values:
- envs/{{ .Environment.Name }}/values/backend.yamlWaxaan ku soo gabagabeynay 2 deegaan: horumariyo, wax soo saarka - mid kastaa wuxuu ka kooban yahay qiyamkiisa gaarka ah ee jaantusyada sii deynta koofiyadda. Waxaan u geyn doonaa sidatan:
helmfile -n <namespace> -e <env> applyNoocyada kala duwan ee jaantusyada koofiyadda ee deegaanno kala duwan
Maxaa dhacaya haddii aan u baahanahay inaan u soo saarno noocyo kala duwan oo dhabarka ah oo loo diro deegaanno kala duwan? Sidee loo cabbiraa nooca sii daynta? Qiimaha deegaanka ee laga heli karo iyada oo loo marayo {{ .Values }}
helmfile.yaml
environments:
devel:
+ values:
+ - charts:
+ versions:
+ backend: 1.1.0
production:
+ values:
+ - charts:
+ versions:
+ backend: 1.0.5
...
- name: backend
labels:
app: backend
wait: true
chart: private-helm-repo/backend
- version: 1.0.5
+ version: {{ .Values.charts.versions.backend }}
...Codsiyada kala duwan ee jawiga kala duwan
Way fiicantahay, laakiin ka waran haddii aanan u baahnayn production soo rogo postgres, sababtoo ah waxaan ognahay inaanan u baahnayn inaan ku riixno xogta k8s iyo iibka waxaan haysanaa koox cajiib ah oo gooni ah? Si loo xaliyo dhibaatadan waxaan haynaa calaamado
helmfile -n <namespace> -e devel apply
helmfile -n <namespace> -e production -l app=backend applyTani waa mid aad u fiican, laakiin shakhsi ahaan waxaan doorbidayaa inaan sharaxo codsiyada loo diro deegaanka iyada oo aan la isticmaalin doodaha bilawga ah, laakiin sharaxaadda deegaanka laftooda. Maxaa la sameeyaa? Waxaad ku dhejin kartaa sharraxaadaha siideynta gal gaar ah, samee liis ah siidaynta lagama maarmaanka ah ee sharaxaadda deegaanka oo "qaado" kaliya sii deynta lagama maarmaanka ah, iska indhatiraya inta soo hartay
.
├── envs
│ ├── devel
│ │ └── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
│ └── production
│ └── values
│ ├── backend.yaml
│ └── postgres.yaml
+ ├── releases
+ │ ├── backend.yaml
+ │ └── postgres.yaml
└── helmfile.yaml
helmfile.yaml
environments:
devel:
values:
- charts:
versions:
backend: 1.1.0
- apps:
- postgres
- backend
production:
values:
- charts:
versions:
backend: 1.0.5
- apps:
- backend
- releases:
- - name: postgres
- labels:
- app: postgres
- wait: true
- chart: stable/postgresql
- version: 8.4.0
- values:
- - envs/{{ .Environment.Name }}/values/postgres.yaml
- - name: backend
- labels:
- app: backend
- wait: true
- chart: private-helm-repo/backend
- version: {{ .Values.charts.versions.backend }}
- needs:
- - postgres
- values:
- - envs/{{ .Environment.Name }}/values/backend.yaml
+ ---
+ bases:
+ {{- range .Values.apps }}
+ - releases/{{ . }}.yaml
+ {{- end }}releases/postgres.yaml
releases:
- name: postgres
labels:
app: postgres
wait: true
chart: stable/postgresql
version: 8.4.0
values:
- envs/{{ .Environment.Name }}/values/postgres.yamlreleases/backend.yaml
releases:
- name: backend
labels:
app: backend
wait: true
chart: private-helm-repo/backend
version: {{ .Values.charts.versions.backend }}
needs:
- postgres
values:
- envs/{{ .Environment.Name }}/values/backend.yamlQoraalka
Markaad isticmaasho bases: waa lagama maarmaan in la isticmaalo yaml kala saara ---, si aad u qaabayn karto sii deynta (iyo qaybaha kale, sida helmDefaults) oo leh qiyamka deegaanka
Xaaladdan oo kale, sii-deynta postgres xitaa laguma dari doono sharraxaadda wax-soo-saarka. Aad u raaxo leh!
Qiimaha caalamiga ah ee la dhaafi karo ee la sii daayo
Dabcan, aad ayay u fiican tahay in aad dejin karto qiyamka jaantusyada koofiyadda ee deegaan kasta, laakiin ka waran haddii aan haysanno deegaanno dhowr ah oo lagu sharraxay, oo aan rabno, tusaale ahaan, inaan isku mid u dhigno dhammaan affinity, laakiin ma rabno inaan u habaynno jaantusyada laftooda, kuwaas oo lagu kaydiyo bagalka.
Xaaladdan oo kale, sii deyn kasta waxaan ku qeexi karnaa 2 faylal oo leh qiyam: kan ugu horreeya oo leh qiyamka caadiga ah, kaas oo go'aamin doona qiyamka jaantuska laftiisa, iyo kan labaad oo leh qiyamka deegaanka, taas oo iyana meesha ka saari doonta kuwa caadiga ah.
.
├── envs
+ │ ├── default
+ │ │ └── values
+ │ │ ├── backend.yaml
+ │ │ └── postgres.yaml
│ ├── devel
│ │ └── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
│ └── production
│ └── values
│ ├── backend.yaml
│ └── postgres.yaml
├── releases
│ ├── backend.yaml
│ └── postgres.yaml
└── helmfile.yamlreleases/backend.yaml
releases:
- name: backend
labels:
app: backend
wait: true
chart: private-helm-repo/backend
version: {{ .Values.charts.versions.backend }}
needs:
- postgres
values:
+ - envs/default/values/backend.yaml
- envs/{{ .Environment.Name }}/values/backend.yamlenvs/default/values/backend.yaml
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 1
podAffinityTerm:
labelSelector:
matchExpressions:
- key: app.kubernetes.io/name
operator: In
values:
- backend
topologyKey: "kubernetes.io/hostname"Qeexidda qiyamka caalamiga ah ee jaantusyada koofiyadda ee dhammaan sii daynta heerka deegaanka
Aynu nidhaahno waxaanu ku abuurnay dhawr galmood oo dhawr sii dayn ah - waxaan gacanta ku qeexi karnaa jaantus kasta hosts:, laakiin xaaladdeenna domainku waa isku mid, markaa maxaad u gelin weyday doorsoomayaal caalami ah oo si fudud ugu beddelin qiimaheeda jaantusyada? Si tan loo sameeyo, faylasha leh qiyamka aan rabno inaan cabbirno waa inay lahaadaan kordhinta .gotmpl, si helmfile u ogaado in loo baahan yahay in lagu dhex mariyo mashiinka template.
.
├── envs
│ ├── default
│ │ └── values
- │ │ ├── backend.yaml
- │ │ ├── postgres.yaml
+ │ │ ├── backend.yaml.gotmpl
+ │ │ └── postgres.yaml.gotmpl
│ ├── devel
│ │ └── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
│ └── production
│ └── values
│ ├── backend.yaml
│ └── postgres.yaml
├── releases
│ ├── backend.yaml
│ └── postgres.yaml
└── helmfile.yamlhelmfile.yaml
environments:
devel:
values:
- charts:
versions:
backend: 1.1.0
- apps:
- postgres
- backend
+ - global:
+ ingressDomain: k8s.devel.domain
production:
values:
- charts:
versions:
backend: 1.0.5
- apps:
- backend
+ - global:
+ ingressDomain: production.domain
---
bases:
{{- range .Values.apps }}
- releases/{{ . }}.yaml
{{- end }}envs/default/values/backend.yaml.gotmpl
ingress:
enabled: true
paths:
- /api
hosts:
- {{ .Values.global.ingressDomain }}envs/default/values/postgres.yaml.gotmpl
ingress:
enabled: true
paths:
- /
hosts:
- postgres.{{ .Values.global.ingressDomain }}Qoraalka
Sida iska cad, soo galitaanka jaantuska postgres waa shay aad u shaki badan, sidaa darteed maqaalkan waxaa si fudud loogu bixiyaa tusaale qaabaysan meel banaan ah iyo si aan loo soo bandhigin qaar ka mid ah sii deynta cusub ee maqaalka si loo qeexo galitaanka.
Beddelka siraha qiyamka deegaanka
Marka la barbardhigo tusaalaha kore, waxaad ku beddeli kartaa kuwa sir ah adigoo isticmaalaya macnaha. Halkii aan ka abuuri lahayn fayl sirahayaga ah siideynta kasta, kaas oo aan ku qeexi karno qiyamka sirta ah ee jaantuska, waxaan si fudud u qeexi karnaa siideynta default.yaml.gotmpl qiyamka laga soo qaadan doono doorsoomayaasha lagu qeexay heerka deegaanka. Iyo qiyamka aan u baahnayn inaan cidna ka qarinno si fudud ayaa dib loogu qeexi karaa qiyamka sii deynta ee deegaan gaar ah.
.
├── envs
│ ├── default
│ │ └── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
│ ├── devel
│ │ ├── values
│ │ │ ├── backend.yaml
│ │ │ └── postgres.yaml
+ │ │ └── secrets.yaml
│ └── production
│ ├── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
+ │ └── secrets.yaml
├── releases
│ ├── backend.yaml
│ └── postgres.yaml
└── helmfile.yamlhelmfile.yaml
environments:
devel:
values:
- charts:
versions:
backend: 1.1.0
- apps:
- postgres
- backend
- global:
ingressDomain: k8s.devel.domain
+ secrets:
+ - envs/devel/secrets.yaml
production:
values:
- charts:
versions:
backend: 1.0.5
- apps:
- backend
- global:
ingressDomain: production.domain
+ secrets:
+ - envs/production/secrets.yaml
---
bases:
{{- range .Values.apps }}
- releases/{{ . }}.yaml
{{- end }}envs/devel/secrets.yaml
secrets:
elastic:
password: ENC[AES256_GCM,data:hjCB,iv:Z1P6/6xBJgJoKLJ0UUVfqZ80o4L84jvZfM+uH9gBelc=,tag:dGqQlCZnLdRAGoJSj63rBQ==,type:int]
...envs/production/secrets.yaml
secrets:
elastic:
password: ENC[AES256_GCM,data:ZB/VpTFk8f0=,iv:EA//oT1Cb5wNFigTDOz3nA80qD9UwTjK5cpUwLnEXjs=,tag:hMdIUaqLRA8zuFBd82bz6A==,type:str]
...envs/default/values/backend.yaml.gotmpl
elasticsearch:
host: elasticsearch
port: 9200
password: {{ .Values | getOrNil "secrets.elastic.password" | default "password" }}envs/devel/values/backend.yaml
elasticsearch:
host: elastic-0.devel.domainenvs/production/values/backend.yaml
elasticsearch:
host: elastic-0.production.domainQoraalka
By habka, getOrNil - shaqo gaar ah oo loogu talagalay go templates ee helmfile, kaas oo, xitaa haddii .Values.secrets ma jiri doonto, ma tuuri doonto qalad, laakiin waxay u oggolaan doontaa natiijada adoo isticmaalaya shaqada default beddelka qiimaha caadiga ah
gunaanad
Waxyaabaha lagu sharraxay waxay u muuqdaan kuwo cad, laakiin macluumaadka ku saabsan sharraxaadda ku habboon ee la geynayo deegaanno dhowr ah oo isticmaalaya helmfile waa mid aad u yar, waxaanan jeclahay IaC (Kaabayaasha-sida-Code) oo waxaan rabaa in aan si cad u bixiyo gobolka la dirayo.
Gebogebadii, waxaan jeclaan lahaa in aan ku daro in doorsoomayaasha deegaanka caadiga ah ay, iyaguna, la jaan-qaadi karaan doorsoomayaasha deegaanka ee OS-da orodyahan gaar ah oo laga soo daabuli doono, oo ay ku helaan jawi firfircoon.
helmfile.yaml
environments:
default:
values:
- global:
clusterDomain: {{ env "CLUSTER_DOMAIN" | default "cluster.local" }}
ingressDomain: {{ env "INGRESS_DOMAIN" }}Source: www.habr.com