ProHoster > Π‘Π»ΠΎΠ³ > Maamulka > Plugins mugga kaydinta Kubernetes: laga bilaabo Flexvolume ilaa CSI

Plugins mugga kaydinta Kubernetes: laga bilaabo Flexvolume ilaa CSI

Plugins mugga kaydinta Kubernetes: laga bilaabo Flexvolume ilaa CSI

Back markii Kubernetes weli v1.0.0, waxaa jiray plugins mugga. Waxa loo baahday in lagu xidho nidaamyada Kubernetes si loo kaydiyo xogta weelka joogtada ah (joogta ah). Tiradoodu way yarayd, waxaana ka mid ahaa kuwa ugu horreeya bixiyeyaasha kaydinta sida GCE PD, Ceph, AWS EBS iyo kuwa kale.

Plugins-yada waxaa la keenay Kubernetes, taas oo ah sababta ay magacooda u heleen - geed-geed. Si kastaba ha ahaatee, qaar badan, set-ka jira ee plugins noocan oo kale ah ayaa noqday kuwo aan ku filnayn. Farsamoyaqaannada ayaa ku daray plugins fudud xudunta Kubernetes iyaga oo isticmaalaya balastar, ka dib waxay soo ururiyeen Kubernetes iyaga u gaar ah oo ku rakibay server-yadooda. Laakiin waqti ka dib, horumarinta Kubernetes waxay garteen taas kalluun dhibka lama xalin karo. Dadku waxay u baahan yihiin usha kalluumeysiga. Iyo sii deynta Kubernetes v1.2.0 waxay u muuqatay ...

Flexvolume plugin: usha kalluumeysiga ugu yar

Horumarinta Kubernetes waxay abuurtay FlexVolume plugin, kaas oo ahaa qaab macquul ah oo doorsoomayaal iyo hababka la shaqaynta darawalada Flexvolume ee ay hirgeliyeen horumariyeyaasha dhinac saddexaad.

Aan istaagno oo aan si dhow u eegno waxa uu yahay darawalka FlexVolume. Tani waa wax la hubo file la fulin karo (faylka binary, script Python, script Bash, iwm.), kaas oo, marka la fuliyo, qaata doodaha khadka taliska sidii gelinta oo soo celisa fariin leh meelo hore loo yaqaan oo qaab JSON ah. Sida caadiga ah, doodda xariiqda taliska ugu horreysa had iyo jeer waa hab, doodaha soo harayna waa cabbirkiisa.

Plugins mugga kaydinta Kubernetes: laga bilaabo Flexvolume ilaa CSI
Jaantuska isku xirka ee saamiyada CIFS ee OpenShift. Darawalka Flexvolume - Midig gudaha Xarunta

Habka ugu yar sidan oo kale:

flexvolume_driver mount # ΠΎΡ‚Π²Π΅Ρ‡Π°Π΅Ρ‚ Π·Π° присоСдинСниС Ρ‚ΠΎΠΌΠ° ΠΊ pod'Ρƒ
# Π€ΠΎΡ€ΠΌΠ°Ρ‚ Π²ΠΎΠ·Π²Ρ€Π°Ρ‰Π°Π΅ΠΌΠΎΠ³ΠΎ сообщСния:
{
  "status": "Success"/"Failure"/"Not supported",
  "message": "По ΠΊΠ°ΠΊΠΎΠΉ ΠΏΡ€ΠΈΡ‡ΠΈΠ½Π΅ Π±Ρ‹Π» Π²ΠΎΠ·Π²Ρ€Π°Ρ‰Π΅Π½ ΠΈΠΌΠ΅Π½Π½ΠΎ Ρ‚Π°ΠΊΠΎΠΉ статус",
}

flexvolume_driver unmount # ΠΎΡ‚Π²Π΅Ρ‡Π°Π΅Ρ‚ Π·Π° отсоСдинСниС Ρ‚ΠΎΠΌΠ° ΠΎΡ‚ pod'Π°
# Π€ΠΎΡ€ΠΌΠ°Ρ‚ Π²ΠΎΠ·Π²Ρ€Π°Ρ‰Π°Π΅ΠΌΠΎΠ³ΠΎ сообщСния:
{
  "status": "Success"/"Failure"/"Not supported",
  "message": "По ΠΊΠ°ΠΊΠΎΠΉ ΠΏΡ€ΠΈΡ‡ΠΈΠ½Π΅ Π±Ρ‹Π» Π²ΠΎΠ·Π²Ρ€Π°Ρ‰Π΅Π½ ΠΈΠΌΠ΅Π½Π½ΠΎ Ρ‚Π°ΠΊΠΎΠΉ статус",
}

flexvolume_driver init # ΠΎΡ‚Π²Π΅Ρ‡Π°Π΅Ρ‚ Π·Π° ΠΈΠ½ΠΈΡ†ΠΈΠ°Π»ΠΈΠ·Π°Ρ†ΠΈΡŽ ΠΏΠ»Π°Π³ΠΈΠ½Π°
# Π€ΠΎΡ€ΠΌΠ°Ρ‚ Π²ΠΎΠ·Π²Ρ€Π°Ρ‰Π°Π΅ΠΌΠΎΠ³ΠΎ сообщСния:
{
  "status": "Success"/"Failure"/"Not supported",
  "message": "По ΠΊΠ°ΠΊΠΎΠΉ ΠΏΡ€ΠΈΡ‡ΠΈΠ½Π΅ Π±Ρ‹Π» Π²ΠΎΠ·Π²Ρ€Π°Ρ‰Π΅Π½ ΠΈΠΌΠ΅Π½Π½ΠΎ Ρ‚Π°ΠΊΠΎΠΉ статус",
  // ΠžΠΏΡ€Π΅Π΄Π΅Π»ΡΠ΅Ρ‚, ΠΈΡΠΏΠΎΠ»ΡŒΠ·ΡƒΠ΅Ρ‚ Π»ΠΈ Π΄Ρ€Π°ΠΉΠ²Π΅Ρ€ ΠΌΠ΅Ρ‚ΠΎΠ΄Ρ‹ attach/deatach
  "capabilities":{"attach": True/False}
}

Isticmaalka Hababka attach ΠΈ detach ayaa qeexi doona xaaladda uu kubelet ku dhaqmi doono mustaqbalka marka uu wacayo darawalka. Waxa kale oo jira habab gaar ah expandvolume ΠΈ expandfs, kuwaas oo mas'uul ka ah inay si firfircoon u cabbiraan mugga.

Tusaale ahaan isbeddelada uu habku soo kordhinayo expandvolume, iyo iyada oo leh awoodda lagu cabbiro mugga wakhtiga dhabta ah, waxaad baran kartaa naftaada codsigeena jiidid ee Rook Ceph Operator.

Oo halkan waa tusaale hirgelinta darawalka Flexvolume ee la shaqaynta NFS:

usage() {
    err "Invalid usage. Usage: "
    err "t$0 init"
    err "t$0 mount <mount dir> <json params>"
    err "t$0 unmount <mount dir>"
    exit 1
}

err() {
    echo -ne $* 1>&2
}

log() {
    echo -ne $* >&1
}

ismounted() {
    MOUNT=`findmnt -n ${MNTPATH} 2>/dev/null | cut -d' ' -f1`
    if [ "${MOUNT}" == "${MNTPATH}" ]; then
        echo "1"
    else
        echo "0"
    fi
}

domount() {
    MNTPATH=$1

    NFS_SERVER=$(echo $2 | jq -r '.server')
    SHARE=$(echo $2 | jq -r '.share')

    if [ $(ismounted) -eq 1 ] ; then
        log '{"status": "Success"}'
        exit 0
    fi

    mkdir -p ${MNTPATH} &> /dev/null

    mount -t nfs ${NFS_SERVER}:/${SHARE} ${MNTPATH} &> /dev/null
    if [ $? -ne 0 ]; then
        err "{ "status": "Failure", "message": "Failed to mount ${NFS_SERVER}:${SHARE} at ${MNTPATH}"}"
        exit 1
    fi
    log '{"status": "Success"}'
    exit 0
}

unmount() {
    MNTPATH=$1
    if [ $(ismounted) -eq 0 ] ; then
        log '{"status": "Success"}'
        exit 0
    fi

    umount ${MNTPATH} &> /dev/null
    if [ $? -ne 0 ]; then
        err "{ "status": "Failed", "message": "Failed to unmount volume at ${MNTPATH}"}"
        exit 1
    fi

    log '{"status": "Success"}'
    exit 0
}

op=$1

if [ "$op" = "init" ]; then
    log '{"status": "Success", "capabilities": {"attach": false}}'
    exit 0
fi

if [ $# -lt 2 ]; then
    usage
fi

shift

case "$op" in
    mount)
        domount $*
        ;;
    unmount)
        unmount $*
        ;;
    *)
        log '{"status": "Not supported"}'
        exit 0
esac

exit 1

Markaa, ka dib markaad diyaariso faylka dhabta ah ee la fulin karo, waxaad u baahan tahay ku shub darawalka kooxda Kubernetes. Darawalku waa in uu ku yaal meel kasta oo kooxeed iyada oo loo eegayo dariiq hore loo sii go'aamiyey. Si toos ah ayaa loo doortay:

/usr/libexec/kubernetes/kubelet-plugins/volume/exec/имя_поставщика_Ρ…Ρ€Π°Π½ΠΈΠ»ΠΈΡ‰Π°~имя_Π΄Ρ€Π°ΠΉΠ²Π΅Ρ€Π°/

Laakiin marka la isticmaalayo qaybinta Kubernetes kala duwan (OpenShift, Rancher...) jidku wuu ka duwanaan karaa.

Dhibaatooyinka Flexvolume: sidee loo tuuraa usha kalluumeysiga si sax ah?

U raritaanka darawalka Flexvolume ee qanjidhada kooxda waxay noqotay hawl aan fududayn. Ka dib markii qaliinka lagu sameeyay hal mar, way fududahay inaad la kulanto xaalad ay qanjidhada cusub ka soo baxaan kutlada: sababtoo ah kordhinta noodhka cusub, miisaan toosan oo toos ah, ama - waxa ka sii daran - bedelida qanjidhada sababtoo ah cilad. Xaaladdan oo kale, la shaqeynta kaydinta qanjidhadan waa in la sameeyaa waa wax aan macquul ahayn, ilaa aad wali gacanta ku darto darawalka Flexvolume iyaga.

Xalka dhibaatadani wuxuu ahaa mid ka mid ah kuwii hore ee Kubernetes - DaemonSet. Marka noodhka cusubi ka soo muuqdo kooxda, waxa ay si toos ah uga kooban tahay qayb ka mid ah DaemonSet-kayaga, kaas oo mugga maxalliga ahi uu ku dheggan yahay waddada si loo helo darawallada Flexvolume. Marka si guul leh loo abuuro, boodhku wuxuu koobiyaa faylasha lagama maarmaanka u ah darawalka si uu ugu shaqeeyo saxanka.

Waa kan tusaale ahaan DaemonSet-ka noocan oo kale ah ee dejinta Flexvolume plugin:

apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
  name: flex-set
spec:
  template:
    metadata:
      name: flex-deploy
      labels:
        app: flex-deploy
    spec:
      containers:
        - image: <deployment_image>
          name: flex-deploy
          securityContext:
              privileged: true
          volumeMounts:
            - mountPath: /flexmnt
              name: flexvolume-mount
      volumes:
        - name: flexvolume-mount
          hostPath:
            path: <host_driver_directory>

iyo tusaale qoraalka Bash ee dejinta darawalka Flexvolume:

#!/bin/sh

set -o errexit
set -o pipefail

VENDOR=k8s.io
DRIVER=nfs

driver_dir=$VENDOR${VENDOR:+"~"}${DRIVER}
if [ ! -d "/flexmnt/$driver_dir" ]; then
  mkdir "/flexmnt/$driver_dir"
fi

cp "/$DRIVER" "/flexmnt/$driver_dir/.$DRIVER"
mv -f "/flexmnt/$driver_dir/.$DRIVER" "/flexmnt/$driver_dir/$DRIVER"

while : ; do
  sleep 3600
done

Waa muhiim in aan la iloobin in hawlgalka nuqulka atomic ma aha. Waxaa jirta fursad aad u sareysa in kubeletku uu bilaabo isticmaalka darawalka ka hor inta aan la dhamaystirin habka bixinta, taas oo keenaysa in nidaamku burburo. Habka saxda ah waa in marka hore la koobiyo faylasha darawalka oo wata magac kale, ka dibna la isticmaalo atomikada magaca beddelka.

Plugins mugga kaydinta Kubernetes: laga bilaabo Flexvolume ilaa CSI
Jaantuska la shaqaynta Ceph ee hawl wadeenka Rook: darawalka Flexvolume ee jaantusku waxa uu ku yaalaa gudaha wakiilka Rook

Dhibaatada xigta marka la isticmaalayo Flexvolume darawalada waa in inta badan kaydinta ee kutlada noode ah software-ka lagama maarmaanka u ah tan waa in la rakibaa (tusaale ahaan, xirmada ceph-ka caadiga ah ee Ceph). Markii hore, plugin-ka Flexvolume looma qorshayn inuu hirgeliyo nidaamyadan adag.

Xalka asalka ah ee dhibaatadan waxaa lagu arki karaa Flexvolume darawalka hirgelinta hawlwadeenka Rook:

Darawalka laftiisa ayaa loo qaabeeyay sidii macmiil RPC ah. Socket-ka IPC ee isgaarsiintu waxa uu ku yaalaa buug la mid ah darawalka laftiisa. Waxaan xasuusannahay in si loo koobiyo faylasha darawalka ay fiicnaan lahayd in la isticmaalo DaemonSet, kaas oo isku xira tusaha iyo darawalka sida mugga. Ka dib markii la koobiyeeyo faylalka darawalka rook ee lagama maarmaanka ah, boodhkani ma dhinto, laakiin wuxuu ku xiraa godka IPC iyada oo loo marayo mugga ku lifaaqan sida server-ka buuxa ee RPC. Xirmada guud ee ceph-ga ayaa mar horeba lagu rakibay weelka birta. Socket-ka IPC wuxuu hubinayaa in kubelet-ku uu si sax ah ula xiriiri doono godka ku yaal isla noodka. Wax kasta oo xariif ah waa sahlan yihiin! ..

Nabadgelyo, kalgacalkayagu... plugins-geedeedka!

Horumarinta Kubernetes waxay ogaadeen in tirada plugins ee kaydinta gudaha xudunta ay tahay labaatan. Iyo isbeddel ku yimaada mid kasta oo iyaga ka mid ah, hal waddo ama mid kale, waxay maraysaa wareegga sii deynta Kubernetes oo buuxa.

Waxaa soo baxday in la isticmaalo nooca cusub ee plugin kaydinta, waxaad u baahan tahay inaad cusboonaysiiso kooxda oo dhan. Intaa waxaa dheer, waxaa laga yaabaa inaad la yaabto in nooca cusub ee Kubernetes uu si lama filaan ah u noqon doono mid aan la socon karin Linux kernel ee aad isticmaalayso cusboonaysii kernel Linux iyo Kubernetes cluster Iyadoo wakhtiga suurtagalka ah ee bixinta adeegyada.

Xaaladdu waa ka badan tahay majaajillo, miyaadan u malaynayn? Waxaa bulshada oo dhan u caddaatay in habkaasi aanu shaqaynayn. Go'aan badheedh ah, horumarinta Kubernetes waxay ku dhawaaqayaan in plugins-yada cusub ee la shaqaynta kaydinta aan mar dambe la aqbali doonin kernel-ka. Intaa waxaa dheer, sida aan horayba u ognahay, tiro ka mid ah cilladaha ayaa lagu aqoonsaday hirgelinta Flexvolume plugin ...

Plugin-gii ugu dambeeyay ee lagu daray ee ku yaal Kubernetes, CSI, ayaa loogu baaqay in lagu xiro arrinta kaydinta xogta joogtada ah mar iyo dhammaan. Noockeeda alfa, oo si buuxda loogu tixraacayo Plugins Volume CSI-ka-baxsan, ayaa lagu dhawaaqay siidaynta Kubernetes 1.9.

Interface Kaydinta Kontaynar, ama CSI 3000 usha wareega!

Ugu horreyntii, waxaan jeclaan lahaa in aan ogaado in CSI aysan ahayn kaliya plugin mugga, laakiin dhab ah heerka abuurista qaybo gaar ah oo loogu talagalay la shaqaynta bakhaarrada xogta. Nidaamyada habaynta weelasha sida Kubernetes iyo Mesos waxay ahayd inay "bartaan" sida loogu shaqeeyo qaybaha lagu fuliyay si waafaqsan heerkan. Oo hadda waxaan hore u bartay Kubernetes.

Waa maxay qaab-dhismeedka plugin CSI ee Kubernetes? Qalabka CSI wuxuu la shaqeeyaa darawallo gaar ah (Darawalada CSI) ay qoreen soosaarayaasha dhinac saddexaad. Darawalka CSI ee Kubernetes waa in uu ka kooban yahay laba qaybood (pods):

  • maamusha - waxay maamushaa kaydinta joogtada ah ee dibadda. Waxaa loo hirgeliyay sidii gRPC server-ka, kaas oo kan hore loo isticmaalo StatefulSet.
  • noode - waxay mas'uul ka tahay ku-kordhinta kaydinta joogtada ah ee qanjidhada. Waxa kale oo loo hirgeliyay sidii gRPC server, laakiin waxa ay isticmaashaa kuwa hore DaemonSet.

Plugins mugga kaydinta Kubernetes: laga bilaabo Flexvolume ilaa CSI
Sida plugin CSI uu uga shaqeeyo Kubernetes

Waxaad ka baran kartaa faahfaahin kale oo ku saabsan shaqada CSI, tusaale ahaan, maqaalka "Fahamka C.S.I." tarjumaad taaso waxaan daabacnay sanad ka hor.

Faa'iidooyinka hirgelinta noocaas ah

  • Waxyaabaha aasaasiga ah sida diiwangelinta darawalka qanjidhada, horumarinta Kubernetes waxay hirgeliyeen weel xirmo ah. Uma baahnid inaad dhaliso jawaabta JSON oo leh karti laftaadu, sida lagu sameeyay plugin-ka Flexvolume.
  • Halkii laga "simbiriiri lahaa" faylalka la fulin karo ee noodhka, hadda waxaan u rarnaa galalka kooxda. Tani waa waxa aan markii hore ka fileyno Kubernetes: dhammaan geeddi-socodyadu waxay ku dhacaan weelasha la geeyo iyada oo la adeegsanayo Kubernetes primitives.
  • Uma baahnid inaad horumariso server-ka RPC iyo macmiilka RPC si aad u hirgeliso darawallo adag. Macmiilka waxaa noo hirgeliyay horumariyeyaasha Kubernetes.
  • Gudbinta doodaha si looga shaqeeyo hab-maamuuska gRPC ayaa aad uga habboon, dabacsanaan iyo la isku halayn karo marka loo eego gudbinta doodaha khadka taliska. Si aad u fahamto sida loogu daro taageerada cabbiraadaha isticmaalka mugga CSI adiga oo ku daraya hab gRPC heersare ah, waxaad akhrin kartaa: codsigeena jiidid darawalka vsphere-csi.
  • Isgaarsiintu waxay ku dhacdaa iyada oo loo marayo saldhigyada IPC, si aan loo jahwareerin haddii kubelet u diray codsiga boodhka saxda ah.

Liiskani wax ma ku xasuusinayaa? Faa'iidooyinka CSI waa xalinta dhibaatooyinkaas oo kale, kuwaas oo aan xisaabta lagu darin marka la samaynayo plugin Flexvolume.

natiijooyinka

CSI oo halbeeg u ah hirgelinta plugins-ka caadiga ah ee la falgalka bakhaarrada xogta ayaa bulshadu si diirran u soo dhawaysay. Waxaa intaa dheer, faa'iidooyinkooda iyo kala duwanaanshahooda awgeed, darawalada CSI waxaa loo abuuray xitaa nidaamyada kaydinta sida Ceph ama AWS EBS, plugins loogu talagalay la shaqeynta kuwaas oo lagu daray nooca ugu horreeya ee Kubernetes.

Bilawga 2019, plugins-gudaha ayaa lagu dhawaaqay inay duugoobeen. Waxaan qorsheyneynaa inaan sii wadno taageerada Flexvolume plugin, laakiin ma horumarin doono shaqeyn cusub.

Anaga lafteena ayaa horeba khibrad u lahayn adeegsiga ceph-csi, vsphere-csi waxaanan diyaar u nahay inaan ku darno liiskan! Ilaa hadda, CSI waxay la qabsanaysaa hawlaha loo xilsaaray bang, laakiin waanu sugi oo aragnaa.

Ha iloobin in wax kasta oo cusub ay yihiin dib-u-eegis wanaagsan oo hore!

PS

Sidoo kale ka akhri boggayaga:

Source: www.habr.com

Add a comment