Ka saarida laanta sifada ee ku jirta kooxda Kubernetes

Hello! Laan muuqaal ah (oo loo yaqaan preview, app-ka dib u eegis) - tani waa marka laanta sayidka aan la geynin oo keliya, laakiin sidoo kale mid kastaa wuxuu u jiidayaa codsi URL gaar ah. Waxaad hubin kartaa in koodka uu ka shaqeeyo jawi wax soo saar; sifada waxaa la tusi karaa barnaamijyada kale ama khabiirada alaabta. Inta aad ka shaqaynayso codsi jiidis, mid kasta oo cusub oo la hawlgeliyay koodkii hore waa la tirtirayaa, iyo hawlgelinta cusub ee koodka cusub waa la soo saaray. Su'aalo ayaa soo bixi kara marka aad ku biirto codsiga jiidista laanta sare. Uma baahnid laanta sifada, laakiin ilaha Kubernetes ayaa wali ku jira kooxda.

Wax badan oo ku saabsan laamaha muuqaalka

Mid ka mid ah habka loo sameeyo laamo muuqaal ah ee Kubernetes waa in la isticmaalo meelo magacyo ah. Marka la soo koobo, qaabeynta wax soo saarku waxay u egtahay sidan:

kind: Namespace
apiVersion: v1
metadata:
  name: habr-back-end
...

kind: Deployment
apiVersion: apps/v1
metadata:
  namespace: habr-back-end
spec:
  replicas: 3
...

Laan sifo ah, meel magaceed ayaa la abuurayaa aqoonsigeeda (tusaale, lambarka codsiga jiida) iyo nooc ka mid ah horgalayaasha/postfix (tusaale, -pr-):

kind: Namespace
apiVersion: v1
metadata:
  name: habr-back-end-pr-17
...

kind: Deployment
apiVersion: apps/v1
metadata:
  namespace: habr-back-end-pr-17
spec:
  replicas: 1
...

Guud ahaan, waan qoray Kubernetes Operator (codsi marin u leh ilaha kooxda), isku xirka mashruuca Github. Waxay meesha ka saartaa meelaha magac ee ka tirsan laamaha sifada hore. Kubernetes, haddii aad tirtirto meel magaceed, agabyada kale ee ku jira booska magacaas ayaa si toos ah loo tirtiraa.

$ kubectl get pods --all-namespaces | grep -e "-pr-"
NAMESPACE            ... AGE
habr-back-end-pr-264 ... 4d8h
habr-back-end-pr-265 ... 5d7h

Waxaad ka akhrisan kartaa sida loo hirgeliyo laamo muuqaal ah koox ahaan halkan и halkan.

Motivation

Aynu eegno codsiga jiidashada caadiga ah ee nolosha oo leh is dhexgalka joogtada ah (continuous integration):

1. Waxaan ku riixaynaa ballan cusub laanta.
2. Dhismaha, linters iyo/ama imtixaanno ayaa lagu wadaa.
3. Kubernetes codsiga jiidida qaabaynta ayaa la soo saaray duullimaad (tusaale ahaan, nambarkeeda waxa la geliyey template dhammaatay).
4. Isticmaalka kubectl codsan, habayn ayaa lagu daraa kutlada (la dirayo).
5. Codsiga jiiditaanku wuxuu ku milmay laanta sare.

Inta aad ka shaqaynayso codsi jiidis, mid kasta oo cusub oo la hawlgeliyay koodkii hore waa la tirtirayaa, iyo hawlgelinta cusub ee koodka cusub waa la soo saaray. Laakiin marka codsi jiid lagu daro laanta sayid, kaliya laanta sayid ayaa la dhisi doonaa. Natiijo ahaan, waxay soo baxday in aan horeyba u illownay codsiga jiidista, iyo agabkeeda Kubernetes ayaa weli ku jira kooxda.

Sida loo isticmaalo

Ku rakib mashruuca amarka hoose:

$ kubectl apply -f https://raw.githubusercontent.com/dmytrostriletskyi/stale-feature-branch-operator/master/configs/production.yml

Samee fayl leh waxa soo socda oo ku rakib iyada oo loo marayo kubectl apply -f:

apiVersion: feature-branch.dmytrostriletskyi.com/v1
kind: StaleFeatureBranch
metadata:
  name: stale-feature-branch
spec:
  namespaceSubstring: -pr-
  afterDaysWithoutDeploy: 3

Xildhibaan magaca meel-hoosaadka loo baahan yahay si loo shaandheeyo meelaha magacyada ee codsiyada laga soo jiidayo meelo magacyo kale ah. Tusaale ahaan, haddii kooxdu leedahay meelaha magacyada soo socda: habr-back-end, habr-front-end, habr-back-end-pr-17, habr-back-end-pr-33, ka dibna musharixiinta la tirtiri doono habr-back-end-pr-17, habr-back-end-pr-33.

Xildhibaan Maalmo ka dib oo aan la dhigin loo baahan yahay in la tirtiro meelaha magacyadii hore Tusaale ahaan, haddii meel magac la sameeyay 3 дня 1 час dib, iyo halbeeggu tilmaamayaa 3 дня, meeshan magaca waa la tirtiri doonaa. Waxa kale oo ay ka shaqeysaa jihada ka soo horjeeda haddii meesha magaca la abuuray 2 дня 23 часа dib, iyo halbeeggu tilmaamayaa 3 дня, meel magacan lama tirtiri doono.

Waxaa jira halbeeg dheeri ah, iyada ayaa mas'uul ka ah inta jeer ee lagu baaro dhammaan meelaha magacyada oo la hubiyo maalmo iyada oo aan la dirin - hubi daqiiqad kasta. Sida caadiga ah waa loo siman yahay 30 минутам.

Sidee tani u shaqaysaa

Dhaqan ahaan, waxaad u baahan doontaa:

1. Docker ka shaqaynta deegaan go'doonsan.
2. Minikube waxay kor u qaadi doontaa kutlada Kubernetes gudaha.
3. kubectl - interface line amarka ee maamulka kooxda.

Waxaan kor u qaadnaa kutlada Kubernetes gudaha:

$ minikube start --vm-driver=docker
minikube v1.11.0 on Darwin 10.15.5
Using the docker driver based on existing profile.
Starting control plane node minikube in cluster minikube.

Waxaan tilmaamaynaa kubectl Isticmaal kooxda deegaanka si caadi ah:

$ kubectl config use-context minikube
Switched to context "minikube".

Soo deji qaabaynta deegaanka wax soo saarka:

$ curl https://raw.githubusercontent.com/dmytrostriletskyi/stale-feature-branch-operator/master/configs/production.yml > stale-feature-branch-production-configs.yml

Mar haddii qaabaynta wax-soo-saarka loo habeeyey si loo hubiyo meelo magacyo hore ah, oo kooxdeenna dhawaan la soo kiciyey aanay haysan iyaga, waxaanu beddeli doonaa doorsoomiyaha deegaanka IS_DEBUG on true. Iyada oo qiimahan lagu qiyaaso afterDaysWithoutDeploy xisaabta laguma darin oo meelaha magacyadooda lama hubiyo maalmo iyada oo aan la dirin, kaliya dhacdada xadhig hoosaadka (-pr-).

Haddii aad ku jirto Linux:

$ sed -i 's|false|true|g' stale-feature-branch-production-configs.yml

Haddii aad ku jirto macOS:

$ sed -i "" 's|false|true|g' stale-feature-branch-production-configs.yml

Rakibaadda mashruuca:

$ kubectl apply -f stale-feature-branch-production-configs.yml

Hubinta in kheyraad ka soo muuqday kooxda StaleFeatureBranch:

$ kubectl api-resources | grep stalefeaturebranches
NAME                 ... APIGROUP                             ... KIND
stalefeaturebranches ... feature-branch.dmytrostriletskyi.com ... StaleFeatureBranch

Waxaan hubinaa in hawlwadeen ka soo muuqday kooxda:

$ kubectl get pods --namespace stale-feature-branch-operator
NAME                                           ... STATUS  ... AGE
stale-feature-branch-operator-6bfbfd4df8-m7sch ... Running ... 38s

Haddii aad eegto diiwaankeeda, waxay diyaar u tahay inay ka shaqeyso agabka StaleFeatureBranch:

$ kubectl logs stale-feature-branch-operator-6bfbfd4df8-m7sch -n stale-feature-branch-operator
... "msg":"Operator Version: 0.0.1"}
...
... "msg":"Starting EventSource", ... , "source":"kind source: /, Kind="}
... "msg":"Starting Controller", ...}
... "msg":"Starting workers", ..., "worker count":1}

Waxaan rakibnaa diyaarsan fixtures (qaabaynta diyaarsan ee qaabaynta agabka kooxda) ee kheyraadka StaleFeatureBranch:

$ kubectl apply -f https://raw.githubusercontent.com/dmytrostriletskyi/stale-feature-branch-operator/master/fixtures/stale-feature-branch.yml

Habayntu waxay tilmaamaysaa in meelo magacyo lagu raadiyo xadhig-hoosaad -pr- mar kasta 1 минуту.:

apiVersion: feature-branch.dmytrostriletskyi.com/v1
kind: StaleFeatureBranch
metadata:
  name: stale-feature-branch
spec:
  namespaceSubstring: -pr-
  afterDaysWithoutDeploy: 1 
  checkEveryMinutes: 1

Hawlwadeenku waa ka jawaabay oo wuxuu diyaar u yahay inuu hubiyo meelaha magacyada:

$ kubectl logs stale-feature-branch-operator-6bfbfd4df8-m7sch -n stale-feature-branch-operator
... "msg":"Stale feature branch is being processing.","namespaceSubstring":"-pr-","afterDaysWithoutDeploy":1,"checkEveryMinutes":1,"isDebug":"true"}

Ku rakib fixtures, oo ka kooban laba magac oo bannaan (project-pr-1, project-pr-2) iyo iyaga deployments, services, ingress, iyo wixi la mida:

$ kubectl apply -f https://raw.githubusercontent.com/dmytrostriletskyi/stale-feature-branch-operator/master/fixtures/first-feature-branch.yml -f https://raw.githubusercontent.com/dmytrostriletskyi/stale-feature-branch-operator/master/fixtures/second-feature-branch.yml
...
namespace/project-pr-1 created
deployment.apps/project-pr-1 created
service/project-pr-1 created
horizontalpodautoscaler.autoscaling/project-pr-1 created
secret/project-pr-1 created
configmap/project-pr-1 created
ingress.extensions/project-pr-1 created
namespace/project-pr-2 created
deployment.apps/project-pr-2 created
service/project-pr-2 created
horizontalpodautoscaler.autoscaling/project-pr-2 created
secret/project-pr-2 created
configmap/project-pr-2 created
ingress.extensions/project-pr-2 created

Waxaan hubineynaa in dhammaan agabyada kore si guul leh loo abuuray:

$ kubectl get namespace,pods,deployment,service,horizontalpodautoscaler,configmap,ingress -n project-pr-1 && kubectl get namespace,pods,deployment,service,horizontalpodautoscaler,configmap,ingress -n project-pr-2
...
NAME                              ... READY ... STATUS  ... AGE
pod/project-pr-1-848d5fdff6-rpmzw ... 1/1   ... Running ... 67s

NAME                         ... READY ... AVAILABLE ... AGE
deployment.apps/project-pr-1 ... 1/1   ... 1         ... 67s
...

Maadaama aan ku darnay debug, Magacyada project-pr-1 и project-pr-2, sidaas darteed dhammaan agabyada kale waa in isla markaaba la tirtiraa iyada oo aan la tixgelinin cabbirka afterDaysWithoutDeploy. Tan waxaa lagu arki karaa diiwaanka hawlwadeenka:

$ kubectl logs stale-feature-branch-operator-6bfbfd4df8-m7sch -n stale-feature-branch-operator
... "msg":"Namespace should be deleted due to debug mode is enabled.","namespaceName":"project-pr-1"}
... "msg":"Namespace is being processing.","namespaceName":"project-pr-1","namespaceCreationTimestamp":"2020-06-16 18:43:58 +0300 EEST"}
... "msg":"Namespace has been deleted.","namespaceName":"project-pr-1"}
... "msg":"Namespace should be deleted due to debug mode is enabled.","namespaceName":"project-pr-2"}
... "msg":"Namespace is being processing.","namespaceName":"project-pr-2","namespaceCreationTimestamp":"2020-06-16 18:43:58 +0300 EEST"}
... "msg":"Namespace has been deleted.","namespaceName":"project-pr-2"}

Haddii aad hubiso helitaanka kheyraadka, waxay ku jiri doonaan heerka Terminating (habraaca tirtirka) ama mar hore la tirtiray (wax soo saarka amarku waa madhan yahay).

$ kubectl get namespace,pods,deployment,service,horizontalpodautoscaler,configmap,ingress -n project-pr-1 && kubectl get namespace,pods,deployment,service,horizontalpodautoscaler,configmap,ingress -n project-pr-2
...

Waxaad ku celin kartaa habka abuurista fixtures dhowr jeer oo hubi in laga saaray hal daqiiqo gudaheed.

Beddelka

Maxaa la qaban karaa beddelka hawlwadeen ka shaqeeya koox? Waxaa jira dhowr habab, dhammaantoodna waa kuwo aan dhammaystirnayn (iyo cilladahooda waa kuwo shakhsi ahaaneed), qof kastaa wuxuu go'aansadaa naftiisa waxa ugu fiican mashruuc gaar ah:

1. Tirtir laanta sifada inta lagu jiro is dhexgalka joogtada ah ee laanta sare.

   • Si tan loo sameeyo, waxaad u baahan tahay inaad ogaato codsiga jiidista ee la xidhiidha ballan-qaadka la dhisayo. Mar haddii goobta magaca laanta sifadu ay ka kooban tahay aqoonsiga codsiga jiidista - lambarkeeda, ama magaca laanta, aqoonsiga had iyo jeer waa in lagu qeexaa ballan-qaadka.
   • Dhismihii laanta Master-ka ayaa fashilma. Tusaale ahaan, waxaad haysataa marxaladaha soo socda: soo dejiso mashruuca, samee tijaabooyinka, dhis mashruuca, samee siidaynta, dir ogeysiisyada, nadiifi laanta sifo ee codsi jiidi ugu dambeeya. Haddii dhismuhu guul-darraysto marka aad dirayso wargelinta, waa inaad gacanta ku tirtirtaa dhammaan agabka ku jira kooxda.
   • La'aanteed macnaha saxda ah, tirtirida laamaha sifada ee dhismaha sayidku maaha mid cad.

2. Isticmaalka webhooks (Tusaale).

   • Tani ma noqon karto habkaaga. Tusaale ahaan, in Jenkins, kaliya hal nooc oo dhuumo ah ayaa taageera awoodda lagu badbaadinayo habaynteeda koodhka isha. Markaad isticmaalayso webhooks, waxaad u baahan tahay inaad qorto qoraalkaaga si aad uga shaqeyso. Qoraalkan waa in lagu dhejiyaa interface Jenkins, taas oo ay adag tahay in la ilaaliyo.

3. Qor Cronjob kuna dar kutlada Kubernetes.

   • Waqti ku qaadashada qoraal iyo taageero.
   • Hawlwadeenku waxa uu horeba ugu shaqaynayaa qaab la mid ah, waa la diiwaangeliyay waana la taageeray.

Waad ku mahadsan tahay dareenkaaga maqaalka. Ku xidhka mashruuca Github.

Source: www.habr.com