Kamoo Dailymotion e sebelisang Kubernetes: Ts'ebeliso ea Kopo
Rona ho Dailymotion re qalile ho sebelisa Kubernetes tlhahiso lilemong tse 3 tse fetileng. Empa ho romela lits'ebetso ho pholletsa le lihlopha tse ngata ho monate, kahoo lilemong tse 'maloa tse fetileng re ntse re leka ho ntlafatsa lisebelisoa tsa rona le ts'ebetso ea mosebetsi.
E qalile kae
Mona re tla bua ka mokhoa oa ho sebelisa lits'ebetso tsa rona ho pholletsa le lihlopha tse ngata tsa Kubernetes lefatšeng ka bophara.
Ho tsamaisa lintho tse ngata tsa Kubernetes ka nako e le 'ngoe, re sebelisa , 'me lichate tsohle tsa rona li bolokiloe polokelong e le' ngoe ea git. Ho tsamaisa stack e felletseng ea ts'ebeliso ho tsoa lits'ebeletso tse 'maloa, re sebelisa seo ho thoeng ke chate ea kakaretso. Ha e le hantle, ena ke chate e phatlalatsang ho itšetleha le ho u lumella ho qala API le litšebeletso tsa eona ka taelo e le 'ngoe.
Re boetse re ngotse mongolo o monyane oa Python holim'a Helm ho etsa licheke, ho etsa lichate, ho eketsa liphiri, le ho tsamaisa lits'ebetso. Mesebetsi ena kaofela e etsoa sethaleng se bohareng sa CI ho sebelisoa setšoantšo sa docker.
Ha re fihle ntlheng.
Hlokomela. Ha u ntse u bala sena, mokhethoa oa pele oa tokollo bakeng sa Helm 3 o se a phatlalalitsoe. Mofuta oa mantlha o na le lintlafatso tse ngata ho rarolla mathata a mang ao re kopaneng le ona nakong e fetileng.
Ts'ebetso ea ntlafatso ea chate
Re sebelisa branching bakeng sa likopo, 'me re ile ra etsa qeto ea ho sebelisa mokhoa o tšoanang ho lichate.
- Lekala senatla se sebedisoang ho etsa lichate tse tla lekoa ka lihlopha tsa nts'etsopele.
- Ha kopo ea ho hula e romelloa ho mong'a, li hlahlojoa ka sethaleng.
- Qetellong, re etsa kopo ea ho kenya liphetoho lekaleng tlhahiso le ho li sebelisa tlhahisong.
Tikoloho e 'ngoe le e' ngoe e na le polokelo ea eona e ikemetseng e bolokang lichate tsa rona, 'me rea sebelisa ka li-API tsa bohlokoa haholo. Ka tsela ena re etsa bonnete ba ho itšehla thajana pakeng tsa tikoloho le tlhahlobo ea 'nete ea lichate pele re li sebelisa tlhahiso.
Libaka tsa polokelo ea lichate libakeng tse fapaneng
Ho bohlokoa ho ela hloko hore ha baetsi ba nts'etsopele ba sutumelletsa lekala la dev, mofuta oa chate ea bona o sutumelletsoa ho dev Chartmuseum. Kahoo, bahlahisi bohle ba sebelisa sebaka se le seng sa polokelo, 'me u hloka ho hlakisa ka hloko mofuta oa hau oa chate e le hore u se ke ua sebelisa liphetoho tsa motho e mong ka phoso.
Ho feta moo, sengoloa sa rona se senyenyane sa Python se tiisa lintho tsa Kubernetes khahlano le litlhaloso tsa Kubernetes OpenAPI re sebelisa. , pele o li phatlalatsa ho Chartmusem.
Tlhaloso e akaretsang ea ts'ebetso ea ntlafatso ea chate
- Ho theha mesebetsi ea liphaephe ho latela litlhaloso bakeng sa taolo ea boleng (lint, unit-test).
- Ho sutumetsa setšoantšo sa docker ka lisebelisoa tsa Python tse tsamaisang lits'ebetso tsa rona.
- Ho theha tikoloho ka lebitso la lekala.
- Ho netefatsa lifaele tsa Kubernetes yaml ho sebelisa Kubeval.
- Eketsa mofuta oa chate ka bohona le lichate tsa eona tsa motsoali (lichate tse itšetlehileng ka hore chate e fetoloe).
- Ho fana ka chate ho Chartmuseum e lumellanang le tikoloho ea eona
Ho laola liphapang ho pholletsa le lihlopha
Federation of Clusters
Ho na le nako eo re neng re e sebelisa , moo lintho tsa Kubernetes li ka phatlalatsoang ho tsoa pheletsong e le 'ngoe ea API. Empa mathata a ile a hlaha. Mohlala, lintho tse ling tsa Kubernetes li ne li ke ke tsa etsoa pheletsong ea federation, tsa etsa hore ho be thata ho boloka lintho tse kopaneng le lintho tse ling bakeng sa lihlopha ka bomong.
Ho rarolla bothata, re ile ra qala ho laola lihlopha ka boithaopo, tse ileng tsa nolofatsa ts'ebetso haholo (re sebelisitse mofuta oa pele oa federal; ho na le ntho e ka 'nang ea fetoha ea bobeli).
Sethala se ajoang ke geo
Sethala sa rona hajoale se ajoa libakeng tse 6 - tse 3 sebakeng sa heno le tse 3 marung.
Phatlalatso e Ajoang
Litekanyetso tsa Global Helm
Litekanyetso tse 4 tsa Helm tsa lefats'e li u lumella ho khetholla phapang lipakeng tsa lihlopha. Lichate tsa rona kaofela li na le boleng bo tlase ba kamehla.
global:
cloud: True
env: staging
region: us-central1
clusterName: staging-us-central1Litekanyetso tsa lefats'e
Litekanyetso tsena li thusa ho hlalosa moelelo oa lits'ebetso tsa rona mme li sebelisetsoa merero e fapaneng: ho lekola, ho ts'oara, ho rema lifate, ho etsa mehala ea kantle, ho lekanya, jj.
- "cloud": Re na le sethala sa hybrid Kubernetes. Mohlala, API ea rona e sebelisoa libakeng tsa GCP le litsing tsa rona tsa data.
- "env": Litekanyetso tse ling li ka fetoha bakeng sa libaka tseo e seng tsa tlhahiso. Mohlala, litlhaloso tsa lisebelisoa le litlhophiso tsa autoscaling.
- "region": Lintlha tsena li thusa ho fumana sebaka sa sehlopha 'me se ka sebelisoa ho fumana libaka tse haufi tsa ho qetela tsa litšebeletso tsa kantle.
- "clusterName": haeba le ha re batla ho hlalosa boleng ba sehlopha se le seng.
Mohlala o khethehileng ke ona:
{{/* Returns Horizontal Pod Autoscaler replicas for GraphQL*/}}
{{- define "graphql.hpaReplicas" -}}
{{- if eq .Values.global.env "prod" }}
{{- if eq .Values.global.region "europe-west1" }}
minReplicas: 40
{{- else }}
minReplicas: 150
{{- end }}
maxReplicas: 1400
{{- else }}
minReplicas: 4
maxReplicas: 20
{{- end }}
{{- end -}}Mohlala oa Helm template
Monahano ona o hlalosoa ka template ea mothusi ho qoba ho kopanya Kubernetes YAML.
Phatlalatso ea Kopo
Lisebelisoa tsa rona tsa phepelo li ipapisitse le lifaele tse ngata tsa YAML. Ka tlase ke mohlala oa kamoo re phatlalatsang tšebeletso le topology ea eona ea maemo (palo ea likopi) sehlopheng.
releases:
- foo.world
foo.world: # Release name
services: # List of dailymotion's apps/projects
foobar:
chart_name: foo-foobar
repo: [email protected]:dailymotion/foobar
contexts:
prod-europe-west1:
deployments:
- name: foo-bar-baz
replicas: 18
- name: another-deployment
replicas: 3Tlhaloso ea Tšebeletso
Ena ke kemiso ea mehato eohle e hlalosang ts'ebetso ea rona ea thomello. Mohato oa ho qetela o kenya ts'ebeliso ho lihlopha tse ngata tsa basebetsi ka nako e le 'ngoe.
Mehato ea ho Felisoa ha Jenkins
Ho thoe’ng ka liphiri?
Mabapi le ts'ireletso, re latela liphiri tsohle tse tsoang libakeng tse fapaneng ebe re li boloka sebakeng se ikhethileng ka Paris.
Lisebelisoa tsa rona tsa phepelo li ntša boleng ba lekunutu ho Vault mme, ha nako ea phepelo e fihla, e kenye ho Helm.
Ho etsa sena, re hlalositse 'mapa lipakeng tsa liphiri tse Vault le liphiri tseo lits'ebetso tsa rona li li hlokang:
secrets:
- secret_id: "stack1-app1-password"
contexts:
- name: "default"
vaultPath: "/kv/dev/stack1/app1/test"
vaultKey: "password"
- name: "cluster1"
vaultPath: "/kv/dev/stack1/app1/test"
vaultKey: "password"- Re hlalositse melao e akaretsang eo re lokelang ho e latela ha re rekota makunutu ho Vault.
- Haeba sephiri se sebetsa ho ya boemong bo itseng kapa lekgotleng le itseng, o hloka ho eketsa keno e itseng. (Mona Cluster1 ea moelelo oa taba e na le boleng ba eona bakeng sa lekunutu la stack-app1-password).
- Ho seng joalo boleng bo sebelisoa tlola.
- Bakeng sa ntho ka 'ngoe lethathamong lena ho Kubernetes lekunutu ho kentsoe para ea bohlokoa. Ka hona, template ea sekhukhu lichabeng tsa rona e bonolo haholo.
apiVersion: v1
data:
{{- range $key,$value := .Values.secrets }}
{{ $key }}: {{ $value | b64enc | quote }}
{{ end }}
kind: Secret
metadata:
name: "{{ .Chart.Name }}"
labels:
chartVersion: "{{ .Chart.Version }}"
tillerVersion: "{{ .Capabilities.TillerVersion.SemVer }}"
type: OpaqueMathata le mefokolo
Ho sebetsana le li-repositories tse ngata
Hona joale re arola nts'etsopele ea lichate le likopo. Sena se bolela hore bahlahisi ba tlameha ho sebetsa libakeng tse peli tsa polokelo ea git: e 'ngoe bakeng sa ts'ebeliso, e' ngoe bakeng sa ho hlalosa thomello ea eona ho Kubernetes. 2 git repositories e bolela 2 workflows, 'me ho bonolo hore motho ea sa tsoa qala ho ferekana.
Ho laola lichate tse akaretsang ke bothata
Joalo ka ha re se re boletse, lichate tse akaretsang li bohlokoa haholo ho tsebahatsa litšepeho le ho tsamaisa lits'ebetso tse ngata kapele. Empa re sebelisa --reuse-valuesho qoba ho fetisa litekanyetso tsohle nako le nako ha re kenya ts'ebeliso eo e leng karolo ea chate ena e akaretsang.
Ts'ebetsong e tsoelang pele ea ho tsamaisa, re na le litekanyetso tse peli feela tse fetohang khafetsa: palo ea likopi le tag ea setšoantšo (mofuta). Tse ling, litekanyetso tse tsitsitseng li fetoloa ka letsoho, 'me sena se thata haholo. Ho feta moo, phoso e le ’ngoe ea ho sebelisa chate e akaretsang e ka lebisa ho hloleheng ho tebileng, joalokaha re bone ho tsoa phihlelong ea rōna.
Ho nchafatsa lifaele tse ngata tsa tlhophiso
Ha moqapi a eketsa kopo e ncha, o tlameha ho fetola lifaele tse 'maloa: phatlalatso ea kopo, lethathamo la liphiri, ho eketsa kopo e le ho itšetleha haeba e kenyelelitsoe chate e akaretsang.
Litumello tsa Jenkins li atolositsoe haholo ho Vault
Hona joale re na le e 'ngoe , e balang liphiri tsohle tse tsoang ho Vault.
Ts'ebetso ea ho khutlisa ha e ea iketsa
Ho khutlela morao, o hloka ho tsamaisa taelo ho lihlopha tse 'maloa,' me sena se tletse liphoso. Re etsa ts'ebetso ena ka letsoho ho netefatsa hore ID ea mofuta o nepahetseng e boletsoe.
Re ntse re lebile GitOps
Sepheo sa rona
Re batla ho khutlisetsa chate sebakeng sa polokelo ea ts'ebeliso eo e e sebelisang.
Mokhoa oa ho sebetsa o tla tšoana le oa ntlafatso. Mohlala, ha lekala le sutumelletsoa ho tseba hantle, phepelo e tla qala ka bo eona. Phapang e ka sehloohong pakeng tsa mokhoa ona le tsamaiso ea hona joale ea mosebetsi e ka ba eona tsohle li tla laoloa ka git (ts'ebeliso ka boeona le tsela eo e sebelisoang ka eona ho Kubernetes).
Ho na le melemo e mengata:
- Haholo hlakileng haholoanyane bakeng sa moqapi. Ho bonolo ho ithuta ho sebelisa liphetoho ho chate ea lehae.
- Tlhaloso ea phepelo ea litšebeletso e ka hlalosoa sebaka se le seng le khoutu tšebeletso.
- Ho laola ho tlosoa ha lichate tse akaretsang. Ts'ebeletso e tla ba le tokollo ea eona ea Helm. Sena se tla u lumella ho laola mokhoa oa bophelo oa kopo (ho khutlela morao, ho ntlafatsa) ka tekanyo e nyenyane ka ho fetisisa, e le hore u se ke ua ama litšebeletso tse ling.
- Melemo ea git bakeng sa tsamaiso ea chate: etsolla liphetoho, tlaleho ea tlhahlobo, joalo-joalo Haeba u hloka ho etsolla phetoho ho chate, u ka etsa sena u sebelisa git. Tsamaiso e qala ka bo eona.
- U ka nahana ka ho ntlafatsa ts'ebetso ea hau ea ntlafatso ka lisebelisoa tse joalo Skaffold, eo baetsi ba eona ba ka lekang liphetoho maemong a haufi le tlhahiso.
Ho falla ha mehato e 'meli
Bahlahisi ba rona ba 'nile ba sebelisa mokhoa ona oa ho sebetsa ka lilemo tse 2 joale, kahoo re batla hore ho falla ho se be bohloko ka hohle kamoo ho ka khonehang. Ka hona, re ile ra etsa qeto ea ho eketsa mohato o mahareng tseleng e eang sepheong.
Mohato oa pele o bonolo:
- Re boloka sebopeho se ts'oanang sa ho theha phepelo ea ts'ebeliso, empa ka ntho e le 'ngoe e bitsoang DailymotionRelease.
apiVersion: "v1"
kind: "DailymotionRelease"
metadata:
name: "app1.ns1"
environment: "dev"
branch: "mybranch"
spec:
slack_channel: "#admin"
chart_name: "app1"
scaling:
- context: "dev-us-central1-0"
replicas:
- name: "hermes"
count: 2
- context: "dev-europe-west1-0"
replicas:
- name: "app1-deploy"
count: 2
secrets:
- secret_id: "app1"
contexts:
- name: "default"
vaultPath: "/kv/dev/ns1/app1/test"
vaultKey: "password"
- name: "dev-europe-west1-0"
vaultPath: "/kv/dev/ns1/app1/test"
vaultKey: "password"- 1 tokollo ka kopo e 'ngoe (ntle le lichate tse akaretsang).
- Lichate sebakeng sa polokelo ea git.
Re buile le bahlahisi bohle, kahoo ts'ebetso ea ho falla e se e qalile. Mokhahlelo oa pele o ntse o laoloa ho sebelisoa sethala sa CI. Ke tla ngola poso e 'ngoe haufinyane mabapi le mohato oa bobeli: hore na re falletse joang ho phallo ea mosebetsi ea GitOps le . Ke tla u bolella hore na re behile ntho e 'ngoe le e' ngoe joang le hore na ke mathata afe ao re kopaneng le 'ona (lipolokelo tse ngata, liphiri, joalo-joalo). Latela litaba.
Mona re lekile ho hlalosa tsoelo-pele ea rona mosebetsing oa phepelo ea kopo lilemong tse fetileng, e leng se ileng sa lebisa mehopolong mabapi le mokhoa oa GitOps. Ha re e-s'o fihlele sepheo 'me re tla tlaleha ka liphello, empa hona joale re kholisehile hore re entse se nepahetseng ha re etsa qeto ea ho nolofatsa ntho e' ngoe le e 'ngoe le ho e tlisa haufi le mekhoa ea bahlahisi.
Source: www.habr.com