ProHoster > Ibhulogi > Ulawulo > I-Southbridge e-Chelyabinsk kunye ne-Bitrix e-Kubernetes

I-Southbridge e-Chelyabinsk kunye ne-Bitrix e-Kubernetes

Iintlanganiso zomlawuli wenkqubo ye-Sysadminka zenzeke e-Chelyabinsk, kwaye ekugqibeleni ndinike ingxelo malunga nesisombululo sethu sokuqhuba izicelo kwi-1C-Bitrix e-Kubernetes.

Bitrix, Kubernetes, Ceph - umxube omkhulu?

Ndiza kukuxelela ukuba sidibanisa njani isisombululo esisebenzayo kuyo yonke le nto.

Masihambe!

I-Southbridge e-Chelyabinsk kunye ne-Bitrix e-Kubernetes

Indibano yenzeke ngoAprili 18 eChelyabinsk. Unokufunda malunga neendibano zethu apha Iphedi yexesha kwaye ujonge YouTube.

Ukuba ufuna ukuza kuthi ngengxelo okanye njengomphulaphuli - wamkelekile, bhalela [imeyile ikhuselwe] nakwiTelegram t.me/vadikisakanov.

Ingxelo yam

I-Southbridge e-Chelyabinsk kunye ne-Bitrix e-Kubernetes

Izilayidi

Isisombululo "I-Bitrix kwi-Kubernetes, inguqulo ye-Southbridge 1.0"

Ndiza kuthetha ngesisombululo sethu kwifomathi "ye-dummies kwi-Kubernetes", njengoko kwenziwa kwintlanganiso. Kodwa ndicinga ukuba uyawazi amagama athi Bitrix, Docker, Kubernetes, Ceph ubuncinci kwinqanaba lamanqaku kwiWikipedia.

Yintoni esele yenziwe malunga neBitrix eKubernetes?

Kukho ulwazi oluncinci kwi-Intanethi yonke malunga nokusebenza kwezicelo zeBitrix kwi-Kubernetes.
Ndifumene ezi mathiriyeli kuphela:

Ingxelo ka-Alexander Serbul, i-1C-Bitrix, kunye no-Anton Tuzlukov waseQsoft:

Ndincoma ukuyiphulaphula.

Ukuphuhlisa isisombululo sakho kumsebenzisi serkyron kuHabre.
Kufunyenwe ngakumbi isigqibo esinjalo.

Aaand... eneneni, kuphelele apho.

Ndiyakulumkisa, asikhange sijonge umgangatho wezisombululo kumakhonkco angasentla :)
Ngendlela, xa silungiselela isisombululo sethu, ndathetha no-Alexander Serbul, ngoko ingxelo yakhe yayingekaveli, ngoko kwiislayidi zam kukho into ethi "I-Bitrix ayisebenzisi i-Kubernetes."

Kodwa sele mininzi yemifanekiso yeDocker esele ilungile yokuqhuba iBitrix kwiDocker: https://hub.docker.com/search?q=bitrix&type=image

Ngaba oku kwanele ukwenza isisombululo esipheleleyo seBitrix eKubernetes?
Hayi. Kukho inani elikhulu leengxaki ezifuna ukusonjululwa.

Ziziphi iingxaki ngeBitrix eKubernetes?

Okokuqala, imifanekiso esele yenziwe kwi-Dockerhub ayifanelekanga kwi-Kubernetes

Ukuba sifuna ukwakha i-microservices architecture (kwaye Kubernetes siqhele ukwenza), kufuneka sahlule isicelo sethu se-Kubernetes kwizikhongozeli kwaye isikhongozeli ngasinye senze umsebenzi omncinci omnye (kwaye siwenze kakuhle). Kutheni ibe nye kuphela? Ngamafutshane, ilula ngakumbi inokuthenjwa.
Ukucacisa ngakumbi, jonga eli nqaku kunye nevidiyo, nceda: https://habr.com/ru/company/southbridge/blog/426637/

Imifanekiso yeDocker eDockerhub yakhiwe ikakhulu kumgaqo-siseko wonke, ke bekusafuneka sizenzele eyethu ibhayisekile kwaye sidale imifanekiso ukusuka ekuqaleni.

Okwesibini - ikhowudi yesayithi ihlelwe kwiqela lolawulo

Senze icandelo elitsha kwisiza - ikhowudi yahlaziywa (uluhlu olunegama lecandelo elitsha longezwa).

Ukuba utshintshe iipropati zecandelo ukusuka kwiqela lolawulo, ikhowudi itshintshile.

I-Kubernetes "ngokungagqibekanga" ayikwazi ukusebenza nale nto;

Isizathu: Isikhongozeli ngasinye (ipod) kwinkqubo yeqela kuphela inxenye yendlela. Ukuba utshintshe ikhowudi kwisitya esinye kuphela (i-pod), ngoko ikhowudi iya kuhluka kwiipod ezahlukeneyo, isayithi liya kusebenza ngokuhlukileyo, kwaye iinguqulelo ezahlukeneyo zesayithi ziya kuboniswa kubasebenzisi abahlukeneyo. Awunakuphila ngolo hlobo.

Okwesithathu - kufuneka usombulule umcimbi ngokusasazwa

Ukuba sine-monolith kunye ne-server enye "yeklasikhi", yonke into ilula kakhulu: sihambisa isiseko sekhowudi entsha, sifudukele isiseko sedatha, sitshintshe i-traffic kwinguqu entsha yekhowudi. Ukutshintsha kwenzeka ngoko nangoko.
Ukuba sinendawo e-Kubernetes, sinqumle kwii-microservices, kukho ezininzi izitya ezinekhowudi - oh. Kufuneka uqokelele izikhongozeli ngenguqulelo entsha yekhowudi, uzikhuphe endaweni yezo ezindala, ufuduke ngokuchanekileyo i-database, kwaye ngokufanelekileyo wenze oku kungakhange kuqatshelwe ziindwendwe. Ngethamsanqa, uKubernetes uyasinceda ngale nto, ixhasa iqela elipheleleyo leentlobo ezahlukeneyo zokuthunyelwa.

Okwesine - kufuneka usombulule umba wokugcina i-statics

Ukuba isayithi lakho "kuphela" i-gigabytes ye-10 kwaye uyisebenzise ngokupheleleyo kwizikhongozeli, uya kugqiba kunye nezikhongozeli ze-gigabyte ezili-10 ezithatha ngonaphakade ukuthunyelwa.
Kufuneka ugcine iindawo "ezinzima" zesayithi ngaphandle kwezikhongozeli, kwaye umbuzo uvela malunga nendlela yokwenza oku ngokuchanekileyo.

Yintoni engekhoyo kwisisombululo sethu?

Ikhowudi yonke yeBitrix ayihlulwanga kwi-microfunctions / microservices (ukuze ukubhaliswa kuhluke, imodyuli yevenkile ye-intanethi ihluke, njl.). Sigcina yonke isiseko sekhowudi kwisitya ngasinye.

Kananjalo asigcini i-database kwi-Kubernetes (ndisasebenzisa izisombululo nge-database e-Kubernetes kwiindawo zophuhliso, kodwa kungekhona kwimveliso).

Kuya kubonakala kubalawuli besayithi ukuba indawo iqhuba kwi-Kubernetes. Umsebenzi "wokukhangela inkqubo" awusebenzi ngokuchanekileyo ukuhlela ikhowudi yesayithi ukusuka kwiqela lolawulo, kufuneka uqale ucofe iqhosha elithi "Ndifuna ukuhlela ikhowudi".

Iingxaki zichongiwe, imfuno yokuphumeza i-microservices inqunywe, injongo icacile - ukufumana inkqubo yokusebenza yokuqhuba izicelo kwi-Bitrix kwi-Kubernetes, ukugcina zombini amandla e-Bitrix kunye neenzuzo ze-Kubernetes. Masiqalise ukuphunyezwa.

izakhiwo

Zininzi iipod "ezisebenzayo" ezinomncedisi wewebhu (abasebenzi).
Omnye ngaphantsi kunye nemisebenzi yecron (inye kuphela efunekayo).
Uphuculo olunye lokuhlela ikhowudi yesayithi ukusuka kwiqela lolawulo (kwakhona inye kuphela efunekayo).

I-Southbridge e-Chelyabinsk kunye ne-Bitrix e-Kubernetes

Sisombulula imibuzo:

  • Indawo yokugcina iiseshoni?
  • Indawo yokugcina i-cache?
  • Kuphi ukugcina i-statics, kungekhona ukubeka i-gigabytes ye-statics kwiqela lezikhongozeli?
  • Ingaba uvimba weenkcukacha uya kusebenza njani?

Umfanekiso weDocker

Siqala ngokwakha umfanekiso weDocker.

Inketho efanelekileyo kukuba sinomfanekiso omnye wendalo yonke, ngesiseko sawo sifumana iipod zabasebenzi, iipods ezineCrontasks, kunye nokuphucula iipod.

Senza umfanekiso onjalo.

Iquka i-nginx, apache/php-fpm (inokukhethwa ngexesha lokwakha), i-msmtp yokuthumela i-imeyile, kunye ne-cron.

Xa uhlanganisa umfanekiso, yonke isiseko sekhowudi yesayithi ikopishwe kwi-directory ye-app (ngaphandle kwaloo macandelo esiya kufudukela kwindawo ekwabelwana ngayo).

Iinkonzo ezincinci, iinkonzo

izixhobo zabasebenzi:

  • Isikhongozeli esine nginx + isikhongozeli apache/php-fpm + msmtp
  • Ayizange isebenze ukuhambisa i-msmtp kwi-microservice eyahlukileyo, iBitrix iqala ukucaphuka kuba ayikwazi ukuthumela imeyile ngokuthe ngqo.
  • Isikhongozeli ngasinye sinesiseko sekhowudi esipheleleyo.
  • Ukuthintelwa kokutshintsha ikhowudi kwizikhongozeli.

cron phantsi:

  • isikhongozeli esineapache, php, cron
  • isiseko esipheleleyo sekhowudi sibandakanyiwe
  • ukuvalwa kokutshintsha ikhowudi kwizikhongozeli

phucula phantsi:

  • isikhongozeli se-nginx + apache/php-fpm isikhongozeli + msmtp
  • Akukho sithintelo ekutshintsheni ikhowudi kwizikhongozeli

ukugcinwa kweseshoni

Ukugcinwa kwecache yeBitrix

Enye into ebalulekileyo: sigcina iiphasiwedi zokudibanisa kuyo yonke into, ukusuka kwisiseko sedatha ukuya kwi-imeyile, kwiimfihlo ze-kubernetes. Sifumana ibhonasi: iiphasiwedi zibonakala kuphela kwabo sibanika ukufikelela kwiimfihlo, kwaye kungekhona kubo bonke abanokufikelela kwisiseko sekhowudi yeprojekthi.

Ukugcinwa kweestatics

Ungasebenzisa nantoni na: i-ceph, i-nfs (kodwa asiyicebisi i-nfs yokuvelisa), ukugcinwa kwenethiwekhi kubaboneleli befu, njl.

Ugcino luya kufuneka ludityaniswe kwizikhongozeli kwi/ukulayisha/ulawulo lwesiza kunye nolunye ulwalathiso olunomxholo omileyo.

Indawo yedatha

Ukwenza lula, sincoma ukuhambisa i-database ngaphandle kwe-Kubernetes. Isiseko kwi-Kubernetes ngumsebenzi ohlukeneyo onzima;

Ukugcinwa kweseshoni

Sisebenzisa i-memcached :)

Iphatha kakuhle ukugcinwa kweseshoni, ihlanganiswe, kwaye ixhaswa "ngendalo" njengeseshoni.save_path kwiphp. Inkqubo enjalo iye yavavanywa ngamaxesha amaninzi kwi-architecture ye-monolithic ye-classical, xa sakha amaqoqo kunye nenani elikhulu lamaseva ewebhu. Ukusasazwa sisebenzisa ihelm.

$ helm install stable/memcached --name session

php.ini - apha umfanekiso uqulethe izicwangciso zokugcina iiseshoni kwi-memcached

Siye sasebenzisa i-Environment Variables ukudlulisa idatha malunga neenginginya ezine-memcached https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/.
Oku kukuvumela ukuba usebenzise ikhowudi efanayo kwi-dev, inqanaba, uvavanyo, iimeko-bume ze-prod (i-memcached inginginya amagama kuzo aya kwahluka, ngoko ke kufuneka sigqithise igama elilodwa lenginginya kwiiseshoni kwindawo nganye).
Ukugcinwa kwecache yeBitrix

Sifuna ugcino olunokunyamezela iimpazamo apho zonke iipods zinokubhalela kwaye zifunde ukusuka.

Sikwasebenzisa i-memcached.
Esi sisombululo sinconywa yiBitrix ngokwayo.

$ helm install stable/memcached --name cache

i-bitrix/.settings_extra.php - apha kwi-Bitrix icacisiwe apho i-cache igcinwe khona

Sikwasebenzisa izinto eziguquguqukayo zokusingqongileyo.

Krontaski

Kukho iindlela ezahlukeneyo zokusebenzisa iCrontasks eKubernetes.

  • ukwahlula ukusasazwa ngepod yokuqhuba iiCrontasks
  • cronjob yokwenza i-crontasks (ukuba olu lusetyenziso lwewebhu - kunye ne-wget https://$host$cronjobname, okanye kubectl exec ngaphakathi kwenye yeepod zabasebenzi, njl.
  • njalo

Ungaxoxa ngeyona ichanekileyo, kodwa kule meko sikhethe ukhetho "lokwahlula ukusasazwa ngeepods zeCrontasks"

Kwenziwe njani:

  • yongeza imisebenzi yecron ngeConfigMap okanye ngefayile ye-config/addcron
  • Ngesinye isihlandlo sisungula isikhongozeli esifana nesobhobho + sivumela ukwenziwa kwemisebenzi yesithsaba kuyo.
  • isiseko sekhowudi efanayo sisetyenzisiweyo, ngenxa yomanyano, indibano yesikhongozeli ilula

Yintoni elungileyo esiyifumanayo:

  • sisebenza iiCrontasks kwindawo efana nendawo yabaphuhlisi (docker)
  • I-Crontasks ayidingi ukuba "ibhalwe ngokutsha" kwi-Kubernetes, isebenza ngendlela efanayo nakwisiseko sekhowudi efanayo nangaphambili.
  • imisebenzi ye-cron inokongezwa ngawo onke amalungu eqela anelungelo lokuzibophelela kwisebe lemveliso, kungekhona nje i-admins

Imodyuli yaseSouthbridge K8SDeploy kunye nokuhlelwa kwekhowudi kwiqela lolawulo

Besithetha ngokuphucula phantsi?
Indlela yokwalathisa itrafikhi apho?
Hurray, sibhale imodyuli yale kwiPHP :) Le yimodyuli encinci yakudala yeBitrix. Ayikafumaneki esidlangalaleni, kodwa siceba ukuyivula.
Imodyuli ifakwe njengemodyuli eqhelekileyo kwiBitrix:

I-Southbridge e-Chelyabinsk kunye ne-Bitrix e-Kubernetes

Kwaye kubonakala ngathi:

I-Southbridge e-Chelyabinsk kunye ne-Bitrix e-Kubernetes

Ikuvumela ukuba usete ikhukhi echonga umlawuli wesayithi kwaye ivumela i-Kubernetes ukuba ithumele i-traffic kwi-pod yokuphucula.

Xa utshintsho lugqityiwe, kufuneka ucofe i-git push, utshintsho lwekhowudi luya kuthunyelwa kwi-git, emva koko inkqubo iya kwakha umfanekiso ngoguqulelo olutsha lwekhowudi kwaye "uyikhuphe" kuyo yonke i-cluster, ithatha indawo yeepods ezindala. .

Ewe, yinto encinci, kodwa kwangaxeshanye sigcina uyilo lwe-microservice kwaye asithathi kubasebenzisi beBitrix ithuba abalithandayo lokulungisa ikhowudi kwiqela lolawulo. Ekugqibeleni, oku kukhetho; unokusombulula ingxaki yokuhlela ikhowudi ngendlela eyahlukileyo.

Itshathi yeHelm

Ukwakha usetyenziso kwi-Kubernetes, sisebenzisa umphathi wephakheji ye-Helm.
Kwisisombululo sethu seBitrix eKubernetes, uSergey Bondarev, umlawuli wenkqubo yethu ekhokelayo, wabhala ishati ekhethekileyo yeHelm.

Yakha abasebenzi, iphucule, i-cron pods, iqwalasela i-ingresses, iinkonzo, kunye nokutshintshwa kwezinto eziguquguqukayo ezivela kwiimfihlo ze-Kubernetes ukuya kwiipods.

Sigcina ikhowudi kwi-Gitlab, kwaye siqhuba i-Helm build from Gitlab.

Ngamafutshane, kubonakala kunje

$ helm upgrade --install project .helm --set image=registrygitlab.local/k8s/bitrix -f .helm/values.yaml --wait --timeout 300 --debug --tiller-namespace=production

I-Helm ikuvumela ukuba wenze "i-seamless" i-rollback ukuba ngequbuliso kukho into engahambi kakuhle ngexesha lokuthunyelwa. Kumnandi xa ungothuki “lungisa ikhowudi nge-ftp kuba iprod iwile,” kodwa uKubernetes uyenza ngokuzenzekelayo, kwaye ngaphandle kwexesha lokuphumla.

Hambisa

Ewe, singabalandeli beGitlab & Gitlab CI, siyisebenzisa :)
Xa uzinikela kwi-Gitlab kwindawo yokugcina iprojekthi, i-Gitlab isungula umbhobho ohambisa inguqulelo entsha yendalo.

Amanqanaba:

  • yakha (ukwakha umfanekiso omtsha weDocker)
  • uvavanyo (uvavanyo)
  • coca (ukususa indawo yovavanyo)
  • push (siyithumela kwi-Docker registry)
  • deploy (sihambisa isicelo kwi-Kubernetes ngeHelm).

I-Southbridge e-Chelyabinsk kunye ne-Bitrix e-Kubernetes

Hurray, ilungile, masiyiphumeze!
Ewe, okanye ubuze imibuzo ukuba kukho nayiphi na.

Senze ntoni ke

Ngokwembono yobugcisa:

  • i-dockerized Bitrix;
  • "Sika" i-Bitrix kwizikhongozeli, nganye kuzo yenza ubuncinane bemisebenzi;
  • ifikeleleke kwisimo esingenammiselo semigqomo;
  • isombulule ingxaki ngohlaziyo lweBitrix kwiKubernetes;
  • yonke imisebenzi yeBitrix yaqhubeka isebenza (phantse yonke);
  • Sisebenze ekuhanjisweni kwi-Kubernetes kunye nokubuyisela umva phakathi kweenguqulelo.

Ngokwembono yeshishini:

  • ukunyamezela iimpazamo;
  • Izixhobo ze-Kubernetes (ukuhlanganiswa okulula kunye ne-Gitlab CI, ukuthunyelwa okungenamthungo, njl njl);
  • amagama ayimfihlo ayimfihlo (abonakala kuphela kwabo banikwe ilungelo lokufikelela kwiiphasiwedi);
  • Kukulungele ukudala iindawo ezongezelelweyo (zophuhliso, iimvavanyo, njl.) ngaphakathi kwesiseko esisodwa.

umthombo: www.habr.com

Yongeza izimvo