Phawula. transl.: Ngomhla we-16 ngoMeyi walo nyaka uphawula isiganeko esibalulekileyo ekuphuhliseni umphathi wephakheji ye-Kubernetes - Helm. Ngolu suku, ukukhutshwa kwe-alpha yokuqala yenguqu enkulu yeprojekthi ezayo - 3.0 - yanikezelwa. Ukukhululwa kwayo kuya kuzisa utshintsho olubalulekileyo nolulindelwe ixesha elide kwiHelm, apho abaninzi kuluntu lwaseKubernetes banethemba elikhulu. Thina ngokwethu singenye yezi, kuba sisebenzisa iHelm ngokusebenzayo ukuthunyelwa kwesicelo: siyidibanise kwisixhobo sethu sokuphumeza iCI / CD.
Ngo-Oktobha 15, 2015, iprojekthi ngoku eyaziwa ngokuba yiHelm yazalwa. Kunyaka nje emva kokusekwa kwayo, uluntu lwaseHelm lwajoyina iKubernetes, ngelixa lisebenza ngokukhutheleyo kwiHelm 2. NgoJuni 2018, iHelm.
Kwesi siqwenga, ndiza kuthetha malunga nalapho yaqala khona, sifike njani kwindawo esikuyo namhlanje, sazise ezinye zeempawu ezizodwa ezifumaneka kukhupho lokuqala lwe-alpha lweHelm 3, kwaye sichaze ukuba siceba ukuqhubela phambili njani.
Isishwankathelo:
- imbali yokudalwa kweHelm;
- ndlela-ntle kuTiller;
- iindawo zokugcina itshathi;
- ulawulo lokukhululwa;
- utshintsho kuxhomekeke kwitshathi;
- iitshathi zethala leencwadi;
- yintoni elandelayo?
Imbali yeHelm
Ukuzalwa
IHelm 1 yaqala njengeprojekthi yoMthombo oVulekileyo eyenziwe nguDeis. Sasiyisiqalo esincinci deisctl
, eyayisetyenziswa (phakathi kwezinye izinto) ukufaka nokusebenza iqonga leDeis kwi
Embindini ka-2015, sagqiba kwelokuba sitshintshe indlela saza sayisusa iDeis (ngelo xesha eyayibizwa ngokuba yiDeis Workflow) ukusuka kwiFleet ukuya eKubernetes. Enye yezinto zokuqala ezayilwa ngokutsha yayisisixhobo sokufakela. deisctl
. Siyisebenzisele ukufaka nokulawula iDeis Workflow kwiqela leFleet.
I-Helm 1 yenziwa kumfanekiso wabaphathi bephakheji abadumileyo abanje ngeHomebrew, apt kunye neyum. Injongo yayo ephambili yayikukwenza lula imisebenzi efana nokupakisha kunye nokufaka izicelo kwi-Kubernetes. I-Helm yaziswa ngokusemthethweni kwi-2015 kwinkomfa ye-KubeCon eSan Francisco.
Umzamo wethu wokuqala kunye noHelm wasebenza, kodwa kwakungekho ngaphandle kwemida enzulu. Wathatha iseti ye-Kubernetes manifests, enencasa ngeejenereyitha njengeebhloko zentshayelelo ye-YAML. (umcimbi ongaphambili)*, kwaye ilayishe iziphumo kwi-Kubernetes.
* Phawula. transl.: Ukususela kuguqulelo lokuqala lweHelm, i-syntax ye-YAML yakhethwa ukuchaza izixhobo ze-Kubernetes, kunye ne-Jinja templates kunye ne-Python scripts zaxhaswa xa kubhalwa uqwalaselo. Sibhale ngakumbi malunga noku kunye nesakhiwo senguqulelo yokuqala yeHelm ngokubanzi kwisahluko "Imbali emfutshane yeHelm"
Umzekelo, ukubuyisela umhlaba kwifayile yeYAML, kuye kwafuneka udibanise oku kulandelayo kulwakhiwo kumboniso:
#helm:generate sed -i -e s|ubuntu-debootstrap|fluffy-bunny| my/pod.yaml
Kuhle ukuba iinjini zetemplate zikhona namhlanje, akunjalo?
Ngezizathu ezininzi, lo mfakeli wokuqala we-Kubernetes ufuna uluhlu oluqinileyo lwefayile ye-manifest kwaye yenze kuphela ulandelelwano oluncinci, olusisigxina lweziganeko. Kwakunzima kakhulu ukusebenzisa ukuba iqela le-Deis Workflow R & D lalinzima xa lizama ukuhambisa imveliso yalo kweli qonga - nangona kunjalo, imbewu yengcamango yayisele ihlwayelwe. Umzamo wethu wokuqala yayilithuba elihle lokufunda: siye saqonda ukuba sinomdla wokwenene wokwenza izixhobo zepragmatic ezisombulula iingxaki zemihla ngemihla kubasebenzisi bethu.
Ngokusekwe kumava eempazamo ezidlulileyo, saqala ukuphuhlisa iHelm 2.
Ukwenza iHelm 2
Ekupheleni kuka-2015, iqela likaGoogle liqhagamshelane nathi. Babesebenza kwisixhobo esifanayo sikaKubernetes. UMlawuli wokusasaza weKubernetes yayilizibuko lesixhobo esikhoyo esasisetyenziselwa iPlatform yeLifu likaGoogle. Babuza: βNgaba besingathanda ukuchitha iintsuku ezimbalwa sixubusha izinto ezifanayo nezahlukileyo?β
NgoJanuwari 2016, iqela le-Helm kunye ne-Deployment Manager yadibana e-Seattle ukuze batshintshisane ngemibono. Uthethathethwano luphelile ngesicwangciso esinqwenelekayo: ukudibanisa zombini iiprojekthi zokwenza iHelm 2. Kunye noDeis kunye neGoogle, abafana abavela
Besifuna ukugcina ukusetyenziswa kweHelm kulula, kodwa yongeza oku kulandelayo:
- iitemplates zetshathi zokwenza ngokwezifiso;
- ulawulo lwangaphakathi lwamaqela;
- indawo yokugcina itshati ekumgangatho wehlabathi;
- ifomati yephakheji ezinzileyo enokhetho lotyikityo;
- ukuzinikela okuqinileyo kuguqulelo lwesemantic kunye nokugcina ukuhambelana okubuyela ngasemva phakathi kweenguqulelo.
Ukufezekisa ezi njongo, into yesibini yongezwe kwi-Helm ecosystem. Eli candelo le-intra-cluster lalibizwa ngokuba yiTiller kwaye lalinoxanduva lokufakela iitshathi zeHelm kunye nokuzilawula.
Ukusukela ekukhululweni kweHelm 2 ngo-2016, uKubernetes wongeze izinto ezintsha ezininzi. Ulawulo lofikelelo olusekwe kwindima (
Phakathi kwazo zonke ezi nguqu, uHelm waqhubeka ekhonza abasebenzisi bakaKubernetes ngokuthembeka. Emva kweminyaka emithathu kunye nezongezelelo ezininzi ezitsha, kwacaca ukuba kwakuyisikhathi sokwenza utshintsho olubalulekileyo kwi-codebase ukuqinisekisa ukuba i-Helm inokuqhubeka nokuhlangabezana neemfuno ezikhulayo ze-ecosystem.
Ukuhamba kakuhle kuTiller
Ngexesha lophuhliso lweHelm 2, sazisa iTiller njengenxalenye yokudityaniswa kwethu noMphathi weGoogle wokusasaza. I-Tiller idlale indima ebalulekileyo kumaqela asebenza ngaphakathi kweqela elifanayo: ivumele iingcali ezahlukeneyo ezisebenza kwiziseko ezingundoqo ukuba zidibanise kunye neeseti ezifanayo zokukhutshwa.
Ekubeni ulawulo olusekelwe kwindima (RBAC) lunikwe amandla ngokungagqibekanga kwi-Kubernetes 1.6, ukusebenza noTiller kwimveliso kwaba nzima ngakumbi. Ngenxa yenani elikhulu lemigaqo-nkqubo yokhuseleko enokwenzeka, indawo yethu ibikukubonelela ngoqwalaselo oluvumayo ngokungagqibekanga. Oku kuvumele abantu abatsha ukuba bazame iHelm kunye neKubernetes ngaphandle kokungena kwiseto zokhuseleko kuqala. Ngelishwa, olu qwalaselo lwemvume lunokunika umsebenzisi uluhlu olubanzi kakhulu lweemvumelwano abangazidingiyo. Iinjineli ze-DevOps kunye ne-SRE kwafuneka zifunde amanyathelo ongezelelweyo okusebenza xa kufakwa iTiller kwiqela labaqeshi abaninzi.
Emva kokufunda indlela uluntu olusebenzisa ngayo i-Helm kwiimeko ezithile, saqonda ukuba inkqubo yokulawula ukukhululwa kwe-Tiller ayifuni ukuthembela kwi-intra-cluster component ukuze kugcinwe urhulumente okanye umsebenzi njenge-central hub yolwazi lokukhululwa. Endaweni yoko, sinokufumana ngokulula ulwazi oluvela kwiseva ye-Kubernetes API, sivelise itshathi kwicala lomxhasi, kwaye sigcine irekhodi lofakelo kwi-Kubernetes.
Injongo ephambili yeTiller yayinokufezekiswa ngaphandle kweTiller, ngoko esinye sezigqibo zethu zokuqala malunga neHelm 3 yayikukulahla ngokupheleleyo iTiller.
Ngokuhamba kukaTiller, imodeli yokhuseleko yeHelm yenziwe lula kakhulu. IHelm 3 ngoku ixhasa lonke ukhuseleko lwangoku, isazisi, kunye neendlela zogunyaziso zeKubernetes yangoku. Iimvume zeHelm zimiselwe ukusetyenziswa
Iindawo zokugcina itshathi
Kwinqanaba eliphezulu, indawo yokugcina itshathi yindawo apho iitshathi zingagcinwa kwaye zabelwane ngazo. Iiphakheji ze-Helm client kwaye ithumela iitshathi kwindawo yokugcina. Ukubeka ngokulula, indawo yokugcina iitshathi yiseva yamandulo yeHTTP enefayile ye index.yaml kunye neetshathi ezipakishiweyo.
Ngelixa kukho izinto eziluncedo kwi-API yeCharts Repository edibana nezona mfuno zisisiseko zokugcina, kukwakho nezinto ezingeloncedo ezimbalwa:
- Iindawo zokugcina itshathi azihambelani nokuphunyezwa okuninzi kokhuseleko olufunekayo kwindawo yemveliso. Ukuba ne-API eqhelekileyo yokuqinisekisa kunye nokugunyaziswa kubaluleke kakhulu kwiimeko zemveliso.
- Izixhobo ze-Helm's chart provenance tools, ezisetyenziselwa ukusayina, ukuqinisekisa ukuthembeka kunye nokuvela kwetshathi, ziyinxalenye yokuzikhethela yenkqubo yokupapasha iTshati.
- Kwiimeko zabasebenzisi abaninzi, ishati efanayo inokulayishwa ngomnye umsebenzisi, ngokuphindwe kabini inani lendawo efunekayo ukugcina umxholo ofanayo. Oovimba abakrelekrele baphuhlisiwe ukusombulula le ngxaki, kodwa abayonxalenye yengcaciso esesikweni.
- Ukusebenzisa ifayile yesalathisi enye yokukhangela, ukugcina imethadatha, kunye nokubuyisela iitshathi kuye kwenza kube nzima ukuphuhlisa ukuphunyezwa okukhuselekileyo kwabasebenzisi abaninzi.
Le projekthi
Kodwa ngaba ubusazi ukuba iProjekthi yoSasazo yenzelwe ukusasaza naluphi na uhlobo lomxholo, hayi nje imifanekiso yesikhongozeli?
Ndiyabulela kwiinzame
Ingcaciso ethe kratya yolunye utshintsho oluzayo kwiindawo zokugcina itshathi yeHelm iyafumaneka
Ulawulo lokukhutshwa
KwiHelm 3, imeko yesicelo ilandelwa ngaphakathi kweqela ngezinto ezimbini:
- into yokukhulula - imele umzekelo wesicelo;
- imfihlo yoguqulelo lokukhululwa - imele imeko efunwayo yesicelo kwindawo ethile ngexesha (umzekelo, ukukhutshwa koguqulelo olutsha).
Mngeni helm install
yenza into yokukhupha kunye nokukhupha imfihlo yoguqulelo. Fowuna helm upgrade
ifuna into yokukhulula (enokuthi iyitshintshe) kwaye yenza uguqulelo olutsha oluyimfihlo oluqulathe amaxabiso amatsha kunye nomboniso olungisiweyo.
Into yokukhupha iqulethe ulwazi malunga nokukhululwa, apho ukukhululwa kufakelo oluthile lwetshathi enegama kunye namaxabiso. Le nto ichaza imethadatha yezinga eliphezulu malunga nokukhululwa. Into yokukhupha iyaqhubeleka kubomi bonke besicelo kwaye ingumnini wazo zonke iimfihlo zenguqulelo yokukhululwa, kunye nazo zonke izinto ezenziwe ngokuthe ngqo yitshathi yeHelm.
Imfihlo yokukhutshwa kwenguqulelo inxulumanisa ukukhutshwa kunye nothotho lohlaziyo (ufakelo, uhlaziyo, ukubuyisela umva, ucimo).
KwiHelm 2, uhlaziyo lwaluhambelana kakhulu. Fowuna helm install
wadala v1, uhlaziyo olulandelayo (uphuculo) - v2, njalo njalo. Imfihlo yokukhutshwa kunye nokukhululwa kwenguqulelo iye yachithwa yaba yinto enye eyaziwa ngokuba yinguqulelo. Uhlaziyo lwagcinwa kwisithuba samagama esifana ne-Tiller, nto leyo ethetha ukuba ukukhutshwa ngalunye "kwakumhlaba jikelele" ngokwendawo yamagama; ngenxa yoko, mnye kuphela umzekelo wegama onokusetyenziswa.
KwiHelm 3, ukhupho ngalunye ludityaniswa nemfihlo enye okanye ngaphezulu yenguqulelo. Into yokukhupha ihlala ichaza ukukhutshwa kwangoku kufakwe kwi-Kubernetes. Ukhupho ngalunye oluyimfihlo luchaza inguqulelo enye kuphela yolo khupho. Uhlaziyo, umzekelo, luya kudala imfihlo yokukhutshwa kwenguqulelo entsha kwaye emva koko utshintshe into yokukhupha ikhombe kuguqulelo olutsha. Kwimeko yokubuyisela umva, ungasebenzisa iimfihlo zokhupho lwangaphambili ukukhuphela umva ukhupho luye kwimeko yangaphambili.
Emva kokuba i-Tiller ishiywe, i-Helm 3 igcina idatha ikhupha idatha kwindawo yegama elifanayo njengokukhululwa. Olu tshintsho lukuvumela ukuba ufake itshathi enegama elifanayo lokukhulula kwindawo yamagama eyahlukileyo, kwaye idatha igcinwa phakathi kohlaziyo lwe-cluster / reboots in etcd. Ngokomzekelo, unokufaka i-WordPress kwindawo yegama elithi "foo" kwaye emva koko kwi-"bar" indawo yamagama, kwaye zombini ukukhutshwa kunokuthiwa "wordpress".
Utshintsho kuxhomekeke kwitshathi
Iitshathi zipakishwe (usebenzisa helm package
) ukusetyenziswa kunye ne-Helm 2 inokufakwa kunye ne-Helm 3, nangona kunjalo i-workflow yophuhliso lwetshathi igqitywe ngokupheleleyo, ngoko ke utshintsho oluthile kufuneka lwenziwe ukuqhubeka nophuhliso lwetshathi kunye ne-Helm 3. Ngokukodwa, inkqubo yokulawula ukuxhomekeka kwetshathi ishintshile.
Inkqubo yolawulo lokuxhomekeka kwitshathi ihambile requirements.yaml
ΠΈ requirements.lock
phezu Chart.yaml
ΠΈ Chart.lock
. Oku kuthetha ukuba iitshathi ezisebenzise umyalelo helm dependency
, kufuna useto oluthile ukuze usebenze kwiHelm 3.
Makhe sijonge umzekelo. Makhe songeze ukuxhomekeka kwitshathi kwiHelm 2 kwaye sibone ukuba zeziphi iinguqu xa ufudukela kwiHelm 3.
KwiHelm 2 requirements.yaml
ijongeka ngolu hlobo:
dependencies:
- name: mariadb
version: 5.x.x
repository: https://kubernetes-charts.storage.googleapis.com/
condition: mariadb.enabled
tags:
- database
Kwi-Helm 3, ukuxhomekeka okufanayo kuya kubonakala kuwe Chart.yaml
:
dependencies:
- name: mariadb
version: 5.x.x
repository: https://kubernetes-charts.storage.googleapis.com/
condition: mariadb.enabled
tags:
- database
Iitshathi zisakhutshelwa kwaye zibekwe kuluhlu charts/
, ngoko ke iitshati ezingaphantsi (izitshatshazi), ilele kwikhathalogu charts/
, iya kuqhubeka isebenza ngaphandle kotshintsho.
Ukwazisa iitshathi zeThala leeNcwadi
IHelm 3 ixhasa udidi lweetshathi ezibizwa ngokuba ziitshathi zethala leencwadi (itshathi yethala leencwadi). Le tshati isetyenziswa zezinye iitshathi, kodwa ayenzi naziphi na ii-artifacts zokukhulula ngokwayo. Iitemplates zeetshathi zethala leencwadi zinokubhengeza izinto kuphela define
. Omnye umxholo awuhoywa nje. Oku kuvumela abasebenzisi ukuba baphinde basebenzise kwaye babelane ngeziqwengana zekhowudi ezinokuthi zisetyenziswe kwiitshathi ezininzi, ngaloo ndlela benqanda ukuphindaphinda kunye nokuthobela umthetho-siseko.
Iitshathi zamathala eencwadi zichazwe kwicandelo dependencies
kwifayile Chart.yaml
. Ukuzifaka nokulawula akwahlukanga kwezinye iitshathi.
dependencies:
- name: mylib
version: 1.x.x
repository: quay.io
Siyavuya malunga neemeko zokusetyenziswa eli candelo liza kuvulela abaphuhlisi betshathi, kunye nezenzo ezilungileyo ezinokuvela kwiitshathi zethala leencwadi.
Yintoni elandelayo?
Helm 3.0.0-alpha.1 sisiseko apho siqala ukwakha inguqulelo entsha yeHelm. Kwinqaku ndichaze izinto ezinomdla zeHelm 3. Uninzi lwazo lusekwinqanaba lokuqala lophuhliso kwaye oku kuqhelekileyo; Inqaku lokukhutshwa kwe-alpha kukuvavanya umbono, ukuqokelela impendulo kubasebenzisi bokuqala, kunye nokuqinisekisa uqikelelo lwethu.
Ngokukhawuleza ukuba inguqulelo yealpha ikhululwe (khumbula ukuba oku
Ndizamile ukuqaqambisa ezinye zophuculo olukhulu oluza kwiHelm 3, kodwa olu luhlu alupheleli kwaphela. Imephu yendlela epheleleyo ye-Helm 3 ibandakanya iimpawu ezifana nezicwangciso eziphuculweyo zokuhlaziya, ukuhlanganiswa okunzulu kunye nokubhaliswa kwe-OCI, kunye nokusetyenziswa kwe-schemas ye-JSON ukuqinisekisa amaxabiso etshathi. Sikwaceba ukucoca i-codebase kunye nokuhlaziya iinxalenye zayo eziye zangahoywa kule minyaka mithathu idlulileyo.
Ukuba uziva ngathi kukho into esiyiphosileyo, singathanda ukuva iingcinga zakho!
Joyina ingxoxo yethu
-
#helm-users
imibuzo kunye nonxibelelwano olulula noluntu; -
#helm-dev
ukuxoxa ngezicelo zotsalo, ikhowudi kunye neempazamo.
Ungaphinda uncokole kwiiFowuni zethu zeveki zoPhuhliso loLuntu ngoLwesine ngo-19:30 MSK. Iintlanganiso zinikezelwe ekuxoxeni ngemiba abaphuhlisi abaphambili kunye noluntu abasebenza kuyo, kunye nezihloko zeengxoxo zeveki. Nabani na angajoyina kwaye athathe inxaxheba kwintlanganiso. Ikhonkco elikhoyo kwitshaneli yeSlack #helm-dev
.
PS evela kumguquleli
Funda nakwibhlog yethu:
- Β«
Umphathi wePakeji yeKubernetes-Helm: elidlulileyo, langoku, elizayo "; - Β«
Ukujonga ngokunzulu kwiHelm 2: "Nantsi into eyiyo..." "; - Β«
Intshayelelo esebenzayo kumphathi wephakheji ye-Kubernetes - Helm "; - Β«
Iingcebiso ze-Kubernetes & tricks: ukudlulisela izibonelelo ezisebenza kwiqela kwi-Helm 2 yolawulo "; - Β«
Ziqhelanise ne-dapp. Icandelo 2. Ukusasaza imifanekiso yeDocker kwiKubernetes usebenzisa iHelm Β».
umthombo: www.habr.com