Ayizizo zonke iiplatifomu zeseva, kwanawona anamandla kwaye anokwaleka, anelisa zonke iimfuno njengoko zinjalo. Ngelixa i-Kubernetes isebenza kakuhle iyodwa, isenokungabi namalungu afanelekileyo ukuba iphelele. Uya kuhlala ufumana imeko ekhethekileyo engayinakiyo imfuno yakho, okanye apho i-Kubernetes ayiyi kusebenza kufakelo olungagqibekanga - umzekelo, inkxaso yedatha okanye ukusebenza kweCD.
Apha kulapho izongezo, izandiso kunye nezinye izinto ezilungileyo zale orchestrator yesikhongozeli zivela, zixhaswa lolona luntu lubanzi. Kweli nqaku, kuya kubakho i-11 yezinto ezilungileyo kakhulu esizifumeneyo. Thina ngokwethu singene zinomdla kakhulu, kwaye siceba ukujongana nazo ngokoqobo-ukuziqhawula zibe zizikrufu kunye namantongomane kwaye ubone okungaphakathi. Abanye babo baya kuzalisekisa ngokugqibeleleyo nayiphi na i-Kubernetes cluster, ngelixa abanye baya kunceda ukusombulula imisebenzi ethile engaphunyezwanga kulwabiwo oluqhelekileyo lwe-Kubernetes.
Umgcini-sango: Ulawulo loMgaqo-nkqubo
Le projekthi (OPA) inika amandla okwenza imigaqo-nkqubo phezulu kwi-stacks yesicelo sefu kwi-Kubernetes, ukusuka kwi-ingress ukuya kwi-mesh yenkonzo. inika i-Kubernetes-native ukukwazi ukunyanzelisa imigaqo-nkqubo ngokuzenzekelayo kulo lonke iqela, kwaye ibonelela ngohlolo lwazo naziphi na iziganeko okanye izixhobo eziphula umgaqo-nkqubo. Konke oku kusingathwa yindlela entsha eKubernetes, umphathi wokwamkelwa kwe-Webhooks, eqalwa xa izixhobo zitshintsha. NgoMgcini-sango, imigaqo-nkqubo ye-OPA iba yenye inxalenye yempilo yeqela lakho le-Kubernetes ngaphandle kwesidingo sokujongwa rhoqo.
Umxhuzulane: Amaqela eKubernetes aphathwayo
Ukuba ufuna ukufaka isicelo kwi-Kubernetes, izicelo ezininzi zinetshathi yeHelm ekhokela kwaye izenzele le nkqubo. Kodwa kuthekani ukuba ufuna ukuthatha iqela lakho leKubernetes njengoko linjalo kwaye ulikhuphe kwenye indawo?
ithatha izifinyezo zelizwe lamaqela e-Kubernetes, iirejistri zabo zemifanekiso yesikhongozeli, kunye nokuqhuba izicelo ezibizwa ngokuba βziiphakheji zesicelo.β Iphakheji enjalo, eyifayile eqhelekileyo .tar, inokuphindaphinda iqela naphi na iKubernetes inokuqhuba.
I-Gravity ikwaqinisekisa ukuba iziseko ezingundoqo ekujoliswe kuzo ziziphatha ngendlela efanayo nomthombo, kunye nokuba indawo ye-Kubernetes ekujoliswe kuyo iyafumaneka. Inguqulelo ehlawulweyo yeGravity iphinda yongeza iimpawu zokhuseleko, kuquka i-RBAC kunye nokukwazi ukuvumelanisa izicwangciso zokhuseleko kuzo zonke ii-cluster deployments.
Inguqulelo enkulu yamva nje, iGravity 7, inokukhupha umfanekiso weGravity kwiqela elikhoyo leKubernetes, endaweni yokusonta iqela elitsha elipheleleyo kumfanekiso. I-Gravity 7 inokusebenza kunye namaqela afakwe ngaphandle komfanekiso weGravity. I-Gravity ikwaxhasa i-SELinux, kwaye isebenza ngokwemveli kunye nesango le-Teleport SSH.
Kaniko: Ukwakha izikhongozeli kwiqela leKubernetes
Uninzi lwemifanekiso yesikhongozeli sakhelwe kwiinkqubo ezingaphandle kwesipakisho sesikhongozeli. Nangona kunjalo, ngamanye amaxesha kufuneka wakhe umfanekiso ngaphakathi kwesitaki sesikhongozeli, umzekelo kwindawo ethile kwisitya esisebenzayo, okanye kwiqela leKubernetes.
yakha izikhongozeli ngaphakathi kwendawo engqongileyo yesikhongozeli, kodwa ngaphandle kokuxhomekeka kwinkonzo yokufaka isikhongozeli, njengeDocker. Endaweni yoko, i-Kaniko ikhupha inkqubo yefayile kumfanekiso wesiseko, iphumeza yonke imiyalelo yokwakha indawo yomsebenzisi phezulu kwenkqubo yefayile ekhutshiweyo, ithatha umfanekiso wenkqubo yefayile emva komyalelo ngamnye.
Qaphela: uKaniko okwangoku (ngoMeyi 2020, malunga. umguquleli) ayikwazi ukwakha izikhongozeli zeWindows.
I-Kubecost: Iiparamitha zexabiso lokuqalisa i-Kubernetes
Uninzi lwezixhobo zolawulo lwe-Kubernetes zijolise ekusebenziseni ngokulula, ukubeka iliso, ukuqonda ukuziphatha ngaphakathi kwepod, njl. Kodwa kuthekani ngokujonga iindleko - ngeedola kunye neepeni - ezinxulumene nokuqhuba i-Kubernetes?
Iinkqubo ze-Kubernetes parameters ngexesha lokwenyani, okukhokelela kulwazi lweendleko ezihlaziyiweyo ukusuka kumaqela asebenzayo kuwo wonke ababoneleli belifu abakhulu, eboniswe kwideshibhodi ebonisa iindleko zenyanga zeqela ngalinye. Amaxabiso e-RAM, ixesha le-CPU, i-GPU kunye nenkqubo ephantsi yedisk yahlulwe yinxalenye ye-Kubernetes (isikhongozeli, ipod, inkonzo, njl.njl.)
I-Kubecost iphinda ilandele iindleko zezixhobo ze-off-cluster ezifana neebhakethi ze-Amazon S3, nangona oku kunqunyelwe kwi-AWS. Idatha yeendleko inokuthunyelwa kwi-Prometheus ukuze ukwazi ukuyisebenzisa ukuguqula ngokwenkqubo ukuziphatha kweqela.
I-Kubecost ikhululekile ukuyisebenzisa nje ukuba iintsuku ze-15 zedatha yelogi zanele kuwe. Ngeempawu ezongezelelweyo, amaxabiso aqala kwi-199 yeedola ngenyanga ngokubeka iliso kwii-node ezingama-50.
I-KubeDB: Ukuqhuba idatabase yokulwa kwi-Kubernetes
Iidatabase zikwanzima kakhulu ukubaleka ngokufanelekileyo kwi-Kubernetes. Uya kufumana abaqhubi beKubernetes beMySQL, PostgreSQL, MongoDB, kunye neRedis, kodwa zonke zineengxaki. Kwakhona, i-Kubernetes eqhelekileyo iseti ayizisombululi ngokuthe ngqo uninzi lweengxaki zedatha ethile.
ikunceda udale iziteyitimenti zakho zeKubernetes ukulawula ugcino lwedatha. Ukuqhuba ii-backups, i-cloning, ukubeka iliso, izifinyezo, kunye nokudalwa kwedatha ebhengezayo zizinto zayo. Nceda uqaphele ukuba inkxaso yefitsha inokwahluka ngokwesiseko sedatha. Umzekelo, ukwenza iqela lisebenzela iPostgreSQL, kodwa hayi iMySQL ( kukho, njengoko kuphawuliwe ngokuchanekileyo , malunga. umguquleli).
Kube-monkey: Chaos Monkey for Kubernetes
Eyona ndlela engenaziphene yovavanyo loxinzelelo ithathwa njengokuqhekeka okungahleliwe. Nantso ithiyori emva kwe-Chaos Monkey ye-Netflix, isixhobo sobunjineli esisisiphithiphithi esivala ngokungenamkhethe oomatshini kunye nezikhongozeli zemveliso "ukukhuthaza" abaphuhlisi ukuba bakhe iinkqubo ezinokuqina ngakumbi. - ukuphunyezwa kwethiyori esisiseko efanayo yovavanyo loxinzelelo kumaqela e-Kubernetes. Isebenza ngokubulala ngokungenamkhethe ii-pods kwiqela olichongileyo, kwaye inokuqwalasela ukuba iqhube ngexesha elithile.
I-Kubernetes Ingress Controller ye-AWS
I-Kubernetes ibonelela ngesilinganisi somthwalo wangaphandle kunye neenkonzo zothungelwano lweqela ngenkonzo ebizwa I-AWS ibonelela ngeempawu zokulinganisa umthwalo kodwa ayizihlanganisi ngokuzenzekelayo ngeempawu ezifanayo zeKubernetes. ivala lo msantsa.
Ilawula ngokuzenzekelayo izibonelelo ze-AWS kwinto nganye yokungena kwiqela, ukudala abalinganisi bomthwalo kwimithombo entsha yokungena, kunye nokususa abalinganisi bomthwalo xa izibonelelo zicinywa. Isebenzisa i-CloudFormation ukuqinisekisa ukuba imeko ye-cluster ihlala ihambelana. Ikwaxhasa useto lwe-Alarm ye-CloudWatch kwaye ilawula ngokuzenzekelayo ezinye izinto ezisetyenziswa kwiqela, njengezatifikethi ze-SSL kunye ne-EC2 Auto Scaling Groups.
Kubespray: Ufakelo oluzenzekelayo lweKubernetes
yenza ngokuzenzekelayo ufakelo lweqela le-Kubernetes elilungele imveliso, ukusuka kufakelo kwiiseva zehardware ukuya kumafu amakhulu oluntu. Isebenzisa i-Ansible (I-Vagrant - ngokuzikhethela) ukuqhuba ukusasazwa kunye nokudala iqela elifumanekayo kakhulu ukusuka ekuqaleni kunye nokhetho lwakho lwe-network add-on (efana neFlannel, iCalico kunye nezinye) kunikezelo lwakho olukhethiweyo lweLinux xa lufakwe kwiiseva zehardware.
Skaffold: Uphuhliso oluPhindayo lweKubernetes
- esinye sezixhobo zikaGoogle ezisetyenziselwa ukucwangcisa izicelo zeCD kwiKubernetes. Nje ukuba wenze utshintsho kwikhowudi yomthombo, i-skaffold ifumanisa oku ngokuzenzekelayo, iqala ukwakha kunye nokuthunyelwa, kwaye iyakulumkisa ukuba kukho naziphi na iimpazamo. I-Skaffold isebenza ngokupheleleyo kwicala lomxhasi, ngoko kunokubakho ukufakela okuncinci okanye imiba yohlaziyo. Ingasetyenziswa kunye nemibhobho ekhoyo ye-CICD kwaye ingajongana nezixhobo ezithile zokwakha zangaphandle, ngakumbi iBazel kaGoogle.
UTeresa: Eyona PaaS ilula kwiKubernetes
yinkqubo yokuthunyelwa kwesicelo eqhuba iPaaS elula phezu kwe Kubernetes. Abasebenzisi abaququzelelwe ngamaqela banokuthumela kwaye balawule usetyenziso abanalo. Oku kwenza izinto zibe lula kubantu abasithembayo isicelo kwaye abafuni kujongana neKubernetes kunye nazo zonke iingxaki zayo.
Ukuthambeka: Ukusasaza uhlaziyo lwesikhongozeli ukuya kumaqela eKubernetes
, ephuhliswe nguWindmill Engineering, ijonge utshintsho kwiiDockerfiles ezahlukeneyo kwaye ngokuthe ngcembe ithumela izikhongozeli ezihambelanayo kwiqela leKubernetes. Ngokusisiseko, kukuvumela ukuba uhlaziye iqela lakho lemveliso ngexesha lokwenyani ngokuhlaziya iiDockerfiles. I-Tilt yakha ngaphakathi kweqela, ikhowudi yomthombo yiyo yonke into efuna ukutshintshwa. Unokuthatha umfanekiso wempilo yeqela kwaye ubambe iimeko zempazamo ngokuthe ngqo kwi-Tilt ukuze wabelane namalungu eqela ukulungisa ingxaki.
PS Zonke ezi zixhobo siye ngokuphindaphindiweyo kuzo ephonononge ngezandla zethu ezinomdla. Ukubonisa iindlela zokwenyani esele zikho (ngethemba!) kwizifundo ezinzulu ngaphandle kweintanethi ngoFebruwari. NgoFebruwari 8β10, 2021. Kwaye NgoFebruwari 12β14. Ngokunyaniseka, sikwakhumbula umoya ofudumeleyo nonamandla wokufunda ngaphandle kweintanethi. Nokuba itekhnoloji iphucuke kangakanani na, ayinakuthatha indawo yonxibelelwano lwabantu oluphilayo kunye nomoya okhethekileyo xa abantu abanengqondo efanayo bedibana.
umthombo: www.habr.com