ProHoster > Ibhulogi > Ulawulo > CSE: Kubernetes kwabo bakwi-vCloud

CSE: Kubernetes kwabo bakwi-vCloud

CSE: Kubernetes kwabo bakwi-vCloud
Sawubona wonke umntu!

Kwenzekile ukuba iqela lethu elincinci, lingatsho ukuba kutshanje, kwaye ngokuqinisekileyo ngokukhawuleza, likhulile ukuhambisa ezinye (kwaye kwixesha elizayo zonke) iimveliso kwi-Kubernetes.

Kwakukho izizathu ezininzi zoku, kodwa ibali lethu alikho malunga neholide.

Besinokhetho oluncinci malunga nesiseko seziseko ezingundoqo. vCloud Director kunye vCloud Director. Sakhetha entsha sagqiba kwelokuba siyiqale.

Kwakhona, ndijonge β€œIndlela Enzima,” ndakhawuleza ndafikelela kwisigqibo sokuba isixhobo sokwenza ngokuzenzekelayo ubuncinci iinkqubo ezisisiseko, ezinjengokusasazwa kunye nokulinganisa, bekufuneka izolo. Ukuntywila nzulu kuGoogle kwazisa imveliso enje ngeVMware Container Service Extension (CSE) - imveliso yomthombo ovulekileyo ekuvumela ukuba wenze indalo kunye nobungakanani bamaqela e-k8s kwabo bakwi-vCloud.

I-Disclaimer: I-CSE inemida yayo, kodwa ngeenjongo zethu yayigqibelele. Kwakhona, isisombululo kufuneka sixhaswe ngumboneleli welifu, kodwa ekubeni icandelo leseva likwangumthombo ovulekileyo, cela umphathi wakho okufutshane ukuba afumaneke :)

Ukuqala ukuyisebenzisa, udinga i-akhawunti yomlawuli kwintlangano ye-vCloud kunye nenethiwekhi ehamba phambili eyenziwe ngaphambili kwi-cluster (ngexesha lenkqubo yokuthunyelwa, ufuna ukufikelela kwi-Intanethi kule nethiwekhi, ungalibali ukuqwalasela i-Firewall / NAT). Idilesi ayinamsebenzi. Kulo mzekelo, makhe sithathe 10.0.240.0/24

CSE: Kubernetes kwabo bakwi-vCloud

Ukususela emva kokudalwa, iqela liya kufuna ukulawulwa ngandlela-thile, kuyacetyiswa ukuba ube ne-VPN kunye nomzila kwinethiwekhi eyenziwe. Sisebenzisa i-SSL VPN eqhelekileyo emiselweyo kwi-Edge Gateway yombutho wethu.

Okulandelayo, kufuneka ufake i-CSE client apho amaqela e-k8s aya kulawulwa. Kwimeko yam, le yilaptop esebenzayo kunye nesibini sezikhongozeli ezifihliweyo eziqhuba i-automation.

Umxhasi ufuna iPython version 3.7.3 kunye nephezulu efakwe kunye nemodyuli efakiwe vcd-cli, ngoko ke masizifake zombini.

pip3 install vcd-cli

pip3 install container-service-extension

Emva kofakelo, sijonga inguqulelo yeCSE kwaye sifumane oku kulandelayo:

# vcd cse version
Error: No such command "cse".

Ingalindelekanga, kodwa iyalungiseka. Njengoko kuye kwavela, i-CSE kufuneka iqhotyoshelwe njengemodyuli kwi-vcd-cli.
Ukwenza oku, kufuneka uqale ungene kwi-vcd-cli kumbutho wethu:

# vcd login MyCloud.provider.com org-dev admin
Password: 
admin logged in, org: 'org-dev', vdc: 'org-dev_vDC01'

Emva koku, i-vcd-cli iya kudala ifayile yoqwalaselo ~/.vcd-cli/profiles.yaml
Ekugqibeleni kufuneka udibanise oku kulandelayo:

extensions:
  - container_service_extension.client.cse

Emva koko sijonga kwakhona:

# vcd cse version
CSE, Container Service Extension for VMware vCloud Director, version 2.5.0

Inqanaba lofakelo lomxhasi ligqityiwe. Masizame ukubeka iqela lokuqala.
I-CSE ineseti ezininzi zosetyenziso lweeparamitha, zonke zinokujongwa apha.

Okokuqala, makhe senze izitshixo zokufikelela ngaphandle kwegama lokugqitha kwiqela elizayo. Le ngongoma ibalulekile, ekubeni ngokungagqibekanga, ukungena ngemvume kwi-password kwii-nodes kuya kukhutshazwa, kwaye ukuba awuyikumisela izitshixo, unokufumana umsebenzi omningi ngokusebenzisa i-consoles ye-virtual machine, engafanelekanga.

# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.

Masizame ukuqalisa ukwenza iqela:

vcd cse cluster create MyCluster --network k8s_cluster_net --ssh-key ~/.ssh/id_rsa.pub --nodes 3 --enable-nfs

Ukuba sifumana impazamo Imposiso: Ixesha liphelile okanye umsebenzisi akangenanga. Nceda ungene kwakhona. -phinda ungene kwi-vcd-cli kwi-vCloud njengoko kuchaziwe ngasentla kwaye uzame kwakhona.

Ngeli xesha yonke into ilungile kwaye umsebenzi wokudala i-cluster uqalile.

cluster operation: Creating cluster vApp 'MyCluster' (38959587-54f4-4a49-8f2e-61c3a3e879e0) from template 'photon-v2_k8-1.12_weave-2.3.0' (revision 1)

Kuya kuthatha malunga nemizuzu engama-20 ukugqiba umsebenzi; okwangoku, makhe sijonge iiparamitha ezisisiseko zokuphehlelelwa.

-uthungelwano - uthungelwano esilwenzile ngaphambili.
-ssh-isitshixo - izitshixo esizenzileyo, eziza kubhalwa kwiinodi zeqela
β€”iindawo n β€” Inani leendawo zabasebenzi kwiqela. Kuya kuhlala kukho inkosi enye, lo ngumda weCSE
-enable-nfs - yenza i-node eyongezelelweyo yezabelo ze-NFS phantsi kwemithamo eqhubekayo. Lukhetho oluncinci lwe-pedal; siza kubuyela ekulungiseni into eyenzayo emva kwexeshana.

Okwangoku, kwi-vCloud unokujonga ngokujonga indalo yeqela
CSE: Kubernetes kwabo bakwi-vCloud

Emva kokuba umsebenzi wokudala iqela ligqityiwe, lilungele ukusetyenziswa.

Makhe sijonge ukuchaneka kokuthunyelwa kunye nomyalelo ulwazi lweqela le-vcd cse MyCluster

CSE: Kubernetes kwabo bakwi-vCloud

Okulandelayo kufuneka sifumane ubumbeko lweqela ukuze silusebenzise kubectl

# vcd cse cluster config MyCluster > ./.kube/config

Kwaye ungajonga imeko yeqela usebenzisa yona:

CSE: Kubernetes kwabo bakwi-vCloud

Kweli nqanaba, iqela linokuthi lithathelwe ingqalelo lisebenza ngokwemiqathango, ukuba alikho ibali elinemiqulu eqhubekayo. Kuba sikwi-vCloud, asizukwazi ukusebenzisa i-vSphere Provider. Ukhetho --vula-nfs yenzelwe ukulungisa le ngxaki, kodwa ayizange isebenze ngokupheleleyo. Uhlengahlengiso olwenziwa ngesandla luyafuneka.

Ukuqala, indawo yethu kufuneka yenze idiski eZimeleyo eyahlukileyo kwi-vCloud. Oku kuqinisekisa ukuba idatha yethu ayisayi kunyamalala kunye neqela ukuba icinyiwe. Kwakhona, qhagamshela idiski kwi-NFS 

# vcd disk create nfs-shares-1 100g --description 'Kubernetes NFS shares'
# vcd vapp attach mycluster nfsd-9604 nfs-shares-1

Emva koko, sihamba nge-ssh (wenzile ngokwenene izitshixo?) kwindawo yethu ye-NFS kwaye ekugqibeleni uqhagamshele idiski:

root@nfsd-9604:~# parted /dev/sdb
(parted) mklabel gpt
Warning: The existing disk label on /dev/sdb will be destroyed and all data on
this disk will be lost. Do you want to continue?
Yes/No? yes
(parted) unit GB
(parted) mkpart primary 0 100
(parted) print
Model: VMware Virtual disk (scsi)
Disk /dev/sdb: 100GB
Sector size (logical/physical): 512B/512B
Partition Table: gpt
Disk Flags:

Number  Start   End    Size   File system  Name     Flags
 1      0.00GB  100GB  100GB               primary

(parted) quit
root@nfsd-9604:~# mkfs -t ext4 /dev/sdb1
Creating filesystem with 24413696 4k blocks and 6111232 inodes
Filesystem UUID: 8622c0f5-4044-4ebf-95a5-0372256b34f0
Superblock backups stored on blocks:
	32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208,
	4096000, 7962624, 11239424, 20480000, 23887872

Allocating group tables: done
Writing inode tables: done
Creating journal (32768 blocks): done
Writing superblocks and filesystem accounting information: done

Yenza uluhlu lwedatha kwaye unyuse isahlulelo esitsha apho:

mkdir /export
echo '/dev/sdb1  /export   ext4  defaults   0 0' >> /etc/fstab
mount -a

Masenze izahlulo zovavanyo ezintlanu kwaye sabelane ngazo zeqela:

>cd /export
>mkdir vol1 vol2 vol3 vol4 vol5
>vi /etc/exports
#Π”ΠΎΠ±Π°Π²ΠΈΠΌ это Π² ΠΊΠΎΠ½Π΅Ρ† Ρ„Π°ΠΉΠ»Π°
/export/vol1 *(rw,sync,no_root_squash,no_subtree_check)
/export/vol2 *(rw,sync,no_root_squash,no_subtree_check)
/export/vol3 *(rw,sync,no_root_squash,no_subtree_check)
/export/vol4 *(rw,sync,no_root_squash,no_subtree_check)
/export/vol5 *(rw,sync,no_root_squash,no_subtree_check)
#:wq! ;)
#Π”Π°Π»Π΅Π΅ - экспортируСм Ρ€Π°Π·Π΄Π΅Π»Ρ‹
>exportfs -r

Emva kwayo yonke le milingo, sinokwenza iPV kunye nePVC kwiqela lethu into enje:
Intatheli:

cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: PersistentVolume
metadata:
  name: nfs-vol1
spec:
  capacity:
    storage: 10Gi
  accessModes:
    - ReadWriteMany
  nfs:
    # Same IP as the NFS host we ssh'ed to earlier.
    server: 10.150.200.22
    path: "/export/vol1"
EOF

I-PVC:

cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: nfs-pvc
spec:
  accessModes:
    - ReadWriteMany
  storageClassName: ""
  resources:
    requests:
      storage: 10Gi
EOF

Kulapho ibali lokudalwa kweqela elinye liphela kwaye ibali lomjikelo wobomi balo liqala. Njengebhonasi, kukho imiyalelo emibini eluncedo ngakumbi ye-CSE ekuvumela ukuba ngamanye amaxesha ugcine izixhobo okanye hayi:

#Π£Π²Π΅Π»ΠΈΡ‡ΠΈΠ²Π°Π΅ΠΌ Ρ€Π°Π·ΠΌΠ΅Ρ€ кластСра Π΄ΠΎ 8 Π²ΠΎΡ€ΠΊΠ΅Ρ€ Π½ΠΎΠ΄
>cse cluster resize MyCluster --network k8s_cluster_net --nodes 8

#Π’Ρ‹Π²ΠΎΠ΄ΠΈΠΌ Π½Π΅Π½ΡƒΠΆΠ½Ρ‹Π΅ Π½ΠΎΠ΄Ρ‹ ΠΈΠ· кластСра с ΠΈΡ… ΠΏΠΎΡΠ»Π΅Π΄ΡƒΡŽΡ‰ΠΈΠΌ ΡƒΠ΄Π°Π»Π΅Π½ΠΈΠ΅ΠΌ
>vcd cse node delete MyCluster node-1a2v node-6685 --yes

Enkosi nonke ngexesha lenu, ukuba unemibuzo, buza kwizimvo.

umthombo: www.habr.com

Yongeza izimvo