ProHoster > Ibhulogi > Ulawulo > Ukusasaza izicelo kwiVM, Nomad kunye neKubernetes

Ukusasaza izicelo kwiVM, Nomad kunye neKubernetes

Molweni nonke! Igama lam ndinguPavel Agaletsky. Ndisebenza njengeqela elikhokelayo kwiqela eliphuhlisa inkqubo yokuhanjiswa kweLamoda. Kwi-2018, ndathetha kwinkomfa ye-HighLoad ++, kwaye namhlanje ndingathanda ukubonisa isicatshulwa sengxelo yam.

Isihloko sam sinikezelwe kumava enkampani yethu ekuthumeleni iinkqubo kunye neenkonzo kwiindawo ezahlukeneyo. Ukuqala kumaxesha ethu angaphambi kwembali, xa safaka zonke iinkqubo kwiiseva eziqhelekileyo, eziphela ngotshintsho oluthe chu ukusuka kuNomad ukuya kubhengezo eKubernetes. Ndiza kukuxelela ukuba kutheni siyenze kwaye zeziphi iingxaki ebesinazo kwinkqubo.

Ukusasaza izicelo kwi-VM

Masiqale ngento yokuba kwiminyaka emi-3 eyadlulayo zonke iinkqubo zenkampani kunye neenkonzo zafakwa kwiiseva eziqhelekileyo eziqhelekileyo. Ngokobuchwephesha, yayilungiselelwe ngendlela yokuba yonke ikhowudi yeenkqubo zethu igcinwe kwaye ihlanganiswe kusetyenziswa izixhobo zokuhlanganisa ngokuzenzekelayo, usebenzisa i-jenkins. Ukusebenzisa i-Ansible, yakhutshelwa ngaphandle kwenkqubo yethu yolawulo loguqulelo ukuya kwiiseva zenyani. Ngaphezu koko, inkqubo nganye inkampani yethu eyayinayo yathunyelwa ubuncinane kwiiseva ezi-2: enye yazo entloko, eyesibini emsileni. Ezi nkqubo zimbini zazifana ngokupheleleyo kuzo zonke iisetingi zazo, amandla, uqwalaselo, njl. Umahluko kuphela phakathi kwabo yayikukuba intloko ifumene i-traffic yabasebenzisi, ngelixa umsila awuzange ufumane i-traffic yomsebenzisi.

Kwakutheni ukuze kwenziwe oku?

Xa sisebenzisa ukhupho olutsha lwesicelo sethu, besifuna ukuqinisekisa ukukhutshwa komthungo, oko kukuthi, ngaphandle kweziphumo ezibonakalayo kubasebenzisi. Oku kwaphunyezwa ngenxa yokuba ukukhutshwa okulandelayo okuhlanganisiweyo kusetyenziswa i-Ansible kwaqengqeleka ukuya emsileni. Apho, abantu ababandakanyekayo ekuhanjisweni banokujonga kwaye baqinisekise ukuba yonke into ilungile: zonke iimethrikhi, amacandelo kunye nezicelo zazisebenza; imibhalo efunekayo iqalisiwe. Kuphela emva kokuba beqinisekile ukuba yonke into ilungile, i-traffic yatshintshwa. Iqale ukuya kwiseva ebikade ingumsila ngaphambili. Kwaye leyo ibiyintloko ngaphambili yahlala ngaphandle kwetrafikhi yabasebenzisi, ngelixa isenayo inguqulelo yangaphambili yesicelo sethu kuyo.

Ke ngoko yayingenamthungo kubasebenzisi. Ngenxa yokuba ukutshintshwa kwenzeka ngoko nangoko, kuba kukutshintsha nje isilinganisi. Ungabuyela umva ngokulula kuguqulelo lwangaphambili ngokutshintsha ngokulula isilinganisi ngasemva. Sinokuqinisekisa ukuba isicelo siyakwazi ukuvelisa nangaphambi kokuba sifumane i-traffic yabasebenzisi, nto leyo yayilula.

Ziziphi iingenelo esizibone kuko konke oku?

  1. Okokuqala, kwanele isebenza nje. Wonke umntu uyayiqonda indlela esisebenza ngayo iskimu sokuthunyelwa, kuba uninzi lwabantu lukhe lwasasazwa kwiiseva eziqhelekileyo eziqhelekileyo.
  2. Oku kwanele ngokuthembeka, ekubeni iteknoloji yokuthunyelwa ilula, ihlolwe ngamawaka eenkampani. Izigidi zeeseva zibekwe ngale ndlela. Kunzima ukwaphula into.
  3. Kwaye ekugqibeleni safumana ukuthunyelwa kweathom. Ukusasazwa okwenzeka ngaxeshanye kubasebenzisi, ngaphandle kwenqanaba elibonakalayo lokutshintsha phakathi kwenguqulelo endala kunye nentsha.

Kodwa siye sabona iintsilelo ezininzi kuyo yonke le nto:

  1. Ukongeza kwindawo yemveliso, indawo yophuhliso, kukho ezinye iindawo. Umzekelo, qa kunye preproduction. Ngelo xesha sasinamaseva amaninzi kunye neenkonzo ezimalunga nama-60. Ngenxa yesi sizathu kwakuyimfuneko kwinkonzo nganye, gcina inguqulelo yamva nje yayo umatshini wenyani. Ngaphezu koko, ukuba ufuna ukuhlaziya amathala eencwadi okanye ukufaka ukuxhomekeka okutsha, kufuneka wenze oku kuzo zonke iindawo. Ukwafuna ukungqamanisa ixesha xa uza kubeka inguqulelo entsha elandelayo yesicelo sakho kunye nexesha apho i-devops isenza useto oluyimfuneko lokusingqongileyo. Kule meko, kulula ukungena kwimeko apho okusingqongileyo kuya kwahluka ngandlel’ ithile kuzo zonke iindawo ngaxeshanye. Ngokomzekelo, kwindawo ye-QA kuya kubakho iinguqulelo ezithile zamathala eencwadi, kwaye kwindawo yokuvelisa kuya kubakho ezahlukeneyo, eziya kubangela iingxaki.
  2. Ubunzima bokuhlaziya abaxhomekeke isicelo sakho. Akuxhomekeke kuwe, kodwa kwelinye iqela. Oko kukuthi, kwiqela le-devops eligcina abancedisi. Kufuneka ubanike umsebenzi ofanelekileyo kunye nenkcazo yento ofuna ukuyenza.
  3. Ngelo xesha, sasikwafuna ukwahlula iimonolith ezinkulu ezinkulu esasinazo zibe ziinkonzo ezincinane ezahlukeneyo, ekubeni sasiqonda ukuba zaziya kubakho ngakumbi nangakumbi. Ngelo xesha, sasisele sinabo ngaphezu kwe-100. Kwinkonzo entsha nganye, kwakuyimfuneko ukudala umatshini omtsha ohlukileyo, owawudinga ukugcinwa kunye nokuthunyelwa. Ukongeza, awufuni imoto enye, kodwa ubuncinane ezimbini. Ukongezwa kuyo yonke le nto yindawo ye-QA. Oku kubangela iingxaki kwaye kwenza kube nzima kuwe ukwakha nokusebenzisa iinkqubo ezintsha. inkqubo entsonkothileyo, ebiza kakhulu kwaye ende.

Ke ngoko, sigqibe kwelokuba kuya kuba lula ngakumbi ukusuka ekuhambiseni oomatshini abaqhelekileyo ukuya ekubekeni izicelo zethu kwisingxobo sedokhi. Ukuba une-docker, udinga inkqubo enokuqhuba isicelo kwiqela, kuba awukwazi nje ukuphakamisa isitya. Ngokwesiqhelo ufuna ukugcina umkhondo wokuba zingaphi izikhongozeli eziphakanyisiweyo ukuze ziphakame ngokuzenzekelayo. Ngesi sizathu, kwafuneka sikhethe inkqubo yolawulo.

Sacinga ixesha elide ukuba yeyiphi esinokuyithatha. Inyani yeyokuba ngelo xesha esi sitaki sokuhanjiswa kwiiseva eziqhelekileyo sasiphelelwe lixesha, kuba babengenazo iinguqulelo zamva nje zeenkqubo zokusebenza. Ngaxa lithile, bekukho neFreeBSD, ebingekho lula ukuyixhasa. Siye saqonda ukuba kufuneka sifudukele kwi-docker ngokukhawuleza. I-devops yethu ijonge amava abo akhoyo kunye nezisombululo ezahlukeneyo kwaye yakhetha inkqubo efana neNomad.

Tshintshela kuNomad

UNomad yimveliso yeHashiCorp. Baziwa nangezinye izisombululo zabo:

Ukusasaza izicelo kwiVM, Nomad kunye neKubernetes

"Ummeli" sisixhobo sokufunyanwa kwenkonzo.

"Terraform" -inkqubo yokulawula amaseva evumela ukuba uwaqwalasele ngokucwangciswa, okubizwa ngokuba yi-infrastructure-as-a-code.

"Phuma" ikuvumela ukuba usebenzise oomatshini benyani ekuhlaleni okanye kwilifu ngokusebenzisa iifayile zoqwalaselo ezithile.

I-Nomad ngelo xesha yayibonakala njengesisombululo esilula esinokutshintshelwa ngokukhawuleza ngaphandle kokutshintsha yonke isiseko. Ukongeza, kulula kakhulu ukufunda. Yiyo loo nto sikhethe yona njengenkqubo yokucoca kwisikhongozeli sethu.

Yintoni oyifunayo ukuthumela inkqubo yakho kuNomad?

  1. Okokuqala kufuneka umfanekiso wedocker isicelo sakho. Kuya kufuneka uyakhe kwaye uyibeke kwindawo yokugcina umfanekiso wedocker. Kwimeko yethu, le yi-artifactory - inkqubo evumela ukuba utyhale iintlobo ezahlukeneyo zeentlobo ezahlukeneyo kuyo. Iyakwazi ukugcina i-archives, imifanekiso ye-docker, iiphakheji ze-PHP yomqambi, iipakethe ze-NPM, njalo njalo.
  2. Kwakhona kufuneka ifayile yoqwalaselo, eya kuxelela uNomad ukuba yintoni, phi kwaye ngoluphi ubungakanani ofuna ukusisebenzisa.

Xa sithetha ngeNomad, isebenzisa ulwimi lwe-HCL njengefomathi yefayile yolwazi, emele Ulwimi loLungiselelo lweHashiCorp. Le yi-superset ye-Yaml ekuvumela ukuba uchaze inkonzo yakho ngokwemiqathango ye-Nomad.

Ukusasaza izicelo kwiVM, Nomad kunye neKubernetes

Ikuvumela ukuba uchaze ukuba zingaphi izikhongozeli ofuna ukuzisebenzisa, ukusuka kweyiphi imifanekiso ukuze ugqithise iiparamitha ezahlukeneyo kubo ngexesha lokuthunyelwa. Ke, uyondla le fayile kuNomad, kwaye ikhupha izikhongozeli kwimveliso ngokutsho kwayo.

Kwimeko yethu, siye safumanisa ukuba ukubhala iifayile ze-HCL ezifanayo ngokupheleleyo kwinkonzo nganye akuyi kuba lula, kuba zininzi iinkonzo kwaye ngamanye amaxesha ufuna ukuzihlaziya. Kwenzeka ukuba inkonzo enye isetyenziswe kungekhona kwimeko enye, kodwa kwiindidi ezahlukeneyo. Umzekelo, enye yeenkqubo esinazo kwimveliso inamathuba angaphezu kwe-100 kwimveliso. Zisebenza kwimifanekiso efanayo, kodwa ziyahluka kwimimiselo yoqwalaselo kunye neefayile zoqwalaselo.

Ke ngoko, sigqibe kwelokuba kuya kuba lula ukuba sigcine zonke iifayile zethu zoqwalaselo ukuze zifakwe kwindawo enye eqhelekileyo. Ngale ndlela zazibonakala: zazilula ukuzigcina kwaye sasibona ukuba zeziphi iinkqubo esinazo. Ukuba kuyimfuneko, kulula ukuhlaziya okanye ukutshintsha into. Ukongeza inkqubo entsha nako akukho nzima - kufuneka wenze ifayile yoqwalaselo ngaphakathi kulawulo olutsha. Ngaphakathi kukho ezi fayile zilandelayo: inkonzo.hcl, equlethe inkcazo yenkonzo yethu, kunye nezinye iifayile ze-env ezivumela le nkonzo kanye, isetyenziswe kwimveliso, ukuba iqwalaselwe.

Ukusasaza izicelo kwiVM, Nomad kunye neKubernetes

Nangona kunjalo, ezinye zeenkqubo zethu zibekwe kwimveliso hayi kwikopi enye, kodwa ezininzi ngaxeshanye. Ke ngoko, sigqibe kwelokuba kuya kuba lula kuthi ukuba singagcini ii-configs kwifom yazo ecocekileyo, kodwa ifom yetemplate. Kwaye sakhetha ijinja 2. Kule fomati, sigcina zombini uqwalaselo lwenkonzo ngokwayo kunye neefayile ze-env ezifunekayo kuyo.

Ukongeza, sibeke kwindawo yokugcina iskripthi sokuhambisa esiqhelekileyo kuzo zonke iiprojekthi, ezikuvumela ukuba uqalise kwaye uthumele inkonzo yakho kwimveliso, kwindawo enqwenelekayo, kwithagethi efunwayo. Kwimeko xa sijike i-HCL yethu kwi-template, emva koko ifayile ye-HCL, ngaphambili yayiyi-config ye-Nomad eqhelekileyo, kulo mzekelo yaqala ukubonakala yahluke kancinane.

Ukusasaza izicelo kwiVM, Nomad kunye neKubernetes

Oko kukuthi, sitshintshe ezinye iindawo eziguquguqukayo zendawo kunye neziguquguqukayo ezifakiwe ezithathwe kwiifayile ze-env okanye eminye imithombo. Ukongeza, sifumene ithuba lokuqokelela iifayile ze-HCL ngamandla, oko kukuthi, asinakusebenzisa kuphela ukufakwa okuguquguqukayo okuqhelekileyo. Ekubeni i-jinja ixhasa iilophu kunye neemeko, ungenza kwakhona iifayile zoqwalaselo apho, ezitshintshayo ngokuxhomekeke ekubeni uzibeke phi na izicelo zakho.

Umzekelo, ufuna ukuhambisa inkonzo yakho kwimveliso yangaphambili kunye nemveliso. Masithi kwimveliso yangaphambili awufuni kuqhuba izikripthi zecron, kodwa ufuna nje ukubona inkonzo kwindawo eyahlukileyo ukuze uqiniseke ukuba iyasebenza. Kuba nabani na ohambisa inkonzo, inkqubo ibonakala ilula kakhulu kwaye icacile. Konke okufuneka ukwenze kukuphumeza ifayile ye-deploy.sh, cacisa ukuba yeyiphi inkonzo ofuna ukuyihambisa kwaye yeyiphi ithagethi. Ngokomzekelo, ufuna ukuhambisa inkqubo ethile eRashiya, eBelarus okanye eKazakhstan. Ukwenza oku, tshintsha ngokulula enye yeeparamitha, kwaye uya kuba nefayile yoqwalaselo echanekileyo.

Xa inkonzo ye-Nomad sele ithunyelwe kwiqela lakho, kubonakala ngathi.

Ukusasaza izicelo kwiVM, Nomad kunye neKubernetes

Okokuqala, udinga uhlobo oluthile lwe-balancer ngaphandle, oluya kufumana yonke i-traffic yabasebenzisi. Iza kusebenza kunye ne-Consul kwaye ifumane kuyo apho, kwiyiphi i-node, kwiyiphi idilesi ye-IP inkonzo ethile ekhoyo ehambelana negama elithile lesizinda. Iinkonzo ku-Consul zivela kuNomad ngokwayo. Kuba ezi mveliso zivela kwinkampani enye, zihlobene kakhulu. Sinokuthi uNomad ngaphandle kwebhokisi unokubhalisa zonke iinkonzo eziqaliswe kuyo ngaphakathi kwe-Consul.

Nje ukuba i-balancer yakho yesiphelo sangaphambili isazi ukuba yeyiphi inkonzo omayithumele kuyo itrafikhi, iyithumela kwisikhongozeli esifanelekileyo okanye izikhongozeli ezininzi ezihambelana nesicelo sakho. Ngokwemvelo, kuyafuneka ukuba ucinge ngokhuseleko. Nangona zonke iinkonzo zisebenza koomatshini abafanayo abakwizikhongozeli, oku kufuna ukuthintela ukufikelela simahla kuyo nayiphi na inkonzo ukuya kuyo nayiphi na enye. Oku sikufezekise ngokwahlulahlula. Inkonzo nganye yasungulwa kuthungelwano lwayo lwenyani, apho imithetho yendlela kunye nemithetho yokuvumela/ukwala ukufikelela kwezinye iinkqubo kunye neenkonzo zamiselwa. Zinokufumaneka zombini ngaphakathi kweli qela nangaphandle kwalo. Umzekelo, ukuba ufuna ukuthintela inkonzo ekuqhagamsheleni kwisiseko sedatha ethile, oku kunokwenziwa ngolwahlulo lwenqanaba lenethiwekhi. Oko kukuthi, nangempazamo, awukwazi ukudibanisa ngengozi ukusuka kwindawo yovavanyo ukuya kwisiseko sedatha yakho yemveliso.

Inguquko iye yasixabisa malini malunga nobutyebi boluntu?

Utshintsho lwenkampani yonke ukuya kuNomad luthathe malunga neenyanga ezi-5-6. Siye sahamba ngenkonzo-ngenkonzo, kodwa ngesantya esikhawulezayo. Iqela ngalinye kwafuneka lenze izikhongozeli zalo zeenkonzo.

Siye samkela indlela enjalo yokuba iqela ngalinye linoxanduva lwemifanekiso ye-docker yeenkqubo zabo ngokuzimeleyo. I-DevOps ibonelela ngeziseko ezingundoqo eziyimfuneko zokuthunyelwa, oko kukuthi, inkxaso yeqela ngokwayo, inkxaso yenkqubo yeCI, njalo njalo. Kwaye ngelo xesha, sasineenkqubo ezingaphezu kwama-60 ezifuduselwe eNomad, ezifikelela kwii-container ezingamawaka amabini.

I-Devops inoxanduva lweziseko ezingundoqo zayo yonke into enxulumene nokuthunyelwa kunye neeseva. Kwaye iqela ngalinye lophuhliso, ngokulandelayo, linoxanduva lokuphumeza izikhongozeli zenkqubo yalo ethile, kuba liqela elaziyo into eliyidinga ngokubanzi kwisingxobo esithile.

Izizathu zokulahla uNomad

Ziziphi izibonelelo esizifumeneyo ngokutshintshela ekuhanjisweni kusetyenziswa i-Nomad kunye ne-docker, phakathi kwabanye?

  1. Siyiyo kunikwe iimeko ezilinganayo kuzo zonke iindawo. Ekuphuhlisweni, indawo ye-QA, ukuveliswa kwangaphambili, imveliso, imifanekiso yesikhongozeli efanayo isetyenziswa, kunye nokuxhomekeka okufanayo. Ngokufanelekileyo, awunalo ithuba lokuba oko kuya kuphelela kwimveliso ayisiyiyo le ubuyivavanye ngaphambili ekuhlaleni okanye kwindawo yakho yovavanyo.
  2. Siphinde safumanisa ukuba kwanele kulula ukongeza inkonzo entsha. Ukusuka kwindawo yokujonga, naziphi na iinkqubo ezintsha ziqaliswa ngokulula kakhulu. Yiya nje kwindawo yokugcina egcina uqwalaselo, yongeza olunye uqwalaselo lwesixokelelwano sakho apho, kwaye ulungile. Ungathumela inkqubo yakho kwimveliso ngaphandle kwemizamo eyongezelelweyo evela kwi-devops.
  3. bonke iifayile zoqwalaselo kwindawo eyodwa yokugcina kwavela ukuba kuphononongwa. Ngexesha xa sihambisa iinkqubo zethu sisebenzisa iiseva ezibonakalayo, sasebenzisa i-Ansible, apho ulungelelwaniso lwalukuvimba omnye wogcino. Nangona kunjalo, kubaphuhlisi abaninzi oku bekunzima kakhulu ukusebenza nabo. Apha umthamo woqwalaselo kunye nekhowudi ofuna ukuyongeza ukuhambisa inkonzo ibe ncinane kakhulu. Kwaye, kulula kakhulu kwi-devops ukuyilungisa okanye ukuyitshintsha. Kwimeko yotshintsho, umzekelo, kwinguqulelo entsha yeNomad, banokuthatha kwaye bahlaziye ngobuninzi zonke iifayile zokusebenza ezibekwe kwindawo enye.

Kodwa siye sadibana nezinto ezininzi ezingalunganga:

Kwavela ukuba thina ayikwazanga ukuphumeza usasazo olungenamthungo kwimeko kaNomad. Xa kuqengqeleka izikhongozeli phantsi kweemeko ezahlukeneyo, kunokuvela ukuba kuyasebenza, kwaye uNomad wayibona njengesitya esilungele ukufumana izithuthi. Oku kwenzeke phambi kokuba isicelo esingaphakathi sifumane ithuba lokuyisungula. Ngenxa yesi sizathu, inkqubo yaqala ukuvelisa iimpazamo ze-500 ixesha elifutshane, kuba i-traffic yaqala ukuya kwisitya esasingekakulungeli ukuyamkela.

Sadibana nabanye bugs. Eyona mpazamo ibalulekileyo kukuba uNomad akaliphathi kakuhle iqela elikhulu ukuba uneenkqubo ezininzi kunye nezikhongozeli. Xa ufuna ukukhupha enye yeeseva ezibandakanyiweyo kwiqela le-Nomad lokugcinwa, kukho amathuba aphezulu okuba iqela aliyi kuziva lilungile kwaye liya kuwa. Ezinye izikhongozeli zinokuthi, umzekelo, ziwe kwaye zingavuki - oku kuyakuxabisa kakhulu kamva ukuba zonke iinkqubo zakho zemveliso zibekwe kwiqela elilawulwa nguNomad.

Ngoko sagqiba ekubeni sicinge ngendawo esifanele siye kuyo. Ngelo xesha, siye sazazi ngakumbi izinto esasifuna ukuzifumana. Oko kukuthi: sifuna ukuthembeka, imisebenzi encinci kunoNomad ibonelela, kunye nenkqubo ekhulileyo, ezinzileyo.

Kule nkalo, ukhetho lwethu lwawela kwi-Kubernetes njengelona qonga lidumileyo lokusungula amaqela. Ingakumbi xa kujongwa ukuba ubungakanani kunye nenani leekhonteyina zethu zazinkulu ngokwaneleyo. Ngeenjongo ezinjalo, i-Kubernetes ibonakala iyeyona nkqubo ifanelekileyo esinokuyijonga.

Inguqu ukuya Kubernetes

Ndiza kukuxelela kancinci malunga neengqikelelo ezisisiseko zeKubernetes kunye nendlela eyahluke ngayo kuNomad.

Ukusasaza izicelo kwiVM, Nomad kunye neKubernetes

Okokuqala, eyona ngcamango isisiseko kwi-Kubernetes ngumbono we-pod. IPod liqela lesikhongozeli esinye okanye ngaphezulu ezihlala zibaleka kunye. Kwaye bahlala besebenza ngokungathi ngokungqongqo kumatshini omnye wenyani. Ziyakwazi ukufikelela omnye komnye nge IP 127.0.0.1 kumazibuko ahlukeneyo.

Makhe sicinge ukuba unesicelo se-PHP esibandakanya i-nginx kunye ne-php-fpm-inkqubo yakudala. Okunokwenzeka, uya kufuna ukugcina zombini izikhongozeli ze-nginx kunye ne-php-fpm kunye ngamaxesha onke. I-Kubernetes ikuvumela ukuba ufezekise oku ngokubachaza njengepod enye eqhelekileyo. Yile nto kanye besingenakuyifumana noNomad.

Ingcamango yesibini ithi ukuthunyelwa. Inyani kukuba i-pod ngokwayo yinto ephemeral; iqala kwaye inyamalale. Ngaba ufuna ukubulala zonke izikhongozeli zakho zangaphambili kuqala, kwaye emva koko uqalise iinguqulelo ezintsha kanye, okanye ufuna ukuzikhupha kancinci? Ichaza indlela ohambisa ngayo iipods zakho, ngowuphi ubungakanani kunye nendlela yokuzihlaziya.

Ingcamango yesithathu ithi inkonzo. Inkonzo yakho ngenene yinkqubo yakho, efumana itrafikhi ethile kwaye emva koko iyithumele kwipod enye okanye ngaphezulu ehambelana nenkonzo yakho. Oko kukuthi, kukuvumela ukuba uthethe ukuba zonke izithuthi ezingenayo kwinkonzo enjalo kunye negama elinjalo kufuneka lithunyelwe kule mibhobho ethile. Kwaye kwangaxeshanye ikubonelela ngetrafikhi balancing. Oko kukuthi, unokuqalisa ii-pods ezimbini zesicelo sakho, kwaye zonke iitrafikhi ezingenayo ziya kulungelelaniswa ngokulinganayo phakathi kweepods ezinxulumene nale nkonzo.

Kwaye ingcamango yesine esisiseko Ingress. Le yinkonzo eqhuba kwiqela leKubernetes. Isebenza njengomlinganisi womthwalo wangaphandle othatha zonke izicelo. Ukusebenzisa i-Kubernetes API, i-Ingress inokugqiba apho ezi zicelo kufuneka zithunyelwe. Ngaphezu koko, ukwenza oku ngokuguquguqukayo kakhulu. Unokuthi zonke izicelo kulo mamkeli kunye ne-URL enjalo ithunyelwa kule nkonzo. Kwaye ezi zicelo ziza kulo mamkeli nakwenye i-URL zithunyelwa kwenye inkonzo.

Eyona nto ipholileyo ukusuka kwindawo yokujonga umntu ophuhlisa isicelo kukuba uyakwazi ukulawula yonke into ngokwakho. Ngokucwangcisa i-Ingress config, ungathumela zonke iitrafikhi eziza kwi-API enjalo ukwahlula izikhongozeli ezibhaliweyo, umzekelo, kwi-Go. Kodwa le traffic, iza kwi-domain efanayo, kodwa kwi-URL eyahlukileyo, kufuneka ithunyelwe kwiibhokisi ezibhalwe kwi-PHP, apho kukho ingqiqo eninzi, kodwa ayikhawulezi kakhulu.

Ukuba sithelekisa zonke ezi ngqikelelo kunye noNomad, sinokuthi iikhonsepthi ezintathu zokuqala zizonke kunye Inkonzo. Kwaye ingcamango yokugqibela ayikho kuNomad ngokwayo. Sisebenzise i-balancer yangaphandle njengayo: ingaba yi-haproxy, nginx, nginx +, njalo njalo. Kwimeko yetyhubhu, awudingi ukwazisa le ngcamango eyongezelelweyo ngokwahlukileyo. Nangona kunjalo, ukuba ujonga i-Ingress ngaphakathi, mhlawumbi i-nginx, i-haproxy, okanye i-traefik, kodwa uhlobo olwakhiwe kwi-Kubernetes.

Zonke iingqikelelo endizichazile, enyanisweni, zizixhobo ezikhoyo ngaphakathi kweqela leKubernetes. Ukuzichaza kwityhubhu, ifomati yeyaml isetyenziswa, efundeka ngakumbi kwaye iqhelekile kuneefayile zeHCL kwimeko yeNomad. Kodwa ngokwesakhiwo bachaza into efanayo kwimeko, umzekelo, i-pod. Bathi-ndifuna ukuhambisa iipods ezinje nezinje apho, kunye nemifanekiso enjalo, kwizinto ezinjalo kunye nezininzi.

Ukusasaza izicelo kwiVM, Nomad kunye neKubernetes

Ukongezelela, siye saqonda ukuba asifuni ukudala isibonelelo somntu ngamnye ngesandla: ukuthunyelwa, iinkonzo, i-Ingress, njl. Endaweni yoko, besifuna ukuchaza nganye yeenkqubo zethu ngokwemigaqo ye-Kubernetes ngexesha lokuthunyelwa, ukuze singaze siphinde siphinde siphinde siphinde siphinde sizenzele zonke izinto ezixhomekeke kwizibonelelo ngendlela efanelekileyo. UHelm wakhethwa njengenkqubo eyasivumela ukuba senze oku.

Iingqiqo ezisisiseko kwiHelm

Helm nguye umphathi wepakethe ye Kubernetes. Ifana kakhulu nendlela abaphathi bepakethe kwiilwimi zenkqubo abasebenza ngayo. Zikuvumela ukuba ugcine inkonzo equlathe, umzekelo, ukusasazwa kwe nginx, ukusasazwa kwe php-fpm, config for Ingress, configmaps (eli liqumrhu elikuvumela ukuba usete i-env kunye nezinye iiparameters zesixokelelwano sakho) ngendlela yoku- ebizwa ngokuba ziitshathi. Kwangaxeshanye Helm ibaleka phezu kweKubernetes. Oko kukuthi, olu asilulo uhlobo lwenkqubo emi ecaleni, kodwa enye nje inkonzo eqaliswe ngaphakathi kwityhubhu. Usebenzisana nayo nge-API yayo ngomyalelo weconsole. Ukulungeleka kwayo kunye nobuhle kukuba nokuba i-helm iyaphuka okanye uyisuse kwiqela, iinkonzo zakho aziyi kunyamalala, kuba i-helm isebenza kuphela ukuqala inkqubo. I-Kubernetes ngokwayo inoxanduva lokusebenza kunye nemeko yeenkonzo.

Nathi sayiqonda loo nto itemplates, esiye sanyanzeliswa ngaphambili ukuba sizenzele ngokuzisa i-jinja kwi-configs yethu, yenye yezona zinto zibalulekileyo ze-helm. Zonke izicwangciso ozenzayo kwiisistim zakho zigcinwe kwi-helm ngendlela yeetemplates, ifana kancinane nejinja, kodwa, eneneni, usebenzisa itemplate yolwimi lweGo, apho ihelm ibhalwe khona, njengeKubernetes.

IHelm yongeza ezinye iikhonsepthi ezimbalwa kuthi.

chart - le yinkcazo yenkonzo yakho. Kwabanye abaphathi bephakheji iya kubizwa ngokuba yiphakheji, inyanda okanye into efanayo. Apha ibizwa ngokuba yitshathi.

Iimilinganiselo zizinto eziguquguqukayo ofuna ukuzisebenzisa ukwakha uqwalaselo lwakho olusuka kwitemplates.

khulula. Ngalo lonke ixesha inkonzo esetyenziswa kusetyenziswa ihelm ifumana inguqulelo eyongeziweyo yokukhululwa. UHelm ukhumbula ukuba yeyiphi i-config yenkonzo ekukhutshweni kwangaphambili, ukukhululwa ngaphambi koko, njalo njalo. Ke ngoko, ukuba ufuna ukubuyisela umva, vele usebenzise ihelm callback umyalelo, ukhomba kuguqulelo lwangaphambili lokukhululwa. Nokuba uqwalaselo oluhambelanayo kwindawo yakho yokugcina alufumaneki ngexesha lokubuyela umva, ihelm isakhumbula ukuba ibiyintoni kwaye izakubuyisela umva inkqubo yakho kwimeko ebikuyo kukhupho lwangaphambili.

Kwimeko xa sisebenzisa i-helm, i-configs rhoqo ye-Kubernetes iphinda iguquke ibe yitemplates apho kunokwenzeka ukusebenzisa izinto eziguquguqukayo, imisebenzi, kunye nokusebenzisa iingxelo ezinemiqathango. Ngale ndlela unokuqokelela uqwalaselo lwakho lwenkonzo ngokuxhomekeke kwimeko-bume.

Ukusasaza izicelo kwiVM, Nomad kunye neKubernetes

Ngokuziqhelanisa, sigqibe kwelokuba senze izinto ngokwahlukileyo kunoko sasisenza noNomad. Ukuba kwi-Nomad zombini uhlengahlengiso lokusasazwa kunye nee-n-variables ezifunekayo ukuhambisa inkonzo yethu zigcinwe kwindawo yogcino olunye, apha sigqibe kwelokuba sizahlule zibe ziindawo ezimbini ezahlukeneyo. Indawo yokugcina "deploy" igcina kuphela ii-n-variables ezifunekayo ukuze kusetyenziswe, kunye ne-"helm" yokugcina igcina i-configs okanye iitshathi.

Ukusasaza izicelo kwiVM, Nomad kunye neKubernetes

Isinike ntoni le nto?

Ngaphandle kwenyani yokuba asigcini nayiphi na idatha ebuthathaka ngokwenene kwiifayile zoqwalaselo ngokwazo. Umzekelo, amagama agqithisiweyo kwiziko ledatha. Zigcinwe njengeemfihlo kwi-Kubernetes, kodwa nangona kunjalo, kusekho izinto ezithile apho esingafuni ukunika wonke umntu ukufikelela kuzo. Ngoko ke, ukufikelela kwindawo yokugcina "deploy" kuncinci, kwaye indawo yokugcina "helm" iqulethe inkcazo yenkonzo. Ngenxa yesi sizathu, inokufikelelwa ngokukhuselekileyo luluhlu olubanzi lwabantu.

Ekubeni asinayo imveliso kuphela, kodwa kunye nezinye iindawo, ngenxa yolu kwahlukana sinokuphinda sisebenzise iitshathi zethu ze-helm ukuhambisa iinkonzo kungekhona nje kwimveliso, kodwa kwakhona, umzekelo, kwindawo ye-QA. Nokuba ukusasazwa kwabo ekuhlaleni usebenzisa IMinikube -Le yinto yokuqhuba iKubernetes ekuhlaleni.

Kuvimba ngamnye, sashiya icandelo laba ziincwadi ezahlukeneyo zenkonzo nganye. Oko kukuthi, ngaphakathi kuluhlu ngalunye kukho iitemplates ezinxulumene netshathi ehambelanayo kwaye ichaza izibonelelo ekufuneka zisetyenziselwe ukusungula inkqubo yethu. Sishiye kuphela i-envs kwindawo yokugcina "yokusasaza". Kule meko, asizange sisebenzise i-templates usebenzisa i-jinja, kuba i-helm ngokwayo ibonelela nge-templates ngaphandle kwebhokisi - lo ngomnye wemisebenzi yayo ephambili.

Sishiye iskripthi sokusasaza - deploy.sh, esenza lula kwaye sibeke emgangathweni ukuqaliswa kokusasazwa kusetyenziswa ihelm. Ke, kuye nabani na ofuna ukuthumela, i-interface yokuhanjiswa ijongeka ngendlela efanayo naleyo yayisenza ngayo xa kuthunyelwa nge-Nomad. I-deploy.sh efanayo, igama lenkonzo yakho, kunye nalapho ufuna ukuyibeka khona. Oku kubangela ukuba ihelm iqalise ngaphakathi. Yona, yona, iqokelela uqwalaselo kwiitemplates, ifaka amaxabiso afunekayo efayile kuzo, emva koko iwabeke, iwazise kwiKubernetes.

ezifunyanisiweyo

Inkonzo ye-Kubernetes ibonakala inzima ngakumbi kune-Nomad.

Ukusasaza izicelo kwiVM, Nomad kunye neKubernetes

Apha itrafikhi ephumayo iza kwi-Ingress. Lo ngumlawuli wangaphambili, othatha zonke izicelo kwaye emva koko uzithumele kwiinkonzo ezihambelana nedatha yesicelo. Ibamisela ngokusekelwe kuqwalaselo oluyinxalenye yenkcazelo yesicelo sakho kwihelm kwaye ngabaphi abaphuhlisi abaseta ngokwabo. Inkonzo ithumela izicelo kwiipods zayo, oko kukuthi, izikhongozeli ezithile, ukulinganisa i-traffic engenayo phakathi kwazo zonke izikhongozeli zale nkonzo. Kwaye, ngokuqinisekileyo, akufanele sikhohlwe ukuba asifanele sihambe naphi na ukhuseleko kwinqanaba lenethiwekhi. Ke ngoko, ulwahlulo lusebenza kwiqela leKubernetes, esekwe kwithegi. Zonke iinkonzo zinethegi ezithile apho amalungelo okufikelela kwiinkonzo kwezinye izixhobo zangaphandle/zangaphakathi ngaphakathi okanye ngaphandle kweqela zinxulunyaniswa.

Njengoko sasisenza utshintsho, sabona ukuba uKubernetes wayenawo onke amandla kaNomad, esasikhe sawasebenzisa ngaphambili, kwaye songeza izinto ezininzi ezintsha. Inokwandiswa ngeeplagi, kwaye enyanisweni ngeentlobo zemithombo yesiko. Oko kukuthi, unethuba lokungasebenzisi nje into eza noKubernetes ngaphandle kwebhokisi, kodwa ukwenza eyakho isibonelelo kunye nenkonzo eya kufunda uvimba wakho. Oku kukunika iinketho ezongezelelweyo zokwandisa inkqubo yakho ngaphandle kokuphinda ufake i-Kubernetes kwaye ngaphandle kokufuna uhlengahlengiso.

Umzekelo wokusetyenziswa okunjalo yiPrometheus, eqhuba ngaphakathi kweqela lethu leKubernetes. Ukuze iqalise ukuqokelela iimethrikhi kwinkonzo ethile, kufuneka songeze uhlobo olongezelelweyo lomthombo, okubizwa ngokuba ngumlindi wenkonzo, kwinkcazo yenkonzo. I-Prometheus, ngenxa yokuba inokufunda uhlobo lomthombo wesiko xa iqaliswe kwi-Kubernetes, iqala ngokuzenzekelayo ukuqokelela i-metrics kwinkqubo entsha. Iluncedo kakhulu.

Ukuthunyelwa kokuqala esikwenzileyo eKubernetes kwakungoMatshi ka-2018. Kwaye ngeli xesha asizange sibe nazo naziphi na iingxaki ngayo. Isebenza ngokuzinzileyo ngaphandle kweempazamo ezibalulekileyo. Ukongeza, sinokuyandisa ngakumbi. Namhlanje sinezakhono ezaneleyo, kwaye siyithanda kakhulu isantya sophuhliso lweKubernetes. Okwangoku, ngaphezulu kwe-3000 yeekhonteyina eziseKubernetes. Iqela lithatha iiNodes ezininzi. Kwangaxeshanye, iyasebenziseka, izinzile kwaye iyalawuleka kakhulu.

umthombo: www.habr.com

Yongeza izimvo