Xa uqala ngeKubernetes, kuyinto eqhelekileyo ukulibala malunga nokuseta izixhobo zesikhongozeli. Ngeli xesha, kwanele ukuqinisekisa ukuba umfanekiso weDocker uyasebenza kwaye unokuthunyelwa kwiqela leKubernetes.
Kodwa kamva isicelo kufuneka sibekwe kwiqela lemveliso kunye nezinye izicelo. Ukwenza oku, kufuneka unikeze izibonelelo zesikhongozeli kwaye uqiniseke ukuba zanele ukufumana isicelo kwaye sisebenze, kwaye ezinye izicelo ezisebenzayo aziyi kufumana iingxaki.
Iqela iguqulelwe inqaku malunga nezixhobo zesikhongozeli (CPU & MEM), izicelo kunye nokunciphisa izixhobo. Uya kufunda izibonelelo zezi setingi kwaye kwenzeka ntoni ukuba awuzicwangcisi.
Izixhobo zekhompyutha
Sineentlobo ezimbini zezibonelelo ezineeyunithi ezilandelayo:
- Iyunithi yokucubungula ephakathi (CPU) - ii-cores;
- Imemori (MEM) - bytes.
Izibonelelo zichaziwe kwisikhongozeli ngasinye. Kwifayile elandelayo yePod YAML, uya kubona icandelo lesixhobo eliqulathe izixhobo eziceliweyo kunye nomda wemithombo:
- Izixhobo zePod eziceliweyo = isixa sezibonelelo eziceliweyo zazo zonke izikhongozeli;
- I-Pod Resource Limit = Isimbuku sayo yonke iMida yeZibonelelo zePod.
apiVersion: v1
kind: Pod
metadata:
name: backend-pod-name
labels:
application: backend
spec:
containers:
β name: main-container
image: my-backend
tag: v1
ports:
β containerPort: 8080
resources:
requests:
cpu: 0.2 # REQUESTED CPU: 200m cores
memory: "1Gi" # REQUESTED MEM: 1Gi
limits:
cpu: 1 # MAX CPU USAGE: 1 core
memory: "1Gi" # MAX MEM USAGE: 1Gi
β name: other-container
image: other-app
tag: v1
ports:
β containerPort: 8000
resources:
requests:
cpu: "200m" # REQUESTED CPU: 200m cores
memory: "0.5Gi" # REQUESTED MEM: 0.5Gi
limits:
cpu: 1 # MAX CPU USAGE: 1 core
memory: "1Gi" # MAX MEM USAGE: 1GiUmzekelo weZibonelelo eziceliweyo nezinyiniweyo
Intsimi resources.requested ukusuka kwi-Specification Pod yenye yezinto ezisetyenziselwa ukufumana indawo efunekayo. Usenokucwangcisa ukuthunyelwa kwePod kuyo. Uyifumana njani i-node efanelekileyo?
I-Kubernetes iqulathe amacandelo amaninzi, kuquka i-master node okanye i-master node (I-Kubernetes Control Plane). I-master node ineenkqubo ezininzi: kube-apiserver, kube-controller-manager kunye ne-kube-scheduler.
Inkqubo ye-kube-scheduler inoxanduva lokuphonononga ii-pods ezisanda kwenziwa kunye nokufumana iindawo zabasebenzi ezinokubakho ezihambelana nazo zonke izicelo ze-pod, kubandakanya nenani lezibonelelo eziceliweyo. Uluhlu lweendawo ezifunyenwe ngukube-umcwangcisi ubekwe kwindawo. I-pod icwangciswe kwi-node kunye namanqaku aphezulu.
Izakubekwa phi iPod emfusa?
Kumfanekiso uyabona ukuba kube-umcwangcisi kufuneka acwangcise iPod entsha emfusa. Iqela le-Kubernetes liqulethe ii-nodes ezimbini: A kunye no-B. Njengoko ubona, i-kube-scheduler ayikwazi ukucwangcisa i-Pod kwi-node A - izixhobo ezikhoyo (ezingacelwanga) azihambelani nezicelo zePod emfusa. Ngoko ke, imemori ye-1 GB eceliwe yiPod emfusa ayiyi kungena kwi-node A, ekubeni imemori ekhoyo yi-0,5 GB. Kodwa i-node B inemithombo eyaneleyo. Ngenxa yoko, i-kube-scheduler ithatha isigqibo sokuba indawo ekuya kuyo iPod emfusa yinode B.
Ngoku siyazi ukuba izixhobo eziceliweyo zichaphazela njani ukhetho lwe-node yokuqhuba iPod. Kodwa yintoni impembelelo yemithombo ephantsi?
Umda wesixhobo ngumda apho i-CPU/MEM ayinakuwuwela. Nangona kunjalo, umthombo we-CPU uguquguqukayo, ngoko ke izikhongozeli ezifikelela kwimida yazo ye-CPU aziyi kubangela ukuba iPod iphume. Endaweni yoko, i-CPU throttling iya kuqala. Ukuba umda wosetyenziso lwe-MEM ufikelelwe, isikhongozeli siyakuyekwa ngenxa ye-OOM-Killer kwaye iphinde iqalwe ukuba ivunyelwe yiRestartPolicy isicwangciso.
Izibonelelo eziceliweyo kunye nezona nkcukacha zininzi
Unxibelelwano lwezixhobo phakathi kweDocker kunye neKubernetes
Eyona ndlela ilungileyo yokuchaza ukuba izicelo zezibonelelo kunye nemida yemithombo zisebenza njani kukwazisa ubudlelwane phakathi kukaKubernetes kunye neDocker. Kulo mfanekiso ungasentla unokubona indlela amasimi e-Kubernetes kunye neeflegi zokuqalisa ze-Docker ezinxulumene.
Imemori: isicelo kunye nokunciphisa
containers:
...
resources:
requests:
memory: "0.5Gi"
limits:
memory: "1Gi"
Njengoko kukhankanyiwe ngasentla, imemori ilinganiswa ngee-bytes. Ngenxa ye , singakhankanya inkumbulo njengenani. Ngokuqhelekileyo yinani elipheleleyo, umzekelo 2678 - oko kukuthi, 2678 bytes. Unokusebenzisa izimamva G ΠΈ Gi, into ephambili kukukhumbula ukuba azilingani. Eyokuqala yidesimali kwaye eyesibini ibini. Njengomzekelo okhankanywe kuxwebhu lwe-k8s: 128974848, 129e6, 129M, 123Mi - ziyalingana ngokwenyani.
Kubernetes ukhetho limits.memory ihambelana neflegi --memory ukusuka eDocker. Mhlawumbi ku request.memory Akukho lutolo lweDocker kuba iDocker ayisebenzisi le ndawo. Unokubuza, ngaba oku kuyimfuneko? Ewe kufuneka. Njengoko benditshilo ngaphambili, intsimi ibalulekile kwiKubernetes. Ngokusekwe kulwazi olusuka kuyo, kube-umcwangcisi wenza isigqibo sokuba yeyiphi indawo yokucwangcisa iPod.
Kwenzeka ntoni ukuba usete inkumbulo enganelanga kwisicelo?
Ukuba isitya sifikelele kwimida yememori eceliweyo, ke iPod ibekwe kwiqela lePods eziyekayo xa kungekho memori eyaneleyo kwi-node.
Kwenzeka ntoni ukuba useta umda wememori uphantsi kakhulu?
Ukuba isikhongozeli sigqithise umda wememori, siya kupheliswa ngenxa ye-OOM-Killed. Kwaye iyakuqala kwakhona ukuba kuyenzeka ngokusekwe kwiRestartPolicy apho ixabiso elingagqibekanga likhona Always.
Kwenzeka ntoni ukuba awuyikhankanyi inkumbulo eceliweyo?
I-Kubernetes iyakuthatha ixabiso lomda kwaye ilisete njengexabiso elingagqibekanga.
Kwenzeka ntoni ukuba awukhankanyi umda wenkumbulo?
Isikhongozeli asinazithintelo; inokusebenzisa inkumbulo eninzi njengoko ifuna. Ukuba uqala ukusebenzisa yonke inkumbulo ekhoyo ye-node, ngoko i-OOM iya kumbulala. Isikhongozeli siyakuthi ke siphinde siqaliswe ukuba kunokwenzeka ngokusekwe kwiRestartPolicy.
Kwenzeka ntoni ukuba awuyikhankanyi imida yememori?
Le yeyona meko imbi kakhulu: umcwangcisi akazi ukuba zingaphi izixhobo ezifunwa yisikhongozeli, kwaye oku kunokubangela iingxaki ezinzulu kwindawo. Kulo mzekelo, kuya kuba kuhle ukuba nemida engagqibekanga kwisithuba segama (imiselwe nguLimitRange). Akukho mida engagqibekanga - iPod ayinayo imida, inokusebenzisa imemori eninzi njengoko ifuna.
Ukuba imemori eceliweyo ingaphezulu kwenode inokunikezela, iPod ayisayi kucwangciswa. Kubalulekile ukukhumbula oko Requests.memory - hayi elona xabiso liphantsi. Le yinkcazo yobungakanani bememori eyaneleyo ukugcina isikhongozeli siqhuba ngokuqhubekayo.
Ngokuqhelekileyo kuyacetyiswa ukuba usete ixabiso elifanayo request.memory ΠΈ limit.memory. Oku kuqinisekisa ukuba i-Kubernetes ayiyi kucwangcisa iPod kwi-node enememori eyaneleyo yokuqhuba iPod kodwa ayanele ukuyiqhuba. Gcina ukhumbula: Ukucwangcisa i-Kubernetes Pod kuthathela ingqalelo kuphela requests.memory, kwaye limits.memory ayithatheli ngqalelo.
CPU: isicelo kunye nomda
containers:
...
resources:
requests:
cpu: 1
limits:
cpu: "1200m"
Nge-CPU yonke into inzima ngakumbi. Ukubuyela kumfanekiso wobudlelwane phakathi kukaKubernetes kunye neDocker, uyayibona loo nto request.cpu ΡΠΎΠΎΡΠ²Π΅ΡΡΡΠ²ΡΠ΅Ρ --cpu-shares, kanti limit.cpu ihambelana neflegi cpus kwiDocker.
I-CPU ecelwa nguKubernetes iphindaphindwe ngo-1024, umlinganiselo wemijikelo ye-CPU. Ukuba ufuna ukucela i-1 engundoqo epheleleyo, kufuneka udibanise cpu: 1njengoko kubonisiwe ngasentla.
Ukucela i-kernel epheleleyo (umlinganiselo = 1024) akuthethi ukuba isingxobo sakho siya kuyifumana. Ukuba umatshini wakho wokusingatha unondoqo omnye kwaye usebenzisa ngaphezulu kwesikhongozeli esinye, ke zonke izikhongozeli kufuneka zabelane nge-CPU ekhoyo phakathi kwazo. Kwenzeka njani oku? Makhe sijonge umfanekiso.
Isicelo seCPU-Inkqubo yeNqanaba enye
Makhe sicinge ukuba unenkqubo yokusingatha enye engundoqo eqhuba izikhongozeli. Umama (Kubernetes) wabhaka i-pie (CPU) kwaye ufuna ukuyahlula phakathi kwabantwana (izikhongozeli). Abantwana abathathu bafuna ipayi epheleleyo (umlinganiselo = 1024), omnye umntwana ufuna isiqingatha sepayi (512). Umama ufuna ukuba nobulungisa kwaye wenza izibalo ezilula.
# Π‘ΠΊΠΎΠ»ΡΠΊΠΎ ΠΏΠΈΡΠΎΠ³ΠΎΠ² Ρ
ΠΎΡΡΡ Π΄Π΅ΡΠΈ?
# 3 ΡΠ΅Π±Π΅Π½ΠΊΠ° Ρ
ΠΎΡΡΡ ΠΏΠΎ ΡΠ΅Π»ΠΎΠΌΡ ΠΏΠΈΡΠΎΠ³Ρ ΠΈ Π΅ΡΠ΅ ΠΎΠ΄ΠΈΠ½ Ρ
ΠΎΡΠ΅Ρ ΠΏΠΎΠ»ΠΎΠ²ΠΈΠ½Ρ ΠΏΠΈΡΠΎΠ³Π°
cakesNumberKidsWant = (3 * 1) + (1 * 0.5) = 3.5
# ΠΡΡΠ°ΠΆΠ΅Π½ΠΈΠ΅ ΠΏΠΎΠ»ΡΡΠ°Π΅ΡΡΡ ΡΠ°ΠΊ:
3 (ΡΠ΅Π±Π΅Π½ΠΊΠ°/ΠΊΠΎΠ½ΡΠ΅ΠΉΠ½Π΅ΡΠ°) * 1 (ΡΠ΅Π»ΡΠΉ ΠΏΠΈΡΠΎΠ³/ΠΏΠΎΠ»Π½ΠΎΠ΅ ΡΠ΄ΡΠΎ) + 1 (ΡΠ΅Π±Π΅Π½ΠΎΠΊ/ΠΊΠΎΠ½ΡΠ΅ΠΉΠ½Π΅Ρ) * 0.5 (ΠΏΠΎΠ»ΠΎΠ²ΠΈΠ½Π° ΠΏΠΈΡΠΎΠ³Π°/ΠΏΠΎΠ»ΠΎΠ²ΠΈΠ½Π° ΡΠ΄ΡΠ°)
# Π‘ΠΊΠΎΠ»ΡΠΊΠΎ ΠΏΠΈΡΠΎΠ³ΠΎΠ² ΠΈΡΠΏΠ΅ΡΠ΅Π½ΠΎ?
availableCakesNumber = 1
# Π‘ΠΊΠΎΠ»ΡΠΊΠΎ ΠΏΠΈΡΠΎΠ³Π° (ΠΌΠ°ΠΊΡΠΈΠΌΠ°Π»ΡΠ½ΠΎ) Π΄Π΅ΡΠΈ ΡΠ΅Π°Π»ΡΠ½ΠΎ ΠΌΠΎΠ³ΡΡ ΠΏΠΎΠ»ΡΡΠΈΡΡ?
newMaxRequest = 1 / 3.5 =~ 28%Ngokusekelwe ekubaleni, abantwana abathathu baya kufumana i-28% ye-core, kwaye kungekhona yonke ingundoqo. Umntwana wesine uya kufumana i-14% ye-kernel epheleleyo, kungekhona isiqingatha. Kodwa izinto ziya kwahluka ukuba une-multi-core system.
Isicelo se-CPU-Inkqubo ye-Multi-Core (4).
Kulo mfanekiso ungasentla ungabona ukuba abantwana abathathu bafuna i-pie yonke, kwaye omnye ufuna isiqingatha. Kuba umama ubhake iipayi ezine, ngamnye kubantwana bakhe uya kufumana ezininzi kangangoko efuna. Kwinkqubo ye-multi-core, izibonelelo zeprosesa zisasazwa kuzo zonke ii-processor cores ezikhoyo. Ukuba isikhongozeli silinganiselwe ngaphantsi kombindi we-CPU enye, sisengasisebenzisa kwi-100%.
Olu balo lungentla lwenziwe lula ukuqonda ukuba i-CPU isasazwa njani phakathi kwezikhongozeli. Ewe, ngaphandle kwezikhongozeli ngokwazo, kukho ezinye iinkqubo ezisebenzisa izixhobo ze-CPU. Xa iinkqubo kwisikhongozeli esinye zingenzi nto, abanye banokusebenzisa ubutyebi bayo. CPU: "200m" ΡΠΎΠΎΡΠ²Π΅ΡΡΡΠ²ΡΠ΅Ρ CPU: 0,2, okuthetha malunga ne-20% yondoqo omnye.
Ngoku makhe sithethe ngayo limit.cpu. I-CPU enqandwa nguKubernetes iphinda-phindwa nge-100. Isiphumo sisixa sexesha isikhongozeli esinokusebenzisa zonke ii-100 Β΅s (cpu-period).
limit.cpu ihambelana neflegi yeDocker --cpus. Le yindibaniselwano entsha yakudala --cpu-period ΠΈ --cpu-quota. Ngokuseta, sibonisa ukuba zingaphi izixhobo ezifumanekayo ze-CPU isikhongozeli esinokusisebenzisa kakhulu ngaphambi kokuba kuqale ukuthontsiza:
- cpus - indibaniselwano
cpu-periodΠΈcpu-quota. cpus = 1.5ilingana nokusethacpu-period = 100000ΠΈcpu-quota = 150000; - CPU-ixesha - ixesha , engagqibekanga 100 microseconds;
- cpu-quota - inani le-microseconds ngaphakathi
cpu-period, ebotshelelwe sisitya.
Kwenzeka ntoni xa ufaka i-CPU enganelanga eceliweyo?
Ukuba isikhongozeli sidinga ngaphezu koko sikufakile, siya kuba i-CPU kwezinye iinkqubo.
Kwenzeka ntoni ukuba useta umda we-CPU uphantsi kakhulu?
Kuba isixhobo se-CPU sihlengahlengiswa, i-throttling iya kuvulwa.
Kwenzeka ntoni ukuba awusichazi isicelo se-CPU?
Njengenkumbulo, ixabiso lesicelo lilingana nomda.
Kwenzeka ntoni ukuba awukhankanyi umda we-CPU?
Isikhongozeli siya kusebenzisa i-CPU eninzi njengoko ifuna. Ukuba umgaqo-nkqubo we-CPU ongagqibekanga (LimitRange) uchaziwe kwisithuba segama, ngoko ke lo mda uyasetyenziswa kwisingxobo.
Kwenzeka ntoni ukuba awusichazi isicelo okanye umda we-CPU?
Njengenkumbulo, le yeyona meko imbi kakhulu. Umcwangcisi akazi ukuba zingaphi izixhobo ezifunwa yisikhongozeli sakho, kwaye oku kunokubangela iingxaki ezinzulu kwindawo. Ukunqanda oku, kufuneka usete imida engagqibekanga yezithuba zamagama (LimitRange).
Khumbula: ukuba ucela i-CPU engaphezulu kunokuba iinodi zinokubonelela, iPod ayiyi kucwangciswa. Requests.cpu - hayi elona xabiso lincinci, kodwa ixabiso elaneleyo ukuqala iPod kwaye usebenze ngaphandle kokusilela. Ukuba usetyenziso alwenzi izibalo ezintsonkothileyo, eyona ndlela ingcono kukufakela request.cpu <= 1 kwaye uqalise iikopi ezininzi njengoko kufuneka.
Isixa esifanelekileyo sezibonelelo eziceliweyo okanye umda wobutyebi
Sifunde malunga nokunciphisa izixhobo zekhompyutha. Ngoku lixesha lokuphendula umbuzo: "Zingaphi izixhobo ezifunwa yiPod yam ukuqhuba isicelo ngaphandle kweengxaki? Yeyiphi imali efanelekileyo?
Ngelishwa, akukho zimpendulo zicacileyo kule mibuzo. Ukuba awuyazi ukuba isicelo sakho sisebenza njani okanye ingakanani i-CPU okanye imemori efunekayo, eyona ndlela ilungileyo kukunika isicelo inkumbulo eninzi kunye ne-CPU emva koko uqhube iimvavanyo zokusebenza.
Ukongeza kwiimvavanyo zentsebenzo, beka iliso kwindlela yokuziphatha kwesicelo ekubekeni iliso ngeveki. Ukuba iigrafu zibonisa ukuba isicelo sakho sisebenzisa izixhobo ezimbalwa kunezo ubuzicelile, unganciphisa inani le-CPU okanye imemori eceliweyo.
Njengomzekelo bona oku . Ibonisa umahluko phakathi kwezibonelelo eziceliweyo okanye umda wobutyebi kunye nokusetyenziswa komthombo wangoku.
isiphelo
Ukucela kunye nokunciphisa izixhobo kunceda ukugcina iqela lakho leKubernetes lisempilweni. Ubume bomda obufanelekileyo bunciphisa iindleko kwaye bugcina usetyenziso lusebenza ngamaxesha onke.
Ngamafutshane, kukho izinto ezimbalwa ekufuneka uzigcine engqondweni:
- Izibonelelo eziceliweyo luqwalaselo oluthathelwa ingqalelo ngexesha lokuqalisa (xa uKubernetes ecwangcisa ukusingatha isicelo). Ngokwahlukileyo koko, ukunciphisa izixhobo kubalulekile ngexesha lokusebenza-xa isicelo sele sisebenza kwi-node.
- Xa kuthelekiswa nememori, i-CPU sisixhobo esilawulwayo. Ukuba akukho CPU yaneleyo, iPod yakho ayiyi kuvala kwaye indlela yokubetha iya kuvulwa.
- Izibonelelo eziceliweyo kunye nomda wemithombo ayingobuncinane kunye namaxabiso aphezulu! Ngokuchaza izibonelelo eziceliweyo, uyaqinisekisa ukuba isicelo siya kuqhuba ngaphandle kweengxaki.
- Isiqhelo esilungileyo kukuseta isicelo sememori esilingana nomda wememori.
- Kulungile faka isicelo
CPU <=1, ukuba isicelo ayenzi izibalo ezinzima. - Ukuba ucela izixhobo ezingaphezulu kunezo zikhoyo kwi-node, iPod ayisoze icwangciswe kuloo node.
- Ukumisela isixa esichanekileyo sezibonelelo eziceliweyo / imida yemithombo, sebenzisa uvavanyo lomthwalo kunye nokubeka iliso.
Ndiyathemba ukuba eli nqaku likunceda ukuba uqonde ingcamango esisiseko yokunciphisa izixhobo. Kwaye uya kukwazi ukusebenzisa olu lwazi emsebenzini wakho.
Impumelelo!
Yintoni enye ekufuneka uyifunde:
- .
- .
- .
umthombo: www.habr.com