Kukho uncwadi oluninzi lwereferensi kwi-Intanethi, kodwa ngamanye amaxesha elona cebiso lilula lelona lixabisekileyo. Iqela iguqulelwe , apho umbhali wenqaku eqokelelwe emva konyaka esebenza noKubernetes. Iingcebiso azihlelwanga ngokubaluleka, kodwa sicinga ukuba wonke umntu uya kufumana into eluncedo kubo.
Owona myalelo ulula wokusebenza noKubernetes
Ukuqala, mhlawumbi esona senzo silula kwaye siluncedo ekusebenzeni noKubernetes. Lo myalelo ulandelayo wenza ukuba umyalelo ugqitywe kubectl kwiqokobhe le-bash:
echo "source <(kubectl completion bash)" >> ~/.bashrc
Ukugcwalisa ngokuzenzekelayo kubectl izakubhalwa kwi .bashrc ifayile kwaye izakwenziwa isebenze ngokuzenzekelayo ngalo lonke ixesha iqokobhe liqaliswa. Oku kukhawuleza ukuchwetheza imiyalelo emide kunye neeparamitha ezinje all-namespaces. Funda ngakumbi kwi .
Imemori ehlala ikho kunye nemida ye-CPU kwindawo yamagama
Ukuba isicelo sibhalwe ngokungalunganga, umzekelo, sivula uxhulumaniso olutsha kwisiseko sedatha nganye yesibini kodwa ungalokothi uvale, ngoko i-cluster inememori evuzayo. Kwaye ukuba isicelo asinaso umda wememori obekiweyo ngexesha lokuthunyelwa, oku kunokukhokelela ekungaphumeleli kwe-node.
Ukuthintela oku, iKubernetes ikuvumela ukuba usete izithintelo ezingagqibekanga ngokwesiseko sendawo yegama ngalinye. Zibhalwe kwifayile yaml kwindawo ethile yamagama. Nanku umzekelo wefayile enjalo:
apiVersion: v1
kind: LimitRange
metadata:
name: mem-limit-range
spec:
limits:
- default:
memory: 512Mi
defaultRequest:
memory: 256Mi
type: Container
Yenza i-yaml enjalo kwaye usebenzise kuyo nayiphi na indawo yamagama. Umzekelo, kwindawo yegama limit-example. Ngoku nasiphi na isikhongozeli esibekwe kwesi sithuba samagama siya kuba nomda we-512Mi, ngaphandle kokuba omnye umda ubekelwe esi singxobo.
Ukuqokelelwa kwenkunkuma kwiinguqulelo ezindala zeKubernetes
Kubelet ngokungagqibekanga iqala ukuqokelelwa kwenkunkuma xa var/lib/docker ithatha i-90% yendawo yedisk ekhoyo. Oku kuhle, nangona kunjalo, kude kube yi-Kubernetes 1.7 akukho mda ongagqibekanga kwinani leenodes ezisetyenzisiweyo, ezihambelana nenani leefayile kwinkqubo yefayile.
Ngokunokwenzeka isikhongozeli sakho var/lib/docker inokusebenzisa kuphela i-50% yendawo yediski, kodwa inokuphelelwa yi-inodes, eya kubangela iingxaki kubasebenzi.
Kwiinguqulelo ezindala ze-kubelet ukusuka kwi-1.4 ukuya kwi-1.6 kuya kufuneka wongeze le flegi:
--eviction-hard
=memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%
Kwi-1.7 kunye neenguqulelo zamva le flegi isetwa ngokungagqibekanga. Nangona kunjalo, iinguqulelo zangaphambili azijongi umda we-inode.
I-Minikube... i-Kubernetes yasekhaya encinci kodwa enamandla
I-Minikube yeyona ndlela ilula yokuqhuba iqela lasekhaya leKubernetes. Iqaliswa ngomyalelo olula:
minikube start
Ukuqhuba lo myalelo kukhokelela kwiqela lokwenyani leKubernetes elisebenza kwikhompyuter yakho.
Iqhinga yindlela yokwakha isicelo kwaye uyiqhube ekuhlaleni kwelo qela. Ngaphandle kokuba uyalelwe ngokuthe ngqo, umfanekiso weDocker uya kwakhiwa kwikhompyuter yakho hayi kwiqela.
Ukunyanzela iDocker ukuba ityhale umfanekiso kwiqela leKubernetes yendawo, umatshini wedocker unikwa lo myalelo ulandelayo:
eval $(minikube docker-env)
Ngoku sinokwakha izicelo kwiqela leKubernetes lendawo.
Musa ukunika i-kubectl ufikelelo kumntu wonke
Oku kubonakala kucacile, kodwa ukuba amaqela amaninzi asebenzisa iqela elifanayo kwizicelo zabo (eyiyo iKubernetes yenzelwe yona), akufuneki unike wonke umntu. kubectl. Kungcono ukwahlula imiyalelo, ukwabela nganye kuzo indawo yayo yegama kunye nokunciphisa ukufikelela usebenzisa imigaqo-nkqubo ye-RBAC.
Ungabhideka ngokunika amalungelo okufikelela, ukufunda, ukwenza, ukucima kunye neminye imisebenzi yepod nganye. Kodwa into ephambili kukukhawulela ukufikelela kwiimfihlo, ukuvumela kuphela kubalawuli. Ngale ndlela siyakwahlula phakathi kwabo banokulawula iqela kunye nabo banokusasaza kulo.
Lawula uHlahlo lwabiwo-mali lwePod
Ungaqinisekisa njani ukuba akukho xesha lokuphumla kwisicelo kwiqela leKubernetes? PodDisruptionBudget kwaye kwakhona PodDisruptionBudget.
Amaqela ahlaziywa ngamaxesha athile kwaye iindawo zokuhlala zingenanto. Akukho nto imileyo, yinyani leyo. Konke ukuthunyelwa kunye nomzekelo omnye kufuneka kubandakanye iPDB (PodDisruptionBudget). Yenziwe kwifayile ye-yaml elula esetyenziswa kwiqela. Indawo yokhuselo yePDB ethile imiselwa ngabakhethi balebula.
Qaphela: Uhlahlo lwabiwo-mali lwePDB luthathelwa ingqalelo kuphela xa ukunyhashwa kohlahlo lwabiwo-mali kubuyiselwa umva (). Kwiimeko ezifana nokusilela kwehardware, iPDB ayiyi kusebenza.
Umzekelo wePDB:
apiVersion: policy/v1beta1
kind: PodDisruptionBudget
metadata:
name: app-a-pdb
spec:
minAvailable: 2
selector:
matchLabels:
app: app-a
Ezona parameters zimbini matchLabels ΠΈ minAvailable. Ipharamitha yokuqala ichaza ukuba uhlahlo lwabiwo-mali lusebenza kweziphi izicelo. Umzekelo, ukuba ndinokuthunyelwa ngeeleyibhile app: app-a ΠΈ app: app-b, ke le PDB iya kusebenza kuphela kweyokuqala.
IParamu minAvailable kuthathelwe ingqalelo xa kuthululwa (coca) indawo yokusebenzela. Ngokomzekelo, kumzekelo wethu, ngexesha lokukhupha, zonke iimeko ziyakhutshwa app: app-a, ngaphandle ezimbini.
Oku kukuvumela ukuba ulawule ukuba mingaphi na imizekelo yesicelo ekufuneka isebenze nangaliphi na ixesha.
Isicelo esweni impilo
Ukubeka iliso okunjalo kunokwenzeka ngeendlela ezimbini: usebenzisa iimvavanyo zokuLungela okanye zokuPhila.
Uphononongo lokuqala (ukulungela) lumisela ukulungela kwesingxobo ukufumana izithuthi.
Okwesibini (ubomi) bubonisa ukuba isikhongozeli sisempilweni okanye sidinga ukuqaliswa kwakhona.
Ulungelelwaniso olufanelekileyo longezwa nje kwi-yaml ukuze isetyenziswe. Apho ungachaza ixesha lokuvala, amaxesha okulibaziseka kunye nenani lokuzama kwakhona. Bona iinkcukacha ezingaphezulu malunga nabo .
Iithegi zikuyo yonke indawo
Iileyibhile yenye yeengqikelelo ezisisiseko kwi-Kubernetes. Bavumela izinto ukuba zinxibelelane ngokukhululekileyo omnye nomnye, kunye nokudala imibuzo esekelwe kwiilebhile. Kwi-Kubernetes, unokuya kumxhasi kwaye ubukele imicimbi yeethegi ezithile.
Unokwenza phantse nantoni na ngeethegi, kodwa umzekelo olungileyo unokuba wenze imeko-bume ezininzi ukuqhuba iinkqubo kwiqela elinye.
Masithi usebenzisa iqela elifanayo dev ΠΈ qa. Oku kuthetha ukuba ungafumana isicelo app-a, ngaxeshanye isebenza kuzo zombini ezingqongileyo qa ΠΈ dev. Kule meko, sinokufikelela ngokwahlukileyo kumzekelo wesicelo kwindawo ethile ngokuchaza iparameter efanelekileyo environment. Umzekelo app: app-a ΠΈ environment: dev kwindawo enye, kunye app: app-a ΠΈ environment: qa kowesibini.
Oku kukuvumela ukuba ufikelele kuzo zombini iimeko zesicelo, umzekelo, ukwenza uvavanyo ngaxeshanye.
Zilungiselele
I-Kubernetes yinkqubo enamandla kakhulu, kodwa nayiphi na inkqubo inokugqithwa ngeenkqubo ezininzi kakhulu. I-Kubelet iqhuba zonke iinkqubo kwaye ijonga ozikhankanyayo, kunye neyakhe.
Ewe, inkonzo enye yeenkedama ayizukucothisa inkqubo, kwaye iKubernetes yenzelwe ukulinganisa ukusuka emhlabeni ukuya phezulu. Kodwa ukuba endaweni yenkonzo enye kuvela isigidi, i-kubelet iqalisa ukuminxa.
Ukuba ngenxa yesizathu esithile ucima ukuthunyelwa (isikhongozeli, umfanekiso, nantoni na), qiniseka ukuba ucoca ngokupheleleyo.
Dibana neGo
Sigcine iingcebiso eziphambili okokugqibela. Funda ulwimi lwenkqubo yeGo.
I-Kubernetes iphuhliswe kwi-Go, zonke izandiso zibhalwe kwi-Go, kwaye ilayibrari yeklayenti-i-client-go ixhaswa ngokusemthethweni.
Ingasetyenziselwa izinto ezahlukeneyo nezinomdla. Umzekelo, ukwandisa inkqubo yeKubernetes kwincasa yakho. Ke, unokusebenzisa iinkqubo zakho ukuqokelela idatha, ukuhambisa usetyenziso, okanye ukucoca ngokulula izitya.
Ukufunda ulwimi lwenkqubo ye-Go kunye nokuqonda umthengi-ukuhamba mhlawumbi lelona cebiso libalulekileyo onokuthi ulinike abasebenzisi abatsha be-Kubernetes.
Yintoni enye ekufuneka uyifunde:
- .
- ?
- .
umthombo: www.habr.com