Ingxaki ngezicelo ezisemthethweni kwi-Kubernetes
Uqwalaselo, ukuqaliswa kunye nokunyuka okungaphezulu kwezicelo kunye neenkonzo kulula xa kuziwa kumatyala ahlelwe njenge-stateless, i.e. ngaphandle kokugcina idatha. Kukulungele ukuqhuba iinkonzo ezinjalo kwi-Kubernetes, usebenzisa i-APIs yayo eqhelekileyo, kuba yonke into iyenzeka "ngaphandle kwebhokisi": ngokuhambelana nokucwangciswa okusemgangathweni, ngaphandle kokubandakanya nayiphi na into ethile okanye umlingo.
Ukubeka nje, ukuqalisa iikopi ezingaphezulu ezintlanu ze-backend kwi-PHP / Ruby / Python kwiqela lezikhongozeli, udinga kuphela ukuseta iseva entsha ngamaxesha angama-5 kwaye ukopishe imithombo. Kuba zombini ikhowudi yemvelaphi kunye neskripthi se-init zisemfanekisweni, ukukala usetyenziso olungenammiselo kuba sisiseko ngokupheleleyo. Njengoko abalandeli bezikhongozeli kunye noyilo lwe-microservice bayazi kakuhle, ubunzima buqala apps ezisemgangathweni, o.k. ngokuzingisa kwedatha ezifana nogcino-lwazi kunye neecache (MySQL, PostgreSQL, Redis, ElasticSearch, Cassandra...). Oku kusebenza kuzo zombini iisoftware eziphumeza ngokuzimeleyo iqela lekhoram (umzekelo, iPercona XtraDB kunye neCassandra), kunye nesoftware efuna izixhobo zolawulo ezahlukeneyo (ezifana neRedis, MySQL, PostgreSQL...).
Ubunzima buvela ngenxa yokuba ikhowudi yomthombo kunye nokuqaliswa kwenkonzo akusekho ngokwaneleyo - kufuneka wenze amanye amanyathelo angakumbi. Ubuncinci, khuphela idatha kunye/okanye ujoyine iqela. Ngokuchanekileyo, ezi nkonzo zifuna ukuqonda ngendlela yokulinganisa ngokufanelekileyo, ukuhlaziya kunye nokuzilungiselela kwakhona ngaphandle kokulahleka kwedatha okanye ukungafumaneki okwethutyana. Ukuthathela ingqalelo ezi mfuno kubizwa ngokuba βlulwazi olusebenzayoβ.
AbaSebenzi beCoreOS
Ukuze "iprogram" yolwazi lokusebenza, ngasekupheleni konyaka ophelileyo iprojekthi yeCoreOS "Iklasi entsha yesoftware" yeqonga leKubernetes - AbaSebenzi (ukusuka kwisiNgesi "ukusebenza", oko kukuthi "ukusebenza").
Abaqhubi abasebenzisa kunye nokwandisa amandla angundoqo e-Kubernetes (incl. StatefulSets, bona umehluko ongezantsi) vumela iingcali ze-DevOps ukuba zongeze ulwazi lokusebenza kwikhowudi yesicelo.
Injongo yoMsebenzisi -nika umsebenzisi nge-API ekuvumela ukuba ulawule izinto ezininzi ezisebenzayo kwiqela le-Kubernetes, ngaphandle kokucinga malunga nokuba yintoni ephantsi kwe-hood (yeyiphi idatha kunye nokuba wenze ntoni ngayo, yeyiphi imiyalelo ekusafuneka yenziwe ukugcina iqela. ). Enyanisweni, i-Operator yenzelwe ukwenza lula umsebenzi kunye nesicelo ngaphakathi kweqela kangangoko kunokwenzeka, izenzele ngokuzenzekelayo ukuphunyezwa kwemisebenzi yokusebenza eyayifanele isonjululwe ngesandla.
Basebenza njani abaSebenzi
IiReplicaSets I-Kubernetes ikuvumela ukuba uchaze inani elifunekayo lee-pods eziqhubayo, kwaye abalawuli baqinisekisa ukuba inani labo ligcinwa (ngokudala kunye nokucima iipods). I-Operator isebenza ngendlela efanayo, yongeza isethi yolwazi olusebenzayo kwi-standard ye-Kubernetes resource kunye nomlawuli ovumela ukuba wenze izenzo ezongezelelweyo ukuxhasa inani elifunekayo lemibutho yesicelo.
Yahluke njani le StatefulSets, eyenzelwe izicelo ezifuna i-cluster ukuba ibonelele ngezibonelelo ezisemgangathweni ezifana nokugcinwa kwedatha okanye ii-IP ezingatshintshiyo? Kwizicelo ezinjalo, abaSebenzi banokusebenzisa StatefulSets (endaweni yokuba IiReplicaSets) njengesiseko, umnikelo usetyenziso olongezelelweyo: yenza iintshukumo eziyimfuneko kwimeko yokuphahlazeka, yenza i-backups, uhlaziye ulungelelwaniso, njl.
Kwaye ke, isebenza njani yonke lento? Umsebenzisi ngumphathi wedaemon othi:
- ubhalisa kwi-API yesiganeko kwi-Kubernetes;
- ifumana kuyo idatha malunga nenkqubo (malunga nayo IiReplicaSets, imidumba, iinkonzo kwaye nangokunjalo.);
- ifumana idatha malunga Izibonelelo zeqela lesithathu (jonga imizekelo engezantsi);
- isabela kwinkangeleko/utshintsho Izibonelelo zeqela lesithathu (umzekelo, ukutshintsha ubungakanani, ukutshintsha inguqulelo, njalo njalo);
- isabela kutshintsho kwimeko yenkqubo (malunga nayo IiReplicaSets, imidumba, iinkonzo kwaye nangokunjalo.);
- eyona ibalulekileyo:
- ifowunela iKubernetes API ukwenza yonke into eyifunayo (kwakhona, eyakhe IiReplicaSets, imidumba, iinkonzo...),
- yenza umlingo othile (ukwenza lula, ungacinga ukuba uMsebenzi ungena kwiipod ngokwazo kwaye afowunele imiyalelo, umzekelo, ukujoyina iqela okanye ukuphucula ifomati yedata xa uhlaziya uguqulelo).
Ngapha koko, njengoko kunokubonwa kumfanekiso, isicelo esahlukileyo songezwa kwi-Kubernetes (eqhelekileyo Ukuthunyelwa Ρ ReplicaSet), ebizwa ngokuba nguMsebenzi. Ihlala kwipod eqhelekileyo (ngokuqhelekileyo enye) kwaye, njengomthetho, inoxanduva kuphela kuyo Indawo yamagama. Esi sicelo somsebenzisi siphumeza i-API yayo - nangona kungekhona ngokuthe ngqo, kodwa nge Izibonelelo zeqela lesithathu e Kubernetes.
Ke, emva kokuba sidale kwi Indawo yamagama Umsebenzisi, singongeza kuyo Izibonelelo zeqela lesithathu.
Umzekelo we etcd (jonga ngezantsi ngeenkcukacha):
apiVersion: etcd.coreos.com/v1beta1
kind: Cluster
metadata:
name: example-etcd-cluster
spec:
size: 3
version: 3.1.0
Umzekelo we-Elasticsearch:
apiVersion: enterprises.upmc.com/v1
kind: ElasticsearchCluster
metadata:
name: example-es-cluster
spec:
client-node-replicas: 3
master-node-replicas: 2
data-node-replicas: 3
zones:
- us-east-1c
- us-east-1d
- us-east-1e
data-volume-size: 10Gi
java-options: "-Xms1024m -Xmx1024m"
snapshot:
scheduler-enabled: true
bucket-name: elasticsnapshots99
cron-schedule: "@every 2m"
storage:
type: gp2
storage-class-provisioner: kubernetes.io/aws-ebs
Iimfuno zabaSebenzisi
I-CoreOS yaqulunqa iipateni eziphambili ezifunyenwe ziinjineli ngelixa zisebenza kwii-Operators. Ngaphandle kwento yokuba bonke abaSebenzisi ngabanye (benzelwe isicelo esithile esineempawu kunye neemfuno zabo), ukudala kwabo kufuneka kusekelwe kuhlobo lwesakhelo esibeka ezi mfuno zilandelayo:
- Ufakelo kufuneka lwenziwe ngesinye Ukuthunyelwa: kubectl dala -f SOME_OPERATOR_URL/deployment.yaml - kwaye ayifuni izenzo ezongezelelweyo.
- Xa ufaka i-Operator kwi-Kubernetes, uhlobo olutsha lomntu wesithathu kufuneka lwenziwe (IsiXhobo seQela lesithathu). Ukusungula iimeko zesicelo (izihlandlo zeqela) kunye nokulawula ngakumbi (uhlaziyo lweenguqulelo, uhlengahlengiso, njl.njl.), umsebenzisi uya kusebenzisa olu hlobo.
- Nanini na xa kunokwenzeka, kuya kufuneka usebenzise iiprimitives ezakhelwe kwi-Kubernetes, njenge iinkonzo ΠΈ IiReplicaSetsukusebenzisa ikhowudi evavanywe kakuhle neqondakalayo.
- Ifuna ukuhambelana ngasemva kwabaSebenzisi kunye nenkxaso yeenguqulelo ezindala zezixhobo ezidalwe ngumsebenzisi.
- Ukuba uMsebenzi uyasuswa, isicelo ngokwaso kufuneka siqhubeke sisebenza ngaphandle kotshintsho.
- Abasebenzisi kufuneka bakwazi ukucacisa uguqulelo olufunwayo lwesicelo kunye nokucwangcisa uhlaziyo lwenguqulelo yesicelo. Ukungabikho kohlaziyo lwesoftware ngumthombo oqhelekileyo weengxaki zokusebenza kunye nokhuseleko, ngoko ke abaSebenzi kufuneka bancede abasebenzisi kulo mba.
- Abaqhubi kufuneka bavavanywe ngesixhobo esinje nge-Chaos Monkey, echonga iintsilelo ezinokubakho kwiipods, uqwalaselo, kunye nothungelwano.
etcd Umsebenzisi
Umzekelo wokuPhunyezwa koMsebenzi - etcd Umqhubi, ngomhla wokubhengezwa kwalo mbono. Uqwalaselo lweqela le etcd lunokuba nzima ngenxa yesidingo sokugcina ikhoram, imfuneko yokuqwalasela kwakhona ubulungu beqela, ukwenza ii-backups, njl. Umzekelo, ukwenza umlinganiselo weqela etcd kuthetha ukuba kufuneka wenze igama le-DNS lelungu leqela elitsha, qala into entsha etcd, kwaye ulumkise iqela malunga nelungu elitsha (etcdctl ilungu longeza). Kwimeko yoMsebenzi, umsebenzisi uya kufuna kuphela ukutshintsha ubungakanani beqela - yonke enye into iya kwenzeka ngokuzenzekelayo.
Kwaye ekubeni etcd yadalwa kwi-CoreOS, yayisengqiqweni ukubona uMsebenzi wayo ebonakala kuqala. Usebenza njani? Ingqiqo yomsebenzisi etcd igqitywe ngamacandelo amathathu:
- Qwalasela. Umsebenzisi ubeka iliso imeko yeqela usebenzisa iKubernetes API.
- Uhlalutyo. Ifumana umahluko phakathi kwesimo sangoku kunye nesifunwayo (esichazwe lubumbeko lomsebenzisi).
- Isenzo. Usombulula iiyantlukwano ezichongiweyo kusetyenziswa i-etdd kunye/okanye i-API yenkonzo ye-Kubernetes.
Ukuphumeza le ngqiqo, imisebenzi ilungiselelwe kwi-Operator Yakha/Yonakalisa (ukudala kunye nokucima amalungu eqela etcd) kunye Ukuhlaziya (utshintsho kwinani lamalungu eqela). Ukuchaneka kokusebenza kwayo kuhlolwe kusetyenziswa i-utility eyenziwe ngokufana ne-Chaos Monkey evela kwi-Netflix, okt. ukubulala etcd pods ngokungakhethiyo.
Ukusebenza ngokupheleleyo kwe-etcd, uMsebenzi ubonelela ngeempawu ezongezelelweyo: yeSistim (okuzenzekelayo kwaye kungabonakali kubasebenzisi ukwenza iikopi zogcino - kwi-config kwanele ukugqiba ukuba kaninzi kangakanani ukuzenza kwaye bangaphi ukugcina - kunye nokubuyiselwa okulandelayo kwedatha kubo) kunye uphuculo (ukuhlaziya ufakelo etcd ngaphandle kwexesha lokuphumla).
Kukhangeleka njani ukusebenza noMsebenzi?
$ kubectl create -f https://coreos.com/operators/etcd/latest/deployment.yaml
$ kubectl create -f https://coreos.com/operators/etcd/latest/example-etcd-cluster.yaml
$ kubectl get pods
NAME READY STATUS RESTARTS AGE
etcd-cluster-0000 1/1 Running 0 23s
etcd-cluster-0001 1/1 Running 0 16s
etcd-cluster-0002 1/1 Running 0 8s
etcd-cluster-backup-tool-rhygq 1/1 Running 0 18s
Ubume bangoku be- etcd Operator yinguqulo ye-beta, efuna i-Kubernetes 1.5.3+ kunye ne- etcd 3.0+ ukuba iqhube. Ikhowudi yomthombo kunye namaxwebhu (kubandakanywa nemiyalelo yokusetyenziswa) ziyafumaneka .
Omnye umzekelo wokuphunyezwa ovela kwi-CoreOS wenziwa - , kodwa ikwinguqulelo yealpha (ayizizo zonke iimpawu ezicwangcisiweyo eziphunyeziweyo).
Ubume kunye namathemba
Iinyanga ezi-5 zidlulile ukususela ekubhengezweni kwe-Kubernetes Operators. Kusekho ukuphunyezwa okubini kuphela okukhoyo kwindawo yokugcina i-CoreOS esemthethweni (ye-etcd kunye ne-Prometheus). Bobabini abakafikeleli kwiinguqulelo zabo ezizinzileyo, kodwa ukuzibophelela kujongwa yonke imihla.
Abaphuhlisi babona "ikamva apho abasebenzisi bafaka i-Postgres Operators, i-Cassandra Operators okanye i-Redis Operators kumaqela abo e-Kubernetes kwaye basebenze kunye nezinto ezinobungozi zezi zicelo ngokulula njengokuthumela ii-replicas zezicelo zewebhu ezingenammiselo namhlanje." Ekuqaleni Abaqhubi abaphuhlisi beqela lesithathu ngokwenene iqalile ukubonakala:
- ukusuka kumaShishini e-UPMC;
- ukusuka kwiDatha yeCrunchy (echazwe ngasekupheleni kukaMatshi 2017);
- ukusuka kubabhali benkqubo yokugcina idatha esasazwayo esekelwe kwiCeph (iRook ikwimo yealpha);
- ukusuka kwiSAP CCloud.
Kwinkomfa enkulu yaseYurophu yasimahla yeFOSDEM, eyenzeka ngoFebruwari 2017 eBrussels, uJosh Wood ovela kwiCoreOS wabhengeza abaSebenzi kwi. (ividiyo iyafumaneka kwikhonkco!), ekufuneka ifake isandla ekukhuleni kokuthandwa kwale ngcamango kuluntu olubanzi lweMthombo.
PS Enkosi ngomdla wakho kwinqaku! Bhalisa kwi hub yethu, ukuze ungaphuthelwa izixhobo ezintsha kunye neendlela zokupheka kwi-DevOps kunye ne-GNU/Linux yolawulo lwenkqubo - siya kuzipapasha rhoqo!
umthombo: www.habr.com