I-Kubernetes inokhetho oluninzi lokuhlaziya izixhobo: faka, hlela, patch kwaye ubeke endaweni yakho. Kukho ukubhideka malunga nokuba ngamnye wenza ntoni kunye nexesha lokuzisebenzisa. Masiyiqonde.
ukuba ibinzana elithi "kubernetes apply vs replace" likhona , engachanekanga. "kubernetes apply vs patch" ikhonkco lokuqala luxwebhu lwe kubectl patch, engabandakanyi uthelekiso apply ΠΈ patch. Eli nqaku liza kujonga kwiinketho ezahlukeneyo, kunye nokusetyenziswa ngokufanelekileyo komntu ngamnye.
Ngexesha lokujikeleza kobomi besixhobo se-Kubernetes (inkonzo, ukuthunyelwa, ukungena, njl.), ngamanye amaxesha kufuneka utshintshe, udibanise okanye ususe ezinye iipropathi zalo mthombo. Umzekelo, yongeza inqaku, wandise okanye unciphise inani leekopi.
Kubernetes CLI
Ukuba sele usebenza namaqela e-Kubernetes nge-CLI, sele uqhelene nayo apply ΠΈ edit. Iqela apply ifunda ingcaciso yomthombo kwifayile kwaye yenza "ukunyusa" kwiqela le-Kubernetes, okt. yenza isibonelelo ukuba asikho kwaye sihlaziye ukuba sikhona. Iqela edit ifunda uvimba usebenzisa i-API, emva koko ibhale iinkcukacha zesixhobo kwifayile yendawo, ethi ivulwe kumhleli wokubhaliweyo. Emva kokuba uhlele kwaye ugcine ifayile, kubectl izakuthumela utshintsho olwenziwe emva nge-API, eya kuthi isebenzise ngononophelo olu tshintsho kwisixhobo.
Asinguye wonke umntu oyaziyo imiyalelo patch ΠΈ replace. Iqela patch ikuvumela ukuba utshintshe inxalenye yenkcukacha zesixhobo, unikeze kuphela indawo etshintshiweyo kumgca womyalelo. Iqela replace isebenza ngokufanayo edit, kodwa yonke into ifuna ukwenziwa ngesandla: kufuneka ukhuphele uguqulelo lwangoku lobalulo lwesixhobo, umzekelo, usebenzisa kubectl get -o yaml, yihlele, emva koko usebenzise replace ukuhlaziya uvimba ngokweenkcukacha ezitshintshiweyo. Iqela replace ayiyi kusebenza ukuba kukho naluphi na utshintsho olwenzekileyo phakathi kokufunda kunye nokubuyisela uvimba.
Kubernetes API
Mhlawumbi uqhelene neendlela CoreV1().Pods().Update(), replaceNamespacedService okanye patch_namespaced_deployment, ukuba usebenza kunye namaqela nge usebenzisa ulwimi lwenkqubo. Ithala leencwadi liphatha ezi ndlela ngokusebenzisa izicelo zeHTTP usebenzisa iindlela PUT ΠΈ PATCH... Apho update ΠΈ replace sebenzisa PUT, kwaye patch, kungakhathaliseki ukuba incinane kangakanani na, isebenzisa PATCH.
Kufanelekile ukuphawula oko kubectl ikwasebenza kunye namaqela nge-API. Ngamanye amazwi, kubectlsisisongelo esiphezu kwethala leencwadi lomxhasi wolwimi lweGo, olubonelela kakhulu ngokukwazi ukubonelela ngemiyalelo engaphantsi ngendlela ehlangeneyo nefundekayo ngakumbi ukongeza kubuchule obuqhelekileyo be-API. Umzekelo, njengoko usenokuba sele uqaphele, indlela apply akukhankanywanga ngasentla kumhlathi ongaphambili. Okwangoku (ngoMeyi 2020, malunga. umguquleli) yonke ingqiqo kubectl apply, o.k. ukudala izixhobo ezingekhoyo kunye nokuhlaziya ezikhoyo, zisebenza ngokupheleleyo kwicala lekhowudi kubectl. Iinzame ziyenziwa apply kwicala le-API, kodwa isekwi-beta. Ndiza kubhala ngokubanzi ngezantsi.
Patch ngokwendalo
Eyona isetyenziswayo patch, ukuba ufuna ukuhlaziya uvimba. Yile ndlela zombini iilayibrari zabaxumi zisebenza ngayo ngaphezulu kweKubernetes API kunye kubectl (ayimangalisi, kuba sisigqubuthelo sethala leencwadi lomxhasi, malunga. umguquleli).
Sebenza ngobuchule
Onke amaqela kubectl apply, edit ΠΈ patch sebenzisa indlela PATCH kwizicelo zeHTTP zokuhlaziya uvimba okhoyo. Ukuba uphonononga ekuphunyezweni kwemiyalelo ngokweenkcukacha ezithe vetshe, ke bonke basebenzisa indlela ukuhlaziya izibonelelo, nangona umyalelo patch inokusebenzisa ezinye iindlela (ngaphezulu koku ngezantsi). Indlela yokudibanisa isicwangciso-qhinga izama "ukuyilungisa" ngokudibanisa iinkcukacha ezinikiweyo kunye neenkcukacha ezikhoyo. Ngokukodwa ngakumbi, izama ukudibanisa zombini izinto kunye ne-arrays, oku kuthetha ukuba utshintsho luthande ukuba longezelelo. Umzekelo, ukuqhuba umyalelo patch ngotshintsho olutsha lokusingqongileyo kwinkcazo yesikhongozelo se-pod, ibangela ukuba ukuguquguquka kwemo engqongileyo kongezwe kwizinto eziguquguqukayo zokusingqongileyo ezikhoyo kunokuba zibhale ngaphezulu. Ukususa ukusebenzisa le ndlela, kufuneka unyanzelise ixabiso leparameter ukuba lingabikho kwingcaciso enikiweyo. Ngawaphi amaqela kubectl Ngaba kungcono ukusebenzisela ukuhlaziywa?
Ukuba udala kwaye ulawule izixhobo zakho usebenzisa kubectl apply, xa uhlaziya kungcono ukusebenzisa rhoqo kubectl applyukuba kubectl inokulawula uqwalaselo kwaye ilandelele ngokufanelekileyo utshintsho oluceliweyo ukusuka kwisicelo ukuya kwisicelo. I-Advantage isoloko isetyenziswa apply kukuba igcina umkhondo wobalulo olusetyenzisiweyo ngaphambili, ukuyivumela ukuba yazi xa iipropati ezibaluliweyo kunye neziqalelo zoluhlu zisusiwe ngokucacileyo. Oku kukuvumela ukuba usebenzise apply ukususa iipropathi kunye ne-array elements, ngelixa ukudibanisa okuqhelekileyo kweqhinga akuyi kusebenza. Amaqela edit ΠΈ patch musa ukuhlaziya amanqaku ukuba kubectl apply isebenzisa ukulandelela utshintsho lwayo, ngoko naluphi na utshintsho olulandelwayo lwenziwa ngeKubernetes API, kodwa lwenziwe ngemiyalelo. edit ΠΈ patch, ayibonakali kwimiyalelo elandelayo apply, oko kukuthi apply ayizisusi nokuba aziveli kuluhlu lwegalelo le apply (Amaxwebhu athetha oko edit ΠΈ patch yenza uhlaziyo kumanqaku asetyenzisiweyo apply, kodwa ekusebenzeni - hayi).
Ukuba awusebenzisi umyalelo apply, ingasetyenziswa njenge edit, kwaye patch, ukukhetha umyalelo ofanele utshintsho olwenziwayo. Xa ukongeza kunye nokutshintsha iipropathi ze-BOM, zombini iindlela ziyafana. Xa ucima iipropati ezibaluliweyo okanye uluhlu lwezinto edit iziphatha njengokuqaliswa kwexesha elinye apply, ukuquka ukugcina umkhondo wokuba uchazo lwalunjani phambi nasemva kokuba luhleliwe, ukuze ukwazi ukususa ngokucacileyo iipropati kunye noluhlu lweziqalelo kwisixhobo. Kufuneka usete ngokuthe gca ixabiso lepropathi ukuze ungabikho kwiinkcukacha ze patchukuyisusa kwisixhobo. Ukususa i-array element usebenzisa i-strategic-merge patching kunzima kakhulu kuba kufuna ukusetyenziswa kwezikhokelo zokudibanisa. Bona ezinye iindlela zokuphucula ngezantsi ukuze ufumane ezinye iindlela ezisebenzayo.
Ukuphumeza iindlela zohlaziyo kwithala leencwadi lomxhasi eziziphatha ngendlela efanayo kwimiyalelo engentla kubectl, kufuneka ibekwe kwizicelo content-type Π² application/strategic-merge-patch+json. Ukuba ufuna ukususa iipropathi ngokobalulo, kufuneka ucwangcise ngokucacileyo amaxabiso azo ukuze angasebenzi ngendlela efanayo. kubectl patch. Ukuba ufuna ukususa izinto zoluhlu, kuya kufuneka ubandakanye izikhokelo zokudibanisa kwingcaciso yohlaziyo okanye usebenzise indlela eyahlukileyo yohlaziyo.
Ezinye iindlela zokuhlaziya
I-Kubernetes ixhasa ezinye iindlela ezimbini zohlaziyo: ΠΈ . Indlela ye-JSON yokudibanisa i-patch ithatha i-Kubernetes ecacileyo njengegalelo kwaye ixhasa ukudibanisa izinto ezifana ne-strategic-merge patching approach. Umahluko phakathi kwezi zimbini kukuba ixhasa kuphela ukutshintshwa koluhlu, kubandakanywa uluhlu lwesikhongozeli kwinkcazo yepod. Oku kuthetha ukuba xa usebenzisa i-JSON yokudibanisa patch, kufuneka unikeze iinkcukacha ezipheleleyo kuzo zonke izikhongozeli xa kukho nasiphi na ipropathi yaso nasiphi na isikhongozeli esinokutshintsha. Ke le ndlela iluncedo ekususeni izinto ukusuka kuluhlu kwi-BOM. Kumgca womyalelo ungakhetha i-JSON yokudibanisa i-patch usebenzisa kubectl patch --type=merge. Xa usebenza neKubernetes API, kufuneka usebenzise indlela yokucela PATCH kunye nofakelo content-type Π² application/merge-patch+json.
Indlela ye-JSON ye-patch, kunokubonelela ngokucaciswa kwenxalenye yomthombo, isebenzisa ukubonelela ngeenguqu ofuna ukuzenza kwi-resource njenge-array, apho into nganye ye-array imele inkcazo yotshintsho olwenziwayo kwi-resource. Le ndlela yindlela eguquguqukayo kunye nenamandla yokubonisa utshintsho olwenziwayo, kodwa ngexabiso lokudwelisa utshintsho olwenziwe ngendlela eyahlukileyo, engeyiyo ye-Kubernetes, kunokuthumela inkcazo yemithombo yolwazi. IN kubectl ungakhetha i-JSON patch usebenzisa kubectl patch --type=json. Xa usebenzisa i-Kubernetes API, le ndlela isebenza ngokusebenzisa indlela yokucela PATCH kunye nofakelo content-type Π² application/json-patch+json.
Sifuna ukuzithemba - sebenzisa indawo
Kwezinye iimeko, kufuneka uqiniseke ukuba akukho lutshintsho lwenziwayo kwisixhobo phakathi kwexesha elifundwayo kunye naxa lihlaziywa. Ngamanye amazwi, kufuneka uqinisekise ukuba zonke iinguqu ziya kuba atomic. Kule meko, ukuhlaziya izixhobo kufuneka usebenzise replace. Umzekelo, ukuba uneConfigMap enekhawunta ehlaziywa yimithombo yolwazi emininzi, kufuneka uqiniseke ukuba imithombo emibini ayihlaziyi ikhawunta ngaxeshanye, ibangela ukuba uhlaziyo lulahleke. Ukubonisa, cinga ngolandelelwano lweziganeko usebenzisa indlela yokufundisa patch:
- A kunye no-B bafumana imeko yangoku yesibonelelo kwi-API
- Ngamnye ekuhlaleni uhlaziya iinkcukacha ngokunyusa ikhawunta nganye kwaye wongeze u-"A" okanye "B" ngokulandelelanayo kwinqaku elithi "updated-by"
- Kwaye ihlaziya uvimba ngokukhawuleza kancinci
- B uhlaziya umthombo
Ngenxa yoko, uhlaziyo A lulahlekile. Umsebenzi wokugqibela patch winile, ikhawuntara yongezwa ngesinye endaweni yezimbini, kwaye ixabiso lenqaku elithi "updated-by" liphela ngo "B" kwaye aliqulathanga "A". Makhe sithelekise oku kungasentla kunye nento eyenzekayo xa uhlaziyo lusenziwa kusetyenziswa indlela replace:
- A kunye no-B bafumana imeko yangoku yesibonelelo kwi-API
- Ngamnye ekuhlaleni uhlaziya iinkcukacha ngokunyusa ikhawunta nganye kwaye wongeze u-"A" okanye "B" ngokulandelelanayo kwinqaku elithi "updated-by"
- Kwaye ihlaziya uvimba ngokukhawuleza kancinci
- B izama ukuhlaziya uvimba, kodwa uhlaziyo lwaliwe yi-API kuba inguqulelo yesixhobo ikwinkcukacha.
replaceayihambelani noguqulelo lwangoku lomthombo kwi-Kubernetes kuba uguqulelo lomthombo lonyuswe ngokusebenza endaweni ka-A.
Kule meko ingentla, u-B kuya kufuneka aphinde alande uvimba, enze utshintsho kwimeko entsha kwaye uzame kwakhona replace. Ngenxa yoko, ikhawuntara iya kwandiswa ngambini kwaye inqaku elithi "updated-by" liya kuba no-"AB" ekugqibeleni.
Lo mzekelo ungasentla uthetha ukuba xa kusenziwa replace Uvimba wonke utshintshiwe ngokupheleleyo. Iinkcukacha ezisetyenziselwa replace, mayingabi yinxenye, okanye ibe ziinxalenye njengaku apply, kodwa iphelele, kuquka ukongeza resourceVersion kwi metadata yobalulo. Ukuba awuvulanga resourceVersion okanye uguqulelo olunikeziweyo ayilolwangoku, ubuyiselo luya kwaliwa. Ngoko ke eyona ndlela ilungileyo yokuyisebenzisa replace -funda uvimba, uwuhlaziye kwaye uwubuyisele kwangoko. Ukusebenzisa kubectl, inokukhangeleka ngolu hlobo:
$ kubectl get deployment my-deployment -o json
| jq '.spec.template.spec.containers[0].env[1].value = "new value"'
| kubectl replace -f -Kubalulekile ukuqaphela ukuba le miyalelo mibini ilandelayo, eyenziwa ngokulandelelanayo, iya kuphunyezwa ngempumelelo, ekubeni deployment.yaml ayinampahla .metadata.resourceVersion
$ kubectl create -f deployment.yaml
$ kubectl replace -f deployment.yamlOku kuya kubonakala kuchasene noko kuthethwa ngasentla, okt. "yongeza resourceVersion kwi metadata echaziweyo." Ngaba ayilunganga ukuyithetha loo nto? Hayi, akunjalo, kuba ukuba kubectl izaziso ongazichazanga resourceVersion, izakuyifunda kwisixhobo kwaye yongeze kuluhlu olukhankanyileyo, kwaye emva koko iphumeze replace. Ngenxa yokuba oku kunokuba yingozi ukuba uthembele kwi-atomicity, umlingo usebenza ngokupheleleyo kwicala kubectl, akufuneki uthembele kuyo xa usebenzisa iilayibrari zabathengi abasebenza nge-API. Kulo mzekelo kuya kufuneka ufunde iinkcukacha zomthombo wangoku, uhlaziye kwaye emva koko uphumeze PUT isicelo.
Awukwazi ukwenza ipatch - sithatha indawo
Ngamanye amaxesha kufuneka wenze utshintsho oluthile olungenakuphathwa yi-API. Kwezi meko, unokunyanzela ukutshintshwa kovimba ngokucima kunye nokwenza kwakhona. Oku kwenziwa ngokusebenzisa kubectl replace --force. Ukuqhuba umyalelo ngokukhawuleza kususa izixhobo kwaye emva koko kuzibuyisela kwinkcazo enikiweyo. Akukho "force replacement" handler kwi-API, kwaye ukuze wenze njalo nge-API, kufuneka wenze imisebenzi emibini. Okokuqala kufuneka ucime uvimba ngokuwumisela gracePeriodSeconds ukuya ku-zero (0) kunye propagationPolicy ku-"Ngasemva" kwaye wenze kwakhona lo vimba kunye neenkcukacha ezifunekayo.
Isilumkiso: Le ndlela yokusebenza inokuba nobungozi kwaye inokukhokelela kwimeko engachazwanga.
Faka isicelo kwicala lomncedisi
Njengoko kukhankanyiwe ngasentla, abaphuhlisi be-Kubernetes basebenza ekuphumezeni ingqiqo apply ΠΈΠ· kubectl kwiKubernetes API. Iingqiqo apply ifumaneka Kubernetes 1.18 nge kubectl apply --server-side okanye nge-API usebenzisa indlela PATCH Ρ content-type application/apply-patch+YAML.
Qaphela: I-JSON ikwayi-YAML esebenzayo, ke ungathumela iinkcukacha njenge-JSON nokuba
content-typeiya kubaapplication/apply-patch+yaml.
Ngaphandle kwaloo ngqiqo kubectl ifumaneka kuye wonke umntu nge-API, apply kwicala lomncedisi, igcina umkhondo wokuba ngubani onoxanduva lwemihlaba ebaluliweyo, ngaloo ndlela ivumela ufikelelo oluninzi olukhuselekileyo lohlelo lwayo olungenangquzulwano. Ngamanye amazwi, ukuba apply kwicala lomncedisi lizakwanda kakhulu, ujongano lolawulo lwezixhobo ezikhuselekileyo luzakuvela kubathengi abahlukeneyo, umzekelo, kubectl, iPulumi okanye iTerraform, iGitOps, kunye nezikripthi ezizibhalayo usebenzisa iilayibrari zabathengi.
Iziphumo
Ndiyathemba ukuba olu mboniso lufutshane lweendlela ezahlukeneyo zokuhlaziya izixhobo kumaqela lube luncedo kuwe. Kuhle ukwazi ukuba ayisebenzi xa ithelekiswa nokutshintsha kuyenzeka ukuhlaziya uvimba usebenzisa sebenzisa, ukuhlela, isiziba, okanye indawo. Ngapha koko, ngokomgaqo, indlela nganye inendawo yayo yesicelo. Kutshintsho lweatom, indawo iyakhethwa; kungenjalo, kuya kufuneka usebenzise isiqwenga sokudibanisa ngokusebenza Ubuncinci, ndilindele ukuba uqonde ukuba awunakuthemba uGoogle okanye iStackOerflow xa ukhangela "kubernetes apply vs replace". Ubuncinci de eli nqaku lithathe indawo yempendulo yangoku.
umthombo: www.habr.com