Mo ti kowe laipe , nibiti o ti mẹnuba ni ṣoki pe o le ṣe eto iṣeto ti ara rẹ ki iṣẹ naa ṣiṣẹ daradara ni Kuber, fa awọn aṣiri, ati ṣiṣe ni irọrun ni agbegbe, paapaa ni ita Docker lapapọ. Ko si ohun ti o ni idiju, ṣugbọn “ohunelo” ti a ṣalaye le wulo fun ẹnikan :) Awọn koodu wa ni Python, ṣugbọn ọgbọn naa ko ni asopọ si ede naa.
Ipilẹṣẹ si ibeere naa ni eyi: ni ẹẹkan lori akoko iṣẹ akanṣe kan wa, ni akọkọ o jẹ monolith kekere kan pẹlu awọn ohun elo ati awọn iwe afọwọkọ, ṣugbọn ni akoko pupọ o dagba, pin si awọn iṣẹ, eyiti o bẹrẹ si pin si awọn iṣẹ microservices, ati lẹhinna gbe soke. Ni akọkọ, gbogbo eyi ni a ṣe lori VPS igboro, awọn ilana ti iṣeto ati fifi koodu ranṣẹ lori eyiti o jẹ adaṣe adaṣe ni lilo Ansible, ati pe iṣẹ kọọkan ni akopọ pẹlu atunto YAML pẹlu awọn eto pataki ati awọn bọtini, ati pe a lo iru faili atunto kan fun. awọn ifilọlẹ agbegbe, eyiti o rọrun pupọ, nitori .k atunto yii ti kojọpọ sinu ohun kan agbaye, wiwọle lati ibikibi ninu iṣẹ naa.
Sibẹsibẹ, awọn idagba ninu awọn nọmba ti microservices, wọn awọn isopọ, ati , ṣe afihan gbigbe si Kuber, eyiti o tun wa ni ilọsiwaju. Paapọ pẹlu iranlọwọ ni ipinnu awọn iṣoro ti a mẹnuba, Kubernetes nfunni ni awọn ọna rẹ si iṣakoso amayederun, pẹlu и . Ilana naa jẹ boṣewa ati igbẹkẹle, nitorinaa o jẹ ẹṣẹ gangan lati ma lo! Ṣugbọn ni akoko kanna, Emi yoo fẹ lati ṣetọju ọna kika lọwọlọwọ mi fun ṣiṣẹ pẹlu atunto: ni akọkọ, lati lo ni iṣọkan ni oriṣiriṣi awọn iṣẹ microservices ti iṣẹ naa, ati keji, lati ni anfani lati ṣiṣẹ koodu naa lori ẹrọ agbegbe ni lilo ọkan ti o rọrun. faili atunto.
Ni iyi yii, ẹrọ fun kikọ nkan atunto ni a yipada lati ni anfani lati ṣiṣẹ mejeeji pẹlu faili atunto Ayebaye wa ati pẹlu awọn aṣiri lati Kuber. Ilana atunto lile diẹ sii tun jẹ pato, ni ede ti Python kẹta, gẹgẹbi atẹle:
Dict[str, Dict[str, Union[str, int, float]]]
Iyẹn ni, cogfig ikẹhin jẹ iwe-itumọ pẹlu awọn apakan ti a darukọ, ọkọọkan eyiti o jẹ iwe-itumọ pẹlu awọn iye lati awọn oriṣi ti o rọrun. Ati awọn apakan ṣe apejuwe iṣeto ati iraye si awọn orisun ti iru kan. Apeere ti nkan kan ti atunto wa:
adminka:
django_secret: "ExtraLongAndHardCode"
db_main:
engine: mysql
host: 256.128.64.32
user: cool_user
password: "SuperHardPassword"
redis:
host: 256.128.64.32
pw: "SuperHardPassword"
port: 26379
smtp:
server: smtp.gmail.com
port: 465
email: [email protected]
pw: "SuperHardPassword"Ni akoko kanna, aaye engine infomesonu le fi sori ẹrọ lori SQLite, ati redis ṣeto si mockNi pato tun orukọ faili lati fipamọ - awọn paramita wọnyi ni a mọ ni deede ati ni ilọsiwaju, eyiti o jẹ ki o rọrun lati ṣiṣẹ koodu ni agbegbe fun n ṣatunṣe aṣiṣe, idanwo ọkan ati awọn iwulo miiran. Eyi ṣe pataki julọ fun wa nitori ọpọlọpọ awọn iwulo miiran wa - apakan ti koodu wa ni ipinnu fun ọpọlọpọ awọn iṣiro itupalẹ, kii ṣe lori awọn olupin nikan pẹlu orchestration, ṣugbọn pẹlu ọpọlọpọ awọn iwe afọwọkọ, ati lori awọn kọnputa ti awọn atunnkanka ti o nilo lati ṣiṣẹ nipasẹ ati yokokoro eka data processing pipelines lai idaamu backend oran. Nipa ọna, kii yoo ṣe ipalara lati pin pe awọn irinṣẹ akọkọ wa, pẹlu koodu iṣeto atunto, ti fi sori ẹrọ nipasẹ setup.py - papọ eyi ṣopọ koodu wa sinu ilolupo ilolupo kan, ominira ti pẹpẹ ati ọna lilo.
Apejuwe ti adarọ ese Kubernetes kan dabi eyi:
containers:
- name : enter-api
image: enter-api:latest
ports:
- containerPort: 80
volumeMounts:
- name: db-main-secret-volume
mountPath: /etc/secrets/db-main
volumes:
- name: db-main-secret-volume
secret:
secretName: db-main-secretIyẹn ni, aṣiri kọọkan ṣe apejuwe apakan kan. Awọn aṣiri funra wọn ni a ṣẹda bi eleyi:
apiVersion: v1
kind: Secret
metadata:
name: db-main-secret
type: Opaque
stringData:
db_main.yaml: |
engine: sqlite
filename: main.sqlite3Papọ eyi ni abajade ni ṣiṣẹda awọn faili YAML ni ọna /etc/secrets/db-main/section_name.yaml
Ati fun awọn ifilọlẹ agbegbe, a ti lo atunto, ti o wa ninu itọsọna gbongbo ti iṣẹ akanṣe tabi ni ọna ti a sọ pato ni oniyipada ayika. Awọn koodu lodidi fun awọn wọnyi conveniences le ti wa ni ti ri ninu apanirun.
konfigi.py
__author__ = 'AivanF'
__copyright__ = 'Copyright 2020, AivanF'
import os
import yaml
__all__ = ['config']
PROJECT_DIR = os.path.abspath(__file__ + 3 * '/..')
SECRETS_DIR = '/etc/secrets'
KEY_LOG = '_config_log'
KEY_DBG = 'debug'
def is_yes(value):
if isinstance(value, str):
value = value.lower()
if value in ('1', 'on', 'yes', 'true'):
return True
else:
if value in (1, True):
return True
return False
def update_config_part(config, key, data):
if key not in config:
config[key] = data
else:
config[key].update(data)
def parse_big_config(config, filename):
'''
Parse YAML config with multiple section
'''
if not os.path.isfile(filename):
return False
with open(filename) as f:
config_new = yaml.safe_load(f.read())
for key, data in config_new.items():
update_config_part(config, key, data)
config[KEY_LOG].append(filename)
return True
def parse_tiny_config(config, key, filename):
'''
Parse YAML config with a single section
'''
with open(filename) as f:
config_tiny = yaml.safe_load(f.read())
update_config_part(config, key, config_tiny)
config[KEY_LOG].append(filename)
def combine_config():
config = {
# To debug config load code
KEY_LOG: [],
# To debug other code
KEY_DBG: is_yes(os.environ.get('DEBUG')),
}
# For simple local runs
CONFIG_SIMPLE = os.path.join(PROJECT_DIR, 'config.yaml')
parse_big_config(config, CONFIG_SIMPLE)
# For container's tests
CONFIG_ENVVAR = os.environ.get('CONFIG')
if CONFIG_ENVVAR is not None:
if not parse_big_config(config, CONFIG_ENVVAR):
raise ValueError(
f'No config file from EnvVar:n'
f'{CONFIG_ENVVAR}'
)
# For K8s secrets
for path, dirs, files in os.walk(SECRETS_DIR):
depth = path[len(SECRETS_DIR):].count(os.sep)
if depth > 1:
continue
for file in files:
if file.endswith('.yaml'):
filename = os.path.join(path, file)
key = file.rsplit('.', 1)[0]
parse_tiny_config(config, key, filename)
return config
def build_config():
config = combine_config()
# Preprocess
for key, data in config.items():
if key.startswith('db_'):
if data['engine'] == 'sqlite':
data['filename'] = os.path.join(PROJECT_DIR, data['filename'])
# To verify correctness
if config[KEY_DBG]:
print(f'** Loaded config:n{yaml.dump(config)}')
else:
print(f'** Loaded config from: {config[KEY_LOG]}')
return config
config = build_config()Imọye ti o wa nibi jẹ ohun rọrun: a darapọ awọn atunto nla lati itọsọna iṣẹ akanṣe ati awọn ọna nipasẹ oniyipada ayika, ati awọn apakan atunto kekere lati awọn aṣiri Kuber, ati lẹhinna ṣaju wọn diẹ. Plus diẹ ninu awọn oniyipada. Mo ṣe akiyesi pe nigba wiwa awọn faili lati awọn aṣiri, a lo aropin ijinle, nitori K8s ṣẹda folda ti o farapamọ ni aṣiri kọọkan nibiti a ti fipamọ awọn aṣiri funrararẹ, ati pe ọna asopọ kan wa ni ipele ti o ga julọ.
Mo nireti pe ohun ti a ṣalaye yoo wulo fun ẹnikan :) Eyikeyi awọn asọye ati awọn iṣeduro nipa aabo tabi awọn agbegbe miiran fun ilọsiwaju ni a gba. Ero agbegbe tun jẹ iyanilenu, boya o tọ lati ṣafikun atilẹyin fun ConfigMaps (iṣẹ akanṣe wa ko lo wọn sibẹsibẹ) ati titẹjade koodu naa lori GitHub / PyPI? Tikalararẹ, Mo ro pe iru awọn nkan bẹẹ jẹ ẹni kọọkan fun awọn iṣẹ akanṣe lati jẹ gbogbo agbaye, ati yoju diẹ si awọn imuse ti awọn eniyan miiran, bii eyiti a fun ni nibi, ati ijiroro ti awọn nuances, awọn imọran ati awọn iṣe ti o dara julọ, eyiti Mo nireti lati rii ninu awọn asọye. , ti to 😉
Awọn olumulo ti o forukọsilẹ nikan le kopa ninu iwadi naa. , Jowo.
Ṣe Mo ṣe atẹjade bi iṣẹ akanṣe kan / ile-ikawe?
-
0,0%Bẹẹni, Emi yoo lo / idasi0
-
33,3%Bẹẹni, iyẹn dun nla4
-
41,7%Rara, tani o nilo lati ṣe funrararẹ ni ọna kika tiwọn ati lati baamu awọn aini wọn5
-
25,0%Emi o yago fun idahun3
12 olumulo dibo. 3 olumulo abstained.
orisun: www.habr.com