- murasilẹ fun , eyiti o fun ọ laaye lati ṣe apejuwe ọpọlọpọ awọn idasilẹ Helm ni aye kan, ṣe afiwe awọn shatti wọn fun awọn agbegbe pupọ, ati tun ṣeto aṣẹ ti imuṣiṣẹ wọn.
O le ka nipa helmfile funrararẹ ati awọn apẹẹrẹ ti lilo ninu и .
A yoo faramọ pẹlu awọn ọna ti kii ṣe kedere lati ṣapejuwe awọn idasilẹ ni helmfile
Jẹ ki a sọ pe a ni idii ti awọn shatti helm (fun apẹẹrẹ, jẹ ki a sọ postgres ati diẹ ninu awọn ohun elo ẹhin) ati awọn agbegbe pupọ (awọn iṣupọ kubernetes pupọ, awọn aaye orukọ pupọ, tabi pupọ ti awọn mejeeji). A mu helmfile, ka iwe ati bẹrẹ lati ṣe apejuwe awọn agbegbe ati awọn idasilẹ:
.
├── envs
│ ├── devel
│ │ └── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
│ └── production
│ └── values
│ ├── backend.yaml
│ └── postgres.yaml
└── helmfile.yamlhelmfile.yaml
environments:
devel:
production:
releases:
- name: postgres
labels:
app: postgres
wait: true
chart: stable/postgresql
version: 8.4.0
values:
- envs/{{ .Environment.Name }}/values/postgres.yaml
- name: backend
labels:
app: backend
wait: true
chart: private-helm-repo/backend
version: 1.0.5
needs:
- postgres
values:
- envs/{{ .Environment.Name }}/values/backend.yamlA pari pẹlu awọn agbegbe 2: devel, gbóògì - ọkọọkan ni awọn iye tirẹ fun awọn shatti itusilẹ Helm. A yoo ran wọn lọwọ gẹgẹbi eyi:
helmfile -n <namespace> -e <env> applyAwọn ẹya oriṣiriṣi ti awọn shatti Helm ni awọn agbegbe oriṣiriṣi
Kini ti a ba nilo lati yi awọn ẹya oriṣiriṣi ti ẹhin pada si awọn agbegbe oriṣiriṣi? Bawo ni lati parameterize awọn Tu version? Awọn iye ayika ti o wa nipasẹ {{ .Values }}
helmfile.yaml
environments:
devel:
+ values:
+ - charts:
+ versions:
+ backend: 1.1.0
production:
+ values:
+ - charts:
+ versions:
+ backend: 1.0.5
...
- name: backend
labels:
app: backend
wait: true
chart: private-helm-repo/backend
- version: 1.0.5
+ version: {{ .Values.charts.versions.backend }}
...O yatọ si ṣeto ti ohun elo ni orisirisi awọn agbegbe
Nla, ṣugbọn kini ti a ko ba nilo production yi jade postgres, nitori a mọ pe a ko nilo lati Titari awọn database sinu k8s ati fun tita a ni ìyanu kan lọtọ postgres iṣupọ? Lati yanju iṣoro yii a ni awọn aami
helmfile -n <namespace> -e devel apply
helmfile -n <namespace> -e production -l app=backend applyEyi jẹ nla, ṣugbọn tikalararẹ Mo fẹ lati ṣapejuwe iru awọn ohun elo lati fi ranṣẹ ni agbegbe kii ṣe lilo awọn ariyanjiyan ifilọlẹ, ṣugbọn ni apejuwe awọn agbegbe funrararẹ. Kin ki nse? O le gbe awọn apejuwe itusilẹ sinu folda ti o yatọ, ṣẹda atokọ ti awọn idasilẹ pataki ni apejuwe agbegbe ati “gbe” nikan awọn idasilẹ pataki, foju kọju si iyokù
.
├── envs
│ ├── devel
│ │ └── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
│ └── production
│ └── values
│ ├── backend.yaml
│ └── postgres.yaml
+ ├── releases
+ │ ├── backend.yaml
+ │ └── postgres.yaml
└── helmfile.yaml
helmfile.yaml
environments:
devel:
values:
- charts:
versions:
backend: 1.1.0
- apps:
- postgres
- backend
production:
values:
- charts:
versions:
backend: 1.0.5
- apps:
- backend
- releases:
- - name: postgres
- labels:
- app: postgres
- wait: true
- chart: stable/postgresql
- version: 8.4.0
- values:
- - envs/{{ .Environment.Name }}/values/postgres.yaml
- - name: backend
- labels:
- app: backend
- wait: true
- chart: private-helm-repo/backend
- version: {{ .Values.charts.versions.backend }}
- needs:
- - postgres
- values:
- - envs/{{ .Environment.Name }}/values/backend.yaml
+ ---
+ bases:
+ {{- range .Values.apps }}
+ - releases/{{ . }}.yaml
+ {{- end }}releases/postgres.yaml
releases:
- name: postgres
labels:
app: postgres
wait: true
chart: stable/postgresql
version: 8.4.0
values:
- envs/{{ .Environment.Name }}/values/postgres.yamlreleases/backend.yaml
releases:
- name: backend
labels:
app: backend
wait: true
chart: private-helm-repo/backend
version: {{ .Values.charts.versions.backend }}
needs:
- postgres
values:
- envs/{{ .Environment.Name }}/values/backend.yamlAkọsilẹ naa
Lilo bases: o jẹ dandan lati lo yaml separator ---, ki o le ṣe apẹrẹ awọn idasilẹ (ati awọn ẹya miiran, gẹgẹbi awọn helmDefaults) pẹlu awọn iye lati awọn agbegbe
Ni ọran yii, itusilẹ postgres kii yoo paapaa wa ninu apejuwe fun iṣelọpọ. Ni itunu pupọ!
Awọn iye agbaye ti o bori fun awọn idasilẹ
Nitoribẹẹ, o dara pe o le ṣeto awọn iye fun awọn shatti helm fun agbegbe kọọkan, ṣugbọn kini ti a ba ni awọn agbegbe pupọ ti a ṣalaye, ati pe a fẹ, fun apẹẹrẹ, lati ṣeto kanna fun gbogbo affinity, ṣugbọn a ko fẹ lati tunto rẹ nipasẹ aiyipada ni awọn shatti funrara wọn, ti a fipamọ sinu awọn turnips.
Ni ọran yii, fun itusilẹ kọọkan a le ṣalaye awọn faili 2 pẹlu awọn iye: akọkọ pẹlu awọn iye aiyipada, eyiti yoo pinnu awọn iye ti chart funrararẹ, ati ekeji pẹlu awọn iye fun agbegbe, eyiti o jẹ pe yoo bori awọn aiyipada.
.
├── envs
+ │ ├── default
+ │ │ └── values
+ │ │ ├── backend.yaml
+ │ │ └── postgres.yaml
│ ├── devel
│ │ └── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
│ └── production
│ └── values
│ ├── backend.yaml
│ └── postgres.yaml
├── releases
│ ├── backend.yaml
│ └── postgres.yaml
└── helmfile.yamlreleases/backend.yaml
releases:
- name: backend
labels:
app: backend
wait: true
chart: private-helm-repo/backend
version: {{ .Values.charts.versions.backend }}
needs:
- postgres
values:
+ - envs/default/values/backend.yaml
- envs/{{ .Environment.Name }}/values/backend.yamlenvs/default/values/backend.yaml
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 1
podAffinityTerm:
labelSelector:
matchExpressions:
- key: app.kubernetes.io/name
operator: In
values:
- backend
topologyKey: "kubernetes.io/hostname"Ti n ṣalaye awọn iye agbaye fun awọn shatti helm ti gbogbo awọn idasilẹ ni ipele agbegbe
Jẹ ká sọ pé a ṣẹda orisirisi ingress ni orisirisi awọn idasilẹ - a le pẹlu ọwọ setumo fun kọọkan chart hosts:, ṣugbọn ninu ọran wa aaye naa jẹ kanna, nitorina kilode ti o ko fi sii ni diẹ ninu awọn oniyipada agbaye ati ki o rọrun paarọ iye rẹ sinu awọn shatti naa? Lati ṣe eyi, awọn faili wọnyẹn pẹlu awọn iye ti a fẹ lati paramita yoo ni lati ni itẹsiwaju .gotmpl, ki helmfile mọ pe o nilo lati ṣiṣẹ nipasẹ ẹrọ awoṣe.
.
├── envs
│ ├── default
│ │ └── values
- │ │ ├── backend.yaml
- │ │ ├── postgres.yaml
+ │ │ ├── backend.yaml.gotmpl
+ │ │ └── postgres.yaml.gotmpl
│ ├── devel
│ │ └── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
│ └── production
│ └── values
│ ├── backend.yaml
│ └── postgres.yaml
├── releases
│ ├── backend.yaml
│ └── postgres.yaml
└── helmfile.yamlhelmfile.yaml
environments:
devel:
values:
- charts:
versions:
backend: 1.1.0
- apps:
- postgres
- backend
+ - global:
+ ingressDomain: k8s.devel.domain
production:
values:
- charts:
versions:
backend: 1.0.5
- apps:
- backend
+ - global:
+ ingressDomain: production.domain
---
bases:
{{- range .Values.apps }}
- releases/{{ . }}.yaml
{{- end }}envs/default/values/backend.yaml.gotmpl
ingress:
enabled: true
paths:
- /api
hosts:
- {{ .Values.global.ingressDomain }}envs/default/values/postgres.yaml.gotmpl
ingress:
enabled: true
paths:
- /
hosts:
- postgres.{{ .Values.global.ingressDomain }}Akọsilẹ naa
O han ni, ingress ninu iwe ifiweranṣẹ postgres jẹ nkan ti o ni iyemeji pupọ, nitorinaa a fun nkan yii ni irọrun bi apẹẹrẹ iyipo ni igbale ati lati ma ṣe ṣafihan itusilẹ tuntun kan sinu nkan naa o kan nitori ti n ṣapejuwe ingress
Fidipo awọn aṣiri lati awọn iye ayika
Nipa afiwe pẹlu apẹẹrẹ loke, o le paarọ awọn ti paroko ni lilo itumo. Dipo ṣiṣẹda faili aṣiri tiwa fun itusilẹ kọọkan, ninu eyiti a le ṣalaye awọn iye ti paroko fun chart naa, a le ṣalaye nirọrun ni itusilẹ aiyipada.yaml.gotmpl awọn iye ti yoo gba lati awọn oniyipada ti asọye ni ipele ayika. Ati awọn iye ti a ko nilo lati tọju fun ẹnikẹni ni a le ṣe atunṣe ni irọrun ni awọn iye idasilẹ ni agbegbe kan pato.
.
├── envs
│ ├── default
│ │ └── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
│ ├── devel
│ │ ├── values
│ │ │ ├── backend.yaml
│ │ │ └── postgres.yaml
+ │ │ └── secrets.yaml
│ └── production
│ ├── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
+ │ └── secrets.yaml
├── releases
│ ├── backend.yaml
│ └── postgres.yaml
└── helmfile.yamlhelmfile.yaml
environments:
devel:
values:
- charts:
versions:
backend: 1.1.0
- apps:
- postgres
- backend
- global:
ingressDomain: k8s.devel.domain
+ secrets:
+ - envs/devel/secrets.yaml
production:
values:
- charts:
versions:
backend: 1.0.5
- apps:
- backend
- global:
ingressDomain: production.domain
+ secrets:
+ - envs/production/secrets.yaml
---
bases:
{{- range .Values.apps }}
- releases/{{ . }}.yaml
{{- end }}envs/devel/secrets.yaml
secrets:
elastic:
password: ENC[AES256_GCM,data:hjCB,iv:Z1P6/6xBJgJoKLJ0UUVfqZ80o4L84jvZfM+uH9gBelc=,tag:dGqQlCZnLdRAGoJSj63rBQ==,type:int]
...envs/production/secrets.yaml
secrets:
elastic:
password: ENC[AES256_GCM,data:ZB/VpTFk8f0=,iv:EA//oT1Cb5wNFigTDOz3nA80qD9UwTjK5cpUwLnEXjs=,tag:hMdIUaqLRA8zuFBd82bz6A==,type:str]
...envs/default/values/backend.yaml.gotmpl
elasticsearch:
host: elasticsearch
port: 9200
password: {{ .Values | getOrNil "secrets.elastic.password" | default "password" }}envs/devel/values/backend.yaml
elasticsearch:
host: elastic-0.devel.domainenvs/production/values/backend.yaml
elasticsearch:
host: elastic-0.production.domainAkọsilẹ naa
Nipa ọna, getOrNil - iṣẹ pataki kan fun awọn awoṣe lọ ni helmfile, eyiti, paapaa ti .Values.secrets kii yoo wa, kii yoo jabọ aṣiṣe, ṣugbọn yoo gba abajade laaye nipa lilo iṣẹ naa default aropo aiyipada iye
ipari
Awọn nkan ti a ṣapejuwe dabi ohun ti o han gedegbe, ṣugbọn alaye lori ijuwe irọrun ti imuṣiṣẹ si awọn agbegbe pupọ nipa lilo helmfile jẹ ṣọwọn pupọ, ati pe Mo nifẹ IaC (Amayederun-bi-koodu) ati pe Mo fẹ lati ni ijuwe ti o han gbangba ti ipo imuṣiṣẹ.
Ni ipari, Emi yoo fẹ lati ṣafikun pe awọn oniyipada fun agbegbe aiyipada le, lapapọ, jẹ parameterized pẹlu awọn oniyipada ayika ti OS ti olusare kan lati eyiti yoo ṣe ifilọlẹ imuṣiṣẹ naa, ati nitorinaa gba awọn agbegbe ti o ni agbara.
helmfile.yaml
environments:
default:
values:
- global:
clusterDomain: {{ env "CLUSTER_DOMAIN" | default "cluster.local" }}
ingressDomain: {{ env "INGRESS_DOMAIN" }}orisun: www.habr.com