O le ka nipa helmfile funrararẹ ati awọn apẹẹrẹ ti lilo ninu
A yoo faramọ pẹlu awọn ọna ti kii ṣe kedere lati ṣapejuwe awọn idasilẹ ni helmfile
Jẹ ki a sọ pe a ni idii ti awọn shatti helm (fun apẹẹrẹ, jẹ ki a sọ postgres ati diẹ ninu awọn ohun elo ẹhin) ati awọn agbegbe pupọ (awọn iṣupọ kubernetes pupọ, awọn aaye orukọ pupọ, tabi pupọ ti awọn mejeeji). A mu helmfile, ka iwe ati bẹrẹ lati ṣe apejuwe awọn agbegbe ati awọn idasilẹ:
.
├── envs
│ ├── devel
│ │ └── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
│ └── production
│ └── values
│ ├── backend.yaml
│ └── postgres.yaml
└── helmfile.yaml
helmfile.yaml
environments:
devel:
production:
releases:
- name: postgres
labels:
app: postgres
wait: true
chart: stable/postgresql
version: 8.4.0
values:
- envs/{{ .Environment.Name }}/values/postgres.yaml
- name: backend
labels:
app: backend
wait: true
chart: private-helm-repo/backend
version: 1.0.5
needs:
- postgres
values:
- envs/{{ .Environment.Name }}/values/backend.yaml
A pari pẹlu awọn agbegbe 2: devel, gbóògì - ọkọọkan ni awọn iye tirẹ fun awọn shatti itusilẹ Helm. A yoo ran wọn lọwọ gẹgẹbi eyi:
helmfile -n <namespace> -e <env> apply
Awọn ẹya oriṣiriṣi ti awọn shatti Helm ni awọn agbegbe oriṣiriṣi
Kini ti a ba nilo lati yi awọn ẹya oriṣiriṣi ti ẹhin pada si awọn agbegbe oriṣiriṣi? Bawo ni lati parameterize awọn Tu version? Awọn iye ayika ti o wa nipasẹ {{ .Values }}
helmfile.yaml
environments:
devel:
+ values:
+ - charts:
+ versions:
+ backend: 1.1.0
production:
+ values:
+ - charts:
+ versions:
+ backend: 1.0.5
...
- name: backend
labels:
app: backend
wait: true
chart: private-helm-repo/backend
- version: 1.0.5
+ version: {{ .Values.charts.versions.backend }}
...
O yatọ si ṣeto ti ohun elo ni orisirisi awọn agbegbe
Nla, ṣugbọn kini ti a ko ba nilo production
yi jade postgres, nitori a mọ pe a ko nilo lati Titari awọn database sinu k8s ati fun tita a ni ìyanu kan lọtọ postgres iṣupọ? Lati yanju iṣoro yii a ni awọn aami
helmfile -n <namespace> -e devel apply
helmfile -n <namespace> -e production -l app=backend apply
Eyi jẹ nla, ṣugbọn tikalararẹ Mo fẹ lati ṣapejuwe iru awọn ohun elo lati fi ranṣẹ ni agbegbe kii ṣe lilo awọn ariyanjiyan ifilọlẹ, ṣugbọn ni apejuwe awọn agbegbe funrararẹ. Kin ki nse? O le gbe awọn apejuwe itusilẹ sinu folda ti o yatọ, ṣẹda atokọ ti awọn idasilẹ pataki ni apejuwe agbegbe ati “gbe” nikan awọn idasilẹ pataki, foju kọju si iyokù
.
├── envs
│ ├── devel
│ │ └── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
│ └── production
│ └── values
│ ├── backend.yaml
│ └── postgres.yaml
+ ├── releases
+ │ ├── backend.yaml
+ │ └── postgres.yaml
└── helmfile.yaml
helmfile.yaml
environments:
devel:
values:
- charts:
versions:
backend: 1.1.0
- apps:
- postgres
- backend
production:
values:
- charts:
versions:
backend: 1.0.5
- apps:
- backend
- releases:
- - name: postgres
- labels:
- app: postgres
- wait: true
- chart: stable/postgresql
- version: 8.4.0
- values:
- - envs/{{ .Environment.Name }}/values/postgres.yaml
- - name: backend
- labels:
- app: backend
- wait: true
- chart: private-helm-repo/backend
- version: {{ .Values.charts.versions.backend }}
- needs:
- - postgres
- values:
- - envs/{{ .Environment.Name }}/values/backend.yaml
+ ---
+ bases:
+ {{- range .Values.apps }}
+ - releases/{{ . }}.yaml
+ {{- end }}
releases/postgres.yaml
releases:
- name: postgres
labels:
app: postgres
wait: true
chart: stable/postgresql
version: 8.4.0
values:
- envs/{{ .Environment.Name }}/values/postgres.yaml
releases/backend.yaml
releases:
- name: backend
labels:
app: backend
wait: true
chart: private-helm-repo/backend
version: {{ .Values.charts.versions.backend }}
needs:
- postgres
values:
- envs/{{ .Environment.Name }}/values/backend.yaml
Akọsilẹ naa
Lilo bases:
o jẹ dandan lati lo yaml separator ---
, ki o le ṣe apẹrẹ awọn idasilẹ (ati awọn ẹya miiran, gẹgẹbi awọn helmDefaults) pẹlu awọn iye lati awọn agbegbe
Ni ọran yii, itusilẹ postgres kii yoo paapaa wa ninu apejuwe fun iṣelọpọ. Ni itunu pupọ!
Awọn iye agbaye ti o bori fun awọn idasilẹ
Nitoribẹẹ, o dara pe o le ṣeto awọn iye fun awọn shatti helm fun agbegbe kọọkan, ṣugbọn kini ti a ba ni awọn agbegbe pupọ ti a ṣalaye, ati pe a fẹ, fun apẹẹrẹ, lati ṣeto kanna fun gbogbo affinity
, ṣugbọn a ko fẹ lati tunto rẹ nipasẹ aiyipada ni awọn shatti funrara wọn, ti a fipamọ sinu awọn turnips.
Ni ọran yii, fun itusilẹ kọọkan a le ṣalaye awọn faili 2 pẹlu awọn iye: akọkọ pẹlu awọn iye aiyipada, eyiti yoo pinnu awọn iye ti chart funrararẹ, ati ekeji pẹlu awọn iye fun agbegbe, eyiti o jẹ pe yoo bori awọn aiyipada.
.
├── envs
+ │ ├── default
+ │ │ └── values
+ │ │ ├── backend.yaml
+ │ │ └── postgres.yaml
│ ├── devel
│ │ └── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
│ └── production
│ └── values
│ ├── backend.yaml
│ └── postgres.yaml
├── releases
│ ├── backend.yaml
│ └── postgres.yaml
└── helmfile.yaml
releases/backend.yaml
releases:
- name: backend
labels:
app: backend
wait: true
chart: private-helm-repo/backend
version: {{ .Values.charts.versions.backend }}
needs:
- postgres
values:
+ - envs/default/values/backend.yaml
- envs/{{ .Environment.Name }}/values/backend.yaml
envs/default/values/backend.yaml
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 1
podAffinityTerm:
labelSelector:
matchExpressions:
- key: app.kubernetes.io/name
operator: In
values:
- backend
topologyKey: "kubernetes.io/hostname"
Ti n ṣalaye awọn iye agbaye fun awọn shatti helm ti gbogbo awọn idasilẹ ni ipele agbegbe
Jẹ ká sọ pé a ṣẹda orisirisi ingress ni orisirisi awọn idasilẹ - a le pẹlu ọwọ setumo fun kọọkan chart hosts:
, ṣugbọn ninu ọran wa aaye naa jẹ kanna, nitorina kilode ti o ko fi sii ni diẹ ninu awọn oniyipada agbaye ati ki o rọrun paarọ iye rẹ sinu awọn shatti naa? Lati ṣe eyi, awọn faili wọnyẹn pẹlu awọn iye ti a fẹ lati paramita yoo ni lati ni itẹsiwaju .gotmpl
, ki helmfile mọ pe o nilo lati ṣiṣẹ nipasẹ ẹrọ awoṣe.
.
├── envs
│ ├── default
│ │ └── values
- │ │ ├── backend.yaml
- │ │ ├── postgres.yaml
+ │ │ ├── backend.yaml.gotmpl
+ │ │ └── postgres.yaml.gotmpl
│ ├── devel
│ │ └── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
│ └── production
│ └── values
│ ├── backend.yaml
│ └── postgres.yaml
├── releases
│ ├── backend.yaml
│ └── postgres.yaml
└── helmfile.yaml
helmfile.yaml
environments:
devel:
values:
- charts:
versions:
backend: 1.1.0
- apps:
- postgres
- backend
+ - global:
+ ingressDomain: k8s.devel.domain
production:
values:
- charts:
versions:
backend: 1.0.5
- apps:
- backend
+ - global:
+ ingressDomain: production.domain
---
bases:
{{- range .Values.apps }}
- releases/{{ . }}.yaml
{{- end }}
envs/default/values/backend.yaml.gotmpl
ingress:
enabled: true
paths:
- /api
hosts:
- {{ .Values.global.ingressDomain }}
envs/default/values/postgres.yaml.gotmpl
ingress:
enabled: true
paths:
- /
hosts:
- postgres.{{ .Values.global.ingressDomain }}
Akọsilẹ naa
O han ni, ingress ninu iwe ifiweranṣẹ postgres jẹ nkan ti o ni iyemeji pupọ, nitorinaa a fun nkan yii ni irọrun bi apẹẹrẹ iyipo ni igbale ati lati ma ṣe ṣafihan itusilẹ tuntun kan sinu nkan naa o kan nitori ti n ṣapejuwe ingress
Fidipo awọn aṣiri lati awọn iye ayika
Nipa afiwe pẹlu apẹẹrẹ loke, o le paarọ awọn ti paroko ni lilo
.
├── envs
│ ├── default
│ │ └── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
│ ├── devel
│ │ ├── values
│ │ │ ├── backend.yaml
│ │ │ └── postgres.yaml
+ │ │ └── secrets.yaml
│ └── production
│ ├── values
│ │ ├── backend.yaml
│ │ └── postgres.yaml
+ │ └── secrets.yaml
├── releases
│ ├── backend.yaml
│ └── postgres.yaml
└── helmfile.yaml
helmfile.yaml
environments:
devel:
values:
- charts:
versions:
backend: 1.1.0
- apps:
- postgres
- backend
- global:
ingressDomain: k8s.devel.domain
+ secrets:
+ - envs/devel/secrets.yaml
production:
values:
- charts:
versions:
backend: 1.0.5
- apps:
- backend
- global:
ingressDomain: production.domain
+ secrets:
+ - envs/production/secrets.yaml
---
bases:
{{- range .Values.apps }}
- releases/{{ . }}.yaml
{{- end }}
envs/devel/secrets.yaml
secrets:
elastic:
password: ENC[AES256_GCM,data:hjCB,iv:Z1P6/6xBJgJoKLJ0UUVfqZ80o4L84jvZfM+uH9gBelc=,tag:dGqQlCZnLdRAGoJSj63rBQ==,type:int]
...
envs/production/secrets.yaml
secrets:
elastic:
password: ENC[AES256_GCM,data:ZB/VpTFk8f0=,iv:EA//oT1Cb5wNFigTDOz3nA80qD9UwTjK5cpUwLnEXjs=,tag:hMdIUaqLRA8zuFBd82bz6A==,type:str]
...
envs/default/values/backend.yaml.gotmpl
elasticsearch:
host: elasticsearch
port: 9200
password: {{ .Values | getOrNil "secrets.elastic.password" | default "password" }}
envs/devel/values/backend.yaml
elasticsearch:
host: elastic-0.devel.domain
envs/production/values/backend.yaml
elasticsearch:
host: elastic-0.production.domain
Akọsilẹ naa
Nipa ọna, getOrNil
- iṣẹ pataki kan fun awọn awoṣe lọ ni helmfile, eyiti, paapaa ti .Values.secrets
kii yoo wa, kii yoo jabọ aṣiṣe, ṣugbọn yoo gba abajade laaye nipa lilo iṣẹ naa default
aropo aiyipada iye
ipari
Awọn nkan ti a ṣapejuwe dabi ohun ti o han gedegbe, ṣugbọn alaye lori ijuwe irọrun ti imuṣiṣẹ si awọn agbegbe pupọ nipa lilo helmfile jẹ ṣọwọn pupọ, ati pe Mo nifẹ IaC (Amayederun-bi-koodu) ati pe Mo fẹ lati ni ijuwe ti o han gbangba ti ipo imuṣiṣẹ.
Ni ipari, Emi yoo fẹ lati ṣafikun pe awọn oniyipada fun agbegbe aiyipada le, lapapọ, jẹ parameterized pẹlu awọn oniyipada ayika ti OS ti olusare kan lati eyiti yoo ṣe ifilọlẹ imuṣiṣẹ naa, ati nitorinaa gba awọn agbegbe ti o ni agbara.
helmfile.yaml
environments:
default:
values:
- global:
clusterDomain: {{ env "CLUSTER_DOMAIN" | default "cluster.local" }}
ingressDomain: {{ env "INGRESS_DOMAIN" }}
orisun: www.habr.com