Sizosebenzisa i-Gitlab CI kanye ne-GitOps yamanuwali ukuze siqalise futhi sisebenzise ukuthunyelwa kwe-Canary e-Kubernetes
Izindatshana ezivela kulolu chungechunge:
- (Lesi sihloko)
I-Canary Deployment isebenzisa i-ArgoCI - Ukuthunyelwa kwe-Canary kusetshenziswa i-Istio
- Ukuthunyelwa kwe-Canary kusetshenziswa i-Jenkins-X Istio Flagger
Sizokwenza ukuthunyelwa kwe-Canary mathupha nge-GitOps futhi sidale/silungise izinsiza eziyinhloko ze-Kubernetes. Lesi sihloko senzelwe ukwethulwa ukuthi ukuthunyelwa kusebenza kanjani ku-Kubernetes Canary, njengoba kunezindlela eziphumelela kakhulu zokuzenzakalela, esizozicabangela ezihlokweni ezilandelayo.
Ukuthunyelwa kwe-Canary
Ngesu le-Canary, izibuyekezo ziqala ukusetshenziswa kusethi encane yabasebenzisi. Ngokuqapha, idatha yelogi, ukuhlola mathupha, noma amanye amashaneli empendulo, ukukhishwa kuyahlolwa ngaphambi kokuthi kukhishelwe kubo bonke abasebenzisi.
I-Kubernetes Deployment (i-rolling update)
Isu elizenzakalelayo le-Kubernetes Deployment liyi-roll-update, lapho inani elithile lama-pods liqaliswa ngezinguqulo ezintsha zezithombe. Uma zidalwe ngaphandle kwezinkinga, ama-pods anezinguqulo ezindala zezithombe ayanqanyulwa, futhi ama-pods amasha adalwe ngokufana.
I-GitOps
Sisebenzisa i-GitOps kulesi sibonelo ngoba:
- usebenzisa i-Git njengomthombo owodwa weqiniso
- sisebenzisa i-Git Operations ukwakha nokuthumela (ayikho imiyalo ngaphandle kwe-git tag/merge edingekayo)
Isibonelo:
Masizijwayeze kahle - ukuba nenqolobane eyodwa yekhodi yesicelo kanye neyengqalasizinda.
Inqolobane yohlelo lokusebenza
Lena i-Python+Flask API elula kakhulu ebuyisela impendulo njenge-JSON. Sizokwakha iphakheji nge-GitlabCI futhi sisunduze umphumela ku-Gitlab Registry. Ekubhaliseni sinezinguqulo ezimbili ezihlukene zokukhishwa:
wuestkamp/k8s-deployment-example-app:v1
wuestkamp/k8s-deployment-example-app:v2
Umehluko kuphela phakathi kwazo wushintsho lwefayela le-JSON elibuyisiwe. Sisebenzisa lolu hlelo lokusebenza ukubona ngeso lengqondo kalula ngangokunokwenzeka ukuthi iyiphi inguqulo esixhumana nayo.
Inqolobane yengqalasizinda
Kule turnip sizohambisa nge-GitlabCI kuya e-Kubernetes, .gitlab-ci.yml
kubukeka kanjena:
image: traherom/kustomize-docker
before_script:
- printenv
- kubectl version
stages:
- deploy
deploy test:
stage: deploy
before_script:
- echo $KUBECONFIG
script:
- kubectl get all
- kubectl apply -f i/k8s
only:
- master
Ukuze uyiqhube ngokwakho uzodinga iqoqo, ungasebenzisa i-Gcloud:
gcloud container clusters create canary --num-nodes 3 --zone europe-west3-b
gcloud compute firewall-rules create incoming-80 --allow tcp:80
Udinga ukufohla KUBECONFIG
ku-GitlabCI, ezoqukatha ukulungiselelwa kokufinyelela kubectl
eqenjini lakho.
Ungafunda mayelana nendlela yokuthola izifakazelo zeqoqo (Gcloud)
Ingqalasizinda Yaml
Endaweni yengqalasizinda sinesevisi:
apiVersion: v1
kind: Service
metadata:
labels:
id: app
name: app
spec:
ports:
- port: 80
protocol: TCP
targetPort: 5000
selector:
id: app
type: LoadBalancer
Futhi ukuthunyelwa ku deploy.yaml
:
apiVersion: apps/v1
kind: Deployment
metadata:
name: app
spec:
replicas: 10
selector:
matchLabels:
id: app
type: main
template:
metadata:
labels:
id: app
type: main
spec:
containers:
- image: registry.gitlab.com/wuestkamp/k8s-deployment-example-app:v1
name: app
resources:
limits:
cpu: 100m
memory: 100Mi
Futhi okunye ukuthunyelwa ku deploy-canary.yaml
:
kind: Deployment
metadata:
name: app-canary
spec:
replicas: 0
selector:
matchLabels:
id: app
type: canary
template:
metadata:
labels:
id: app
type: canary
spec:
containers:
- image: registry.gitlab.com/wuestkamp/k8s-deployment-example-app:v2
name: app
resources:
limits:
cpu: 100m
memory: 100Mi
Qaphela ukuthi ukuphakelwa kohlelo lokusebenza akunazo izifaniso ezichaziwe okwamanje.
Ukwenza ukuthunyelwa kokuqala
Ukuze uqale ukuthunyelwa kokuqala, ungaqala ipayipi le-GitlabCI mathupha egatsheni eliyinhloko. Ngemva kwalokho kubectl
kufanele ikhiphe okulandelayo:
Siyabona app
ukuthunyelwa okunemifanekiso engu-10 kanye ne-app-canary eno-0. Kukhona ne-LoadBalancer esingafinyelela kuyo ngayo curl
nge-IP yangaphandle:
while true; do curl -s 35.198.149.232 | grep label; sleep 0.1; done
Siyabona ukuthi uhlelo lwethu lokusebenza lokuhlola lubuyisela kuphela "v1".
Isebenzisa ukuthunyelwa kwe-Canary
Isinyathelo 1: khulula inguqulo entsha yabanye abasebenzisi
Simisa inombolo yezifanekiso ku-1 kufayela le-deploy-canary.yaml kanye nesithombe senguqulo entsha:
kind: Deployment
metadata:
name: app-canary
spec:
replicas: 1
selector:
matchLabels:
id: app
type: canary
template:
metadata:
labels:
id: app
type: canary
spec:
containers:
- image: registry.gitlab.com/wuestkamp/k8s-deployment-example-app:v2
name: app
resources:
limits:
cpu: 100m
memory: 100Mi
Kufayela deploy.yaml
sishintshe inombolo yezifanekiso zaba ngu-9:
kind: Deployment
metadata:
name: app
spec:
replicas: 9
selector:
matchLabels:
id: app
...
Siphusha lezi zinguquko endaweni yokugcina lapho ukuthunyelwa kuzoqala khona (nge-GitlabCI) futhi sibone njengomphumela:
Isevisi yethu izokhomba kukho kokubili ukusetshenziswa, njengoba kokubili kunesikhethi sohlelo lokusebenza. Ngenxa yokungahleliwe okuzenzakalelayo kuka-Kubernetes, kufanele sibone izimpendulo ezihlukene ~ 10% wezicelo:
Isimo samanje sohlelo lwethu lokusebenza (i-GitOps, ethathwe ku-Git Njengomthombo Owodwa Weqiniso) ubukhona bezinto ezimbili ezisetshenziswayo ezinezifaniso ezisebenzayo, eyodwa yenguqulo ngayinye.
~10% wabasebenzisi bajwayelana nenguqulo entsha futhi bayihlole ngokungenhloso. Manje yisikhathi sokubheka amaphutha kulogi kanye nedatha yokuqapha ukuze uthole izinkinga.
Isinyathelo sesi-2: Khipha inguqulo entsha kubo bonke abasebenzisi
Sinqume ukuthi konke kuhambe kahle futhi manje sidinga ukukhipha inguqulo entsha kubo bonke abasebenzisi. Ukwenza lokhu simane sibuyekeze deploy.yaml
kufakwa inguqulo entsha yesithombe kanye nenani lezifaniso ezilingana no-10. In deploy-canary.yaml
sisetha inombolo yezifanekiso emuva kokuthi 0. Ngemuva kokuthunyelwa, umphumela uzoba kanje:
Ukufingqa
Kimina, ukusebenzisa ukuthunyelwa mathupha ngale ndlela kusiza ukuqonda ukuthi ingalungiseka kalula kanjani kusetshenziswa ama-k8. Njengoba i-Kubernetes ikuvumela ukuthi ubuyekeze yonke into nge-API, lezi zinyathelo zingenziwa ngokuzenzakalelayo ngemibhalo.
Enye into okudingeka isetshenziswe indawo yokungena yomhloli (LoadBalancer noma nge-Ingress) okungafinyelelwa ngayo inguqulo entsha kuphela. Ingasetshenziselwa ukuphequlula mathupha.
Ezihlokweni ezizayo, sizobheka ezinye izixazululo ezizenzakalelayo ezisebenzisa okuningi kwalokho esikwenzile.
Funda nezinye izindatshana kubhulogi yethu:
Ukufuduka kusuka ku-ClickHouse ngaphandle kokugunyazwa kuya ku-ClickHouse ngokugunyazwa kuholele kuphi? Ukwakha amamojula aguqukayo e-Nginx Buyekeza i-nxs-build-tools - umsizi wokwakha ideb kanye namaphakheji we-rpm Isingeniso se-Hashicorp Consul's Kubernetes Authorization Okwakufanele sibhekane nakho lapho sisebenzisa insiza ye-Csync2 I-Telegraph bot ye-Redmine. Ungayenza kanjani impilo ibe lula kuwe nakwabanye
Source: www.habr.com