Layisha ukulinganisa nokukala ukuxhumana okuhlala isikhathi eside e-Kubernetes

Lesi sihloko sizokusiza uqonde ukuthi ukulinganisa komthwalo kusebenza kanjani ku-Kubernetes, kwenzekani uma ukala ukuxhumeka okuhlala isikhathi eside, nokuthi kungani kufanele ucabangele ukulinganisa ohlangothini lweklayenti uma usebenzisa i-HTTP/2, gRPC, RSockets, AMQP, noma ezinye izimiso ezihlala isikhathi eside. . 

Okuncane mayelana nokuthi ithrafikhi isatshalaliswa kanjani kabusha e-Kubernetes 

I-Kubernetes ihlinzeka ngezifinyezo ezimbili ezilula zokusebenzisa izinhlelo zokusebenza: Izinsizakalo kanye Nokuthunyelwa.

Ukuthunyelwa kuchaza ukuthi mangaki amakhophi ohlelo lwakho lokusebenza okufanele asebenze nganoma yisiphi isikhathi. Uhlelo ngalunye lusetshenziswa njenge-Pod futhi lunikezwe ikheli le-IP.

Amasevisi ayafana ngomsebenzi nesilinganisi somthwalo. Zenzelwe ukusabalalisa ithrafikhi kuma-pod amaningi.

Ake sibone ukuthi ibukeka kanjani.

1. Kumdwebo ongezansi ungabona izimo ezintathu zohlelo olufanayo kanye nesilinganisi somthwalo:

   

2. Isilinganisi somthwalo sibizwa ngokuthi Isevisi futhi sinikezwe ikheli le-IP. Noma yisiphi isicelo esingenayo siqondiswa kabusha kwenye yamaphodi:

   

3. Isimo sokuphakelwa sinquma inani lezikhathi zohlelo lokusebenza. Cishe awusoze wadinga ukunweba ngokuqondile ngaphansi:

   

4. I-pod ngayinye inikezwe ikheli layo le-IP:

   

Kuwusizo ukucabanga ngamasevisi njengeqoqo lamakheli e-IP. Ngaso sonke isikhathi uma ufinyelela insizakalo, elinye lamakheli e-IP liyakhethwa ohlwini futhi lisetshenziswe njengekheli lendawo.

Kubukeka kanje.

1. Isicelo se-curl 10.96.45.152 samukelwe kusevisi:

   

2. Isevisi ikhetha ikheli elilodwa kwamathathu njengendawo okuyiwa kuyo:

   

3. Ithrafikhi iqondiswe kabusha endaweni ethile:

   

Uma isicelo sakho siqukethe i-frontend ne-backend, khona-ke uzoba nakho kokubili isevisi kanye nokuthunyelwa kwakho ngakunye.

Lapho i-frontend yenza isicelo ku-backend, ayidingi ukwazi kahle ukuthi mangaki ama-pods i-backend esebenzayo: kungaba eyodwa, ishumi, noma ikhulu.

Futhi, i-frontend ayazi lutho mayelana namakheli ama-pods akhonza i-backend.

Lapho i-frontend yenza isicelo ku-backend, isebenzisa ikheli le-IP lesevisi yasemuva, engashintshi.

Lokhu kubukeka kanjani.

1. Ngaphansi koku-1 ucela ingxenye yangaphakathi yangemuva. Esikhundleni sokukhetha ethize ye-backend, yenza isicelo kusevisi:

   

2. Isevisi ikhetha enye ye-backend pod njengekheli lendawo:

   

3. Ithrafikhi isuka ku-Pod 1 iye ku-Pod 5, ekhethwe isevisi:

   

4. Ngaphansi koku-1 akazi kahle ukuthi mangaki ama-pod afana nangaphansi koku-5 afihlwe ngemuva kwesevisi:

   

Kodwa isevisi isakaza kanjani izicelo? Kubonakala sengathi kusetshenziswa ukulinganisa kwe-round-robin? Ake sikuthole. 

Ukulinganisa kumasevisi e-Kubernetes

Amasevisi e-Kubernetes awekho. Ayikho inqubo yesevisi enikezwe ikheli le-IP kanye nembobo.

Ungaqinisekisa lokhu ngokungena kunoma iyiphi i-node ku-cluster futhi usebenzise umyalo we-netstat -ntlp.

Ngeke uze ukwazi ukuthola ikheli lasesizindeni se-inthanethi elinikezwe isevisi.

Ikheli le-IP lesevisi litholakala kusendlalelo sokulawula, kusilawuli, futhi lirekhodwa kusizindalwazi - njlld. Ikheli elifanayo lisetshenziswa enye ingxenye - kube-ummeleli.
I-Kube-proxy ithola uhlu lwamakheli e-IP azo zonke izinsizakalo futhi ikhiqize isethi yemithetho ye-iptables ku-node ngayinye kuqoqo.

Le mithetho ithi: "Uma sibona ikheli le-IP lensizakalo, sidinga ukulungisa ikheli lesicelo bese silithumela kwelinye lamaphodi."

Ikheli le-IP lesevisi lisetshenziswa kuphela njengendawo yokungena futhi alihlinzekwa nganoma iyiphi inqubo yokulalela lelo kheli le-IP kanye nembobo.

Ake sibheke lokhu. 

1. Cabangela iqoqo lamanodi amathathu. I-node ngayinye inama-pods:

   

2. Ama-pods aboshwe apendwe nge-beige ayingxenye yenkonzo. Ngenxa yokuthi isevisi ayikho njengenqubo, iboniswa ngompunga:

   

3. I-pod yokuqala icela isevisi futhi kufanele iye kwenye yamaphodi ahlobene:

   

4. Kodwa isevisi ayikho, inqubo ayikho. Isebenza kanjani?

   

5. Ngaphambi kokuthi isicelo sishiye indawo, sidlula imithetho ye-iptables:

   

6. Imithetho ye-iptables iyazi ukuthi isevisi ayikho futhi ibuyisela ikheli layo le-IP ngekheli le-IP elilodwa lama-pods ahlotshaniswa naleyo sevisi:

   

7. Isicelo sithola ikheli le-IP elivumelekile njengekheli okuyiwa kulo futhi sicutshungulwa ngokujwayelekile:

   

8. Ngokuya nge-topology yenethiwekhi, isicelo ekugcineni sifinyelela ku-pod:

   

Ingabe ama-iptables angalayisha ibhalansi?

Cha, ama-iptable asetshenziselwa ukuhlunga futhi awazange akhelwe ukulinganisa.

Nokho, kungenzeka ukubhala isethi yemithetho esebenza njenge i-pseudo-balancer.

Futhi yilokhu kanye okwenziwa ku-Kubernetes.

Uma unama-pod amathathu, i-kube-proxy izobhala le mithetho elandelayo:

1. Khetha ingxenye encane yokuqala okungenzeka ibe ngu-33%, ngaphandle kwalokho yana emthethweni olandelayo.
2. Khetha owesibili onamathuba angu-50%, uma kungenjalo hamba emthethweni olandelayo.
3. Khetha okwesithathu ngaphansi.

Lolu hlelo luholela ekukhethweni kwe-pod ngayinye okungenzeka kube ngu-33%.

Futhi asikho isiqinisekiso sokuthi i-Pod 2 izokhethwa ngokulandelayo ngemva kwe-Pod 1.

Ukubhala: ama-iptables asebenzisa imojula yezibalo enokusabalalisa okungahleliwe. Ngakho, i-algorithm yokulinganisa isekelwe ekukhethweni okungahleliwe.

Manje njengoba usuqonda ukuthi izinsiza zisebenza kanjani, ake sibheke ezinye izimo zesevisi ezithakazelisayo.

Ukuxhumana okuhlala isikhathi eside ku-Kubernetes akukali ngokuzenzakalelayo

Isicelo ngasinye se-HTTP kusuka ku-frontend kuya ku-backend sinikezwa uxhumano oluhlukile lwe-TCP, oluvulwa futhi luvalwe.

Uma i-frontend ithumela izicelo eziyi-100 ngomzuzwana ku-backend, khona-ke ukuxhumeka kwe-TCP okuhlukile okungu-100 kuyavulwa futhi kuvalwe.

Unganciphisa isikhathi sokucubungula isicelo kanye nokulayisha ngokuvula uxhumano lwe-TCP olulodwa futhi ulusebenzise kuzo zonke izicelo ezilandelayo ze-HTTP.

Iphrothokholi ye-HTTP inesici esibizwa ngokuthi i-HTTP keep-alive, noma ukusetshenziswa kabusha kokuxhumeka. Kulokhu, uxhumano olulodwa lwe-TCP lusetshenziselwa ukuthumela nokwamukela izicelo nezimpendulo eziningi ze-HTTP:

Lesi sici asivunyelwe ngokuzenzakalelayo: kokubili iseva neklayenti kufanele kulungiselelwe ngokufanele.

Ukusetha ngokwako kulula futhi kufinyeleleka ezilimini eziningi zokuhlela nezindawo.

Nazi ezinye izixhumanisi zezibonelo ngezilimi ezahlukene:

• Gcina uphila ku-Node.js
• Gcina uphila ku-Spring boot
• Gcina-uphila ePython
• Gcina uphila ku-.NET

Kwenzekani uma sisebenzisa ukugcina uphila kusevisi ye-Kubernetes?
Ake sicabange ukuthi kokubili i-frontend ne-backend isekela ukugcina-iphila.

Sinekhophi eyodwa ye-frontend namakhophi amathathu we-backend. I-frontend yenza isicelo sokuqala futhi ivula uxhumano lwe-TCP ku-backend. Isicelo sifinyelela isevisi, enye ye-backend pods ikhethwa njengekheli lendawo. I-backend ithumela impendulo, futhi i-frontend iyayithola.

Ngokungafani nesimo esivamile lapho uxhumano lwe-TCP luvaliwe ngemva kokuthola impendulo, manje lugcinwa luvulekele ezinye izicelo ze-HTTP.

Kwenzekani uma i-frontend ithumela izicelo eziningi ku-backend?

Ukudlulisa lezi zicelo, uxhumano oluvulekile lwe-TCP luzosetshenziswa, zonke izicelo zizoya ku-backend efanayo lapho isicelo sokuqala siye khona.

Akumele ama-iptable asabalalise kabusha ithrafikhi?

Hhayi kulokhu.

Uma uxhumano lwe-TCP ludaliwe, luhamba ngemithetho ye-iptables, ekhetha i-backend ethile lapho ithrafikhi izohamba khona.

Njengoba zonke izicelo ezilandelayo zikuxhumano lwe-TCP oluvele luvuliwe, imithetho ye-iptables ayisabizwa.

Ake sibone ukuthi ibukeka kanjani.

1. I-pod yokuqala ithumela isicelo kusevisi:

   

2. Usuvele wazi ukuthi kuzokwenzekani ngokulandelayo. Isevisi ayikho, kodwa kunemithetho ye-iptables ezocubungula isicelo:

   

3. Enye ye-backend pods izokhethwa njengekheli lendawo:

   

4. Isicelo sifinyelela ku-pod. Kuleli qophelo, ukuxhumana okuqhubekayo kwe-TCP phakathi kwama-pods amabili kuzosungulwa:

   

5. Noma yisiphi isicelo esilandelayo esivela ku-pod yokuqala sizodlula kuxhumano oseluvele lusunguliwe:

   

Umphumela uba isikhathi sokuphendula esisheshayo kanye nokuphuma okuphezulu, kodwa ulahlekelwa ikhono lokukala i-backend.

Ngisho noma unama-pods amabili ku-backend, enoxhumo oluqhubekayo, ithrafikhi izohlala iya kwenye yazo.

Ingabe lokhu kungalungiswa?

Njengoba u-Kubernetes engakwazi ukulinganisa ukuxhumana okuqhubekayo, lo msebenzi uwela kuwe.

Amasevisi ayiqoqo lamakheli e-IP nezimbobo ezibizwa ngokuthi ama-endpoints.

Isicelo sakho singathola uhlu lwezindawo zokugcina kusuka kusevisi futhi sinqume ukuthi izicelo zokusabalalisa kanjani phakathi kwazo. Ungakwazi ukuvula uxhumano oluqhubekayo ku-pod ngayinye nesicelo sebhalansi phakathi kwalokhu kuxhumana usebenzisa i-round-robin.

Noma faka okuningi ama-algorithms wokulinganisa ayinkimbinkimbi.

Ikhodi yohlangothi lweklayenti enesibopho sokulinganisa kufanele ilandele lo mqondo:

1. Thola uhlu lwamaphoyinti okugcina kusukela kusevisi.
2. Vula uxhumano oluqhubekayo endaweni ngayinye yokugcina.
3. Uma isicelo sidinga ukwenziwa, sebenzisa okukodwa kokuxhumana okuvuliwe.
4. Buyekeza njalo uhlu lwamaphoyinti, dala amasha noma vala ukuxhumana okudala okuqhubekayo uma uhlu lushintsha.

Lokhu kuzobukeka kanjani.

1. Esikhundleni se-pod yokuqala ethumela isicelo kusevisi, ungabhalansisa izicelo ohlangothini lweklayenti:

   

2. Udinga ukubhala ikhodi ebuza ukuthi yimaphi amaphodi ayingxenye yesevisi:

   

3. Uma usunohlu, lugcine ohlangothini lweklayenti futhi ulusebenzise ukuxhuma kuma-pods:

   

4. Unesibopho se-algorithm yokulinganisa umthwalo:

   

Manje umbuzo ophakamayo: ingabe le nkinga isebenza kuphela ku-HTTP ukugcina-iphila?

Ukulinganisa komthwalo ohlangothini lweklayenti

I-HTTP akuyona yodwa iphrothokholi engasebenzisa ukuxhumana kwe-TCP okuqhubekayo.

Uma isicelo sakho sisebenzisa isizindalwazi, ukuxhumana kwe-TCP akuvulwa ngaso sonke isikhathi lapho udinga ukwenza isicelo noma ukubuyisa idokhumenti kusizindalwazi. 

Esikhundleni salokho, ukuxhumana kwe-TCP okuphikelelayo kusizindalwazi kuyavulwa futhi kusetshenziswe.

Uma isizindalwazi sakho sisatshalaliswa ku-Kubernetes futhi ukufinyelela kunikezwa njengesevisi, uzohlangabezana nezinkinga ezifanayo ezichazwe esigabeni esandulele.

Isifaniso esisodwa sesizindalwazi sizolayishwa kakhulu kunezinye. I-Kube-proxy kanye ne-Kubernetes ngeke kusize ukulinganisa ukuxhumeka. Kufanele uqikelele ukulinganisa imibuzo kusizindalwazi sakho.

Kuye ngokuthi yimuphi umtapo wolwazi owusebenzisayo ukuxhuma kusizindalwazi, ungase ube nezinketho ezahlukene zokuxazulula le nkinga.

Ngezansi isibonelo sokufinyelela iqoqo lesizindalwazi se-MySQL kusuka ku-Node.js:

var mysql = require('mysql');
var poolCluster = mysql.createPoolCluster();

var endpoints = /* retrieve endpoints from the Service */

for (var [index, endpoint] of endpoints) {
  poolCluster.add(`mysql-replica-${index}`, endpoint);
}

// Make queries to the clustered MySQL database

Kunamanye amaphrothokholi amaningi asebenzisa ukuxhumana kwe-TCP okuqhubekayo:

• Ama-WebSockets nama-WebSocket avikelekile
• I-HTTP / 2
• gRPC
• RSockets
• I-AMQP

Kufanele usujwayelene neningi lalezi zimiso.

Kodwa uma lezi zivumelwano zithandwa kakhulu, kungani singekho isixazululo esimisiwe sokulinganisa? Kungani ingqondo yeklayenti idinga ukushintsha? Ingabe likhona ikhambi lendabuko le-Kubernetes?

I-Kube-proxy nama-iptables aklanyelwe ukumboza izimo zokusetshenziswa ezivame kakhulu lapho kuthunyelwa ku-Kubernetes. Lokhu okokwenza kube lula.

Uma usebenzisa isevisi yewebhu edalula i-REST API, usenhlanhleni - kulokhu, ukuxhumana okuphikelelayo kwe-TCP akusetshenziswa, ungasebenzisa noma iyiphi isevisi ye-Kubernetes.

Kodwa uma usuqale ukusebenzisa ukuxhumana kwe-TCP okuphikelelayo, kuzodingeka uthole ukuthi ungasabalalisa kanjani umthwalo ngokulinganayo kuwo wonke ama-backend. I-Kubernetes ayinazo izixazululo esezilungile zaleli cala.

Nokho, zikhona ngokuqinisekile ongakhetha ezingasiza.

Ukulinganisa ukuxhumana okuhlala isikhathi eside e-Kubernetes

Kunezinhlobo ezine zezinsizakalo e-Kubernetes:

1. I-ClusterIP
2. INodePort
3. I-LoadBalancer
4. Ayinamakhanda

Amasevisi amathathu okuqala asebenza ngokusekelwe ekhelini le-IP elibonakalayo, elisetshenziswa i-kube-proxy ukwakha imithetho ye-iptables. Kodwa isisekelo esiyisisekelo sazo zonke izinkonzo yinkonzo engenamakhanda.

Isevisi engenakhanda ayinalo ikheli lasesizindeni se-inthanethi elihlotshaniswa nayo futhi inikeza kuphela indlela yokubuyisa uhlu lwamakheli e-IP nezimbobo zamaphodi (amaphoyinti okugcina) ahlobene nawo.

Wonke amasevisi asekelwe kusevisi engenamakhanda.

Isevisi ye-ClusterIP iyisevisi engenamakhanda enezengezo ezithile: 

1. Isendlalelo sokuphatha sisinika ikheli le-IP.
2. I-Kube-proxy ikhiqiza imithetho edingekayo yama-iptables.

Ngale ndlela ungakwazi ukuziba i-kube-proxy futhi usebenzise ngokuqondile uhlu lwamaphoyinti okugcina atholwe kusevisi engenamakhanda ukuze ulayishe ibhalansi yesicelo sakho.

Kodwa singayingeza kanjani ingqondo efanayo kuzo zonke izinhlelo zokusebenza ezisetshenziswe kuqoqo?

Uma ngabe uhlelo lwakho lokusebenza selusetshenzisiwe kakade, lo msebenzi ungase ubonakale ungenakwenzeka. Nokho, kukhona enye inketho.

I-Service Mesh izokusiza

Cishe usubonile ukuthi isu lokulinganisa umthwalo ohlangothini lweklayenti lisezingeni.

Lapho isicelo siqala,:

1. Ithola uhlu lwamakheli e-IP kusukela kusevisi.
2. Ivula futhi igcine indawo yokuxhumana.
3. Ibuyekeza i-pool ngezikhathi ezithile ngokungeza noma ngokukhipha amaphoyinti okugcina.

Uma isicelo sifuna ukwenza isicelo, si:

1. Ikhetha ukuxhumana okutholakalayo kusetshenziswa ingqondo ethile (isb. round-robin).
2. Yenza isicelo.

Lezi zinyathelo zisebenza kukho kokubili ukuxhumana kweWebSockets, gRPC, kanye ne-AMQP.

Ungahlukanisa le logic kumtapo wolwazi ohlukile futhi uyisebenzise ezinhlelweni zakho zokusebenza.

Noma kunjalo, ungasebenzisa ama-meshes wesevisi afana ne-Istio noma i-Linkerd esikhundleni salokho.

I-Service Mesh yengeza isicelo sakho ngenqubo ethi:

1. Isesha ngokuzenzakalela amakheli e-IP wesevisi.
2. Ihlola ukuxhumana okufana neWebSockets ne-gRPC.
3. Ibhalansi izicelo kusetshenziswa iphrothokholi efanele.

I-Service Mesh isiza ukuphatha ithrafikhi ngaphakathi kweqoqo, kodwa idinga kakhulu izinsiza. Ezinye izinketho zisebenzisa imitapo yolwazi evela eceleni njengeNetflix Ribbon noma ama-proxies ahlelekayo afana ne-Envoy.

Kwenzekani uma uziba izinkinga zokulinganisa?

Ungakhetha ukungasebenzisi ukulinganisa kokulayisha futhi ungaqapheli izinguquko. Ake sibheke izimo ezimbalwa zomsebenzi.

Uma unamaklayenti amaningi kunamaseva, lena akuyona inkinga enkulu.

Ake sithi kukhona amaklayenti amahlanu axhumeka kumaseva amabili. Ngisho noma kungekho ukulinganisa, womabili amaseva azosetshenziswa:

Ukuxhumeka kungase kungasatshalaliswa ngokulinganayo: mhlawumbe amaklayenti amane axhunywe kuseva efanayo, kodwa kunethuba elihle lokuthi womabili amaseva azosetshenziswa.

Okuyinkinga kakhulu isimo esiphambene.

Uma unamaklayenti ambalwa namaseva amaningi, izinsiza zakho zingase zisetshenziswe kancane futhi kungase kuvele umgoqo.

Ake sithi kukhona amaklayenti amabili namaseva amahlanu. Esimeni esihle kakhulu, kuzoba nokuxhumana okubili okungapheli kumaseva amabili kwamahlanu.

Amaseva asele azobe engasebenzi:

Uma lezi ziphakeli ezimbili zingakwazi ukusingatha izicelo zeklayenti, ukukala okuvundlile ngeke kusize.

isiphetho

Izinsizakalo ze-Kubernetes zenzelwe ukusebenza ezimweni eziningi ezijwayelekile zohlelo lokusebenza lwewebhu.

Kodwa-ke, uma usuqale ukusebenza ngamaphrothokholi ezinhlelo zokusebenza ezisebenzisa ukuxhumana kwe-TCP okuqhubekayo, okufana nesizindalwazi, i-gRPC noma i-WebSockets, izinsiza azisafaneleki. I-Kubernetes ayinikezi izindlela zangaphakathi zokulinganisa ukuxhumeka kwe-TCP okuqhubekayo.

Lokhu kusho ukuthi kufanele ubhale izinhlelo zokusebenza ucabangela ukulinganisa ohlangothini lweklayenti.

Ukuhumusha okulungiselelwe ithimba I-Kubernetes aaS evela ku-Mail.ru.

Yini enye ongayifunda esihlokweni:

1. Amaleveli amathathu okulinganisa okuzenzakalelayo ku-Kubernetes nokuthi angawasebenzisa kanjani ngempumelelo. 
2. U-Kubernetes emoyeni wobugebengu ngesifanekiso sokusetshenziswa.
3. Isiteshi sethu seTelegram mayelana noguquko lwedijithali.

Source: www.habr.com