I-ProHoster > Блог > Ukuphatha > Ithumela izinhlelo zokusebenza ku-VM, Nomad kanye ne-Kubernetes

Ithumela izinhlelo zokusebenza ku-VM, Nomad kanye ne-Kubernetes

Sanibonani nonke! Igama lami nginguPavel Agaletsky. Ngisebenza njengeqembu eliholayo eqenjini elithuthukisa uhlelo lokulethwa kweLamoda. Ngo-2018, ngakhuluma engqungqutheleni ye-HighLoad++, futhi namuhla ngithanda ukwethula umbhalo wombiko wami.

Isihloko sami sinikezelwe ekuhlangenwe nakho kwenkampani yethu ekuthumeleni amasistimu namasevisi ezindaweni ezahlukene. Kusukela ezikhathini zethu zangaphambi komlando, lapho sikhiphe wonke amasistimu kumaseva abonakalayo ajwayelekile, agcina ngokushintsha kancane kancane ukusuka ku-Nomad kuya ekusetshenzisweni e-Kubernetes. Ngizokutshela ukuthi kungani sikwenzile nokuthi yiziphi izinkinga esibe nazo ngesikhathi kuqhubeka lolu hlelo.

Ithumela izinhlelo zokusebenza ku-VM

Ake siqale ngeqiniso lokuthi eminyakeni emi-3 edlule zonke izinhlelo nezinsizakalo zenkampani zafakwa kumaseva ajwayelekile. Ngobuchwepheshe, yayihlelwe ngendlela yokuthi yonke ikhodi yezinhlelo zethu igcinwe futhi ihlanganiswe kusetshenziswa amathuluzi okuhlanganisa okuzenzakalelayo, kusetshenziswa amajenki. Ngokusebenzisa i-Ansible, ikhishwe ohlelweni lwethu lokulawula inguqulo yayiswa kumaseva abonakalayo. Ngaphezu kwalokho, uhlelo ngalunye inkampani yethu eyayinalo lwafakwa okungenani kumaseva ama-2: eyodwa yawo ekhanda, eyesibili emsileni. Lezi zinhlelo ezimbili zazifana ngokuphelele kuzo zonke izilungiselelo zazo, amandla, ukumisa, njll. Umehluko kuphela phakathi kwabo ukuthi inhloko yathola ithrafikhi yomsebenzisi, kanti umsila awuzange uthole ithrafikhi yomsebenzisi.

Kungani lokhu kwenziwa?

Lapho sisebenzisa ukukhishwa okusha kwesicelo sethu, besifuna ukuqinisekisa ukukhishwa okungenazihibe, okungukuthi, ngaphandle kwemiphumela ebonakalayo kubasebenzisi. Lokhu kuzuzwe ngenxa yokuthi ukukhishwa okulandelayo okuhlanganisiwe kusetshenziswa i-Ansible kwakhishelwa emsileni. Lapho, abantu ababehilelekile ekusetshenzisweni babengahlola futhi baqinisekise ukuthi konke kuhamba kahle: wonke amamethrikhi, izigaba nezicelo zazisebenza; izikripthi ezidingekayo ziyethulwa. Ngemva kokuqiniseka ukuthi konke kuhamba kahle, ithrafikhi yashintshwa. Iqale ukuya kuseva ebikade iyisila ngaphambilini. Futhi leyo ngaphambilini ebiyinhloko yahlala ingenayo ithrafikhi yabasebenzisi, ngenkathi isenenguqulo yangaphambilini yohlelo lwethu lokusebenza kuyo.

Ngakho-ke yayingenamthungo kubasebenzisi. Ngoba ukushintsha kuyashesha, njengoba kumane kushintshe ibhalansi. Ungakwazi ukuhlehlela emuva kalula enguqulweni yangaphambilini ngokumane ubuyisele isilinganisi emuva. Futhi singaqinisekisa ukuthi uhlelo lokusebenza belukwazi ukukhiqiza nangaphambi kokuthi luthole ithrafikhi yomsebenzisi, obekulula kakhulu.

Yiziphi izinzuzo esizibone kukho konke lokhu?

  1. Okokuqala nje, kwanele kuyasebenza nje. Wonke umuntu uyaqonda ukuthi uhlelo olunjalo lokuthunyelwa lusebenza kanjani, ngoba abantu abaningi bake bathunyelwa kumaseva ajwayelekile ajwayelekile.
  2. Lokhu kwanele ngokwethembekile, njengoba ubuchwepheshe bokuthunyelwa bulula, buhlolwe izinkulungwane zezinkampani. Izigidi zamaseva zisetshenziswa ngale ndlela. Kunzima ukuphula okuthile.
  3. Futhi ekugcineni singathola ukuthunyelwa kwe-athomu. Ukuthunyelwa okwenzeka ngesikhathi esisodwa kubasebenzisi, ngaphandle kwesigaba esibonakalayo sokushintsha phakathi kwenguqulo endala nentsha.

Kodwa futhi sabona ukushiyeka okuningana kukho konke lokhu:

  1. Ngaphezu kwemvelo yokukhiqiza, indawo yokuthuthukiswa, kunezinye izindawo. Ngokwesibonelo, qa kanye preproduction. Ngaleso sikhathi sasinamaseva amaningi kanye nezinkonzo ezingaba ngu-60. Ngenxa yalesi sizathu kwakudingekile kusevisi ngayinye, gcina inguqulo yakamuva yayo umshini we-virtual. Ngaphezu kwalokho, uma ufuna ukubuyekeza imitapo yolwazi noma ukufaka okuncikile okusha, udinga ukwenza lokhu kuzo zonke izindawo. Ubudinga futhi ukuvumelanisa isikhathi lapho uzokhipha inguqulo entsha elandelayo yohlelo lwakho lokusebenza ngesikhathi lapho ama-devops enza izilungiselelo ezidingekayo zendawo. Kulesi simo, kulula ukungena esimweni lapho indawo yethu izohluka khona kuzo zonke izindawo ngesikhathi esisodwa. Isibonelo, endaweni ye-QA kuzoba nezinguqulo ezithile zemitapo yolwazi, futhi endaweni yokukhiqiza kuzoba nezihlukile, okuzoholela ezinkingeni.
  2. Ubunzima bokubuyekeza ukuncika isicelo sakho. Akuxhomekile kuwena, kodwa kwelinye iqembu. Okungukuthi, eqenjini le-devops eligcina amaseva. Kufanele ubanikeze umsebenzi ofanele kanye nencazelo yalokho ofuna ukukwenza.
  3. Ngaleso sikhathi, sasifuna futhi ukuhlukanisa ama-monoliths amakhulu amakhulu esasinawo abe yizinkonzo ezincane ezihlukene, njengoba sasiqonda ukuthi zazizoba ziningi. Ngaleso sikhathi, sase sinezingaphezu kuka-100. Ngensizakalo entsha ngayinye, kwakudingeka ukudala umshini omusha ohlukile, owawudinga ukugcinwa nokusetshenziswa. Ngaphezu kwalokho, awudingi imoto eyodwa, kodwa okungenani ezimbili. Okungeziwe kukho konke lokhu imvelo ye-QA. Lokhu kudala izinkinga futhi kwenza kube nzima kuwe ukwakha nokusebenzisa amasistimu amasha. inqubo eyinkimbinkimbi, ebizayo futhi ende.

Ngakho-ke, sinqume ukuthi kuzoba lula kakhulu ukusuka ekukhipheni imishini ejwayelekile siye ekukhipheni izinhlelo zethu zokusebenza esitsheni se-docker. Uma une-docker, udinga uhlelo olungasebenzisa uhlelo kuqoqo, ngoba awukwazi ukuvele uphakamise isitsha. Ngokuvamile ufuna ukulandelela ukuthi zingaki iziqukathi eziphakanyisiwe ukuze ziphakame ngokuzenzakalelayo. Ngalesi sizathu, besidinga ukukhetha isistimu yokulawula.

Sacabanga isikhathi eside ngokuthi iyiphi esingayithatha. Iqiniso liwukuthi ngaleso sikhathi lesi sitaki sokuthunyelwa kumaseva avamile sasiphelelwe yisikhathi, njengoba ayengenazo izinguqulo zakamuva zezinhlelo zokusebenza. Ngesinye isikhathi, kwakukhona ngisho neFreeBSD, eyayingelula neze ukuyisekela. Saqonda ukuthi kwakudingeka sithuthele edocker ngokushesha okukhulu. Ama-devops ethu abheke ulwazi lwabo olukhona ngezisombululo ezihlukile futhi akhetha uhlelo olufana no-Nomad.

Shintshela kuNomad

UNomad ungumkhiqizo we-HashiCorp. Baziwa nangezinye izixazululo zabo:

Ithumela izinhlelo zokusebenza ku-VM, Nomad kanye ne-Kubernetes

"Consul" iyithuluzi lokuthola isevisi.

"Terraform" - uhlelo lokuphatha amaseva olukuvumela ukuthi uwalungiselele ngokucushwa, lokho okubizwa ngokuthi ingqalasizinda-njengekhodi.

"Isihlava" ikuvumela ukuthi ukhiphe imishini ebonakalayo endaweni noma efwini usebenzisa amafayela athile okumisa.

I-Nomad ngaleso sikhathi yayibonakala njengesixazululo esilula esingashintshwa ngokushesha ngaphandle kokushintsha yonke ingqalasizinda. Ngaphezu kwalokho, kulula kakhulu ukufunda. Yingakho siyikhethe njengesistimu yokuhlunga yesiqukathi sethu.

Yini oyidingayo ukuze uthumele isistimu yakho ku-Nomad?

  1. Okokuqala udinga isithombe se-docker isicelo sakho. Udinga ukuyakha futhi ukubeke endaweni yokugcina isithombe sedokhu. Esimweni sethu, lokhu kuyi-artifactory - uhlelo olukuvumela ukuthi ucindezele izinto zobuciko ezihlukahlukene zezinhlobo ezahlukene kuwo. Ingakwazi ukugcina izingobo zomlando, izithombe ze-docker, amaphakheji we-PHP womqambi, amaphakheji we-NPM, njalonjalo.
  2. Kudingeka futhi ifayela lokumisa, ezotshela uNomad ukuthi yini, kuphi futhi ngamanani ofuna ukuwasebenzisa.

Uma sikhuluma ngeNomad, isebenzisa ulimi lwe-HCL njengefomethi yefayela layo lolwazi, elimele I-HashiCorp Configuration Language. Lena isethi ephezulu ye-Yaml ekuvumela ukuthi uchaze isevisi yakho ngemigomo ye-Nomad.

Ithumela izinhlelo zokusebenza ku-VM, Nomad kanye ne-Kubernetes

Ikuvumela ukuthi usho ukuthi zingaki iziqukathi ofuna ukuzisebenzisa, ukusuka kuziphi izithombe ukuze udlulisele imingcele ehlukahlukene kuzo ngesikhathi sokuthunyelwa. Ngakho-ke, wondla leli fayela ku-Nomad, futhi yethula iziqukathi ekukhiqizeni ngokusho kwayo.

Kithina, sibonile ukuthi ukubhala amafayela e-HCL afana ncamashí kusevisi ngayinye ngeke kube lula kakhulu, ngoba kunezinsizakalo eziningi futhi ngezinye izikhathi ufuna ukuzibuyekeza. Kwenzeka ukuthi insizakalo eyodwa ayisetshenziswanga esimeni esisodwa, kodwa ezinhlobonhlobo ezahlukene. Isibonelo, enye yezinhlelo esinazo ekukhiqizeni inezikhathi ezingaphezu kwe-100 ekukhiqizeni. Zisuka ezithombeni ezifanayo, kodwa ziyahlukahluka kuzilungiselelo zokucushwa namafayela okumisa.

Ngakho-ke, sinqume ukuthi kuzoba lula ngathi ukuthi sigcine wonke amafayela ethu okucupha ukuze asetshenziswe endaweni eyodwa yokugcina. Ngale ndlela zazibonakala: kwakulula ukuzinakekela futhi sasikwazi ukubona ukuthi yiziphi izinhlelo esinazo. Uma kunesidingo, kulula futhi ukuvuselela noma ukushintsha okuthile. Ukwengeza isistimu entsha nakho akunzima - udinga nje ukudala ifayela lokucushwa ngaphakathi kohla lwemibhalo olusha. Ngaphakathi kuyo kunalawa mafayela alandelayo: service.hcl, equkethe incazelo yenkonzo yethu, namanye amafayela e-env avumela yona kanye le sevisi, esetshenziswa ekukhiqizeni, ukuthi amiswe.

Ithumela izinhlelo zokusebenza ku-VM, Nomad kanye ne-Kubernetes

Nokho, amanye amasistimu ethu asetshenziswa ekukhiqizweni hhayi ekhophi eyodwa, kodwa eziningana ngesikhathi esisodwa. Ngakho-ke, sinqume ukuthi kungasilungela ukuthi singagcini ama-configs ngendlela yawo emsulwa, kodwa afane nesifanekiso. Futhi sakhetha jinja 2. Kule fomethi, sigcina kokubili ukulungiselelwa kwesevisi ngokwayo kanye namafayela e-env adingekayo kuyo.

Ukwengeza, sibeke endaweni yokugcina umbhalo ojwayelekile kuwo wonke amaphrojekthi, okuvumela ukuthi uqalise futhi usebenzise isevisi yakho ekukhiqizeni, endaweni oyifunayo, kuthagethi oyifunayo. Esimeni lapho siguqula ukucushwa kwethu kwe-HCL kube isifanekiso, khona-ke ifayela le-HCL, ngaphambili elaliyilungiselelo elivamile le-Nomad, kulokhu laqala ukubukeka lihluke kancane.

Ithumela izinhlelo zokusebenza ku-VM, Nomad kanye ne-Kubernetes

Okusho ukuthi, sithathe indawo yokuguquguquka kwendawo ethile ngokushintshashintsha okufakiwe okuthathwe kumafayela e-env noma eminye imithombo. Ngaphezu kwalokho, sithole ithuba lokuqoqa amafayela e-HCL ngokuguquguqukayo, okungukuthi, asikwazi ukusebenzisa kuphela ukufakwa okuguquguqukayo okuvamile. Njengoba i-jinja isekela ama-loops nemibandela, ungaphinda udale amafayela wokumisa lapho, ashintshayo kuye ngokuthi uzikhiphela kuphi izinhlelo zakho zokusebenza.

Isibonelo, ufuna ukuphakela isevisi yakho ekukhiqizeni kwangaphambilini nasekukhiqizeni. Ake sithi ekukhiqizweni kwangaphambilini awufuni ukusebenzisa imibhalo ye-cron, kodwa ufuna nje ukubona insiza esizindeni esihlukile ukuze uqiniseke ukuthi iyasebenza. Kunoma ubani ophaka isevisi, inqubo ibukeka ilula kakhulu futhi isobala. Odinga ukukwenza nje ukukhipha ifayela le-deploy.sh, cacisa ukuthi iyiphi isevisi ofuna ukuyiphakela nokuthi iyiphi ithagethi. Isibonelo, ufuna ukuthumela isistimu ethile eRussia, Belarus noma Kazakhstan. Ukuze wenze lokhu, mane ushintshe ipharamitha eyodwa, futhi uzoba nefayela elilungile lokumisa.

Uma isevisi ye-Nomad isivele ithunyelwe kuqoqo lakho, ibonakala kanje.

Ithumela izinhlelo zokusebenza ku-VM, Nomad kanye ne-Kubernetes

Okokuqala, udinga uhlobo oluthile lwe-balancer ngaphandle, oluzothola yonke ithrafikhi yabasebenzisi. Izosebenzisana ne-Consul futhi ithole kuyo ukuthi kuphi, kuyiphi indawo, kuliphi ikheli le-IP isevisi ethile etholakalayo ehambisana negama lesizinda elithile. Izinkonzo ku-Consul zivela kuNomad uqobo. Njengoba lena kuyimikhiqizo evela enkampanini efanayo, ihlobene kakhulu. Singasho ukuthi uNomad ngaphandle kwebhokisi angabhalisa zonke izinsizakalo ezethulwe kuyo ngaphakathi kwe-Consul.

Uma isilinganisi sakho somthwalo esisekupheleni sesazi ukuthi iyiphi isevisi ongathumela kuyo ithrafikhi, siyidlulisela esitsheni esifanele noma iziqukathi eziningi ezifana nohlelo lwakho lokusebenza. Ngokwemvelo, kuyadingeka futhi ukucabanga ngokuphepha. Noma zonke izinsiza zisebenza ngemishini efanayo eziqukathi, lokhu ngokuvamile kudinga ukuvimbela ukufinyelela kwamahhala kusuka kunoma iyiphi isevisi kuya kunoma iyiphi enye. Lokhu sikuzuze ngokuhlukanisa. Isevisi ngayinye yethulwa kunethiwekhi yayo ye-virtual, lapho imithetho yomzila nemithetho yokuvumela/ukwenqaba ukufinyelela kwezinye izinhlelo namasevisi kwanqunywa. Angatholakala kokubili ngaphakathi kwaleli qoqo nangaphandle kwalo. Isibonelo, uma ufuna ukuvimbela isevisi ekuxhumekeni kusizindalwazi esithile, lokhu kungenziwa ngokuhlukaniswa kwezinga lenethiwekhi. Okusho ukuthi, nangephutha, awukwazi ukuxhuma ngephutha usuka endaweni yokuhlola uye kusizindalwazi sakho sokukhiqiza.

Inguquko isibize malini ngokwezinsiza zabantu?

Ukushintshwa kwenkampani yonke kuNomad kuthathe cishe izinyanga ezi-5-6. Sahamba ngesisekelo sesevisi-nge-service, kodwa ngesivinini esisheshayo. Ithimba ngalinye bekufanele lizenzele ezalo iziqukathi ezizosetshenziselwa izinkonzo.

Sithathe indlela enjalo yokuthi ithimba ngalinye linomthwalo wemfanelo wezithombe ze-docker zamasistimu abo ngokuzimela. I-DevOps ihlinzeka ngengqalasizinda evamile edingekayo ukuze isetshenziswe, okungukuthi, ukusekelwa kweqoqo ngokwalo, ukusekelwa kohlelo lwe-CI, njalonjalo. Futhi ngaleso sikhathi, sasinezinhlelo ezingaphezu kuka-60 ezithuthelwe ku-Nomad, ezazilingana neziqukathi eziyizinkulungwane ezi-2.

I-Devops inesibopho sengqalasizinda evamile yayo yonke into ehlobene nokusatshalaliswa namaseva. Futhi ithimba ngalinye lezokuthuthukiswa, lona, ​​linomthwalo wemfanelo wokusebenzisa iziqukathi zohlelo lwalo oluthile, njengoba kuyiqembu elaziyo ukuthi lidingani ngokuvamile esitsheni esithile.

Izizathu zokulahla uNomad

Yiziphi izinzuzo esizitholile ngokushintshela ekusetshenzisweni sisebenzisa i-Nomad ne-docker, phakathi kokunye?

  1. We inikeze izimo ezilinganayo kuzo zonke izindawo. Ekuthuthukisweni, imvelo ye-QA, ukukhiqizwa kwangaphambili, ukukhiqizwa, izithombe zesiqukathi ezifanayo zisetshenziswa, ezinokuncika okufanayo. Ngokufanelekile, awunalo neze ithuba lokuthi okuzogcina sekukhiqiziwe akukhona lokho obukuhlole ngaphambilini endaweni noma endaweni yakho yokuhlola.
  2. Sithole nokuthi sekwanele kulula ukwengeza isevisi entsha. Ngokombono wokuthunyelwa, noma imaphi amasistimu amasha ethulwa kalula. Vele uye endaweni yokugcina egcina izilungiselelo, engeza okunye ukulungiselelwa kwesistimu yakho lapho, futhi usulungile. Ungakwazi ukuphakela isistimu yakho ekukhiqizweni ngaphandle kwemizamo eyengeziwe evela kuma-devops.
  3. Zonke amafayela wokumisa endaweni eyodwa yokugcina kuvele ukuthi kuyabuyekezwa. Ngesikhathi lapho sisebenzisa amasistimu ethu sisebenzisa amaseva abonakalayo, sasebenzisa i-Ansible, lapho ukulungiselelwa kwakusendaweni yokugcina efanayo. Nokho, konjiniyela abaningi lokhu bekunzima kakhulu ukusebenza ngakho. Lapha ivolumu ye-configs nekhodi odinga ukuyengeza ukuze usebenzise isevisi isibe sincane kakhulu. Futhi, kulula kakhulu kuma-devops ukuyilungisa noma ukuyishintsha. Uma kwenzeka izinguquko, ngokwesibonelo, ukuya enguqulweni entsha ye-Nomad, bangathatha futhi babuyekeze ngenqwaba wonke amafayela okusebenza atholakala endaweni efanayo.

Kodwa siphinde sahlangabezana nezinkinga ezimbalwa:

Kwavela ukuthi thina ayikwazanga ukufeza ukuthunyelwa okungenazihibe kuNomad. Uma kukhishwa ama-container ngaphansi kwezimo ezahlukene, kungase kuvele ukuthi kuyasebenza, futhi uNomad wakubona njengesitsha esilungele ukwamukela isiminyaminya. Lokhu kwenzeke ngaphambi kokuthi isicelo esingaphakathi sithole nethuba lokwethulwa. Ngenxa yalesi sizathu, uhlelo lwaqala ukukhiqiza amaphutha angu-500 isikhathi esifushane, ngoba ithrafikhi yaqala ukuya esitsheni esasingakakulungeli ukukwamukela.

Sihlangane nabanye izimbungulu. Isiphazamisi esibaluleke kakhulu ukuthi i-Nomad ayiphathi kahle iqoqo elikhulu uma unezinhlelo neziqukathi eziningi. Uma ufuna ukukhipha enye yeziphakeli ezifakwe kuqoqo le-Nomad ukuze lilungiswe, kunethuba eliphezulu lokuthi iqoqo ngeke lizizwe limnandi kakhulu futhi lizohlukana. Ezinye iziqukathi zingase, ngokwesibonelo, ziwe futhi zingavuki - lokhu kuzokubiza kakhulu kamuva uma zonke izinhlelo zakho zokukhiqiza zitholakala kuqoqo eliphethwe nguNomad.

Ngakho sanquma ukucabanga ngokuthi kufanele siye kuphi ngokulandelayo. Ngaleso sikhathi, saqaphela kakhulu esasifuna ukukufeza. Okungukuthi: sifuna ukwethembeka, imisebenzi engaphezulu kancane kunokunikezwa nguNomad, kanye nesistimu evuthiwe, ezinzile.

Mayelana nalokhu, ukukhetha kwethu kwawela ku-Kubernetes njengenkundla edume kakhulu yokwethula amaqoqo. Ikakhulukazi uma kubhekwa ukuthi ubukhulu nenani lezitsha zethu bekukukhulu ngokwanele. Ngezinjongo ezinjalo, i-Kubernetes ibonakala iwuhlelo olufaneleka kakhulu esingalubheka.

Ukushintshela ku-Kubernetes

Ngizokutshela kancane mayelana nemiqondo eyisisekelo ye-Kubernetes nokuthi ihluke kanjani ku-Nomad.

Ithumela izinhlelo zokusebenza ku-VM, Nomad kanye ne-Kubernetes

Okokuqala, umqondo oyisisekelo kakhulu ku-Kubernetes umqondo we-pod. I-pod iyiqembu lesiqukathi esisodwa noma ngaphezulu ezihlala zisebenza ndawonye. Futhi bahlala besebenza njengokungathi ngokuqinile emshinini owodwa obonakalayo. Zifinyeleleka komunye nomunye nge-IP 127.0.0.1 kumachweba ahlukene.

Ake sicabange ukuthi unohlelo lwe-PHP oluqukethe i-nginx kanye ne-php-fpm - uhlelo lwakudala. Kungenzeka ukuthi, uzofuna ukugcina zombili iziqukathi ze-nginx ne-php-fpm zihlangene ngaso sonke isikhathi. I-Kubernetes ikuvumela ukuthi ufeze lokhu ngokuzichaza njenge-pod eyodwa evamile. Yilokhu kanye esingakwazi ukukuthola noNomad.

Umqondo wesibili uthi ukuthunyelwa. Iqiniso liwukuthi i-pod ngokwayo iyinto engapheli; iqala futhi inyamalale. Ingabe ufuna ukubulala zonke iziqukathi zakho zangaphambilini kuqala, bese wethula izinguqulo ezintsha ngesikhathi esisodwa, noma ufuna ukuzikhipha kancane kancane? Lena inqubo umqondo wokusatshalaliswa obhekene nayo. Ichaza ukuthi uwasebenzisa kanjani ama-pods akho, ngenani elingakanani nokuthi ungawabuyekeza kanjani.

Umqondo wesithathu uthi service. Isevisi yakho empeleni iyisistimu yakho, ethola ithrafikhi ethile bese iyidlulisela kuphodi eyodwa noma ngaphezulu ehambisana nesevisi yakho. Okusho ukuthi, ikuvumela ukuthi usho ukuthi yonke ithrafikhi engenayo kusevisi enjalo naleyo enegama elinjalo kufanele ithunyelwe kulawa ma-pods athile. Futhi ngesikhathi esifanayo ikunikeza ukulinganisa kwethrafikhi. Okusho ukuthi, ungaqalisa ama-pod amabili wohlelo lwakho lokusebenza, futhi yonke ithrafikhi engenayo izolinganiswa ngokulinganayo phakathi kwama-pods ahlobene nale sevisi.

Futhi umqondo wesine oyisisekelo uwukuthi Ingress. Lena isevisi esebenzisa iqoqo le-Kubernetes. Isebenza njengesilinganisi sangaphandle somthwalo esithatha zonke izicelo. Ngokusebenzisa i-Kubernetes API, i-Ingress inganquma ukuthi lezi zicelo kufanele zithunyelwe kuphi. Ngaphezu kwalokho, lokhu ukwenza ngokuguquguquka okukhulu. Ungasho ukuthi zonke izicelo kulo msingathi kanye nama-URL athile athunyelwa kule sevisi. Futhi lezi zicelo eziza kulo msingathi nakwenye i-URL zithunyelwa kwenye isevisi.

Into ebanda kunazo zonke ngokombono womuntu othuthukisa uhlelo lokusebenza ukuthi uyakwazi ukuzilawula wena ngokwakho. Ngokusetha ukulungiselelwa kwe-Ingress, ungathumela yonke ithrafikhi ezayo kuleyo naleyo API ukuze uhlukanise iziqukathi ezibhaliwe, isibonelo, kokuthi Go. Kodwa le thrafikhi, eza esizindeni esifanayo, kodwa ku-URL ehlukile, kufanele ithunyelwe ezitsheni ezibhalwe ku-PHP, lapho kunokuningi okunengqondo, kodwa akusheshi kakhulu.

Uma siqhathanisa yonke le miqondo neNomad, singasho ukuthi imiqondo emithathu yokuqala yonke ihlangene Isevisi. Futhi umqondo wokugcina awukho kuNomad uqobo. Sisebenzise isilinganisi sangaphandle njengalokhu: kungaba i-haproxy, nginx, nginx+, njalo njalo. Endabeni ye-cube, awudingi ukwethula lo mqondo owengeziwe ngokuhlukana. Kodwa-ke, uma ubheka i-Ingress ngaphakathi, i-nginx, i-haproxy, noma i-traefik, kodwa uhlobo olwakhelwe ku-Kubernetes.

Yonke imiqondo engiyichazile, empeleni, iyizinsiza ezikhona ngaphakathi kweqoqo le-Kubernetes. Ukuze uzichaze ku-cube, kusetshenziswa ifomethi ye-yaml, efundeka kakhulu futhi ejwayeleke kunamafayela e-HCL esimweni sikaNomad. Kodwa ngokwesakhiwo bachaza into efanayo endabeni, isibonelo, i-pod. Bathi - Ngifuna ukusebenzisa ama-pods anjalo nanjalo lapho, anezithombe ezinjalo nezinjalo, ngamanani anjalo nanjengalokhu.

Ithumela izinhlelo zokusebenza ku-VM, Nomad kanye ne-Kubernetes

Ngaphezu kwalokho, saqaphela ukuthi asifuni ukudala insiza ngayinye ngesandla: ukuthunyelwa, izinsizakalo, i-Ingress, njll. Esikhundleni salokho, besifuna ukuchaza isistimu yethu ngayinye ngokwemibandela ye-Kubernetes ngesikhathi sokuthunyelwa, ukuze kungadingeki ukuthi sidale kabusha mathupha konke ukuncika kwensiza okudingekayo ngendlela efanele. UHelm wakhethwa njengohlelo olusivumela ukuthi senze lokhu.

Imiqondo eyisisekelo ku-Helm

I-Helm i umphathi wephakheji ye-Kubernetes. Ifana kakhulu nendlela abaphathi bephakheji abasebenza ngayo ezilimini zokuhlela. Zikuvumela ukuthi ugcine insizakalo ehlanganisa, isibonelo, i-deployment nginx, deployment php-fpm, config for Ingress, configmaps (leli yibhizinisi elikuvumela ukuthi usethe i-env namanye amapharamitha ohlelo lwakho) ngendlela yokuthi- okuthiwa amashadi. Ngesikhathi esifanayo Helm igijima phezu kwe-Kubernetes. Okusho ukuthi, lolu akulona uhlobo oluthile lwesistimu olumi eceleni, kodwa enye insizakalo eyethulwe ngaphakathi kwe-cube. Usebenzisana nayo nge-API yayo ngomyalo wekhonsoli. Ubuhle nobuhle bayo ukuthi noma ngabe i-helm iphuka noma uyisusa ku-cluster, izinsizakalo zakho ngeke zinyamalale, ngoba i-helm empeleni isebenza kuphela ukuqala uhlelo. I-Kubernetes yona-ke inesibopho sokusebenza kanye nesimo sezinsizakalo.

Nathi sakubona lokho ukwenza isifanekiso, esiphoqeleke ukuthi sizenze ngokwethu ngokwethula i-jinja ezinhlelweni zethu, ingenye yezici eziyinhloko ze-helm. Zonke izilungiselelo ozidalela amasistimu akho zigcinwa ku-helm ngendlela yezifanekiso, ezifana kancane ne-jinja, kodwa, empeleni, kusetshenziswa isifanekiso solimi lwe-Go, lapho kubhalwe khona i-helm, njenge-Kubernetes.

UHelm usengeza imiqondo embalwa eyengeziwe kithi.

ishadi - lena incazelo yesevisi yakho. Kwabanye abaphathi bephakheji izobizwa ngokuthi iphakheji, inqwaba noma into efanayo. Lapha kubizwa ngeshadi.

Izindinganiso yizinto eziguquguqukayo ofuna ukuzisebenzisa ukwakha izilungiselelo zakho kusuka kuzifanekiso.

release. Ngaso sonke isikhathi isevisi esetshenziswa kusetshenziswa i-helm ithola inguqulo ekhuphukayo yokukhishwa. UHelm ukhumbula ukuthi ukulungiselelwa kwesevisi bekuyini ekukhishweni kwangaphambilini, ukukhishwa ngaphambi kwalokho, nokunye. Ngakho-ke, uma udinga ukuhlehlisa, vele usebenzise umyalo wokuphinda ushaye i-helm, uwukhomba enguqulweni yangaphambilini yokukhishwa. Ngisho noma ukulungiselelwa okuhambisanayo kunqolobane yakho kungatholakali ngesikhathi sokubuyisela emuva, i-helm isazokhumbula ukuthi ibiyini futhi izobuyisela isistimu yakho esimweni ebikuso ekukhishweni kwangaphambilini.

Esimeni lapho sisebenzisa i-helm, ukucushwa okujwayelekile kwe-Kubernetes nakho kuphenduka izifanekiso lapho kungenzeka khona ukusebenzisa okuguquguqukayo, imisebenzi, nokusebenzisa izitatimende ezinemibandela. Ngale ndlela ungakwazi ukuqoqa ukucushwa kwesevisi yakho kuye ngendawo.

Ithumela izinhlelo zokusebenza ku-VM, Nomad kanye ne-Kubernetes

Ngokuzijwayeza, sinqume ukwenza izinto ngendlela ehlukile kunaleyo esiyenze noNomad. Uma ku-Nomad kokubili ukuhlelwa kokuthunyelwa kanye nokuguquguquka kwe-n obekudingeka ukuze kusetshenziswe insizakalo yethu kugcinwe endaweni yokugcina eyodwa, lapha sinqume ukukuhlukanisa kube amakhosombe amabili ahlukene. Inqolobane ethi "sebenzisa" igcina kuphela okuguquguqukayo kuka-n okudingekayo ukuze kusetshenziswe, futhi inqolobane ye-"helm" igcina izilungiselelo noma amashadi.

Ithumela izinhlelo zokusebenza ku-VM, Nomad kanye ne-Kubernetes

Kusinikeni lokhu?

Naphezu kweqiniso lokuthi asigcini noma iyiphi idatha ebucayi ngempela kumafayela okumisa ngokwawo. Isibonelo, amaphasiwedi kusizindalwazi. Zigcinwa njengezimfihlo ku-Kubernetes, kodwa nokho, kusenezinto ezithile lapho esingafuni ukunika wonke umuntu ukufinyelela kuzo. Ngakho-ke, ukufinyelela endaweni yokugcina ye-"deploy" kunqunyelwe kakhulu, futhi inqolobane ye-"helm" imane iqukethe incazelo yesevisi. Ngenxa yalesi sizathu, ingafinyelelwa ngokuphepha ngohlu olubanzi lwabantu.

Njengoba asinakho ukukhiqiza kuphela, kodwa futhi nezinye izindawo, ngenxa yalokhu kuhlukaniswa singasebenzisa kabusha amashadi ethu e-helm ukuze sikhiphe izinsizakalo hhayi ekukhiqizeni kuphela, kodwa futhi, isibonelo, endaweni ye-QA. Ngisho nokuwahambisa endaweni usebenzisa Minikube - lena into yokusebenzisa i-Kubernetes endaweni.

Ngaphakathi kwenqolobane ngayinye, sashiya ingxenye yaba izinkomba ezihlukene zenkonzo ngayinye. Okusho ukuthi, ngaphakathi kohla lwemibhalo ngalunye kunezifanekiso ezihlobene neshadi elihambisanayo futhi ezichaza izinsiza okudingeka zisetshenziswe ukuze kusetshenziswe isistimu yethu. Sishiye ama-envs kuphela endaweni yokugcina "yokuphakela". Kulokhu, asizange sisebenzise i-templates usebenzisa i-jinja, ngoba i-helm ngokwayo inikeza i-templates ngaphandle kwebhokisi - lokhu kungomunye wemisebenzi yayo eyinhloko.

Sishiye iskripthi sokuphakelwa - deploy.sh, esenza kube lula futhi silinganise ukwethulwa ukuze kusetshenziswe kusetshenziswa i-helm. Ngakho-ke, kunoma ubani ofuna ukuphakela, isixhumi esibonakalayo sokuthunyelwa sibukeka sifana ncamashi naso esasisenza lapho kuthunyelwa ngeNomad. I-deploy.sh efanayo, igama lesevisi yakho, nalapho ofuna ukuyisebenzisela khona. Lokhu kubangela ukuthi i-helm iqale ngaphakathi. Nayo, iqoqa okulungiselelwe kusuka kuzifanekiso, ifake amafayela amanani adingekayo kuzo, bese iwahambisa, iwafake ku-Kubernetes.

okutholakele

Isevisi ye-Kubernetes ibonakala iyinkimbinkimbi kune-Nomad.

Ithumela izinhlelo zokusebenza ku-VM, Nomad kanye ne-Kubernetes

Lapha ithrafikhi ephumayo iza e-Ingress. Lesi isilawuli sangaphambili, esithatha zonke izicelo bese sizithumela ezinsizeni ezihambisana nedatha yesicelo. Iwanquma ngokusekelwe kuzilungiselelo eziyingxenye yencazelo yohlelo lwakho lokusebenza ku-helm nokuthi yibaphi onjiniyela abazisetha ngokwabo. Isevisi ithumela izicelo kuma-pods ayo, okungukuthi, iziqukathi ezithile, ukulinganisa ithrafikhi engenayo phakathi kwazo zonke iziqukathi ezikule sevisi. Futhi, yiqiniso, akufanele sikhohlwe ukuthi akufanele siye noma yikuphi kusuka ekuvikelekeni ezingeni lenethiwekhi. Ngakho-ke, ukuhlukaniswa kusebenza kuqoqo le-Kubernetes, elisekelwe ekumaka. Zonke izinsiza zinamathegi athile lapho amalungelo ezinsizakalo okufinyelela kuzinsiza ezithile zangaphandle/zangaphakathi ngaphakathi noma ngaphandle kweqoqo ahlotshaniswa khona.

Njengoba senza izinguquko, sabona ukuthi u-Kubernetes wayenawo wonke amakhono e-Nomad, esasiwasebenzisile ngaphambilini, futhi wengeza izinto eziningi ezintsha. Inganwetshwa ngama-plugin, futhi empeleni ngezinhlobo zensiza yangokwezifiso. Okusho ukuthi, unethuba hhayi nje ukusebenzisa okuthile okuza no-Kubernetes ngaphandle kwebhokisi, kodwa ukudala insiza yakho kanye nensizakalo ezofunda insiza yakho. Lokhu kukunikeza izinketho ezengeziwe zokwandisa isistimu yakho ngaphandle kokufaka kabusha i-Kubernetes futhi ngaphandle kokudinga ukuguqulwa.

Isibonelo sokusetshenziswa okunjalo yi-Prometheus, egijima ngaphakathi kweqoqo lethu le-Kubernetes. Ukuze iqale ukuqoqa amamethrikhi kusuka kusevisi ethile, sidinga ukwengeza uhlobo olwengeziwe lwesisetshenziswa, lokho okubizwa ngemonitha yesevisi, encazelweni yesevisi. I-Prometheus, ngenxa yokuthi ingakwazi ukufunda uhlobo lwensiza yangokwezifiso lapho yethulwa ku-Kubernetes, iqala ngokuzenzakalelayo ukuqoqa amamethrikhi ohlelweni olusha. Kulula kakhulu.

Ukuthunyelwa kokuqala esakwenza e-Kubernetes kwakungoMashi 2018. Futhi ngalesi sikhathi asikaze sibe nezinkinga ngakho. Isebenza ngokuzinza ngaphandle kwamaphutha abalulekile. Ngaphezu kwalokho, singayinweba ngokuqhubekayo. Namuhla sinamakhono anele enawo, futhi sithanda kakhulu ijubane lokuthuthuka kwe-Kubernetes. Njengamanje, ngaphezu kwama-container angu-3000 aseKubernetes. Iqoqo lithatha amaNodes amaningana. Ngesikhathi esifanayo, iyasebenziseka, izinzile futhi iyalawuleka kakhulu.

Source: www.habr.com

Engeza amazwana