Ukuhunyushwa kwesihloko kwalungiselelwa ngobusuku bangaphambi kokuqala kwesifundo
Indlela yokulondoloza ezindlekweni zamafu lapho usebenza neKubernetes? Asikho isisombululo esisodwa esilungile, kodwa lesi sihloko sichaza amathuluzi amaningana angakusiza ukuphatha izinsiza zakho ngokuphumelelayo futhi unciphise izindleko zakho ze-cloud computing.
Ngibhale lesi sihloko nge-Kubernetes ye-AWS engqondweni, kodwa izosebenza (cishe) ngendlela efanayo nakwabanye abahlinzeki bamafu. Ngicabanga ukuthi amaqoqo akho asevele anokulinganisa okuzenzakalelayo okumisiwe (
Lesi sihloko sizohlanganisa:
- ukuhlanza izinsiza ezingasetshenzisiwe (
kube-janitor ) - Nciphisa ukukala ngesikhathi samahora angasebenzanga (
kube-downscaler ) - usebenzisa i-horizontal autoscaling (HPA),
- ukuncishiswa kokubhukwa kwezinsiza ngokweqile (
kube-resource-report , VPA) - usebenzisa ama-Spot cases
Ukuhlanza izinsiza ezingasetshenzisiwe
Ukusebenza endaweni esheshayo kuhle kakhulu. Sifuna izinhlangano zobuchwepheshe
(UHenning Jacobs:
Zhiza:
(ucaphuna) uCorey Quinn:
Inganekwane: I-akhawunti yakho ye-AWS iwumsebenzi wenombolo yabasebenzisi onabo.
Iqiniso: Isikolo sakho se-AWS siwumsebenzi wenani lonjiniyela onabo.
Impendulo ivela ku- Ivan Kurnosov:
Iqiniso langempela: Isikolo sakho se-AWS siwumsebenzi wenani lezinto okhohlwe ukuzicisha/ukuzisusa.)
- Imithetho ye-Cluster-wide ingachaza isikhathi esiphezulu sokuphila (TTL) sokuphakelwa kwe-PR/ukuhlola.
- Izinsiza ngazinye zingachazelwa nge-janitor/ttl, isibonelo ukususa ngokuzenzakalelayo i-spike/prototype ngemva kwezinsuku ezingu-7.
Imithetho evamile ichazwa kufayela le-YAML. Indlela yayo idlula kupharamitha --rules-file
kube-janitor. Nasi isibonelo somthetho ozosusa ngawo zonke izikhala zamagama -pr-
egameni ngemva kwezinsuku ezimbili:
- id: cleanup-resources-from-pull-requests
resources:
- namespaces
jmespath: "contains(metadata.name, '-pr-')"
ttl: 2d
Isibonelo esilandelayo silawula ukusetshenziswa kwelebula yohlelo lokusebenza ku-Deployment kanye ne-StatefulSet pods yawo wonke ama-Deployments/StatefulSets amasha ngo-2020, kodwa ngesikhathi esifanayo sivumela ukwenziwa kohlolo ngaphandle kwale lebula iviki lonke:
- id: require-application-label
# удалить deployments и statefulsets без метки "application"
resources:
- deployments
- statefulsets
# см. http://jmespath.org/specification.html
jmespath: "!(spec.template.metadata.labels.application) && metadata.creationTimestamp > '2020-01-01'"
ttl: 7d
Qalisa idemo enesikhathi esinqunyelwe imizuzu engama-30 kuqoqo elisebenzisa i-kube-janitor:
kubectl run nginx-demo --image=nginx
kubectl annotate deploy nginx-demo janitor/ttl=30m
Omunye umthombo wezindleko ezikhulayo amavolumu aqhubekayo (AWS EBS). Ukususa i-Kubernetes StatefulSet akususi amavolumu ayo aqhubekayo (PVC - PersistentVolumeClaim). Imiqulu ye-EBS engasetshenzisiwe ingaholela kalula ezindlekweni zamakhulu amadola ngenyanga. I-Kubernetes Janitor inesici sokuhlanza ama-PVC angasetshenzisiwe. Isibonelo, lesi simiso sizosusa wonke ama-PVC angakhwezwanga yimojuli futhi angakhonjwanga yi-StatefulSet noma i-CronJob:
# удалить все PVC, которые не смонтированы и на которые не ссылаются StatefulSets
- id: remove-unused-pvcs
resources:
- persistentvolumeclaims
jmespath: "_context.pvc_is_not_mounted && _context.pvc_is_not_referenced"
ttl: 24h
I-Kubernetes Janitor ingakusiza ugcine iqoqo lakho lihlanzekile futhi uvimbele izindleko zekhompuyutha yamafu ukuthi zinganqwabelana kancane. Ukuze uthole imiyalelo yokusebenzisa nokumisa, landela
Yehlisa ukukala ngamahora angewona awomsebenzi
Amasistimu okuhlola nesiteji ngokuvamile adingeka ukuze asebenze kuphela phakathi namahora ebhizinisi. Ezinye izinhlelo zokusebenza zokukhiqiza, njengamathuluzi angemuva ehhovisi/zokuphatha, nazo zidinga ukutholakala okulinganiselwe futhi zingase zikhutshazwe ngobusuku obubodwa.
image: hjacobs/kube-downscaler:20.4.3
args:
- --interval=30
# не отключать компоненты инфраструктуры
- --exclude-namespaces=kube-system,infra
# не отключать kube-downscaler, а также оставить Postgres Operator, чтобы исключенными БД можно было управлять
- --exclude-deployments=kube-downscaler,postgres-operator
- --default-uptime=Mon-Fri 08:00-20:00 Europe/Berlin
- --include-resources=deployments,statefulsets,stacks,cronjobs
- --deployment-time-annotation=deployment-time
Nali igrafu yokukala izindawo zezisebenzi zeqoqo ngezimpelasonto:
Ukwehlisela phansi ukusuka ku- ~ 13 kuya ku-4 amanodi ezisebenzi ngokuqinisekile kwenza umehluko obonakalayo kubhili yakho ye-AWS.
Kodwa kuthiwani uma ngidinga ukusebenza ngesikhathi "sokuphumula" seqoqo? Okunye ukuthunyelwa kungakhishwa unomphela ekulinganisweni ngokwengeza isikali esiphansi/okungabandakanyi: isichasiselo sangempela. Ukuthunyelwa kungakhishwa okwesikhashana kusetshenziswa isikali esiphansi/kungabandakanyi-kuze kube isichasiselo esinesitembu sesikhathi esiphelele ngefomethi ethi YYYY-MM-DD HH:MM (UTC). Uma kunesidingo, iqoqo lonke lingancishiswa ngokuthumela i-pod ngesichasiselo downscaler/force-uptime
, ngokwesibonelo, ngokwethula i-nginx blank:
kubectl run scale-up --image=nginx
kubectl annotate deploy scale-up janitor/ttl=1h # удалить развертывание через час
kubectl annotate pod $(kubectl get pod -l run=scale-up -o jsonpath="{.items[0].metadata.name}") downscaler/force-uptime=true
Bheka
Sebenzisa i-autoscaling evundlile
Izinhlelo zokusebenza/izinsizakalo eziningi zibhekana nephethini yokulayisha eguqukayo: kwesinye isikhathi amamojula azo awasebenzi, futhi kwesinye isikhathi asebenza ngokugcwele. Ukusebenzisa inqwaba yama-pods ukuze ubhekane nenani eliphakeme kakhulu akukona ukonga. I-Kubernetes isekela ukukala okuzenzakalelayo okuvundlile kuyo yonke insiza
apiVersion: autoscaling/v2beta2
kind: HorizontalPodAutoscaler
metadata:
name: my-app
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: my-app
minReplicas: 3
maxReplicas: 10
metrics:
- type: Resource
resource:
name: cpu
target:
averageUtilization: 100
type: Utilization
I-Zalando idale ingxenye yokuxhuma kalula amamethrikhi angokwezifiso wokukala:
apiVersion: autoscaling/v2beta2
kind: HorizontalPodAutoscaler
metadata:
name: myapp-hpa
annotations:
# metric-config.<metricType>.<metricName>.<collectorName>/<configKey>
metric-config.pods.requests-per-second.json-path/json-key: "$.http_server.rps"
metric-config.pods.requests-per-second.json-path/path: /metrics
metric-config.pods.requests-per-second.json-path/port: "9090"
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: myapp
minReplicas: 1
maxReplicas: 10
metrics:
- type: Pods
pods:
metric:
name: requests-per-second
target:
averageValue: 1k
type: AverageValue
Ukulungiselela ukulinganisa okuzenzakalelayo okuvundlile nge-HPA kufanele kube esinye sezenzo ezizenzakalelayo zokuthuthukisa ukusebenza kahle kwezinsizakalo ezingenasisekelo. I-Spotify inesethulo esinolwazi kanye nezincomo ze-HPA:
Yehlisa ukubhukwa ngokweqile kwezinsiza
Umthwalo we-Kubernetes unquma izidingo zabo ze-CPU/inkumbulo “ngezicelo zensiza.” Izinsiza ze-CPU zikalwa ngama-virtual cores noma ngokuvamile “ngama-millicores”, isibonelo u-500m usho u-50% we-vCPU. Izinsiza zememori zikalwa ngamabhayithi, futhi izijobelelo ezivamile zingasetshenziswa, njenge-500Mi, okusho ukuthi amamegabhayithi angu-500. Izinsiza zicela umthamo "wokukhiya" kumanodi ezisebenzi, okusho ukuthi i-pod enesicelo esingu-1000m CPU endaweni enama-vCPU angu-4 izoshiya ama-vCPU angu-3 kuphela atholakala kwamanye ama-pod.
I-Slack (ukubhuka okweqile) umehluko phakathi kwezinsiza eziceliwe kanye nokusetshenziswa kwangempela. Isibonelo, i-pod ecela i-2 GiB yenkumbulo kodwa isebenzisa kuphela i-200 MiB ine-~1,8 GiB yememori "eqile". Ukweqisa kubiza imali. Umuntu angalinganisela ukuthi i-1 GiB yememori engasasebenzi ibiza ~$10 ngenyanga.
Ukunciphisa isicelo se-CPU sisuka ku-3000m siye ku-400m kukhulula izinsiza zeminye imithwalo yomsebenzi futhi kuvumela iqoqo ukuthi libe lincane.
"Isilinganiso sokusetshenziswa kwe-CPU kwezimo ze-EC2 kuvame ukuhamba ebangeni lephesenti elinedijithi eyodwa,"
Kodwa ingabe ngempela sifuna abantu baguqule amanani kumafayela e-YAML? Cha, imishini ingakwenza kangcono kakhulu! Kubernetes
Ngabhala encane
Ukusebenzisa i-EC2 Spot Instances
Okokugcina, izindleko ze-AWS EC2 zingancishiswa ngokusebenzisa izimo ze-Spot njengamanodi omsebenzi we-Kubernetes
Ungayisebenzisa kanjani i-Kubernetes ku-EC2 Spot? Kunezinketho ezimbalwa: sebenzisa isevisi yenkampani yangaphandle efana ne-SpotInst (manje ebizwa ngokuthi "Spot", ungangibuzi ukuthi kungani), noma mane ungeze i-Spot AutoScalingGroup (ASG) kuqoqo lakho. Isibonelo, nali amazwibela e-CloudFormation e-"capacity-optimized" Spot ASG enezinhlobo zezibonelo eziningi:
MySpotAutoScalingGroup:
Properties:
HealthCheckGracePeriod: 300
HealthCheckType: EC2
MixedInstancesPolicy:
InstancesDistribution:
OnDemandPercentageAboveBaseCapacity: 0
SpotAllocationStrategy: capacity-optimized
LaunchTemplate:
LaunchTemplateSpecification:
LaunchTemplateId: !Ref LaunchTemplate
Version: !GetAtt LaunchTemplate.LatestVersionNumber
Overrides:
- InstanceType: "m4.2xlarge"
- InstanceType: "m4.4xlarge"
- InstanceType: "m5.2xlarge"
- InstanceType: "m5.4xlarge"
- InstanceType: "r4.2xlarge"
- InstanceType: "r4.4xlarge"
LaunchTemplate:
LaunchTemplateId: !Ref LaunchTemplate
Version: !GetAtt LaunchTemplate.LatestVersionNumber
MinSize: 0
MaxSize: 100
Tags:
- Key: k8s.io/cluster-autoscaler/node-template/label/aws.amazon.com/spot
PropagateAtLaunch: true
Value: "true"
Amanye amanothi ngokusebenzisa i-Spot nge-Kubernetes:
- Udinga ukuphatha ukunqanyulwa kwe-Spot, isibonelo ngokuhlanganisa i-node lapho isenzakalo simiswa
- I-Zalando isebenzisa
imfoloko i-autoscaling ye-cluster esemthethweni enokubaluleka kwe-node pool - Ama-spot nodes
angaphoqwa yamukela "ukubhaliswa" kwemithwalo yomsebenzi ezoqhutshwa e-Spot
Isifingqo
Ngithemba ukuthi uthola amanye amathuluzi ethulwa ewusizo ekwehliseni ibhili yakho yamafu. Ungathola okuningi okuqukethwe yi-athikili futhi ku-
Yiziphi izindlela zakho ezihamba phambili zokonga izindleko zamafu ku-Kubernetes? Ngicela ungazise ku
Source: www.habr.com