Ukuhunyushwa kwesihloko kwalungiselelwa ngobusuku bangaphambi kokuqala kwesifundo .
Indlela yokulondoloza ezindlekweni zamafu lapho usebenza neKubernetes? Asikho isisombululo esisodwa esilungile, kodwa lesi sihloko sichaza amathuluzi amaningana angakusiza ukuphatha izinsiza zakho ngokuphumelelayo futhi unciphise izindleko zakho ze-cloud computing.
Ngibhale lesi sihloko nge-Kubernetes ye-AWS engqondweni, kodwa izosebenza (cishe) ngendlela efanayo nakwabanye abahlinzeki bamafu. Ngicabanga ukuthi amaqoqo akho asevele anokulinganisa okuzenzakalelayo okumisiwe (). Ukususa izinsiza nokwehlisela phansi ukusetshenziswa kwakho kuzokongela imali kuphela uma futhi kunciphisa uxhaxha lwakho lwamanodi omsebenzi (izimo ze-EC2).
Lesi sihloko sizohlanganisa:
- ukuhlanza izinsiza ezingasetshenzisiwe ()
- Nciphisa ukukala ngesikhathi samahora angasebenzanga ()
- usebenzisa i-horizontal autoscaling (HPA),
- ukuncishiswa kokubhukwa kwezinsiza ngokweqile (, VPA)
- usebenzisa ama-Spot cases
Ukuhlanza izinsiza ezingasetshenzisiwe
Ukusebenza endaweni esheshayo kuhle kakhulu. Sifuna izinhlangano zobuchwepheshe . Ukulethwa kwesofthiwe okusheshayo futhi kusho ukuthunyelwa okwengeziwe kwe-PR, izindawo zokubuka kuqala, ama-prototypes, nezixazululo zezibalo. Konke kufakwa ku-Kubernetes. Ubani onesikhathi sokuhlanza mathupha ukuthunyelwa kokuhlolwa? Kulula ukukhohlwa mayelana nokususa isilingo esineviki elidala. Umthethosivivinywa wamafu uzogcina ukhuphuka ngenxa yento esikhohlwe ukuyivala:
(UHenning Jacobs:
Zhiza:
(ucaphuna) uCorey Quinn:
Inganekwane: I-akhawunti yakho ye-AWS iwumsebenzi wenombolo yabasebenzisi onabo.
Iqiniso: Isikolo sakho se-AWS siwumsebenzi wenani lonjiniyela onabo.
Impendulo ivela ku- Ivan Kurnosov:
Iqiniso langempela: Isikolo sakho se-AWS siwumsebenzi wenani lezinto okhohlwe ukuzicisha/ukuzisusa.)
(kube-janitor) isiza ukuhlanza iqoqo lakho. Ukucushwa komnakekeli kuvumelana nezimo kukho kokubili ukusetshenziswa komhlaba wonke nendawo:
- Imithetho ye-Cluster-wide ingachaza isikhathi esiphezulu sokuphila (TTL) sokuphakelwa kwe-PR/ukuhlola.
- Izinsiza ngazinye zingachazelwa nge-janitor/ttl, isibonelo ukususa ngokuzenzakalelayo i-spike/prototype ngemva kwezinsuku ezingu-7.
Imithetho evamile ichazwa kufayela le-YAML. Indlela yayo idlula kupharamitha --rules-file kube-janitor. Nasi isibonelo somthetho ozosusa ngawo zonke izikhala zamagama -pr- egameni ngemva kwezinsuku ezimbili:
- id: cleanup-resources-from-pull-requests
resources:
- namespaces
jmespath: "contains(metadata.name, '-pr-')"
ttl: 2dIsibonelo esilandelayo silawula ukusetshenziswa kwelebula yohlelo lokusebenza ku-Deployment kanye ne-StatefulSet pods yawo wonke ama-Deployments/StatefulSets amasha ngo-2020, kodwa ngesikhathi esifanayo sivumela ukwenziwa kohlolo ngaphandle kwale lebula iviki lonke:
- id: require-application-label
# удалить deployments и statefulsets без метки "application"
resources:
- deployments
- statefulsets
# см. http://jmespath.org/specification.html
jmespath: "!(spec.template.metadata.labels.application) && metadata.creationTimestamp > '2020-01-01'"
ttl: 7dQalisa idemo enesikhathi esinqunyelwe imizuzu engama-30 kuqoqo elisebenzisa i-kube-janitor:
kubectl run nginx-demo --image=nginx
kubectl annotate deploy nginx-demo janitor/ttl=30mOmunye umthombo wezindleko ezikhulayo amavolumu aqhubekayo (AWS EBS). Ukususa i-Kubernetes StatefulSet akususi amavolumu ayo aqhubekayo (PVC - PersistentVolumeClaim). Imiqulu ye-EBS engasetshenzisiwe ingaholela kalula ezindlekweni zamakhulu amadola ngenyanga. I-Kubernetes Janitor inesici sokuhlanza ama-PVC angasetshenzisiwe. Isibonelo, lesi simiso sizosusa wonke ama-PVC angakhwezwanga yimojuli futhi angakhonjwanga yi-StatefulSet noma i-CronJob:
# удалить все PVC, которые не смонтированы и на которые не ссылаются StatefulSets
- id: remove-unused-pvcs
resources:
- persistentvolumeclaims
jmespath: "_context.pvc_is_not_mounted && _context.pvc_is_not_referenced"
ttl: 24hI-Kubernetes Janitor ingakusiza ugcine iqoqo lakho lihlanzekile futhi uvimbele izindleko zekhompuyutha yamafu ukuthi zinganqwabelana kancane. Ukuze uthole imiyalelo yokusebenzisa nokumisa, landela .
Yehlisa ukukala ngamahora angewona awomsebenzi
Amasistimu okuhlola nesiteji ngokuvamile adingeka ukuze asebenze kuphela phakathi namahora ebhizinisi. Ezinye izinhlelo zokusebenza zokukhiqiza, njengamathuluzi angemuva ehhovisi/zokuphatha, nazo zidinga ukutholakala okulinganiselwe futhi zingase zikhutshazwe ngobusuku obubodwa.
(kube-downscaler) ivumela abasebenzisi nabaqhubi ukuthi behlise isistimu ngamahora angasebenzi. I-Deployments kanye ne-StatefulSets ingafinyelela ku-zero replicas. I-CronJobs ingase imiswe. I-Kubernetes Downscaler ilungiselelwe iqoqo lonke, indawo yegama eyodwa noma ngaphezulu, noma izinsiza ngazinye. Ungasetha noma "isikhathi sokungenzi lutho" noma, ngokuphambene, "isikhathi somsebenzi". Isibonelo, ukunciphisa ukukala ngangokunokwenzeka phakathi nobusuku nangezimpelasonto:
image: hjacobs/kube-downscaler:20.4.3
args:
- --interval=30
# не отключать компоненты инфраструктуры
- --exclude-namespaces=kube-system,infra
# не отключать kube-downscaler, а также оставить Postgres Operator, чтобы исключенными БД можно было управлять
- --exclude-deployments=kube-downscaler,postgres-operator
- --default-uptime=Mon-Fri 08:00-20:00 Europe/Berlin
- --include-resources=deployments,statefulsets,stacks,cronjobs
- --deployment-time-annotation=deployment-timeNali igrafu yokukala izindawo zezisebenzi zeqoqo ngezimpelasonto:
Ukwehlisela phansi ukusuka ku- ~ 13 kuya ku-4 amanodi ezisebenzi ngokuqinisekile kwenza umehluko obonakalayo kubhili yakho ye-AWS.
Kodwa kuthiwani uma ngidinga ukusebenza ngesikhathi "sokuphumula" seqoqo? Okunye ukuthunyelwa kungakhishwa unomphela ekulinganisweni ngokwengeza isikali esiphansi/okungabandakanyi: isichasiselo sangempela. Ukuthunyelwa kungakhishwa okwesikhashana kusetshenziswa isikali esiphansi/kungabandakanyi-kuze kube isichasiselo esinesitembu sesikhathi esiphelele ngefomethi ethi YYYY-MM-DD HH:MM (UTC). Uma kunesidingo, iqoqo lonke lingancishiswa ngokuthumela i-pod ngesichasiselo downscaler/force-uptime, ngokwesibonelo, ngokwethula i-nginx blank:
kubectl run scale-up --image=nginx
kubectl annotate deploy scale-up janitor/ttl=1h # удалить развертывание через час
kubectl annotate pod $(kubectl get pod -l run=scale-up -o jsonpath="{.items[0].metadata.name}") downscaler/force-uptime=trueBheka , uma unentshisekelo emiyalweni yokusebenzisa kanye nezinketho ezengeziwe.
Sebenzisa i-autoscaling evundlile
Izinhlelo zokusebenza/izinsizakalo eziningi zibhekana nephethini yokulayisha eguqukayo: kwesinye isikhathi amamojula azo awasebenzi, futhi kwesinye isikhathi asebenza ngokugcwele. Ukusebenzisa inqwaba yama-pods ukuze ubhekane nenani eliphakeme kakhulu akukona ukonga. I-Kubernetes isekela ukukala okuzenzakalelayo okuvundlile kuyo yonke insiza (HPA). Ukusetshenziswa kwe-CPU ngokuvamile kuyinkomba enhle yokukala:
apiVersion: autoscaling/v2beta2
kind: HorizontalPodAutoscaler
metadata:
name: my-app
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: my-app
minReplicas: 3
maxReplicas: 10
metrics:
- type: Resource
resource:
name: cpu
target:
averageUtilization: 100
type: UtilizationI-Zalando idale ingxenye yokuxhuma kalula amamethrikhi angokwezifiso wokukala: (kube-metrics-adapter) iyi-adaptha yamamethrikhi ejwayelekile ye-Kubernetes engaqoqa futhi inikeze amamethrikhi angokwezifiso nawangaphandle okulinganisa okuzenzakalelayo kwama-pods. Isekela ukukala ngokusekelwe kumamethrikhi e-Prometheus, imigqa ye-SQS, nezinye izilungiselelo. Isibonelo, ukukala ukusetshenziswa kwakho kumethrikhi yangokwezifiso emelwe uhlelo lokusebenza ngokwalo njenge-JSON ekusetshenzisweni kwamamethrikhi:
apiVersion: autoscaling/v2beta2
kind: HorizontalPodAutoscaler
metadata:
name: myapp-hpa
annotations:
# metric-config.<metricType>.<metricName>.<collectorName>/<configKey>
metric-config.pods.requests-per-second.json-path/json-key: "$.http_server.rps"
metric-config.pods.requests-per-second.json-path/path: /metrics
metric-config.pods.requests-per-second.json-path/port: "9090"
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: myapp
minReplicas: 1
maxReplicas: 10
metrics:
- type: Pods
pods:
metric:
name: requests-per-second
target:
averageValue: 1k
type: AverageValueUkulungiselela ukulinganisa okuzenzakalelayo okuvundlile nge-HPA kufanele kube esinye sezenzo ezizenzakalelayo zokuthuthukisa ukusebenza kahle kwezinsizakalo ezingenasisekelo. I-Spotify inesethulo esinolwazi kanye nezincomo ze-HPA: .
Yehlisa ukubhukwa ngokweqile kwezinsiza
Umthwalo we-Kubernetes unquma izidingo zabo ze-CPU/inkumbulo “ngezicelo zensiza.” Izinsiza ze-CPU zikalwa ngama-virtual cores noma ngokuvamile “ngama-millicores”, isibonelo u-500m usho u-50% we-vCPU. Izinsiza zememori zikalwa ngamabhayithi, futhi izijobelelo ezivamile zingasetshenziswa, njenge-500Mi, okusho ukuthi amamegabhayithi angu-500. Izinsiza zicela umthamo "wokukhiya" kumanodi ezisebenzi, okusho ukuthi i-pod enesicelo esingu-1000m CPU endaweni enama-vCPU angu-4 izoshiya ama-vCPU angu-3 kuphela atholakala kwamanye ama-pod.
I-Slack (ukubhuka okweqile) umehluko phakathi kwezinsiza eziceliwe kanye nokusetshenziswa kwangempela. Isibonelo, i-pod ecela i-2 GiB yenkumbulo kodwa isebenzisa kuphela i-200 MiB ine-~1,8 GiB yememori "eqile". Ukweqisa kubiza imali. Umuntu angalinganisela ukuthi i-1 GiB yememori engasasebenzi ibiza ~$10 ngenyanga.
(kube-resource-report) ibonisa imali egciniwe eyeqile futhi ingakusiza ukunquma amandla okonga:
ikhombisa okweqile okuhlanganiswe uhlelo lokusebenza nomyalo. Lokhu kukuvumela ukuthi uthole izindawo lapho izimfuno zezinsiza zingancishiswa. Umbiko we-HTML okhiqiziwe unikeza kuphela isifinyezo sokusetshenziswa kwensiza. Kufanele ubheke ukusetshenziswa kwe-CPU/inkumbulo ngokuhamba kwesikhathi ukuze unqume izicelo zensiza ezanele. Nali ishadi le-Grafana lesevisi "ejwayelekile" ye-CPU: wonke ama-pods asebenzisa okungaphansi kakhulu kwama-CPU cores angu-3 aceliwe:
Ukunciphisa isicelo se-CPU sisuka ku-3000m siye ku-400m kukhulula izinsiza zeminye imithwalo yomsebenzi futhi kuvumela iqoqo ukuthi libe lincane.
"Isilinganiso sokusetshenziswa kwe-CPU kwezimo ze-EC2 kuvame ukuhamba ebangeni lephesenti elinedijithi eyodwa," . Ngenkathi ku-EC2 Ukushintsha eminye imibuzo yensiza yakwa-Kubernetes kufayela le-YAML kulula futhi kungaletha ukonga okukhulu.
Kodwa ingabe ngempela sifuna abantu baguqule amanani kumafayela e-YAML? Cha, imishini ingakwenza kangcono kakhulu! Kubernetes (I-VPA) yenza lokho kanye: ivumelanisa izicelo zensiza kanye nezingqinamba ngokomthwalo womsebenzi. Nasi isibonelo segrafu yezicelo ze-Prometheus CPU (umugqa omncane oluhlaza okwesibhakabhaka) oshintshwe yi-VPA ngokuhamba kwesikhathi:
izingxenye zengqalasizinda. Izinhlelo zokusebenza ezingabalulekile zingasebenzisa i-VPA.
kusuka ku-Fairwind iyithuluzi elidala i-VPA ekusetshenzisweni ngakunye endaweni yegama bese libonisa isincomo se-VPA kudeshibhodi yayo. Ingasiza onjiniyela ukuthi bahlele izicelo ezilungile ze-CPU/inkumbulo yezinhlelo zabo zokusebenza:
Ngabhala encane ngo-2019, futhi kamuva nje .
Ukusebenzisa i-EC2 Spot Instances
Okokugcina, izindleko ze-AWS EC2 zingancishiswa ngokusebenzisa izimo ze-Spot njengamanodi omsebenzi we-Kubernetes . Izimo ezikhona zitholakala ngesaphulelo esingafika ku-90% uma kuqhathaniswa nezintengo ezifunwa kakhulu. Ukugijima i-Kubernetes ku-EC2 Spot inhlanganisela enhle: udinga ukucacisa izinhlobo ezimbalwa zezibonelo ezihlukene ukuze uthole ukutholakala okuphezulu, okusho ukuthi ungathola indawo enkulu ngentengo efanayo noma ephansi, futhi umthamo onyukile ungasetshenziswa yimithwalo yomsebenzi ye-Kubernetes efakwe esitsheni.
Ungayisebenzisa kanjani i-Kubernetes ku-EC2 Spot? Kunezinketho ezimbalwa: sebenzisa isevisi yenkampani yangaphandle efana ne-SpotInst (manje ebizwa ngokuthi "Spot", ungangibuzi ukuthi kungani), noma mane ungeze i-Spot AutoScalingGroup (ASG) kuqoqo lakho. Isibonelo, nali amazwibela e-CloudFormation e-"capacity-optimized" Spot ASG enezinhlobo zezibonelo eziningi:
MySpotAutoScalingGroup:
Properties:
HealthCheckGracePeriod: 300
HealthCheckType: EC2
MixedInstancesPolicy:
InstancesDistribution:
OnDemandPercentageAboveBaseCapacity: 0
SpotAllocationStrategy: capacity-optimized
LaunchTemplate:
LaunchTemplateSpecification:
LaunchTemplateId: !Ref LaunchTemplate
Version: !GetAtt LaunchTemplate.LatestVersionNumber
Overrides:
- InstanceType: "m4.2xlarge"
- InstanceType: "m4.4xlarge"
- InstanceType: "m5.2xlarge"
- InstanceType: "m5.4xlarge"
- InstanceType: "r4.2xlarge"
- InstanceType: "r4.4xlarge"
LaunchTemplate:
LaunchTemplateId: !Ref LaunchTemplate
Version: !GetAtt LaunchTemplate.LatestVersionNumber
MinSize: 0
MaxSize: 100
Tags:
- Key: k8s.io/cluster-autoscaler/node-template/label/aws.amazon.com/spot
PropagateAtLaunch: true
Value: "true"Amanye amanothi ngokusebenzisa i-Spot nge-Kubernetes:
- Udinga ukuphatha ukunqanyulwa kwe-Spot, isibonelo ngokuhlanganisa i-node lapho isenzakalo simiswa
- I-Zalando isebenzisa i-autoscaling ye-cluster esemthethweni enokubaluleka kwe-node pool
- Ama-spot nodes yamukela "ukubhaliswa" kwemithwalo yomsebenzi ezoqhutshwa e-Spot
Isifingqo
Ngithemba ukuthi uthola amanye amathuluzi ethulwa ewusizo ekwehliseni ibhili yakho yamafu. Ungathola okuningi okuqukethwe yi-athikili futhi ku- .
Yiziphi izindlela zakho ezihamba phambili zokonga izindleko zamafu ku-Kubernetes? Ngicela ungazise ku .
Eqinisweni, ama-vCPU angaphansi kuka-3 azohlala esebenziseka njengoba ukuphuma kwe-node kuncishiswa izinsiza zesistimu ezigodliwe. U-Kubernetes uhlukanisa phakathi komthamo we-node ebonakalayo kanye nezinsiza "ezinikeziwe" ().
Isibonelo sokubala: isibonelo esisodwa se-m5.large esine-8 GiB yenkumbulo ngu-~$84 inyanga (eu-central-1, On-Demand), i.e. ukuvimba 1/8 inodi cishe ~$10/ngenyanga.
Kunezindlela eziningi ezengeziwe zokunciphisa ibhili lakho le-EC2, njengeZimo Ezigciniwe, Uhlelo Lokulondoloza, njll. - Ngeke ngihlanganise lezo zihloko lapha, kodwa kufanele nakanjani uzibheke!
Source: www.habr.com