Sawubona Habr!
Simele ithimba lenkundla ye-Exness. Ozakwethu ngaphambilini babhale udaba mayelana Namuhla sifuna ukwabelana ngolwazi lwethu ngezinsizakalo zokuthuthela e-Kubernetes.
Ukuqala, sikunikeza izinombolo ukuze uqonde kangcono esizoxoxa ngakho:
- Umnyango wethu wokuthuthukisa uqukethe abantu abangaphezu kwe-100, okuhlanganisa namaqembu ahlukene angaphezu kwe-10 anezinqubo ezizimele ze-QA, i-DevOps, ne-Scrum. Isitaki sethu sokuthuthukisa sihlanganisa iPython, PHP, C++, Java, neGolang.
- Izimo zokuhlola nezokukhiqiza ngayinye iqukethe cishe iziqukathi ezingu-2000. Aphethwe yi-Rancher v1.6 endaweni yayo ye-virtualization platform nangaphansi kwe-VMware.
Ukugqugquzela
Njengoba isisho sisho, akukho okuhlala unomphela, futhi uRancher umemezele ukuphela kokusekelwa kwenguqulo 1.6 esikhathini eside esidlule. Yebo, ngaphezu kweminyaka emithathu, sifunde ukuthi singayithuthukisa kanjani futhi sixazulule noma yiziphi izinkinga eziphakamayo, kodwa siye sabhekana nezinkinga ezingasoze zalungiswa. I-Rancher 1.6 futhi inesistimu yezimvume eziqinile, lapho ungenza khona cishe yonke into noma ungenzi lutho.
Nakuba ukwenziwa kwezinto ezibonakalayo komdabu kunikeze ukulawula okukhulu ekugcinweni kwedatha nokuvikeleka, kuphinde kwabeka izindleko zokusebenza okunzima ukuzibekezelela uma kubhekwa ukukhula okuqhubekayo kwenkampani, inani lamaphrojekthi, nezimfuneko.
Besifuna ukulandela amazinga e-IaC futhi, uma kudingeka, sithole umthamo ngokushesha, kunoma iyiphi indawo futhi ngaphandle kokukhiya komthengisi, futhi sikwazi ukukushiya ngokushesha.
izinyathelo zokuqala
Okokuqala nokubalulekile, besifuna ukuthembela kubuchwepheshe besimanje nezixazululo ezizokwenza amaqembu abe nomjikelezo wokuthuthukisa osheshayo futhi anciphise izindleko zokusebenza ezihambisana nokusebenzisana nenkundla enikeza amandla.
Yiqiniso, into yokuqala eyafika engqondweni yethu kwakunguKubernetes, kodwa asizange sigijimele ezintweni futhi senza ucwaningo ukuze siqiniseke ukuthi kwakuyisinqumo esifanele. Sihlole izixazululo zomthombo ovulekile kuphela, futhi empini engafanele, u-Kubernetes wavela njengomnqobi ocacile.
Okulandelayo kwafika umbuzo wokukhetha ithuluzi lokudala amaqoqo. Siqhathanise izixazululo ezaziwa kakhulu: i-kops, i-kubespray, ne-kubeadm.
Ekuqaleni, i-kubeadm yayibonakala iyinkimbinkimbi kakhulu, njengokuqamba kabusha isondo, futhi ama-kops ayentula ukuguquguquka.
Futhi owawina kwaba:
Saqala ukuzama nge-virtualization yethu kanye ne-AWS, sizama ukuphinda senze into efana nephethini yethu yangaphambilini yokuphathwa kwezinsiza, lapho wonke umuntu esebenzisa "iqembu" elifanayo. Futhi manje sineqembu lethu lokuqala, amancane ayi-10. imishini ebonakalayo, ezimbalwa zazo zitholakala e-AWS. Saqala ukuzama ukuthuthela amaqembu lapho, futhi konke kwabonakala kuhamba kahle, futhi indaba yayingaphela, kodwa…
Izinkinga Zokuqala
I-Ansible, isisekelo se-kubespray, akulona ithuluzi elilungile le-IaC: kukhona okungahlala kungalungile uma iletha ama-node ku-inthanethi nokungaxhunyiwe ku-inthanethi, edinga uhlobo oluthile lokungenelela, futhi incwadi yokudlala iziphathe ngendlela ehlukile kuzo zonke izinhlelo zokusebenza ezihlukene. Njengoba inani lamaqembu nama-node kuqoqo likhula, saqaphela ukuthi incwadi yokudlala ithatha isikhathi eside futhi eside ukusebenza. Isikhathi sethu esihle manje amahora angu-3,5. Ithini eyakho? 🙂
Futhi kubonakala sengathi i-bespray imane nje Inengqondo, futhi yonke into icacile ekuqaleni, kodwa:
Ekuqaleni kohambo, inhloso bekuwukwethula amakhono ku-AWS kuphela nasekusebenzeni okubonakalayo, kodwa-ke, njengoba kuvame ukwenzeka, izidingo zashintsha.
Ngenxa yalokhu, kwaba sobala ukuthi iphethini yethu yakudala yokuhlanganisa izinsiza zibe yisistimu yokucula eyodwa yayingazifanele izimo lapho amaqoqo ayesatshalaliswa kabanzi futhi elawulwa abahlinzeki abahlukahlukene.
Futhi kuba kubi kakhulu. Lapho wonke amaqembu esebenza phakathi kweqoqo elilodwa, izinsiza ezihlukahlukene ezine-NodeSelectors ezisethwe ngokungalungile zingaphahlazeka kumsingathi "wangaphandle" welinye iqembu futhi zimoshe izinsiza lapho. Futhi uma kwenziwa amabala, kwakunemibiko eqhubekayo yenkonzo eyodwa noma enye engasebenzi noma engasatshalaliswanga ngendlela efanele ngenxa yephutha lomuntu. Izibalo zezindleko zafakazela enye inkinga, ikakhulukazi uma kubhekwa izinselelo zokusabalalisa izinsiza kuzo zonke izindawo.
Ukunikeza amalungelo abasebenzi kwakuyindaba ehlukile: ithimba ngalinye lalifuna ukuba "yinhloko" yeqoqo futhi liyiphathe ngokuphelele, okungase kubangele ukuwa okuphelele, njengoba amaqembu amaningi azimele komunye nomunye.
Ungaba kanjani?
Ngokucabangela okungenhla kanye nezifiso zamaqembu zokuzimela, sifinyelele esiphethweni esilula: iqembu elilodwa - iqoqo elilodwa.
Ngakho sithole owesibili:
Bese kuba iqoqo lesithathu:
Lapha siqale ukucabanga: kuthiwani uma, ngonyaka, amaqembu ethu eneqoqo elingaphezu kwelilodwa? Ezindaweni ezihlukene zejografi, ngokwesibonelo, noma eziphethwe abahlinzeki abahlukene? Futhi abanye babo bazofuna ukukwazi ukuphakela ngokushesha iqoqo lesikhashana ukuze kuhlolwe okuthile.
Kungaba i-Kubernetes egcwele! Kuwuhlobo oluthile lwe-MultiKubernetes, kuvela.
Ngesikhathi esifanayo, sonke sizodinga ukuthi ngandlela thize sigcine wonke la maqoqo, sikwazi ukuphatha kalula ukufinyelela kuwo, kanye nokudala amasha futhi siyeke amadala ngaphandle kokungenelela okwenziwa ngesandla.
Sekudlule isikhathi saqala uhambo lwethu emhlabeni we-Kubernetes, ngakho-ke sinqume ukuphinda sihlole izixazululo ezitholakalayo. Kuvele ukuthi sekukhona eyodwa emakethe: Rancher 2.2.
Phakathi nesigaba sokuqala socwaningo lwethu, i-Rancher Labs yayisivele ikhiphe inguqulo yokuqala yesi-2. Nakuba yayingase isetshenziswe ngokushesha ngokusebenzisa isiqukathi esingenakho ukuncika kwangaphandle ngamapharamitha ambalwa noma ngokusebenzisa Ishadi le-HELM elisemthethweni, lizizwe lingapholishiwe, futhi sasingaqiniseki ukuthi singathembela yini kulesi sixazululo, kungakhathaliseki ukuthi sizothuthukiswa ngokuqhubekayo, noma sishiywe ngokushesha. I-paradigm yokuchofoza iqoqo ku-UI nayo ayizange isifanele, futhi besingafuni ukuboshelwa ku-RKE, njengoba iyithuluzi eligxile kancane.
I-Rancher 2.2 yayisivele isebenza kakhulu futhi, kanye nezinguqulo zangaphambilini, yayinezici eziningi ezithakazelisayo ezingaphandle kwebhokisi, njengokuhlanganiswa nabahlinzeki abaningi bangaphandle, iphuzu elilodwa lokusabalalisa izimvume namafayela e-kubeconfig, ukusebenzisa isithombe se-kubectl ngezimvume zakho ku-UI, kanye nezikhala zamagama (aka amaphrojekthi).
Kwakukhona nomphakathi owawusuvele uyakha eduze kwe-Rancher 2, futhi umhlinzeki we-HashiCorp Terraform wadalelwa ukuyiphatha, okusisizile ukuthi sihlanganise yonke into.
Kwenzenjani
Njengomphumela, sineqoqo elilodwa elincane elisebenzisa i-Rancher, elifinyeleleka kuwo wonke amanye amaqoqo, kanye namaqoqo amaningi axhunywe kuyo, ukufinyelela kunoma iyiphi enganikezwa kalula njengokwengeza umsebenzisi kuhla lwemibhalo lwe-LDAP, kungakhathaliseki ukuthi ikuphi nokuthi iziphi izisetshenziswa zomhlinzeki ezisebenzisayo.
Sisebenzisa i-gitlab-ci ne-Terraform, sidale isistimu esivumela ukuthi sakhe amaqoqo anoma yikuphi ukucushwa kubahlinzeki bamafu noma ingqalasizinda yethu siqu futhi siyixhume ku-Rancher. Lokhu konke kwenziwa ngesitayela se-IaC, lapho iqoqo ngalinye lichazwa yindawo yokugcina futhi isimo salo sihunyushwa. Amamojula amaningi axhunywe kumakhosombe angaphandle, ngakho-ke osekusele ukuthi ukwenze ukudlula okuguquguqukayo noma ukuchaza ukumisa kwakho ngokwezifiso ngezikhathi, okusiza ukunciphisa ukuphindaphinda kwekhodi.
Yebo, uhambo lwethu lusekude ukuphela, futhi izinselele eziningi ezijabulisayo ziseza, njengendawo eyodwa yokufinyelela yamalogi namamethrikhi kuwo wonke amaqoqo, i-service mesh, ama-gitops okuphathwa komthwalo wokusebenza kwamaqembu amaningi, nokunye okuningi. Sithemba ukuthi uzothola uhambo lwethu luthokozisa!
Isihloko sabhalwa ngu-A. Antipov, A. Ganush, Onjiniyela Benkundla.
Source: www.habr.com
