Sawubona Habr!
Simele ithimba lenkundla ye-Exness. Ngaphambilini, ozakwethu sebevele babhala isihloko mayelana . Namuhla sifuna ukwabelana ngolwazi lwethu lokuthuthela e-Kubernetes.
Okokuqala, sikunikeza izinombolo ezithile ukuze uqonde kangcono lokho okuzoxoxwa ngakho:
- Umnyango wethu wokuthuthukisa uqukethe abantu abangu-100+, okuhlanganisa namaqembu ahlukene angaphezu kwe-10 anezinqubo ezizimele ze-QA, i-DevOps ne-Scrum. Isitaki sokuthuthukisa - i-Python, i-PHP, i-C++, i-Java ne-Golang.
- Ubukhulu bezimo zokuhlola nezokukhiqiza cishe iziqukathi ezingu-2000 ngasinye. Basebenzisa i-Rancher v1.6 ngokubona kwabo futhi ngaphansi kwe-VMware.
Ukugqugquzela
Njengoba besho, akukho okuhlala phakade, futhi uRancher umemezele ukuphela kokusekelwa kwenguqulo 1.6 kudala impela. Yebo, eminyakeni engaphezu kwemithathu siye safunda indlela yokuyilungiselela nokuxazulula izinkinga eziphakamayo, kodwa ngokuvamile sibhekana nezinkinga ezingasoze zalungiswa. I-Rancher 1.6 futhi inesistimu ye-ossified yokukhipha amalungelo, lapho ungenza cishe yonke into noma ungenzi lutho.
Nakuba i-virtualization yobunikazi inikeze ukulawula okukhulu ekugcinweni kwedatha nokuvikeleka kwayo, yabeka izindleko zokusebenza okunzima ukuzamukela uma kubhekwa ukukhula okuqhubekayo kwenkampani, inani lamaphrojekthi kanye nezimfuneko zayo.
Besifuna ukulandela amazinga e-IaC futhi, uma kudingeka, sithole umthamo ngokushesha, kunoma iyiphi indawo futhi ngaphandle kokukhiya komthengisi, futhi sikwazi nokukushiya ngokushesha.
izinyathelo zokuqala
Okokuqala nje, besifuna ukuthembela kubuchwepheshe besimanje nezixazululo ezingavumela amaqembu ukuthi abe nomjikelezo wokuthuthuka osheshayo futhi anciphise izindleko zokusebenza zokusebenzelana nenkundla enikeza amandla.
Yiqiniso, into yokuqala eyafika engqondweni yethu kwakunguKubernetes, kodwa asizange sijabule futhi senza ucwaningo oluncane ukuze sibone ukuthi kwakuyisinqumo esifanele yini. Sihlole izixazululo zomthombo ovulekile kuphela, futhi empini engafanele, u-Kubernetes wanqoba ngaphandle kwemibandela.
Okulandelayo kwafika umbuzo wokukhetha ithuluzi lokudala amaqoqo. Siqhathanise izixazululo ezaziwa kakhulu: kops, kubespray, kubeadm.
Ukuqala, i-kubeadm kithi ibonakala iyinkimbinkimbi kakhulu, njengohlobo lomsunguli “webhayisikili,” futhi u-kops wayengenakho ukuguquguquka okwanele.
Futhi owawina kwaba:
Saqala ukuzama nge-virtualization yethu kanye ne-AWS, sizama ukudala kabusha okuthile okucishe kufane nephethini yethu yangaphambili yokuphatha izisetshenziswa, lapho wonke umuntu abelane “ngeqoqo” elifanayo. Futhi manje sineqoqo lethu lokuqala lemishini emincane eyi-10, embalwa yayo etholakala ku-AWS. Saqala ukuzama ukuthuthela amaqembu lapho, konke kwakubonakala sengathi "kuhle", futhi indaba ingaqedwa, kodwa ...
Izinkinga Zokuqala
Kuyaqondakala ukuthi i-kubespray yakhelwe phezu kwayo, akulona ithuluzi elikuvumela ukuthi ulandele i-IaC: lapho usebenzisa/ukukhipha ama-node, kukhona okungahambanga kahle njalo futhi kwakudingeka uhlobo oluthile lokungenelela, futhi lapho usebenzisa ama-OS ahlukene, incwadi yokudlala yayiziphatha ngendlela ehlukile. . Njengoba inani lamaqembu nama-node kuqoqo lalikhula, saqala ukuqaphela ukuthi incwadi yokudlala yayithatha isikhathi eside futhi isikhathi eside ukuqedwa, futhi ngenxa yalokho, irekhodi lethu lalingu-3,5 amahora, kuthiwani ngelakho? 🙂
Futhi kubonakala sengathi i-bespray imane nje Inengqondo, futhi yonke into icacile ekuqaleni, kodwa:
Ekuqaleni kohambo, umsebenzi bekuwukwethula amakhono ku-AWS kuphela nasekusebenzeni okubonakalayo, kodwa-ke, njengoba kuvame ukwenzeka, izidingo zashintsha.
Ngenxa yalokhu, kwaba sobala ukuthi iphethini yethu yakudala yokuhlanganisa izinsiza ohlelweni olulodwa lwe-orchestration yayingafaneleki - esimweni lapho amaqoqo ekude kakhulu futhi aphethwe abahlinzeki abahlukene.
Okunye okwengeziwe. Lapho wonke amaqembu esebenza phakathi kweqoqo elifanayo, izinsizakalo ezihlukahlukene ezine-NodeSelectors ezifakwe ngokungalungile zingandizela kumsingathi “wangaphandle” welinye iqembu futhi zisebenzise izinsiza lapho, futhi uma ukungcola kwakusethiwe, kwakunezicelo eziqhubekayo zokuthi isevisi eyodwa noma enye yayingasebenzi, akusatshalaliswanga ngendlela efanele ngenxa yesici somuntu. Enye inkinga kwakuwukubala izindleko, ikakhulukazi kucatshangelwa izinkinga zokusabalalisa izinsiza kuzo zonke izindawo.
Indaba ehlukile kwaba ukukhishwa kwamalungelo kubasebenzi: ithimba ngalinye lalifuna ukuba "ekhanda" leqoqo futhi liyiphathe ngokuphelele, okungabangela ukuwa okuphelele, njengoba amaqembu ngokuyisisekelo azimele komunye nomunye.
Ungaba kanjani?
Ngokucabangela lokhu okungenhla kanye nezifiso zamaqembu ukuthi azimele, senze isiphetho esilula: iqembu elilodwa - iqoqo elilodwa.
Ngakho sithole owesibili:
Bese kuba iqoqo lesithathu:
Sabe sesiqala ukucabanga: ake sithi ngonyaka amaqembu ethu azoba namaqoqo angaphezu kwelilodwa? Ezindaweni ezahlukene zezwe, isibonelo, noma ngaphansi kokulawulwa ngabahlinzeki abahlukene? Futhi abanye bazo bazofuna ukukwazi ukuphakela ngokushesha iqoqo lesikhashana kwezinye izivivinyo.
Ama-Kubernete aphelele ayezofika! Lolu uhlobo oluthile lwe-MultiKubernetes, kuvela.
Ngesikhathi esifanayo, sonke sizodinga ukuthi ngandlela thize sigcine wonke lawa maqoqo, sikwazi ukuphatha kalula ukufinyelela kuwo, kanye nokudala amasha kanye nokuqeda amadala ngaphandle kokungenelela okwenziwa ngesandla.
Sekudlule isikhathi kusukela ekuqaleni kohambo lwethu emhlabeni we-Kubernetes, futhi sanquma ukuphinda sihlole izixazululo ezikhona. Kwavela ukuthi isivele ikhona emakethe - Rancher 2.2.
Esigabeni sokuqala socwaningo lwethu, i-Rancher Labs yayisivele yenze ukukhishwa kokuqala kwenguqulo yesi-2, kodwa nakuba yayingase iphakanyiswe ngokushesha ngokwethula isitsha esingenakho ukuncika kwangaphandle esinamapharamitha ambalwa noma ngokusebenzisa Ishadi le-HELM elisemthethweni, kwakubonakala kuluhlaza. kithina, futhi besingazi noma singathembela kulesi sinqumo ukuthi sizothuthukiswa noma sishiywe ngokushesha. I-cluster = clicks paradigm ku-UI ngokwayo ayizange ihambisane nathi, futhi besingafuni ukuboshelwa ku-RKE, njengoba iyithuluzi eligxile kancane.
Inguqulo ye-Rancher 2.2 isivele inokubukeka okusebenzayo futhi, kanye nangaphambilini, yayinezici eziningi ezithakazelisayo ngaphandle kwebhokisi, njengokuhlanganiswa nabahlinzeki abaningi bangaphandle, iphuzu elilodwa lokusabalalisa amalungelo namafayela e-kubeconfig, ukwethula i-kubectl. isithombe esinamalungelo akho ku-UI, amaphrojekthi e-namespaces aka.
Kwakukhona nomphakathi owawusuvele usungulwe ngase-Rancher 2, futhi umhlinzeki obizwa ngokuthi i-HashiCorp Terraform wadalelwa ukuyiphatha, okusisizile ukuthi sihlanganise yonke into.
Kwenzenjani
Ngenxa yalokho, sigcine sineqoqo elilodwa elincane eligijima i-Rancher, elifinyeleleka kuwo wonke amanye amaqoqo, kanye namaqoqo amaningi axhunywe kuwo, ukufinyelela kunoma yikuphi okunganikezwa njengokwengeza umsebenzisi ohlwini lwemibhalo lwe-ldap, kungakhathaliseki ukuthi lapho itholakala khona nokuthi iziphi izinsiza zomhlinzeki ezisebenzisayo.
Kusetshenziswa i-gitlab-ci ne-Terraform, kwadalwa uhlelo olukuvumela ukuthi udale iqoqo lanoma yikuphi ukucushwa kubahlinzeki bamafu noma ingqalasizinda yethu bese ubaxhuma ku-Rancher. Konke lokhu kwenziwa ngesitayela se-IaC, lapho iqoqo ngalinye lichazwa yinqolobane, futhi isimo salo sihunyushwe. Ngesikhathi esifanayo, amamojula amaningi axhunywe kumakhosombe angaphandle ukuze okusele nje ukudlulisa okuguquguqukayo noma ukuchaza ukumisa kwakho ngokwezifiso ngezikhathi, okusiza ukunciphisa iphesenti lokuphindaphinda kwekhodi.
Yebo, uhambo lwethu lusekude ukuphela futhi kusenemisebenzi eminingi ethokozisayo ngaphambili, njengendawo eyodwa yokusebenza enamalogi namamethrikhi anoma yimaphi amaqoqo, i-service mesh, ama-gitops okuphatha imithwalo ku-multicluster nokunye okuningi. Sithemba ukuthi uzothola okuhlangenwe nakho kwethu kuthakazelisa!
Isihloko sabhalwa ngu-A. Antipov, A. Ganush, Onjiniyela Benkundla.
Source: www.habr.com