I-Docker Swarm, i-Kubernetes, ne-Mesos yizinhlaka ze-orchestration ezidume kakhulu. Enkulumeni yakhe, u-Arun Gupta uqhathanisa lezi zingxenye ezilandelayo ze-Docker, Swarm, kanye ne-Kubernetes:
- Ukuthuthukiswa kwendawo.
- Imisebenzi yokuthunyelwa.
- Multi-container izicelo.
- Ukutholwa kwesevisi.
- Ukukala isevisi.
- Imisebenzi eyenzeka kanye.
- Ukuhlanganiswa neMaven.
- "Rolling" isibuyekezo.
- Ukudala iqoqo lesizindalwazi se-Couchbase.
Ngenxa yalokho, uzothola ukuqonda okucacile kokuthi ithuluzi ngalinye le-orchestration linikezani futhi ufunde ukuthi ungasebenzisa kanjani lezi nkundla ngempumelelo.
U-Arun Gupta unguchwepheshe omkhulu wemikhiqizo yemithombo evulekile kwa-Amazon Web Services, oseneminyaka engaphezu kwengu-10 ethuthukisa imiphakathi yabathuthukisi beSun, Oracle, Red Hat kanye neCouchbase. Unolwazi oluningi lokusebenza emaqenjini ahlukahlukene asebenza ngokubambisana akha futhi asebenzise isu lemikhankaso nezinhlelo zokumaketha. Uhole amaqembu onjiniyela be-Sun, ungomunye wabasunguli beqembu le-Java EE nomsunguli wegatsha lase-US le-Devoxx4Kids. U-Arun Gupta ungumbhali wemibhalo engaphezu kuka-2 40 kuma-blog e-IT futhi usenikeze izinkulumo emazweni angaphezu kuka-XNUMX.
Ulayini 55 uqukethe i-COUCHBASE_URI ekhomba le nsizakalo yesizindalwazi, nayo edalwe kusetshenziswa ifayela lokumisa le-Kubernetes. Uma ubheka umugqa wesi-2, ungabona uhlobo: Isevisi iyisevisi engiyidalayo ebizwa ngokuthi i-couchbase-service, futhi igama elifanayo lisohlwini lomugqa wesi-4. Ngezansi kukhona izimbobo ezithile.
Imigqa eyisihluthulelo ingu-6 no-7. Enkonzweni ngithi, βHeyi, lawa amalebula engiwafunayo!β, futhi lawa malebula awalutho ngaphandle kwamagama ahlukene, kanye nomugqa ongu-7 ku-couchbase-rs-pod yami. isicelo. Okulandelayo yizimbobo ezinikeza ukufinyelela kulawa malebula afanayo.
Emgqeni we-19 ngakha uhlobo olusha lwe-ReplicaSet, umugqa 31 uqukethe igama lesithombe, futhi imigqa 24-27 ikhomba imethadatha ehlobene ne-pod yami. Yilokhu kanye isevisi ekufunayo nokuthi uxhumano kufanele lwenziwe kuphi. Ekupheleni kwefayela kukhona uhlobo oluthile lokuxhumana phakathi kolayini 55-56 no-4, othi: "sebenzisa le sevisi!"
Ngakho-ke, ngiqala isevisi yami uma kunesethi yokukopisha, futhi njengoba isethi ngayinye ye-replica inechweba layo elinelebula elihambisanayo, ifakiwe kusevisi. Ngokombono womthuthukisi, umane ushayele isevisi, bese isebenzisa isethi yamakhophi owadingayo.
Ngenxa yalokho, ngine-WildFly pod exhumana ne-backend yedatha nge-Couchbase Service. Ngingasebenzisa indawo engaphambili enamaphodi ambalwa e-WildFly, aphinde axhumane ne-backend ye-couchbase ngesevisi ye-couchbase.
Kamuva sizobheka ukuthi isevisi etholakala ngaphandle kweqoqo ixhumana kanjani ngekheli layo le-IP nezinto ezitholakala ngaphakathi kweqoqo futhi ezinekheli le-IP langaphakathi.
Ngakho-ke, iziqukathi ezingenasisekelo zinhle, kepha kuhle kangakanani ukusebenzisa iziqukathi ezisezingeni eliphakeme? Ake sibheke izilungiselelo zesistimu zeziqukathi eziqinile, noma eziphikelelayo. Ku-Docker, kunezindlela ezi-4 ezihlukene zokwakheka kwedatha okufanele uzinake. Eyokuqala i-Implicit Per-Container, okusho ukuthi uma usebenzisa iziqukathi ze-couchbase, i-MySQL noma i-MyDB egcwele amanzi, zonke ziqala ngebhokisi leSandbox elizenzakalelayo. Okusho ukuthi, yonke into egcinwe ku-database igcinwa esitsheni ngokwaso. Uma isitsha sinyamalala, idatha iyanyamalala kanye nayo.
Eyesibili i-Explicit Per-Container, lapho udala isitoreji esithile ngevolumu ye-docker dala umyalo futhi ugcine idatha kuso. Indlela yesithathu ye-Per-Host ihlotshaniswa nemephu yesitoreji, lapho yonke into egcinwe esitsheni iphindwa kanyekanye kumsingathi. Uma isiqukathi sihluleka, idatha izohlala kumsingathi. Lokhu kokugcina ukusetshenziswa kwama-Multi-Host hosts, okunconywayo esigabeni sokukhiqiza izixazululo ezihlukahlukene. Ake sithi iziqukathi zakho ezinezinhlelo zakho zokusebenza ziyasebenza kumsingathi, kodwa ufuna ukugcina idatha yakho ndawana thize ku-inthanethi, futhi kulokhu usebenzisa imephu ezenzakalelayo kumasistimu asabalalisiwe.
Ngayinye yalezi zindlela isebenzisa indawo ethile yokugcina. Idatha yesitolo Engacacile futhi Ecacile Ngesitsha ngasinye kumsingathi ku-/var/lib/docker/volumes. Uma usebenzisa indlela ye-Per-Host, indawo yokubeka ifakwa ngaphakathi kwesitsha, futhi isiqukathi ngokwaso sigxunyekwe kumsingathi. Kumahostela amaningi, izixazululo ezifana ne-Ceph, ClusterFS, NFS, njll. zingasetshenziswa.
Uma isiqukathi esibeleselayo sihluleka, uhla lwemibhalo lwesitoreji alufinyeleleki ezimweni ezimbili zokuqala, kodwa ezimweni ezimbili zokugcina ukufinyelela kugcinwa. Kodwa-ke, esimweni sokuqala, ungafinyelela indawo yokugcina ngomgcini we-Docker osebenza emshinini obonakalayo. Esimeni sesibili, idatha ngeke ilahleke futhi, ngoba udale isitoreji Esicacile.
Uma umsingathi ehluleka, uhla lwemibhalo lwesitoreji alutholakali ezimweni ezintathu zokuqala; esimweni sokugcina, ukuxhumana nesitoreji akuphazamiseki. Ekugcineni, umsebenzi owabiwe awubandakanyi ngokuphelele ukugcinwa esimweni sokuqala futhi kungenzeka kokunye. Esimeni sesibili, ungakwazi ukwabelana ngesitoreji kuye ngokuthi isizindalwazi sakho siyasisekela yini isitoreji esabalalisiwe noma cha. Endabeni ye-Per-Host, ukusatshalaliswa kwedatha kungenzeka kuphela kumsingathi othile, futhi kuma-multihost kunikezwa ukunwetshwa kweqoqo.
Lokhu kufanele kucatshangelwe lapho kwakhiwa iziqukathi ezisezingeni eliphakeme. Elinye ithuluzi le-Docker eliwusizo i-plugin ye-Volume, esebenza ngomgomo othi "amabhethri akhona, kodwa kufanele ashintshwe." Uma uqala isitsha se-Docker, sithi, "Heyi, uma usuqale isitsha esine-database, ungagcina idatha yakho kulesi sitsha!" Lesi isici esizenzakalelayo, kodwa ungasishintsha. Le plugin ikuvumela ukuthi usebenzise idrayivu yenethiwekhi noma into efanayo esikhundleni sesizindalwazi sesitsha. Kuhlanganisa umshayeli ozenzakalelayo wesitoreji esisekelwe kumsingathi futhi ivumela ukuhlanganiswa kweziqukathi nezinhlelo zokugcina zangaphandle ezifana ne-Amazon EBS, i-Azure Storage kanye ne-GCE Persistent disks.
Isilayidi esilandelayo sibonisa ukwakheka kwe-plugin ye-Docker Volume.
Umbala oluhlaza okwesibhakabhaka umele iklayenti le-Docker elihlotshaniswa nomsingathi we-Docker eluhlaza okwesibhakabhaka, onenjini yokugcina Indawo ekunikeza iziqukathi zokugcina idatha. Okuluhlaza kubonisa i-Plugin Client kanye ne-Plugin Daemon, nazo ezixhunywe kumsingathi. Banikeza ithuba lokugcina idatha kusitoreji senethiwekhi sohlobo Lwe-Store Backend oludingayo.
I-plugin ye-Docker Volume ingasetshenziswa nesitoreji se-Portworx. Imojula ye-PX-Dev empeleni iyisitsha osisebenzisayo esixhuma kumsingathi wakho we-Docker futhi ikuvumela ukuthi ugcine kalula idatha ku-Amazon EBS.
Iklayenti le-Portworx likuvumela ukuthi uqaphe isimo seziqukathi zesitoreji ezihlukahlukene ezixhunywe kumsingathi wakho. Uma uvakashela ibhulogi yami, ungafunda ukuthi ungayisebenzisa kanjani ngokugcwele i-Portworx nge-Docker.
Umqondo wokulondoloza ku-Kubernetes ufana ne-Docker futhi umelwe izinkomba ezifinyeleleka esitsheni sakho ku-pod. Zizimele esikhathini sokuphila kwanoma yisiphi isiqukathi. Izinhlobo zokugcina ezivame kakhulu ezitholakalayo yi-hostPath, nfs, awsElasticBlockStore, kanye ne-gsePersistentDisk. Ake sibheke ukuthi lezi zitolo zisebenza kanjani e-Kubernetes. Ngokuvamile, inqubo yokuwaxhuma iqukethe izinyathelo ezi-3.
Okokuqala ukuthi othile ohlangothini lwenethiwekhi, ngokuvamile umlawuli, ukuhlinzeka ngesitoreji esiqhubekayo. Kunefayela elihambisanayo le-PersistentVolume lalokhu. Okulandelayo, umthuthukisi wohlelo lokusebenza ubhala ifayela lokucushwa elibizwa nge-PersistentVolumeClaim, noma isicelo sesitoreji se-PVC, esithi: βNgino-50GB wesitoreji esisabalalisiwe esihlinzekiwe, kodwa ukuze abanye abantu basebenzise umthamo waso, ngitshela le PVC ukuthi njengamanje. ngidinga i-10 GB kuphela". Okokugcina, isinyathelo sesithathu ukuthi isicelo sakho sifakwe njengesitoreji, futhi uhlelo lokusebenza olune-pod, noma isethi ye-replica, noma into efanayo, iqala ukusisebenzisa. Kubalulekile ukukhumbula ukuthi le nqubo iqukethe izinyathelo ezi-3 ezishiwo futhi iyakaleka.
Isilayidi esilandelayo sibonisa i-Kubernetes Persistence Container yezakhiwo ze-AWS.
Ngaphakathi kukanxande onsundu omele iqoqo le-Kubernetes, kune-master node eyodwa namanodi amabili ezisebenzi, aboniswe ngokuphuzi. Enye yamanodi ezisebenzi iqukethe iphodi eliwolintshi, isitoreji, isilawuli sokukopisha, kanye nesiqukathi esiluhlaza se-Docker Couchbase. Ngaphakathi kweqoqo, ngaphezu kwamanodi, unxande onsomi ubonisa Isevisi efinyeleleka ngaphandle. Lesi sakhiwo siyanconywa ukuze kugcinwe idatha kudivayisi ngokwayo. Uma kudingeka, ngingakwazi ukugcina idatha yami ku-EBS ngaphandle kweqoqo, njengoba kuboniswe kusilayidi esilandelayo. Lena imodeli evamile yokukala, kodwa kunesici sezezimali okufanele icatshangelwe lapho uyisebenzisa - ukugcina idatha ndawana thize kunethiwekhi kungabiza kakhulu kunomsingathi. Lapho ukhetha izixazululo ze-containation, lokhu kungenye yezimpikiswano ezinzima.
Njenge-Docker, ungasebenzisa iziqukathi eziqhubekayo ze-Kubernetes nge-Portworx.
Yilokhu ekusetshenzisweni kwamagama e-Kubernetes 1.6 yamanje okubizwa ngokuthi βI-StatefulSetβ - indlela yokusebenza nezinhlelo zokusebenza ezihlelekile ezicubungula imicimbi emayelana nokumisa i-Pod nokwenza i-Graceful Shutdown. Esimweni sethu, izinhlelo zokusebenza ezinjalo ziyisizindalwazi. Kubhulogi yami ungafunda ukuthi ungayenza kanjani i-StatefulSet ku-Kubernetes usebenzisa i-Portworx.
Ake sikhulume nge-aspect yentuthuko. Njengoba ngishilo, i-Docker inezinguqulo ezingu-2 - CE kanye ne-EE, esimweni sokuqala sikhuluma ngenguqulo ezinzile yoHlelo Lomphakathi, olubuyekezwa kanye njalo ezinyangeni ezi-3, ngokungafani nenguqulo yanyanga zonke ye-EE. Ungalanda i-Docker ye-Mac, Linux noma iWindows. Uma isifakiwe, i-Docker izobuyekeza ngokuzenzakalelayo futhi kulula kakhulu ukuqalisa.
Ku-Kubernetes, ngincamela inguqulo ye-Minikube - kuyindlela enhle yokuqala ngesikhulumi ngokwakha iqoqo endaweni eyodwa. Ukwakha amaqoqo amanodi amaningana, ukukhetha kwezinguqulo kubanzi: lezi yi-kops, kube-aws (CoreOS+AWS), kube-up (esiphelelwe yisikhathi). Uma ubheka ukusebenzisa i-Kubernetes esekelwe ku-AWS, ngincoma ukujoyina i-AWS SIG, ehlangana ku-inthanethi njalo ngoLwesihlanu futhi ishicilele izinto ezihlukahlukene ezithakazelisayo ekusebenzeni ne-AWS Kubernetes.
Ake sibheke ukuthi i-Rolling Update yenziwa kanjani kulezi zinkundla. Uma kukhona iqoqo lamanodi amaningana, bese lisebenzisa inguqulo ethile yesithombe, isibonelo, i-WildFly:1. Ukubuyekezwa okugoqekayo kusho ukuthi inguqulo yesithombe ithathelwa indawo entsha ngokulandelana, enye ngemva kwenye.
Ukwenza lokhu, ngisebenzisa umyalo we-docker service update (igama lesevisi), lapho ngicacisa khona inguqulo entsha yesithombe se-WildFly:2 kanye nendlela yokuvuselela i-update-parallelism 2. Inombolo 2 isho ukuthi uhlelo luzobuyekeza izithombe ezi-2 zohlelo lokusebenza. ngesikhathi esifanayo, khona-ke ukulibaziseka kwesibuyekezo se-10-yesibili 10s, ngemva kwalokho izithombe ezi-2 ezilandelayo zizobuyekezwa kuma-node angu-2 ngaphezulu, njll. Le ndlela elula yokuvuselela inikezwa wena njengengxenye ye-Docker.
Ku-Kubernetes, isibuyekezo esiqhubekayo sisebenza kanje. Isilawuli sokuphindaphinda i-rc sidala isethi yezifaniso zenguqulo efanayo, futhi i-pod ngayinye kule webapp-rc inikezwa ilebula etholakala ku- etcd. Uma ngidinga i-pod, ngisebenzisa Isevisi Yohlelo Lokusebenza ukuze ngifinyelele indawo yokugcina njll, engihlinzeka nge-pod ngisebenzisa ilebula eshiwo.
Kulokhu, sinamaphodi angu-3 kusilawuli sokuphindaphinda esisebenzisa uhlelo lwe-WildFly lwenguqulo 1. Uma kubuyekezwa ngemuva, esinye isilawuli sokuphindaphinda sidalwa sinegama elifanayo nenkomba ekugcineni - - xxxxx, lapho u-x eyizinombolo ezingahleliwe, futhi namalebula afanayo. Manje Isevisi Yohlelo lokusebenza inama-pod amathathu anenguqulo endala yohlelo lokusebenza kanye nama-pod amathathu anenguqulo entsha kusilawuli esisha sokuphindaphinda. Ngemuva kwalokhu, ama-pods amadala ayasuswa, isilawuli sokuphindaphinda esinama-pods amasha siqanjwa kabusha futhi sisetshenziswe.
Asiqhubekele ekuqapheni. I-Docker inemiyalo eminingi yokuqapha eyakhelwe ngaphakathi. Isibonelo, isixhumi esibonakalayo somugqa womyalo wezibalo zesiqukathi se-docker sikuvumela ukuthi ubonise ulwazi mayelana nesimo seziqukathi kukhonsoli njalo ngomzuzwana - ukusetshenziswa kweprosesa, ukusetshenziswa kwediski, umthwalo wenethiwekhi. Ithuluzi le-Docker Remote API linikeza idatha mayelana nokuthi iklayenti lixhumana kanjani neseva. Isebenzisa imiyalo elula, kepha isuselwe ku-Docker REST API. Kulokhu, amagama athi REST, Flash, Remote asho into efanayo. Uma uxhumana nomsingathi, i-REST API. I-Docker Remote API ikuvumela ukuthi uthole ulwazi olwengeziwe mayelana neziqukathi ezigijima. Ibhulogi yami ichaza imininingwane yokusebenzisa lokhu kuqapha nge-Windows Server.
Ukwengamela imicimbi yesistimu ye-docker lapho usebenzisa iqoqo labasingathi abaningi kwenza kube nokwenzeka ukuthola idatha mayelana nokuphahlazeka komsingathi noma ukuphahlazeka kwesiqukathi kumsingathi othile, izinsizakalo zokukala, nokunye okunjalo. Iqala nge-Docker 1.20, ifaka i-Prometheus, eshumeka amaphoyinti kuzinhlelo zokusebenza ezikhona. Lokhu kukuvumela ukuthi uthole amamethrikhi nge-HTTP futhi uwabonise kumadeshibhodi.
Esinye isici sokuqapha i-cAdvisor (ifushane kumeluleki weziqukathi). Ihlaziya futhi inikeze ukusetshenziswa kwensiza kanye nedatha yokusebenza evela eziqukathi ezigijimayo, ihlinzeka ngamamethrikhi e-Prometheus khona kanye ngaphandle kwebhokisi. Into ekhethekile ngaleli thuluzi ukuthi linikeza kuphela idatha yemizuzwana engu-60 yokugcina. Ngakho-ke, udinga ukwazi ukuqoqa le datha futhi uyifake kusizindalwazi ukuze ukwazi ukuqapha inqubo yesikhathi eside. Ingase futhi isetshenziselwe ukubonisa amamethrikhi edeshibhodi kusetshenziswa i-Grafana noma i-Kibana. Ibhulogi yami inencazelo enemininingwane yokuthi isetshenziswa kanjani i-cAdvisor ukuqapha iziqukathi zisebenzisa ideshibhodi ye-Kibana.
Isilayidi esilandelayo sibonisa ukuthi i-Prometheus endpoint ibukeka kanjani kanye namamethrikhi atholakalayo ukuze aboniswe.
Phansi kwesokunxele ubona amamethrikhi ezicelo ze-HTTP, izimpendulo, njll., kwesokudla isibonisi sazo sesithombe.
I-Kubernetes ihlanganisa namathuluzi okuqapha akhelwe ngaphakathi. Lesi silayidi sibonisa iqoqo elivamile eliqukethe okuyinhloko okukodwa namanodi amathathu ezisebenzi.
I-node ngayinye esebenzayo iqukethe i-cAdvisor eyethulwe ngokuzenzakalelayo. Ngaphezu kwalokho, kukhona i-Heapster, isistimu yokuqapha ukusebenza kanye nokuqoqwa kwamamethrikhi ehambisana nenguqulo ye-Kubernetes 1.0.6 nangaphezulu. I-Heapster ikuvumela ukuthi uqoqe hhayi kuphela amamethrikhi okusebenza omthwalo wokusebenza, ama-pods neziqukathi, kodwa futhi nemicimbi nezinye izimpawu ezikhiqizwe yiqoqo lonke. Ukuze iqoqe idatha, ikhuluma ne-Kubelet ye-pod ngayinye, igcina ngokuzenzakalelayo ulwazi kusizindalwazi se-InfluxDB, futhi iyikhiphe njengamamethrikhi kudeshibhodi ye-Grafana. Kodwa-ke, khumbula ukuthi uma usebenzisa i-miniKube, lesi sici asitholakali ngokuzenzakalela, ngakho-ke kuzodingeka usebenzise ama-addon ukuze uqaphe. Ngakho-ke konke kuncike ekutheni uzisebenzisa kuphi iziqukathi nokuthi imaphi amathuluzi okuqapha ongawasebenzisa ngokuzenzakalela futhi okudingeka uwafake njengezengezo ezihlukene.
Isilayidi esilandelayo sibonisa amadeshibhodi e-Grafana abonisa ukusebenza kweziqukathi zami. Kunedatha eminingi ethokozisayo lapha. Vele, maningi amathuluzi okuqapha inqubo ye-Docker kanye ne-Kubernetes, njenge-SysDig, i-DataDog, i-NewRelic. Ezinye zazo zinesikhathi sesivivinyo samahhala seminyaka engu-30, ngakho-ke ungazama ukuthola esikufanele kakhulu. Ngokwami, ngithanda ukusebenzisa i-SysDig ne-NewRelic, ehlanganisa kahle ne-Kubernetes. Kunamathuluzi ahlanganisa kahle ngokulinganayo kuzo zombili izinkundla ze-Docker ne-Kubernetes.
Ezinye izikhangiso π
Siyabonga ngokuhlala nathi. Uyazithanda izindatshana zethu? Ufuna ukubona okuqukethwe okuthakaselayo okwengeziwe? Sisekele ngokufaka i-oda noma ngokuncoma kubangani, , i-analogue ehlukile yamaseva ezinga lokungena, esungulwe yithi ngenxa yakho: (itholakala nge-RAID1 kanye ne-RAID10, kufika kuma-cores angu-24 kuze kufike ku-40GB DDR4).
I-Dell R730xd 2x ishibhile esikhungweni sedatha se-Equinix Tier IV e-Amsterdam? Lapha kuphela eNetherlands! I-Dell R420 - 2x E5-2430 2.2Ghz 6C 128GB DDR3 2x960GB SSD 1Gbps 100TB - isuka ku-$99! Funda mayelana
Source: www.habr.com