Ngisanda kubhala , lapho asho khona kafushane ukuthi ungenza isistimu yakho yokumisa ukuze isevisi isebenze kahle ku-Kuber, ikhiphe izimfihlo, futhi isebenze ngokufanelekile endaweni, ngisho nangaphandle kwe-Docker ngokuphelele. Akukho lutho oluyinkimbinkimbi, kodwa "iresiphi" echazwe ingase ibe usizo kothile :) Ikhodi ikuPython, kodwa ingqondo ayiboshiwe olimini.
Isizinda sombuzo yilo: ngesinye isikhathi kwakukhona iphrojekthi eyodwa, ekuqaleni yayiyi-monolith encane enezinsiza kanye nemibhalo, kodwa ngokuhamba kwesikhathi yakhula, yahlukaniswa yaba izinsizakalo, okwaqala ukuhlukaniswa ngama-microservices, futhi yase ikhushulwa. Ekuqaleni, konke lokhu kwenziwa ku-VPS engenalutho, izinqubo zokusetha nokukhipha amakhodi okwakuzenzekela kuwo kusetshenziswa i-Ansible, futhi isevisi ngayinye yahlanganiswa ne-YAML config enezilungiselelo nezikhiye ezidingekayo, futhi ifayela elifanayo lokumisa lasetshenziselwa. ukuqaliswa kwasendaweni, obekulula kakhulu, ngoba .k lokhu kulungiselelwa kulayishwa entweni yomhlaba wonke, efinyeleleka noma yikuphi kuphrojekthi.
Kodwa-ke, ukukhula kwenani lama-microservices, ukuxhumana kwawo, kanye , kwakufanekisela ukuthuthela e-Kuber, okusaqhubeka. Kanye nosizo ekuxazululeni izinkinga ezishiwo, i-Kubernetes inikeza izindlela zayo zokuphatha ingqalasizinda, okuhlanganisa ΠΈ . Umshini usezingeni futhi uthembekile, ngakho kuyisono ukungayisebenzisi! Kodwa ngesikhathi esifanayo, ngingathanda ukugcina ifomethi yami yamanje yokusebenza ne-config: okokuqala, ukuyisebenzisa ngokufanayo kuma-microservices ahlukene wephrojekthi, futhi okwesibili, ukukwazi ukusebenzisa ikhodi emshinini wendawo usebenzisa eyodwa elula. config file.
Mayelana nalokhu, indlela yokwakha into yokumisa ishintshiwe ukuze ikwazi ukusebenza kokubili ngefayela lethu lokucushwa lakudala kanye nezimfihlo ezivela ku-Kuber. Kuphinde kwacaciswa isakhiwo sokumisa esiqinile, ngolimi lwePython yesithathu, kanje:
Dict[str, Dict[str, Union[str, int, float]]]
Okusho ukuthi, i-cogfig yokugcina iyisichazamazwi esinezigaba eziqanjwe igama, ngayinye eyisichazamazwi esinamanani avela ezinhlotsheni ezilula. Futhi izigaba zichaza ukucushwa nokufinyelela kuzinsiza zohlobo oluthile. Isibonelo socezu lokucushwa kwethu:
adminka:
django_secret: "ExtraLongAndHardCode"
db_main:
engine: mysql
host: 256.128.64.32
user: cool_user
password: "SuperHardPassword"
redis:
host: 256.128.64.32
pw: "SuperHardPassword"
port: 26379
smtp:
server: smtp.gmail.com
port: 465
email: [email protected]
pw: "SuperHardPassword"Ngesikhathi esifanayo, insimu engine imininingwane yolwazi ingafakwa ku-SQLite, kanye redis setha ku mock, ecacisa negama lefayela okufanele ligcinwe - le mingcele ibonwa kahle futhi icutshungulwe, okwenza kube lula ukusebenzisa ikhodi endaweni yokulungisa iphutha, ukuhlolwa kweyunithi kanye nanoma yiziphi ezinye izidingo. Lokhu kubaluleke kakhulu kithi ngoba kunezinye izidingo eziningi - ingxenye yekhodi yethu ihloselwe izibalo ezihlukahlukene zokuhlaziya, ayisebenzi kuphela kumaseva ane-orchestration, kodwa futhi nemibhalo ehlukahlukene, kanye namakhompyutha abahlaziyi okudingeka basebenze. futhi ulungise amaphayiphi okucubungula idatha ayinkimbinkimbi ngaphandle kokukhathazeka ngezinkinga zasemuva. Kodwa-ke, ngeke kube buhlungu ukwabelana ngokuthi amathuluzi ethu amakhulu, okuhlanganisa nekhodi yokuhlela, afakwe nge setup.py β ngokuhlangene lokhu kuhlanganisa ikhodi yethu ibe i-ecosystem eyodwa, engaxhomeki endaweni kanye nendlela yokuyisebenzisa.
Incazelo ye-Kubernetes pod ibukeka kanje:
containers:
- name : enter-api
image: enter-api:latest
ports:
- containerPort: 80
volumeMounts:
- name: db-main-secret-volume
mountPath: /etc/secrets/db-main
volumes:
- name: db-main-secret-volume
secret:
secretName: db-main-secretOkungukuthi, imfihlo ngayinye ichaza ingxenye eyodwa. Izimfihlo ngokwazo zidalwe kanje:
apiVersion: v1
kind: Secret
metadata:
name: db-main-secret
type: Opaque
stringData:
db_main.yaml: |
engine: sqlite
filename: main.sqlite3Konke lokhu kuphumela ekudalweni kwamafayela e-YAML endleleni /etc/secrets/db-main/section_name.yaml
Futhi ekuqalisweni kwendawo, ukulungiselelwa kusetshenziswa, okutholakala kumkhombandlela wempande wephrojekthi noma endleleni eshiwo ekuguquguqukeni kwemvelo. Ikhodi enesibopho salezi zinzuzo ingabonakala ku-spoiler.
config.py
__author__ = 'AivanF'
__copyright__ = 'Copyright 2020, AivanF'
import os
import yaml
__all__ = ['config']
PROJECT_DIR = os.path.abspath(__file__ + 3 * '/..')
SECRETS_DIR = '/etc/secrets'
KEY_LOG = '_config_log'
KEY_DBG = 'debug'
def is_yes(value):
if isinstance(value, str):
value = value.lower()
if value in ('1', 'on', 'yes', 'true'):
return True
else:
if value in (1, True):
return True
return False
def update_config_part(config, key, data):
if key not in config:
config[key] = data
else:
config[key].update(data)
def parse_big_config(config, filename):
'''
Parse YAML config with multiple section
'''
if not os.path.isfile(filename):
return False
with open(filename) as f:
config_new = yaml.safe_load(f.read())
for key, data in config_new.items():
update_config_part(config, key, data)
config[KEY_LOG].append(filename)
return True
def parse_tiny_config(config, key, filename):
'''
Parse YAML config with a single section
'''
with open(filename) as f:
config_tiny = yaml.safe_load(f.read())
update_config_part(config, key, config_tiny)
config[KEY_LOG].append(filename)
def combine_config():
config = {
# To debug config load code
KEY_LOG: [],
# To debug other code
KEY_DBG: is_yes(os.environ.get('DEBUG')),
}
# For simple local runs
CONFIG_SIMPLE = os.path.join(PROJECT_DIR, 'config.yaml')
parse_big_config(config, CONFIG_SIMPLE)
# For container's tests
CONFIG_ENVVAR = os.environ.get('CONFIG')
if CONFIG_ENVVAR is not None:
if not parse_big_config(config, CONFIG_ENVVAR):
raise ValueError(
f'No config file from EnvVar:n'
f'{CONFIG_ENVVAR}'
)
# For K8s secrets
for path, dirs, files in os.walk(SECRETS_DIR):
depth = path[len(SECRETS_DIR):].count(os.sep)
if depth > 1:
continue
for file in files:
if file.endswith('.yaml'):
filename = os.path.join(path, file)
key = file.rsplit('.', 1)[0]
parse_tiny_config(config, key, filename)
return config
def build_config():
config = combine_config()
# Preprocess
for key, data in config.items():
if key.startswith('db_'):
if data['engine'] == 'sqlite':
data['filename'] = os.path.join(PROJECT_DIR, data['filename'])
# To verify correctness
if config[KEY_DBG]:
print(f'** Loaded config:n{yaml.dump(config)}')
else:
print(f'** Loaded config from: {config[KEY_LOG]}')
return config
config = build_config()I-logic lapha ilula kakhulu: sihlanganisa ukucushwa okukhulu okuvela kusiqondisi sephrojekthi kanye nezindlela ngokuhlukahluka kwemvelo, nezigaba ezincane zokumisa ezivela ezimfihlo ze-Kuber, bese sizicubungula kancane. Kanye nokunye okuguquguqukayo. Ngiyaqaphela ukuthi lapho ukucinga amafayela avela ezimfihlo, kusetshenziswa umkhawulo wokujula, ngoba i-K8 idala ifolda efihliwe emfihlakalweni ngayinye lapho izimfihlo ngokwazo zigcinwa khona, futhi isixhumanisi nje sitholakala ezingeni eliphakeme.
Ngithemba ukuthi okuchazwe kuyoba usizo kumuntu :) Noma yikuphi ukuphawula nezincomo mayelana nokuphepha noma ezinye izindawo zokuthuthukiswa zamukelwa. Umbono womphakathi nawo uyathakazelisa, mhlawumbe kufanelekile ukungeza ukwesekwa kwe-ConfigMaps (iphrojekthi yethu ayikawasebenzisi okwamanje) nokushicilela ikhodi ku-GitHub / PyPI? Ngokwami, ngicabanga ukuthi izinto ezinjalo zihlukile kakhulu ukuthi amaphrojekthi angenziwa endaweni yonke, futhi ngibheke kancane ukuqaliswa kwabanye abantu, njengaleyo enikezwe lapha, kanye nengxoxo yama-nuances, amathiphu kanye nemikhuba engcono kakhulu, engithemba ukuyibona kumazwana. , sekwanele π
Abasebenzisi ababhalisiwe kuphela abangabamba iqhaza kuhlolovo. , wamukelekile.
Ingabe kufanele ngishicilele njengephrojekthi/umtapo wolwazi?
-
0,0%Yebo, ngingasebenzisa /contribution0
-
33,3%Yebo, lokho kuzwakala kukuhle4
-
41,7%Cha, ngubani odinga ukuzenzela ngefomethi yakhe futhi ukuze ivumelane nezidingo zabo5
-
25,0%Ngizogodla ukuphendula3
Bangu-12 abasebenzisi abavotile. Abasebenzisi abangu-3 bayenqaba.
Source: www.habr.com