Sawubona, igama lami nginguDmitry Krasnov. Sekuyiminyaka engaphezu kwemihlanu ngiqondisa amaqoqo e-Kubernetes futhi ngakha izakhiwo eziyinkimbinkimbi ze-microservice. Ekuqaleni kwalo nyaka, sethule isevisi yokuphatha amaqoqo e-Kubernetes asekelwe ku-Containerum. Ngithatha leli thuba, ngizokutshela ukuthi yini i-Kubernetes nokuthi ukuhlanganiswa nomthengisi kuhluke kanjani emthonjeni ovulekile.
Okokuqala, kuyini . Lolu uhlelo lokuphatha iziqukathi enanini elikhulu labasingathi. NgokwesiGreki, lihunyushwa ngokuthi “pilot” noma “helmsman.” Ithuthukiswe i-Google ekuqaleni yase inikelwa njengomnikelo wobuchwepheshe ku-Cloud Native Computing Foundation, inhlangano yamazwe ngamazwe engenzi nzuzo ehlanganisa ndawonye onjiniyela abahamba phambili emhlabeni, abasebenzisi bokugcina nabahlinzeki bobuchwepheshe beziqukathi.
Phatha inani elikhulu leziqukathi
Manje ake sithole ukuthi hlobo luni lweziqukathi lezi. Lolu uhlelo lokusebenza olunayo yonke indawo yalo - ikakhulukazi imitapo yolwazi uhlelo oluncike kuyo. Konke lokhu kupakishwa ezinqolobaneni futhi kwethulwa ngendlela yesithombe esingasebenza kungakhathaliseki ukuthi isistimu yokusebenza, ihloliwe nokuningi. Kodwa kunenkinga - ukuphatha iziqukathi enanini elikhulu labasingathi kunzima kakhulu. Yingakho i-Kubernetes yadalwa.
Isithombe sesiqukathi simele uhlelo lokusebenza kanye nokuncika kwalo. Uhlelo lokusebenza, ukuncika kwalo, kanye nesithombe sesistimu yefayela le-OS kutholakala ezingxenyeni ezihlukene zesithombe, okuthiwa izendlalelo. Izendlalelo zingasetshenziswa kabusha ezitsheni ezahlukene. Isibonelo, zonke izinhlelo zokusebenza enkampanini zingasebenzisa isendlalelo sesisekelo se-Ubuntu. Lapho usebenzisa iziqukathi, asikho isidingo sokugcina amakhophi amaningi wesendlalelo esisodwa sesisekelo kumsingathi. Lokhu kukuvumela ukuthi uthuthukise ukugcinwa kwesithombe nokulethwa.
Uma sifuna ukusebenzisa uhlelo lokusebenza esitsheni, izendlalelo ezidingekayo zibekwe phezulu komunye nomunye bese kwakhiwa uhlelo lwefayela lokumbondela. Isendlalelo sokurekhoda sibekwe phezulu, esikhishwa lapho isiqukathi sima. Lokhu kuqinisekisa ukuthi uma isiqukathi sisebenza, uhlelo lokusebenza luzohlala lunendawo efanayo, engakwazi ukushintshwa. Lokhu kuqinisekisa ukukhiqizwa kabusha kwemvelo kuma-OS abamba ahlukahlukene. Noma ngabe Ubuntu noma i-CentOS, imvelo iyohlala ifana. Ngaphezu kwalokho, isiqukathi sihlukanisiwe kumsingathi kusetshenziswa izindlela ezakhelwe ku-Linux kernel. Izinhlelo zokusebenza esitsheni aziboni amafayela, izinqubo zomsingathi neziqukathi ezingomakhelwane. Lokhu kuhlukaniswa kwezinhlelo zokusebenza ku-OS yokusingatha kunikeza isendlalelo esengeziwe sokuphepha.
Kunamathuluzi amaningi atholakalayo okuphatha iziqukathi kumsingathi. Okudume kakhulu kubo yi-Docker. Ikuvumela ukuthi unikeze umjikelezo wempilo ogcwele weziqukathi. Nokho, isebenza kuphela kumsingathi oyedwa. Uma udinga ukuphatha iziqukathi kubabungazi abaningi, i-Docker ingenza isihogo sempilo konjiniyela. Yingakho i-Kubernetes yadalwa.
Isidingo se-Kubernetes sibangelwa ngokuqondile ikhono lokuphatha amaqembu eziqukathi kubasingathi abaningi njengohlobo oluthile lwebhizinisi elilodwa. Ukuduma kwesistimu kunikeza ithuba lokwakha i-DevOps noma i-Development Operations, lapho i-Kubernetes isetshenziselwa ukuqhuba izinqubo zale DevOps.
Umfanekiso 1. Ukumelwa okuhleliwe kokuthi i-Kubernetes isebenza kanjani
Okuzenzakalelayo okugcwele
I-DevOps iwukuzenzakalela kwenqubo yokuthuthukisa. Ukukhuluma nje, onjiniyela babhala ikhodi elayishwa endaweni yokugcina. Khona-ke le khodi ingaqoqwa ngokuzenzekelayo ngokushesha esitsheni esinawo wonke amalabhulali, ihlolwe futhi “ikhishwe” iye esigabeni esilandelayo - Isiteji, bese ngokushesha iye Ekukhiqizweni.
Kanye ne-Kubernetes, i-DevOps ikuvumela ukuthi wenze le nqubo ngokuzenzakalelayo ukuze yenzeke ngaphandle kokubamba iqhaza konjiniyela ngokwabo. Ngenxa yalokhu, ukwakhiwa kuyashesha kakhulu, njengoba umthuthukisi akudingeki enze lokhu kukhompyutha yakhe - umane abhale ucezu lwekhodi, aphushele ikhodi endaweni yokugcina, emva kwalokho kwethulwe ipayipi, okungabandakanya inqubo. wokwakha, ukuhlolwa, kanye nokukhishwa. Futhi lokhu kwenzeka ngakho konke ukuzibophezela, ngakho ukuhlolwa kwenzeka ngokuqhubekayo.
Ngesikhathi esifanayo, ukusebenzisa isitsha kukuvumela ukuthi uqiniseke ukuthi yonke indawo yalolu hlelo izokhishwa ekukhiqizeni ngendlela ehlolwe ngayo. Okusho ukuthi, ngeke kube nezinkinga njengokuthi "kwakunezinguqulo ezithile esivivinyweni, ezinye zikhiqizwa, kodwa lapho sizifaka, yonke into yawa." Futhi njengoba namuhla sinomkhuba wokwakhiwa kwe-microservice, lapho esikhundleni sohlelo lokusebenza olulodwa olukhulu kunamakhulu amancane, ukuze uphathwe ngesandla, kuzodingeka inqwaba yabasebenzi. Yingakho sisebenzisa i-Kubernetes.
Okuhle, okuhle, okuhle
Uma sikhuluma ngezinzuzo ze-Kubernetes njengeplatifomu, khona-ke kunezinzuzo ezibalulekile ngokombono wokuphatha i-microservice architecture.
- Ukuphatha ama-replicas amaningi. Into ebaluleke kakhulu ukuphatha iziqukathi kubabungazi abaningi. Okubaluleke nakakhulu, phatha izifaniso eziningi zohlelo lokusebenza ezitsheni njengebhizinisi elilodwa. Ngenxa yalokhu, onjiniyela akudingeki bakhathazeke ngesiqukathi ngasinye. Uma esinye seziqukathi siphahlazeka, u-Kubernetes uzobona lokhu bese eqala kabusha futhi.
- Inethiwekhi yeqoqo. I-Kubernetes iphinde ibe nenethiwekhi ebizwa nge-cluster enendawo yayo yamakheli. Ngenxa yalokhu, i-pod ngayinye inekheli layo. I-subpod iqondwa njengeyunithi encane yesakhiwo yeqoqo lapho iziqukathi zethulwa khona ngokuqondile. Ngaphezu kwalokho, i-Kubernetes inomsebenzi ohlanganisa isilinganisi somthwalo kanye ne-Service Discovery. Lokhu kukuvumela ukuthi ukhiphe ukuphathwa kwekheli le-IP okwenziwa ngesandla futhi udlulisele lo msebenzi ku-Kubernetes. Futhi ukuhlola okuzenzakalelayo kwezempilo kuzosiza ukuthola izinkinga futhi kuqondise kabusha ithrafikhi kuma-pods asebenzayo.
- Ukuphathwa kokucushwa. Lapho uphatha inani elikhulu lezinhlelo zokusebenza, kuba nzima ukuphatha ukucushwa kohlelo lokusebenza. Ngale njongo, i-Kubernetes inezinsiza ezikhethekile ze-ConfigMap. Zikuvumela ukuthi ugcine izilungiselelo futhi uziveze kuma-pods lapho usebenzisa izinhlelo zokusebenza. Lo mshini usivumela ukuthi siqinisekise ukuvumelana kokucushwa okungenani kwezithombe ezifanekisela izicelo eziyishumi noma eziyikhulu.
- Imiqulu Ephikelelayo. Iziqukathi azishintsheki ngokwemvelo futhi lapho isiqukathi simiswa, yonke idatha ebhalwe ohlelweni lwefayela izobhujiswa. Kodwa ezinye izinhlelo zokusebenza zigcina idatha ngokuqondile kudiski. Ukuxazulula le nkinga, i-Kubernetes inomsebenzi wokuphatha i-disk storage - Persistent Volumes. Le ndlela isebenzisa isitoreji sangaphandle sedatha futhi ingadlulisela isitoreji esiqhubekayo, ibhulokhi noma ifayela, ezitsheni. Lesi sixazululo sikuvumela ukuthi ugcine idatha ngokuhlukile kubasebenzi, okubalondolozayo uma bona laba basebenzi bephuka.
- Layisha Isilinganisi. Noma ku-Kubernetes siphatha amabhizinisi abstract afana ne-Deployment, StatefulSet, njll., ekugcineni iziqukathi zisebenza ngemishini ejwayelekile noma amaseva wehadiwe. Abaphelele futhi bangawa noma nini. U-Kubernetes uzobona lokhu futhi aqondise kabusha ithrafikhi yangaphakathi kwezinye izifaniso. Kodwa kuthiwani ngethrafikhi evela ngaphandle? Uma uvele uqondise ithrafikhi kwenye yezisebenzi, uma iphahlazeka, isevisi ngeke itholakale. Ukuxazulula le nkinga, i-Kubernetes inezinsizakalo ezifana ne-Layisha Balancer. Zenzelwe ukumisa ngokuzenzakalela isilinganisi samafu sangaphandle sabo bonke abasebenzi kuqoqo. Lesi silinganisi sangaphandle siqondisa ithrafikhi yangaphandle kubasebenzi futhi siqaphe isimo sabo uqobo. Uma isisebenzi esisodwa noma ngaphezulu bengatholakali, ithrafikhi iqondiswa kabusha kwabanye. Lokhu kukuvumela ukuthi udale izinsiza ezitholakala kakhulu usebenzisa i-Kubernetes.
I-Kubernetes isebenza kahle kakhulu lapho isebenzisa izakhiwo ze-microservice. Kungenzeka ukusebenzisa uhlelo ku-architecture ye-classical, kodwa akusizi ngalutho. Uma uhlelo lokusebenza lungakwazi ukusebenza kuma-replicas amaningi, khona-ke imuphi umehluko eliwenzayo - ku-Kubernetes noma cha?
Umthombo ovulekile Kubernetes
Umthombo ovulekile i-Kubernetes iyinto enhle: Ngiyifakile futhi iyasebenza. Ungakwazi ukukusebenzisa kumaseva akho ezingxenyekazi zekhompuyutha, kwingqalasizinda yakho, ufake izinduna kanye nabasebenzi lapho kuzosebenza khona zonke izinhlelo zokusebenza. Futhi okubaluleke kakhulu, konke lokhu kumahhala. Nokho, kukhona ama-nuances.
- Esokuqala isidingo solwazi nolwazi lwabaphathi nonjiniyela abazokhipha futhi basekele konke lokhu. Njengoba iklayenti lithola inkululeko ephelele yokwenza ku-cluster, linesibopho sokusebenza kweqoqo ngokwalo. Futhi kulula kakhulu ukuphula yonke into lapha.
- Okwesibili ukuntuleka kokuhlanganiswa. Uma usebenzisa i-Kubernetes ngaphandle kwenkundla ye-virtualization edumile, ngeke uthole zonke izinzuzo zohlelo. Njengokusebenzisa Amavolumu Aqhubekayo kanye nezinsizakalo zokulinganisa kwe-Layisha.
Umfanekiso 2. k8s izakhiwo
U-Kubernetes ovela kumthengisi
Ukuhlanganiswa nomhlinzeki wamafu kunikeza izinketho ezimbili:
- Okokuqala, umuntu angavele achofoze inkinobho ethi "dala iqoqo" futhi athole iqoqo eselivele lilungisiwe futhi selilungele ukusetshenziswa.
- Okwesibili, umthengisi ngokwakhe ufaka iqoqo futhi usethe ukuhlanganiswa nefu.
Kwenzeka kanjani lapha. Unjiniyela oqala iqoqo ucacisa ukuthi bangaki abasebenzi abazidingayo nokuthi yiziphi imingcele (isibonelo, abasebenzi aba-5, ngayinye inama-CPU ayi-10, i-16 GB ye-RAM futhi, ithi, i-100 GB yediski). Ngemva kwalokho ithola ukufinyelela kuqoqo eselivele lakhiwe. Kulesi simo, izisebenzi lapho umthwalo wethulwa khona zidluliselwa ngokuphelele kuklayenti, kodwa yonke indiza yokuphatha ihlala ngaphansi kwesibopho somthengisi (uma isevisi inikezwa ngokusho kwemodeli yesevisi ephethwe).
Nokho, lolu hlelo lunezinkinga zalo. Ngenxa yokuthi indiza yokuphatha ihlala nomthengisi, umthengisi akanikezi ukufinyelela okugcwele kuklayenti, futhi lokhu kunciphisa ukuguquguquka ekusebenzeni ne-Kubernetes. Ngezinye izikhathi kwenzeka ukuthi iklayenti lifuna ukwengeza ukusebenza okuthile ku-Kubernetes, isibonelo, ukufakazela ubuqiniso nge-LDAP, kodwa ukulungiswa kwendiza yokuphatha akukuvumeli lokhu.
Umfanekiso 3. Isibonelo seqoqo le-Kubernetes elivela kumhlinzeki wamafu
Ongakukhetha: umthombo ovulekile noma umdayisi
Ngakho-ke, ingabe i-Kubernetes ingumthombo ovulekile noma umthengisi uqondile? Uma sithatha umthombo ovulekile u-Kubernetes, umsebenzisi wenza lokho akufunayo ngawo. Kodwa maningi amathuba okuthi uzidubule onyaweni. Ngomthengisi kunzima kakhulu, ngoba konke kucatshangelwa futhi kulungiselelwe inkampani. Ububi obukhulu bomthombo ovulekile i-Kubernetes yimfuneko yochwepheshe. Ngenketho yomthengisi, inkampani ikhululiwe kuleli khanda, kodwa kuzodingeka inqume ukuthi izokhokhela ochwepheshe bayo noma umdayisi.
Hhayi-ke, izinzuzo ziyabonakala, nobubi buyaziwa. Into eyodwa ihlala njalo: I-Kubernetes ixazulula izinkinga eziningi ngokwenza ngokuzenzakalelayo ukuphathwa kweziqukathi eziningi. Futhi yimuphi ongakhetha, umthombo ovulekile noma umthengisi - wonke umuntu uzenzela esakhe isinqumo.
Isihloko silungiswe nguDmitry Krasnov, umakhi oholayo wenkonzo yeContainerum yomhlinzeki we-#CloudMTS.
Source: www.habr.com