I-Go njengamanje inokuzimela kwezilimi zohlelo abantu abakhetha ukubhala izitatimende ze-Kubernetes. Kunezizathu eziyinhloko zalokhu, njenge:
- Kunohlaka olunamandla lokuthuthukisa ama-opharetha ku-Go - .
- Izinhlelo zokusebenza ezishintsha umdlalo ezifana ne-Docker ne-Kubernetes zibhalwe ku-Go. Ukubhala u-opharetha wakho ku-Go kusho ukukhuluma ulimi olufanayo ne-ecosystem.
- Ukusebenza okuphezulu kwezinhlelo zokusebenza ze-Go namathuluzi alula okusebenza ngokubambisana ngaphandle kwebhokisi.
NB: Ngendlela, usibhala kanjani isitatimende sakho ku-Go, thina kwenye yezinguqulo zethu ngababhali bakwamanye amazwe.
Kodwa kuthiwani uma uvinjelwa ekufundeni Hamba ngokuntula isikhathi noma, ukubeka nje, ugqozi? Lesi sihloko sinikeza isibonelo sokuthi ungabhala kanjani isitatimende esihle usebenzisa olunye lwezilimi ezidume cishe wonke unjiniyela we-DevOps owaziyo - Python.
Hlangana: Umkopishi - kopisha opharetha!
Njengesibonelo, cabanga ukwenza isitatimende esilula esidizayinelwe ukukopisha i-ConfigMap noma ngabe kuvela indawo entsha yamagama noma lapho kushintsha okukodwa kwamabhizinisi amabili: ConfigMap kanye nemfihlo. Ngokombono ongokoqobo, u-opharetha angaba usizo ekubuyekezeni ngobuningi bokucushwa kohlelo lokusebenza (ngokubuyekeza i-ConfigMap) noma ekubuyekezeni idatha eyimfihlo - isibonelo, okhiye bokusebenza ne-Docker Registry (uma wengeza Imfihlo endaweni yamagama).
Ngakho-ke, lokho okusebenza kahle okufanele abe nakho:
- Ukuxhumana no-opharetha kwenziwa ngokusebenzisa (ngemuva kwalokhu kubizwa nge-CRD).
- Umsebenzisi angalungiselelwa. Ukuze senze lokhu, sizosebenzisa amafulegi omugqa womyalo kanye nokuguquguquka kwemvelo.
- Ukwakhiwa kwesiqukathi se-Docker neshadi le-Helm kuklanywe ngendlela yokuthi abasebenzisi bakwazi kalula (ngokoqobo ngomyalo owodwa) ukufaka opharetha kuqoqo labo le-Kubernetes.
I-CRD
Ukuze osebenzayo azi ukuthi yiziphi izinsiza okufanele azibheke nokuthi abheke kuphi, kudingeka simbekele umthetho. Umthetho ngamunye uzomelwa njengento eyodwa ye-CRD. Imiphi imikhakha okufanele le CRD ibe nayo?
- Uhlobo lwensiza, esizoyibheka (ConfigMap noma Secret).
- Uhlu lwezikhala zamagama, lapho izinsiza kufanele zibe khona.
- Isikhethi, esizosesha ngazo izinsiza endaweni yamagama.
Ake sichaze i-CRD:
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: copyrator.flant.com
spec:
group: flant.com
versions:
- name: v1
served: true
storage: true
scope: Namespaced
names:
plural: copyrators
singular: copyrator
kind: CopyratorRule
shortNames:
- copyr
validation:
openAPIV3Schema:
type: object
properties:
ruleType:
type: string
namespaces:
type: array
items:
type: string
selector:
type: string
Futhi sizoyidala ngokushesha umthetho olula β ukucinga endaweni enegama default yonke i-ConfigMap enamalebula afana copyrator: "true":
apiVersion: flant.com/v1
kind: CopyratorRule
metadata:
name: main-rule
labels:
module: copyrator
ruleType: configmap
selector:
copyrator: "true"
namespace: defaultIlungile! Manje sidinga ukuthola ulwazi ngandlela thize mayelana nomthetho wethu. Ake ngenze ukubhuka ngokushesha ukuthi ngeke sibhale izicelo kuseva ye-API yeqoqo ngokwethu. Ukuze senze lokhu, sizosebenzisa umtapo wezincwadi wePython owenziwe ngomumo :
import kubernetes
from contextlib import suppress
CRD_GROUP = 'flant.com'
CRD_VERSION = 'v1'
CRD_PLURAL = 'copyrators'
def load_crd(namespace, name):
client = kubernetes.client.ApiClient()
custom_api = kubernetes.client.CustomObjectsApi(client)
with suppress(kubernetes.client.api_client.ApiException):
crd = custom_api.get_namespaced_custom_object(
CRD_GROUP,
CRD_VERSION,
namespace,
CRD_PLURAL,
name,
)
return {x: crd[x] for x in ('ruleType', 'selector', 'namespace')}Njengomphumela wokusebenzisa le khodi, sithola okulandelayo:
{'ruleType': 'configmap', 'selector': {'copyrator': 'true'}, 'namespace': ['default']}Khulu: sikwazile ukuthola umthetho ku-opharetha. Futhi okubaluleke kakhulu, senze lokho okubizwa ngokuthi indlela ye-Kubernetes.
Okuguquguqukayo kwemvelo noma amafulegi? Sithatha konke!
Masiqhubekele ekucushweni komsebenzisi oyinhloko. Kunezindlela ezimbili eziyisisekelo zokumisa izinhlelo zokusebenza:
- sebenzisa izinketho zomugqa womyalo;
- sebenzisa okuguquguqukayo kwemvelo.
Izinketho zomugqa womyalo zikuvumela ukuthi ufunde izilungiselelo ngendlela evumelana nezimo, ngokusekelwa kohlobo lwedatha nokuqinisekisa. Umtapo wezincwadi ojwayelekile wePython unemojula argparser, esizoyisebenzisa. Imininingwane nezibonelo zamakhono ayo ayatholakala ku .
Esimweni sethu, yilesi isibonelo sokusetha amafulegi omugqa womyalo ongabukeka kanje:
parser = ArgumentParser(
description='Copyrator - copy operator.',
prog='copyrator'
)
parser.add_argument(
'--namespace',
type=str,
default=getenv('NAMESPACE', 'default'),
help='Operator Namespace'
)
parser.add_argument(
'--rule-name',
type=str,
default=getenv('RULE_NAME', 'main-rule'),
help='CRD Name'
)
args = parser.parse_args()Ngakolunye uhlangothi, usebenzisa okuguquguqukayo kwemvelo ku-Kubernetes, ungakwazi ukudlulisa kalula ulwazi lwesevisi mayelana ne-pod ngaphakathi kwesitsha. Isibonelo, singathola ulwazi mayelana nendawo yamagama lapho i-pod esebenza khona ngokwakhiwa okulandelayo:
env:
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace I-logic ye-opharetha
Ukuze uqonde ukuthi uzihlukanisa kanjani izindlela zokusebenza ne-ConfigMap ne-Secret, sizosebenzisa amamephu akhethekile. Khona-ke singaqonda ukuthi yiziphi izindlela esizidingayo zokulandelela nokudala into:
LIST_TYPES_MAP = {
'configmap': 'list_namespaced_config_map',
'secret': 'list_namespaced_secret',
}
CREATE_TYPES_MAP = {
'configmap': 'create_namespaced_config_map',
'secret': 'create_namespaced_secret',
}Okulandelayo, udinga ukuthola imicimbi evela kuseva ye-API. Masiyisebenzise kanje:
def handle(specs):
kubernetes.config.load_incluster_config()
v1 = kubernetes.client.CoreV1Api()
# ΠΠΎΠ»ΡΡΠ°Π΅ΠΌ ΠΌΠ΅ΡΠΎΠ΄ Π΄Π»Ρ ΡΠ»Π΅ΠΆΠ΅Π½ΠΈΡ Π·Π° ΠΎΠ±ΡΠ΅ΠΊΡΠ°ΠΌΠΈ
method = getattr(v1, LIST_TYPES_MAP[specs['ruleType']])
func = partial(method, specs['namespace'])
w = kubernetes.watch.Watch()
for event in w.stream(func, _request_timeout=60):
handle_event(v1, specs, event)Ngemva kokuthola umcimbi, sidlulela kumqondo oyinhloko wokuwucubungula:
# Π’ΠΈΠΏΡ ΡΠΎΠ±ΡΡΠΈΠΉ, Π½Π° ΠΊΠΎΡΠΎΡΡΠ΅ Π±ΡΠ΄Π΅ΠΌ ΡΠ΅Π°Π³ΠΈΡΠΎΠ²Π°ΡΡ
ALLOWED_EVENT_TYPES = {'ADDED', 'UPDATED'}
def handle_event(v1, specs, event):
if event['type'] not in ALLOWED_EVENT_TYPES:
return
object_ = event['object']
labels = object_['metadata'].get('labels', {})
# ΠΡΠ΅ΠΌ ΡΠΎΠ²ΠΏΠ°Π΄Π΅Π½ΠΈΡ ΠΏΠΎ selector'Ρ
for key, value in specs['selector'].items():
if labels.get(key) != value:
return
# ΠΠΎΠ»ΡΡΠ°Π΅ΠΌ Π°ΠΊΡΠΈΠ²Π½ΡΠ΅ namespace'Ρ
namespaces = map(
lambda x: x.metadata.name,
filter(
lambda x: x.status.phase == 'Active',
v1.list_namespace().items
)
)
for namespace in namespaces:
# ΠΡΠΈΡΠ°Π΅ΠΌ ΠΌΠ΅ΡΠ°Π΄Π°Π½Π½ΡΠ΅, ΡΡΡΠ°Π½Π°Π²Π»ΠΈΠ²Π°Π΅ΠΌ namespace
object_['metadata'] = {
'labels': object_['metadata']['labels'],
'namespace': namespace,
'name': object_['metadata']['name'],
}
# ΠΡΠ·ΡΠ²Π°Π΅ΠΌ ΠΌΠ΅ΡΠΎΠ΄ ΡΠΎΠ·Π΄Π°Π½ΠΈΡ/ΠΎΠ±Π½ΠΎΠ²Π»Π΅Π½ΠΈΡ ΠΎΠ±ΡΠ΅ΠΊΡΠ°
methodcaller(
CREATE_TYPES_MAP[specs['ruleType']],
namespace,
object_
)(v1)
I-logic eyinhloko isilungile! Manje sidinga ukupakisha konke lokhu kuphakheji eyodwa yePython. Silungisa ifayela setup.py, bhala imininingwane ye-meta mayelana nephrojekthi lapho:
from sys import version_info
from setuptools import find_packages, setup
if version_info[:2] < (3, 5):
raise RuntimeError(
'Unsupported python version %s.' % '.'.join(version_info)
)
_NAME = 'copyrator'
setup(
name=_NAME,
version='0.0.1',
packages=find_packages(),
classifiers=[
'Development Status :: 3 - Alpha',
'Programming Language :: Python',
'Programming Language :: Python :: 3',
'Programming Language :: Python :: 3.5',
'Programming Language :: Python :: 3.6',
'Programming Language :: Python :: 3.7',
],
author='Flant',
author_email='[email protected]',
include_package_data=True,
install_requires=[
'kubernetes==9.0.0',
],
entry_points={
'console_scripts': [
'{0} = {0}.cli:main'.format(_NAME),
]
}
)NB: Iklayenti le-kubernetes lePython linenguqulo yalo. Ulwazi olwengeziwe mayelana nokuhambisana phakathi kwezinguqulo zeklayenti nezinguqulo ze-Kubernetes zingatholakala ku .
Manje iphrojekthi yethu ibukeka kanje:
copyrator
βββ copyrator
β βββ cli.py # ΠΠΎΠ³ΠΈΠΊΠ° ΡΠ°Π±ΠΎΡΡ Ρ ΠΊΠΎΠΌΠ°Π½Π΄Π½ΠΎΠΉ ΡΡΡΠΎΠΊΠΎΠΉ
β βββ constant.py # ΠΠΎΠ½ΡΡΠ°Π½ΡΡ, ΠΊΠΎΡΠΎΡΡΠ΅ ΠΌΡ ΠΏΡΠΈΠ²ΠΎΠ΄ΠΈΠ»ΠΈ Π²ΡΡΠ΅
β βββ load_crd.py # ΠΠΎΠ³ΠΈΠΊΠ° Π·Π°Π³ΡΡΠ·ΠΊΠΈ CRD
β βββ operator.py # ΠΡΠ½ΠΎΠ²Π½Π°Ρ Π»ΠΎΠ³ΠΈΠΊΠ° ΡΠ°Π±ΠΎΡΡ ΠΎΠΏΠ΅ΡΠ°ΡΠΎΡΠ°
βββ setup.py # ΠΡΠΎΡΠΌΠ»Π΅Π½ΠΈΠ΅ ΠΏΠ°ΠΊΠ΅ΡΠ°I-Docker ne-Helm
I-Dockerfile izoba lula ngendlela emangalisayo: thatha isithombe esiyisisekelo se-python-alpine bese ufaka iphakheji yethu. Masihlehlise ukulungiselelwa kwakho kuze kube yizikhathi ezingcono:
FROM python:3.7.3-alpine3.9
ADD . /app
RUN pip3 install /app
ENTRYPOINT ["copyrator"]Ukuthunyelwa komsebenzisi nakho kulula kakhulu:
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Chart.Name }}
spec:
selector:
matchLabels:
name: {{ .Chart.Name }}
template:
metadata:
labels:
name: {{ .Chart.Name }}
spec:
containers:
- name: {{ .Chart.Name }}
image: privaterepo.yourcompany.com/copyrator:latest
imagePullPolicy: Always
args: ["--rule-type", "main-rule"]
env:
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
serviceAccountName: {{ .Chart.Name }}-accOkokugcina, udinga ukudala indima efanele yomsebenzisi onamalungelo adingekayo:
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ .Chart.Name }}-acc
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
name: {{ .Chart.Name }}
rules:
- apiGroups: [""]
resources: ["namespaces"]
verbs: ["get", "watch", "list"]
- apiGroups: [""]
resources: ["secrets", "configmaps"]
verbs: ["*"]
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: {{ .Chart.Name }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ .Chart.Name }}
subjects:
- kind: ServiceAccount
name: {{ .Chart.Name }}Umphumela
Kungaleyo ndlela, ngaphandle kokwesaba, isihlamba, noma ukufunda i-Go, sakwazi ukwakha eyethu i-opharetha ye-Kubernetes ku-Python. Yiqiniso, isenayo indawo yokukhula: esikhathini esizayo izokwazi ukucubungula imithetho eminingi, isebenze emicu eminingi, iqaphe ngokuzimela izinguquko kuma-CRD ayo...
Ukuze sikubhekisise kahle ikhodi, siyifakile . Uma ufuna izibonelo zama-opharetha abucayi kakhulu asetshenziswe kusetshenziswa i-Python, ungabhekisa ukunaka kwakho kuma-opharetha amabili wokuthumela i-mongodb ( ΠΈ ).
PS Futhi uma uvilapha kakhulu ukubhekana nemicimbi ye-Kubernetes noma umane ujwayele ukusebenzisa i-Bash, ozakwethu balungiselele isisombululo esenziwe ngomumo ngefomu. (Thina ngo-April).
I-PPS
Funda futhi kubhulogi yethu:
- Β«";
- Β«";
- Β«";
- Β«";
- Β«".
Source: www.habr.com