Inkinga ngezicelo ezisemthethweni ku-Kubernetes
Ukucushwa, ukwethulwa kanye nokukalwa okwengeziwe kwezinhlelo zokusebenza namasevisi kulula uma kuziwa emacaleni athathwa njengangenasimo, i.e. ngaphandle kokulondoloza idatha. Kulula ukusebenzisa izinsizakalo ezinjalo ku-Kubernetes, usebenzisa ama-API ajwayelekile, ngoba konke kwenzeka "ngaphandle kwebhokisi": ngokuya ngokulungiselelwa okujwayelekile, ngaphandle kokubandakanya noma yikuphi okucacisiwe noma umlingo.
Kalula nje, ukwethula amanye amakhophi amahlanu we-backend ku-PHP/Ruby/Python kuqoqo leziqukathi, udinga kuphela ukusetha iseva entsha izikhathi ezi-5 futhi ukopishe imithombo. Njengoba kokubili ikhodi yomthombo nesikripthi se-init kusesithombeni, ukukala uhlelo lokusebenza olungenasimo kuba yinto eyisisekelo ngokuphelele. Njengoba abalandeli beziqukathi kanye ne-microservice architecture bazi kahle, ubunzima buqala izinhlelo zokusebenza ezisezingeni eliphezulu, i.e. ngokuphikelela kwedatha efana nedathabheyisi nezinqolobane (MySQL, PostgreSQL, Redis, ElasticSearch, Cassandra...). Lokhu kusebenza kukho kokubili isofthiwe esebenzisa ngokuzimela iqoqo lekhoramu (isibonelo, i-Percona XtraDB ne-Cassandra), nesofthiwe edinga izinsiza zokuphatha ezihlukene (ezifana ne-Redis, MySQL, PostgreSQL...).
Ubunzima buvela ngoba ikhodi yomthombo nokuvula isevisi akusanele - udinga ukwenza ezinye izinyathelo. Okungenani, kopisha idatha futhi/noma ujoyine iqoqo. Ngokunembe kakhudlwana, lawa masevisi adinga ukuqonda ukuthi ungakala kanjani kahle, ubuyekeze futhi uzilungiselele kanjani ngaphandle kokulahlekelwa idatha noma ukungatholakali kwesikhashana. Ukucabangela lezi zidingo kubizwa ngokuthi βulwazi lokusebenzaβ.
Abasebenzisi be-CoreOS
Ukuze "uhlele" ulwazi lokusebenza, ngasekupheleni konyaka odlule iphrojekthi ye-CoreOS "isigaba esisha sesofthiwe" yesikhulumi se-Kubernetes - Operators (kusuka kokuthi "ukusebenza" kwesiNgisi, okungukuthi "ukusebenza").
Ama-opharetha asebenzisa futhi andisa amakhono abalulekile e-Kubernetes (incl. StatefulSets, bona umehluko ngezansi) vumela ochwepheshe be-DevOps ukuthi bengeze ulwazi lokusebenza kukhodi yohlelo lokusebenza.
Inhloso Yomsebenzisi - nikeza umsebenzisi i-API ekuvumela ukuthi uphathe izinhlangano eziningi ezisebenza kahle kuqoqo le-Kubernetes, ngaphandle kokucabanga ngalokho okungaphansi kwe-hood (iyini idatha nokuthi yini okufanele uyenze ngayo, yimiphi imiyalo esadinga ukwenziwa ukuze kugcinwe iqoqo ). Eqinisweni, I-Opharetha yakhelwe ukwenza umsebenzi ube lula ngohlelo lokusebenza ngaphakathi kweqoqo ngangokunokwenzeka, izenzele ngokuzenzakalela ukwenziwa kwemisebenzi yokusebenza obekufanele ixazululwe ngaphambili.
Indlela Abasebenza Ngayo
I-ReplicaSets I-Kubernetes ikuvumela ukuthi ucacise inombolo oyifunayo yama-pod agijima, futhi abalawuli baqinisekisa ukuthi inombolo yabo igcinwa (ngokudala nokususa ama-pods). I-Operator isebenza ngendlela efanayo, yengeza isethi yolwazi lokusebenza kusisetshenziswa esijwayelekile se-Kubernetes nesilawuli esikuvumela ukuthi wenze izenzo ezengeziwe ukuze usekele inombolo edingekayo yezinhlangano zohlelo lokusebenza.
Kwehluke kanjani lokhu ku StatefulSets, edizayinelwe izinhlelo zokusebenza ezidinga ukuthi iqoqo lizinikeze izinsiza ezisezingeni eliphezulu njengokugcinwa kwedatha noma ama-IP amile? Ngezinhlelo ezinjalo, ama-Opharetha angasebenzisa StatefulSets (esikhundleni se I-ReplicaSets) njengesisekelo, umnikelo okuzenzakalelayo okwengeziwe: yenza izenzo ezidingekayo uma kwenzeka kuphahlazeka, yenza izipele, buyekeza ukucushwa, njll.
Ngakho-ke, kusebenza kanjani konke lokhu? Umsebenzisi uyi-daemon yomphathi ethi:
- ubhalisela umcimbi we-API ku-Kubernetes;
- ithola kuyo idatha mayelana nesistimu (mayelana nayo I-ReplicaSets, pods, Imisebenzi njalo njalo.);
- ithola idatha mayelana Izinsiza zenkampani yangaphandle (bheka izibonelo ngezansi);
- isabela ekubukekeni/ushintsho Izinsiza zenkampani yangaphandle (isibonelo, ukushintsha usayizi, ukushintsha inguqulo, njalonjalo);
- isabela ezinguqukweni zesimo sohlelo (mayelana nalo I-ReplicaSets, pods, Imisebenzi njalo njalo.);
- okubaluleke kakhulu:
- ibiza i-Kubernetes API ukuthi idale yonke into eyidingayo (futhi, eyakhe I-ReplicaSets, pods, Imisebenzi...),
- yenza umlingo othile (ukwenza kube lula, ungacabanga ukuthi U-Opharetha uzingenela ngokwakhe bese ubiza imiyalo, isibonelo, ukujoyina iqoqo noma ukuthuthukisa ifomethi yedatha lapho ubuyekeza inguqulo).
Eqinisweni, njengoba kubonakala esithombeni, uhlelo lokusebenza oluhlukile lumane lwengezwe ku-Kubernetes (okuvamile Ukuthunyelwa Ρ I-ReplicaSet), ebizwa ngokuthi i-Operator. Ihlala ku-pod evamile (imvamisa eyodwa kuphela) futhi, njengomthetho, inesibopho sayo kuphela Indawo yamagama. Lolu hlelo lokusebenza lwe-opharetha lusebenzisa i-API yalo - nakuba kungenjalo ngokuqondile, kodwa ngokusebenzisa Izinsiza zenkampani yangaphandle e Kubernetes.
Ngakho-ke, ngemuva kokuthi sidale in Indawo yamagama Opharetha, singangeza kuso Izinsiza zenkampani yangaphandle.
Isibonelo se- etcd (bheka ngezansi ukuze uthole imininingwane):
apiVersion: etcd.coreos.com/v1beta1
kind: Cluster
metadata:
name: example-etcd-cluster
spec:
size: 3
version: 3.1.0
Isibonelo se-Elasticsearch:
apiVersion: enterprises.upmc.com/v1
kind: ElasticsearchCluster
metadata:
name: example-es-cluster
spec:
client-node-replicas: 3
master-node-replicas: 2
data-node-replicas: 3
zones:
- us-east-1c
- us-east-1d
- us-east-1e
data-volume-size: 10Gi
java-options: "-Xms1024m -Xmx1024m"
snapshot:
scheduler-enabled: true
bucket-name: elasticsnapshots99
cron-schedule: "@every 2m"
storage:
type: gp2
storage-class-provisioner: kubernetes.io/aws-ebs
Izidingo zama-Opharetha
I-CoreOS yenze amaphethini amakhulu atholwe onjiniyela ngenkathi besebenza kuma-Operators. Ngaphandle kweqiniso lokuthi wonke ama-Opharetha angabantu ngabanye (abadalelwe uhlelo oluthile olunezici nezidingo zalo), ukwakheka kwabo kufanele kusekelwe ohlotsheni lohlaka olubeka lezi zidingo ezilandelayo:
- Ukufakwa kufanele kwenziwe ngokusebenzisa eyodwa Ukuthunyelwa: kubectl create -f SOME_OPERATOR_URL/deployment.yaml - futhi azidingi izenzo ezengeziwe.
- Uma ufaka i-Operator ku-Kubernetes, kufanele kudalwe uhlobo olusha lwenkampani yangaphandle (ThirdPartyResource). Ukuze uqalise izimo zohlelo lokusebenza (izenzakalo zeqoqo) futhi uqhubeke uzilawule (ukubuyekeza izinguqulo, ukushintsha usayizi, njll.), umsebenzisi uzosebenzisa lolu hlobo.
- Noma nini lapho kungenzeka, kufanele usebenzise ama-primitives akhelwe ku-Kubernetes, njengokuthi Imisebenzi ΠΈ I-ReplicaSetsukusebenzisa ikhodi ehlolwe kahle neqondakalayo.
- Idinga ukusebenzisana okusemuva Kwabasebenzisi nokusekelwa kwezinguqulo ezindala zezinsiza ezidalwe ngabasebenzisi.
- Uma i-Operator isusiwe, uhlelo lokusebenza ngokwalo kufanele luqhubeke nokusebenza ngaphandle kwezinguquko.
- Abasebenzisi kufanele bakwazi ukuchaza inguqulo yohlelo lokusebenza abayifunayo futhi bahlele izibuyekezo zenguqulo yohlelo lokusebenza. Ukuntuleka kwezibuyekezo zesofthiwe kuwumthombo ovamile wezinkinga zokusebenza nezokuphepha, ngakho-ke Abasebenzisi kufanele basize abasebenzisi kulolu daba.
- Ama-opharetha kufanele ahlolwe ngethuluzi elifana ne-Chaos Monkey, elikhomba ukwehluleka okungaba khona kuma-pods, ukulungiselelwa, kanye nenethiwekhi.
njll
Isibonelo Sokwenziwa Komsebenzi - njlld Opharetha, ngosuku lokumenyezelwa kwalo mqondo. Ukucushwa kweqoqo njlld kungase kube inkimbinkimbi ngenxa yesidingo sokugcina ikhoramu, isidingo sokumisa kabusha ubulungu beqoqo, ukudala izipele, njll. Isibonelo, ukukala ngokuzenzela iqoqo etcd kusho ukuthi udinga ukudala igama le-DNS lelungu elisha leqoqo, uqale ibhizinisi elisha njll, futhi wazise iqoqo mayelana nelungu elisha (etcdctl ilungu add). Endabeni ye-Operator, umsebenzisi uzodinga kuphela ukushintsha usayizi weqoqo - konke okunye kuzokwenzeka ngokuzenzakalelayo.
Futhi njengoba i- etcd nayo yadalwa ku-CoreOS, bekunengqondo ukubona i-Operator yayo ivela kuqala. Usebenza kanjani? I-Operator logic njll kunqunywa izingxenye ezintathu:
- Qaphela. Umsebenzisi uqapha isimo seqoqo esebenzisa i-Kubernetes API.
- Ukuhlaziya. Ithola umehluko phakathi kwesimo samanje nesifiswayo (okuchazwa ukucushwa komsebenzisi).
- Isenzo. Ixazulula umehluko otholiwe kusetshenziswa i-ettd kanye/noma i-API yesevisi ye-Kubernetes.
Ukuze kusetshenziswe lokhu kunengqondo, imisebenzi ilungiselelwe ku-Opharetha Dala/Bhubhisa (ukudala nokususa amalungu eqoqo etcd) kanye Shintsha kabusha (ushintsho enanini lamalungu eqoqo). Ukunemba kokusebenza kwayo kwahlolwa kusetshenziswa insiza edalwe ngokufana ne-Chaos Monkey evela ku-Netflix, i.e. ukubulala ama-pods njll.
Ukuze usebenze ngokugcwele njlld, i-Operator inikeza izici ezengeziwe: Isipele (okuzenzakalelayo futhi okungabonakali kubasebenzisi ukudalwa kwamakhophi ayisipele - ku-config kwanele ukunquma ukuthi uzokwenziwa kangaki nokuthi bangaki ukugcina - nokubuyiselwa okulandelayo kwedatha evela kubo) kanye kubuyekeze (ibuyekeza ukufakwa kwe-etd ngaphandle kwesikhathi sokuphumula).
Kubukeka kanjani ukusebenza ne-Operator?
$ kubectl create -f https://coreos.com/operators/etcd/latest/deployment.yaml
$ kubectl create -f https://coreos.com/operators/etcd/latest/example-etcd-cluster.yaml
$ kubectl get pods
NAME READY STATUS RESTARTS AGE
etcd-cluster-0000 1/1 Running 0 23s
etcd-cluster-0001 1/1 Running 0 16s
etcd-cluster-0002 1/1 Running 0 8s
etcd-cluster-backup-tool-rhygq 1/1 Running 0 18s
Isimo samanje se- etcd Operator siyinguqulo ye-beta, edinga i-Kubernetes 1.5.3+ kanye nokunye u-3.0+ ukuze isebenze. Ikhodi yomthombo kanye nemibhalo (kuhlanganise nemiyalelo yokusetshenziswa) kuyatholakala ku .
Esinye isibonelo sokuqaliswa kwe-CoreOS senziwe - , kodwa isekunguqulo ye-alpha (akuzona zonke izici ezihleliwe ezenziwe).
Isimo namathemba
Sekudlule izinyanga ezi-5 kumenyezelwe i-Kubernetes Operators. Kusenokusebenzisa okubili kuphela okutholakala kunqolobane esemthethweni ye-CoreOS (ye- etcd ne-Prometheus). Bobabili abakafinyeleli ezinguqulweni zabo ezizinzile, kodwa ukuzibophezela kubonwa nsuku zonke.
Abathuthukisi babona βikusasa lapho abasebenzisi bafaka khona ama-Postgres Operators, ama-Cassandra Operators noma ama-Redis Operators kumaqoqo abo e-Kubernetes futhi basebenze nezinhlaka ezingaka zalezi zinhlelo zokusebenza kalula njengoba kuthunyelwa izifanekiso zezinhlelo zokusebenza zewebhu ezingenasisekelo namuhla.β Okokuqala Ama-opharetha avela konjiniyela bezinkampani zangaphandle ngempela kuqale ukuvela:
- kusuka ku-UPMC Enterprises;
- kusuka kudatha ye-Crunchy (emenyezelwe ngasekupheleni kukaMashi 2017);
- kusukela kubabhali besistimu yokugcina idatha esabalalisiwe esekelwe ku-Ceph (i-Rook isesimweni se-alpha);
- kusuka ku-SAP CCloud.
Engqungqutheleni enkulukazi yaseYurophu yesoftware yamahhala iFOSDEM, eyenzeka ngoFebhuwari 2017 eBrussels, uJosh Wood ovela kuCoreOS umemezele ama-Operators (ividiyo iyatholakala kusixhumanisi!), okufanele kube nomthelela ekukhuleni kokuduma kwalo mqondo emphakathini obanzi Womthombo Ovulekile.
PS Siyabonga ngentshisekelo yakho esihlokweni! Bhalisela ihabhu lethu, ukuze ungaphuthelwa izinto ezintsha nezindlela zokupheka ku-DevOps kanye nokuphathwa kwesistimu ye-GNU/Linux - sizozishicilela njalo!
Source: www.habr.com