Qaphela. transl.: lokhu kwaziswa kuvela kuphrojekthi yezemfundo iyimpendulo yombuzo odumile lapho uklama ingqalasizinda esekwe ku-Kubernetes. Sithemba ukuthi izincazelo ezinemininingwane yobuhle nobubi benketho ngayinye zizokusiza wenze ukhetho olungcono kakhulu lwephrojekthi yakho.
TL; DR: isethi efanayo yemithwalo yomsebenzi ingaqhutshwa kumaqoqo amakhulu amaningana (iqoqo ngalinye lizoba nenani elikhulu lemisebenzi) noma emincane eminingi (enenani elincane lemithwalo yomsebenzi kuqoqo ngalinye).
Ngezansi kunethebula elihlola ubuhle nobubi bendlela ngayinye:
Lapho usebenzisa i-Kubernetes njengenkundla yokusebenzisa izinhlelo zokusebenza, imibuzo eminingana ebalulekile ivame ukuvela mayelana nobunkimbinkimbi bokusetha amaqoqo:
- Mangaki amaqoqo okufanele ngiwasebenzise?
- Kufanele ngizenze zibe nkulu kangakanani?
- Iqoqo ngalinye kufanele lihlanganise nani?
Kulesi sihloko, ngizozama ukuphendula yonke le mibuzo ngokuhlaziya ubuhle nobubi bendlela ngayinye.
Isitatimende sombuzo
Njengonjiniyela wesoftware, kungenzeka uthuthukise futhi usebenzise izinhlelo zokusebenza eziningi ngesikhathi esisodwa.
Ngaphezu kwalokho, izimo eziningi zalezi zinhlelo zokusebenza kungenzeka zisebenze ezindaweni ezihlukene - ngokwesibonelo, lezi zingase zibe njalo dev, test и prod.
Umphumela uba i-matrix yonke yezinhlelo zokusebenza nezindawo:
Izicelo kanye Nendawo
Isibonelo esingenhla simele izinhlelo zokusebenza ezi-3 kanye nezindawo ezi-3, okuholela engqikithini yezinketho ezingu-9 ezingase zibe khona.
Isenzakalo ngasinye sohlelo lokusebenza siyiyunithi yokuthunyelwa ezimele engasetshenzwa nayo ngaphandle kwabanye.
Uyacelwa ukuthi uqaphele lokho isibonelo sohlelo lokusebenza ingase ibe nabaningi izingxenye, njenge-frontend, i-backend, i-database, njll. Endabeni yohlelo lokusebenza lwe-microservices, isibonelo sizofaka wonke ama-microservices.
Ngenxa yalokho, abasebenzisi bakaKubernetes banemibuzo eminingana:
- Ingabe zonke izimo zokufaka isicelo kufanele zibekwe kuqoqo elilodwa?
- Ingabe kufanelekile ukuba neqoqo elihlukile lesibonelo ngasinye sohlelo lokusebenza?
- Noma mhlawumbe kufanele kusetshenziswe inhlanganisela yalezi zindlela ezingenhla?
Zonke lezi zinketho ziyasebenza impela, njengoba i-Kubernetes iyisistimu eguquguqukayo engakhawuleli amandla omsebenzisi.
Nazi ezinye zezindlela ezingenzeka:
- iqoqo elikhulu elivamile;
- amaqoqo amaningi amancane akhethekile;
- iqoqo elilodwa kuhlelo lokusebenza ngalunye;
- iqoqo elilodwa endaweni ngayinye.
Njengoba kukhonjisiwe ngezansi, izindlela ezimbili zokuqala zisemaphethelweni aphambene esikalini sezinketho:
Kusukela kumaqoqo amakhulu ambalwa (kwesokunxele) kuye kwabaningi amancane (kwesokudla)
Ngokuvamile, iqoqo elilodwa libhekwa "likhulu" kunelinye uma linesamba esikhulu samanodi nama-pods. Isibonelo, iqoqo elinamanodi angu-10 nama-pods angu-100 likhulu kuneqoqo elinenodi engu-1 nama-pods angu-10.
Awu, ake siqale!
1. Iqoqo elilodwa elikhulu elivamile
Inketho yokuqala ukubeka yonke imithwalo yemisebenzi kuqoqo elilodwa:
Iqoqo elilodwa elikhulu
Ngaphakathi kwale ndlela, iqoqo lisetshenziswa njengendawo yonke inkundla yengqalasizinda - umane ukhiphe yonke into oyidingayo kuqoqo elikhona le-Kubernetes.
I-Kubernetes ivumela izingxenye zeqoqo ukuthi zihlukaniswe ngokunengqondo, ukuze isenzakalo ngasinye sohlelo lokusebenza sibe nendawo yaso yamagama.
Ake sibheke ubuhle nobubi bale ndlela.
+ Ukusetshenziswa kahle kwezinsiza
Ngeqoqo elilodwa, udinga kuphela ikhophi eyodwa yazo zonke izinsiza ezidingekayo ukuze uqalise futhi uphathe iqoqo le-Kubernetes.
Isibonelo, lokhu kuyiqiniso kuma-master node. Ngokuvamile, iqoqo ngalinye le-Kubernetes linama-master node angu-3, ngakho-ke kwiqoqo elilodwa inani lazo lizohlala linjalo (uma siqhathanisa, amaqoqo ayi-10 azodinga ama-master nodes angu-30).
Ubuqili obungenhla busebenza nakwezinye izinsiza ezisebenza kulo lonke iqoqo, njengezilinganisi zomthwalo, izilawuli ze-Ingress, ukufakazela ubuqiniso, ukugawula amasistimu nokuqapha.
Eqoqweni elilodwa, zonke lezi zinsizakalo zingasetshenziswa ngesikhathi esisodwa kuyo yonke imithwalo yemisebenzi (asikho isidingo sokudala amakhophi azo, njengoba kwenzeka ngamaqoqo amaningi).
+ Kushibhile
Njengomphumela walokhu okungenhla, amaqoqo ambalwa ngokuvamile ashibhe ngenxa yokuthi azikho izindleko ezingaphezulu.
Lokhu kuyiqiniso ikakhulukazi kuma-master node, angabiza inani elikhulu lemali kungakhathaliseki ukuthi asingathwa kanjani (emagcekeni noma emafini).
Ezinye izinsiza eziphethwe i-Kubernetes, njenge noma , hlinzeka ngesendlalelo sokulawula mahhala. Kulokhu, udaba lwezindleko alubi kakhulu.
Kukhona nezinsizakalo eziphethwe ezikhokhisa imali emisiwe ngokusebenza kweqoqo ngalinye le-Kubernetes (isibonelo, ).
+ Ukuphatha okuphumelelayo
Ukuphatha iqoqo elilodwa kulula kunokuphatha ezimbalwa.
Ukuphatha kungase kuhlanganise imisebenzi elandelayo:
- Isibuyekezo senguqulo ye-Kubernetes;
- ukumisa ipayipi le-CI/CD;
- ukufaka i-plugin ye-CNI;
- ukusetha uhlelo lokuqinisekisa lomsebenzisi;
- ukufakwa kwesilawuli sokufinyelela;
nabanye abaningi...
Endabeni yeqoqo elilodwa, kuzofanele ukwenze konke lokhu kanye kuphela.
Kumaqoqo amaningi, imisebenzi kuzodingeka iphindwe izikhathi eziningi, okungahle kudinge izinqubo ezithile ezizenzakalelayo namathuluzi ukuze kuqinisekiswe ukuvumelana nokuvumelana enqubweni.
Futhi manje amazwi ambalwa mayelana nebubi.
− Iphuzu elilodwa lokwehluleka
Uma kwenzeka ukwenqaba yedwa iqoqo lizoyeka ukusebenza ngokushesha konke imisebenzi!
Kunezindlela eziningi izinto ezingahamba kahle ngazo:
- ukuvuselela i-Kubernetes kuholela emiphumeleni emibi engalindelekile;
- Ingxenye ebanzi yeqoqo (isibonelo, i-plugin ye-CNI) iqala ukungasebenzi njengoba bekulindelekile;
- enye yezingxenye zeqoqo ayilungiswanga kahle;
- ukwehluleka kwingqalasizinda eyisisekelo.
Isigameko esisodwa esinjalo singabangela umonakalo omkhulu kuyo yonke imithwalo yemisebenzi ebanjwe kuqoqo okwabelwana ngalo.
− Akukho ukufakwa okuqinile
Ukugijima kuqoqo okwabelwana ngalo kusho ukuthi izinhlelo zokusebenza zabelana ngehadiwe, amandla okuxhumana, kanye nesistimu yokusebenza kuma-cluster node.
Ngomqondo othile, iziqukathi ezimbili ezinezinhlelo ezimbili ezihlukene ezisebenza endaweni eyodwa zifana nezinqubo ezimbili ezisebenza emshinini ofanayo osebenzisa i-OS kernel efanayo.
Iziqukathi ze-Linux zinikeza uhlobo oluthile lokuzihlukanisa, kodwa alucishe luqine njengalolo olunikezwa, yithi, imishini ebonakalayo. Empeleni, inqubo esitsheni iyinqubo efanayo esebenza ohlelweni lokusebenza lomsingathi.
Lokhu kungaba yinkinga yezokuphepha: lokhu kuhlelwa ngokombono kuvumela izinhlelo zokusebenza ezingahlobene ukuthi zixhumane zodwa (okungaba ngamabomu noma ngephutha).
Ukwengeza, yonke imithwalo yemisebenzi eqoqweni le-Kubernetes yabelana ngezinsizakalo ezithile ezibanzi njenge - lokhu kuvumela izinhlelo zokusebenza ukuthola Amasevisi wezinye izinhlelo zokusebenza kuqoqo.
Wonke amaphuzu angenhla angase abe nezincazelo ezahlukene kuye ngezidingo zokuphepha zohlelo lokusebenza.
I-Kubernetes inikeza amathuluzi ahlukahlukene ukuvimbela izinkinga zokuphepha ezifana и . Kodwa-ke, ukuwamisa ngendlela efanele kudinga ulwazi oluthile; ngaphezu kwalokho, awakwazi ukuvala ngokuphelele zonke izimbobo zokuphepha.
Kubalulekile ukukhumbula njalo ukuthi i-Kubernetes yayakhelwe ekuqaleni ukwabelana, hhayi ngoba ukuzihlukanisa nokuphepha.
− Ukushoda kwezindawo eziningi zokuhlala
Ngokunikezwa ngobuningi bezinsiza ezabiwe kuqoqo le-Kubernetes, kunezindlela eziningi izinhlelo zokusebenza ezihlukene ezinganyathela ngazo ezinzwaneni zomunye.
Isibonelo, uhlelo lokusebenza lungase lulawule insiza eyabiwe (efana ne-CPU noma inkumbulo) futhi lunqabele ezinye izinhlelo zokusebenza ezisebenza endaweni efanayo ukufinyelela kuyo.
I-Kubernetes inikeza izindlela ezahlukahlukene zokulawula lokhu kuziphatha, njenge (bheka nesihloko esithi “"- cishe. transl.), и . Kodwa-ke, njengasendabeni yezokuphepha, ukucushwa kwabo akukona okuncane futhi abakwazi ukuvimbela ngokuphelele yonke imiphumela emibi engalindelekile.
− Inani elikhulu labasebenzisi
Endabeni yeqoqo elilodwa, kufanele uvule ukufinyelela kulo kubantu abaningi. Futhi lapho inani labo likhulu, ingozi enkulu yokuthi "bazophula" okuthile.
Ngaphakathi kweqoqo ungalawula ukuthi ubani ongenza lokho esebenzisa (bheka isihloko esithi “"- cishe. transl.). Kodwa-ke, ngeke kuvimbele abasebenzisi ukuthi "baphule" okuthile okungaphakathi kwendawo yabo yesibopho.
− Amaqoqo awakwazi ukukhula unomphela
Iqoqo elisetshenziselwa yonke imithwalo yomsebenzi lizoba likhulu impela (ngokwenani lamanodi nama-pods).
Kodwa lapha kuphakama enye inkinga: amaqoqo e-Kubernetes awakwazi ukukhula unomphela.
Kunomkhawulo wethiyori ngosayizi weqoqo. E-Kubernetes cishe .
Kodwa-ke, empilweni yangempela, izinkinga zingaqala ngaphambi kwesikhathi - isibonelo, nje .
Iqiniso liwukuthi amaqoqo amakhulu abeka umthwalo ophezulu kungqimba yokulawula ye-Kubernetes. Ngamanye amazwi, ukugcina iqoqo liphezulu futhi lisebenza kahle kudinga ukushuna ngokucophelela.
Lolu daba lubhekwa esihlokweni esihlobene kubhulogi yokuqala ebizwa ngokuthi "".
Kodwa ake sicabangele indlela ephambene: amaqoqo amancane amaningi.
2. Amaqoqo amaningi amancane, akhethekile
Ngale ndlela, usebenzisa iqoqo elihlukile lento ngayinye oyifakile:
Amaqoqo amaningi amancane
Ngezinhloso zalesi sihloko, ngaphansi isici esingasebenziseka ibhekisela esimweni sohlelo lokusebenza - isibonelo, inguqulo ye-dev yohlelo lokusebenza oluhlukile.
Leli su lisebenzisa i-Kubernetes njengekhethekile isikhathi sokusebenza ezimweni zokufaka isicelo ngasinye.
Ake sibheke ubuhle nobubi bale ndlela.
+ “Irediyasi yokuqhuma” elinganiselwe
Uma iqoqo lehluleka, imiphumela engemihle ikhawulelwe kuphela kuleyo mithwalo yomsebenzi esetshenziswe kulelo qoqo. Yonke eminye imisebenzi ihlala ingakathintwa.
+ I-Insulation
Umthwalo wokusebenza osingathwa ngamaqoqo angawodwana awabelani ngezinsiza ezifana nephrosesa, inkumbulo, isistimu yokusebenza, inethiwekhi, noma amanye amasevisi.
Umphumela uba ukuhlukaniswa okuqinile phakathi kwezinhlelo zokusebenza ezingahlobene, okungaba yinzuzo ekuvikelekeni kwazo.
+ Inombolo encane yabasebenzisi
Uma kubhekwa ukuthi iqoqo ngalinye liqukethe isethi elinganiselwe yemithwalo yomsebenzi, inani labasebenzisi abanokufinyelela kulo liyancishiswa.
Lapho abantu abambalwa bekwazi ukufinyelela iqoqo, yehlisa ingozi yokuthi okuthile “kuzophuka”.
Ake sibheke ububi.
− Ukusetshenziswa ngendlela efanele kwezinsiza
Njengoba kushiwo ngaphambili, iqoqo ngalinye le-Kubernetes lidinga isethi ethile yezinsiza zokuphatha: ama-master node, izingxenye zongqimba lokulawula, ukuqapha nokugawula izixazululo.
Endabeni yenani elikhulu lamaqoqo amancane, ingxenye enkulu yezinsiza kufanele yabelwe abaphathi.
− Kuyabiza
Ukusetshenziswa ngendlela engafanele kwezinsiza ngokuzenzakalela kufaka izindleko eziphezulu.
Isibonelo, ukugcina ama-master node angu-30 esikhundleni samathathu anamandla afanayo ekhompuyutha kuzothinta izindleko.
− Ubunzima bokuphatha
Ukuphatha amaqoqo amaningi e-Kubernetes kunzima kakhulu kunokuphatha eyodwa kuphela.
Isibonelo, kuzodingeka ulungiselele ukufakazela ubuqiniso nokugunyazwa kweqoqo ngalinye. Inguqulo ye-Kubernetes nayo kuzodingeka ibuyekezwe izikhathi ezimbalwa.
Cishe uzodinga ukusebenzisa i-automation ukuze wenze yonke le misebenzi isebenze kahle.
Manje ake sibheke izimo ezimbi kakhulu.
3. Iqoqo elilodwa ngohlelo lokusebenza ngalunye
Ngale ndlela, udala iqoqo elihlukile lazo zonke izimo zohlelo lokusebenza oluthile:
Iqoqo ngohlelo lokusebenza
Le ndlela ingathathwa njengokujwayelekile komgomo othi “iqoqo elihlukene iqembu ngalinye”, njengoba ngokuvamile ithimba lonjiniyela lenza uhlelo lokusebenza olulodwa noma eziningi.
Ake sibheke ubuhle nobubi bale ndlela.
+ Iqoqo lingalungiselelwa uhlelo lokusebenza
Uma isicelo sinezidingo ezikhethekile, zingasetshenziswa kuqoqo ngaphandle kokuthinta amanye amaqoqo.
Izidingo ezinjalo zingabandakanya abasebenzi be-GPU, ama-plugin athile e-CNI, i-mesh yesevisi, noma enye isevisi.
Iqoqo ngalinye lingafanelana nohlelo lokusebenza olusebenza kulo ukuze liqukethe kuphela okudingekayo.
− Izimo ezihlukene eqenjini elilodwa
Okubi ngale ndlela ukuthi izimo zohlelo lokusebenza ezivela ezindaweni ezihlukene zihlala ndawonye kuqoqo elifanayo.
Isibonelo, inguqulo ye-prod yohlelo lokusebenza isebenza kuqoqo elifanayo njengenguqulo ye-dev. Lokhu futhi kusho ukuthi onjiniyela basebenza kuqoqo elifanayo lapho inguqulo yokukhiqiza yohlelo lokusebenza isetshenziswa.
Uma, ngenxa yezenzo zonjiniyela noma amaphutha enguqulweni ye-dev, kwenzeka ukwehluleka kuqoqo, khona-ke inguqulo ye-prod ingase ihlupheke nayo - ukuhlehla okukhulu kwale ndlela.
Futhi ekugcineni, isimo sokugcina ohlwini lwethu.
4. Iqoqo elilodwa endaweni ngayinye
Lesi simo sibandakanya ukwaba iqoqo elihlukile endaweni ngayinye:
Iqoqo elilodwa endaweni ngayinye
Isibonelo, ungase ube namaqoqo dev, test и prod, lapho uzosebenzisa khona zonke izimo zohlelo lokusebenza ezinikezelwe endaweni ethile.
Nazi izinzuzo nezingozi zale ndlela.
+ Ukuhlukaniswa kwemvelo ye-prod
Ngale ndlela, zonke izindawo zihlukanisiwe komunye nomunye. Kodwa-ke, ekusebenzeni lokhu kubaluleke kakhulu endaweni ye-prod.
Izinguqulo zokukhiqiza zohlelo lokusebenza manje zizimele kulokho okwenzeka kwamanye amaqoqo nendawo.
Ngale ndlela, uma inkinga ivele ngokuzumayo kuqoqo le-dev, izinguqulo ze-prod zezinhlelo zokusebenza zizoqhubeka nokusebenza sengathi akwenzekanga lutho.
+ Iqoqo lingalungiselelwa imvelo
Iqoqo ngalinye lingalungiswa endaweni yalo. Ngokwesibonelo, ungakwazi:
- faka amathuluzi okuthuthukisa kanye nokususa iphutha kuqoqo le-dev;
- faka izinhlaka zokuhlola namathuluzi kuqoqo test;
- sebenzisa ihadiwe enamandla kakhulu namashaneli enethiwekhi kuqoqo prod.
Lokhu kukuvumela ukuthi ukwandise ukusebenza kahle kwakho kokubili ukuthuthukiswa kohlelo lokusebenza nokusebenza.
+ Ikhawulela ukufinyelela kuqoqo lokukhiqiza
Isidingo sokusebenza ngokuqondile neqoqo le-prod asivamile ukuvela, ngakho-ke ungakwazi ukukhawulela kakhulu indilinga yabantu abakwazi ukuyifinyelela.
Ungaqhubekela phambili futhi wenqabele abantu ukufinyelela kuleli qoqo ngokuphelele, futhi wenze konke ukuthunyelwa usebenzisa ithuluzi elizenzakalelayo le-CI/CD. Indlela enjalo izonciphisa ingozi yamaphutha abantu lapho ifaneleka khona kakhulu.
Futhi manje amazwi ambalwa mayelana nebubi.
− Akukho ukwehlukaniswa phakathi kwezinhlelo zokusebenza
Ububi obukhulu bendlela yokushoda kwehadiwe kanye nokuhlukaniswa kwezinsiza phakathi kwezinhlelo zokusebenza.
Izinhlelo zokusebenza ezingahlobene zabelana ngezinsiza zeqoqo: umgogodla wesistimu, iphrosesa, inkumbulo, nezinye izinsiza.
Njengoba sekushiwo, lokhu kungase kube yingozi.
− Ukungakwazi ukwenza ngokwendawo okuncike kuhlelo lokusebenza
Uma isicelo sinezidingo ezikhethekile, kufanele zaneliseke kuwo wonke amaqoqo.
Isibonelo, uma uhlelo lokusebenza ludinga i-GPU, iqoqo ngalinye kufanele liqukathe okungenani isisebenzi esisodwa esine-GPU (ngisho noma sisetshenziswa yilolo hlelo lokusebenza kuphela).
Ngenxa yalokho, sibeka engcupheni izindleko eziphakeme kanye nokusetshenziswa ngendlela engafanele kwezisetshenziswa.
isiphetho
Uma unesethi ethile yezinhlelo zokusebenza, zingafakwa kumaqoqo amaningana amakhulu noma amancane amaningi.
I-athikili ixoxa ngobuhle nobubi bezindlela ezahlukahlukene, kusukela kuqoqo lomhlaba wonke kuya kwezimbalwa ezincane nezikhethekile kakhulu:
- iqoqo elijwayelekile elilodwa;
- amaqoqo amaningi amancane akhethekile;
- iqoqo elilodwa kuhlelo lokusebenza ngalunye;
- iqoqo elilodwa endaweni ngayinye.
Ngakho iyiphi indlela okufanele uyithathe?
Njengenjwayelo, impendulo incike esimweni sokusebenzisa: udinga ukukala ubuhle nobubi bezindlela ezahlukahlukene bese ukhetha okukhethwa kukho okuhle kakhulu.
Kodwa-ke, ukukhetha akukhawulelwe ezibonelweni ezingenhla - ungasebenzisa noma iyiphi inhlanganisela yazo!
Isibonelo, ungahlela amaqoqo ambalwa eqenjini ngalinye: iqoqo lokuthuthukisa (lapho kuzoba khona izindawo dev и test) kanye neqoqo le production (lapho indawo yokukhiqiza izoba khona).
Ngokusekelwe olwazini olukule ndatshana, ungakwazi ukuthuthukisa okuhle nokubi ngendlela efanele esimeni esithile. Ngikufisela inhlanhla!
PS
Funda futhi kubhulogi yethu:
- «";
- «";
- «";
- «".
Source: www.habr.com