{"id":199,"date":"2023-02-20T19:08:00","date_gmt":"2023-02-20T19:08:00","guid":{"rendered":"http:\/\/blog.firatyasar.com\/?p=199"},"modified":"2023-03-19T19:14:00","modified_gmt":"2023-03-19T19:14:00","slug":"scaling-with-virtual-nodes","status":"publish","type":"post","link":"https:\/\/blog.firatyasar.com\/?p=199","title":{"rendered":"Scaling with Virtual Nodes"},"content":{"rendered":"\n<p id=\"de33\">Uzun zamand\u0131r kulland\u0131\u011f\u0131m daha \u00f6ncelerde de anlatm\u0131\u015f oldu\u011fum Azure Virtual Node konusunu biraz daha geni\u015f \u00e7apl\u0131 olarak ele almak istedim.<\/p>\n\n\n\n<p>Umar\u0131m herkes i\u00e7in faydal\u0131 olur.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/stacksimplify.com\/course-images\/azure-kubernetes-service-virtual-nodes.png\" alt=\"Azure Kubernetes Service AKS Virtual Nodes - Azure Kubernetes Service\"\/><\/figure>\n\n\n\n<p><strong>Nedir bu virtual node?<\/strong><\/p>\n\n\n\n<p id=\"1736\">Azure \u00fczerinde Azure Container Instance(ACI) isminde container\u2019lar\u0131n\u0131z\u0131 \u00e7al\u0131\u015ft\u0131rabilece\u011finiz, shared bir ortam kullanan ve saniye baz\u0131nda \u00fccretlendirildi\u011finiz bir servis mevcuttur. Bahsi ge\u00e7en \u201cVirtual nodes\u201d \u00f6zelli\u011fi de bu servis ile Azure Kubernetes Service(AKS)\u2019in birbirlerine entegre edilmesi ile olu\u015fturulmu\u015ftur.<\/p>\n\n\n\n<p id=\"a327\">Normalde ACI kulland\u0131\u011f\u0131n\u0131zda container\u2019\u0131n\u0131z public bir ip alarak shared ortamdaki bir host \u00fczerinde \u00e7al\u0131\u015fmaya ba\u015flar. Fakat ACI\u2019yi virtual node olarak kulland\u0131\u011f\u0131n\u0131zda durum birazdaha farkl\u0131 bir mimariye evrilir. Virtual node \u00fczerinde \u00e7al\u0131\u015fan pod\u2019lar bu farkl\u0131 mimari ile sizin belirleyece\u011finiz private IP subnetinden IP alarak cluster ile g\u00fcvenli bir bi\u00e7imde ileti\u015fim kurarlar.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/miro.medium.com\/v2\/resize:fit:796\/1*HMkascXzYEPW-7rz1oU16w.png\" alt=\"\"\/><\/figure>\n\n\n\n<p id=\"651e\">Shared bir platform olan Azure container instance \u00fczerinde \u00e7al\u0131\u015ft\u0131rd\u0131\u011f\u0131n\u0131z pod\u2019lar i\u00e7in per\/second \u015feklinde \u00fccretlendirilirler.<\/p>\n\n\n\n<p id=\"42c7\">E\u011fer pod\u2019lar\u0131n\u0131z \u00e7ok k\u0131sa s\u00fcreli geni\u015flemeye ihtiya\u00e7 duyuyorsa, Azure Container Instance \u00fczerinde horizontal olarak geni\u015flemesi fiziksel bir node aya\u011fa kald\u0131rmaktan daha kullan\u0131\u015fl\u0131d\u0131r. Ya da k\u0131sa bir test i\u015fleminiz i\u00e7in yeni bir node eklemek istemiyorsan\u0131z, yine virtual node \u00f6zelli\u011finden faydalanmak fiziksek bir node eklemekten daha efektif olacakt\u0131r.<\/p>\n\n\n\n<p id=\"ceb4\">Not: \u015eu anda Azure platformu \u00fczerinde kullanabilece\u011fimiz bu virtual node \u00f6zelli\u011fi sadece Linux tabanl\u0131 pod ve node\u2019lar i\u00e7in desteklenmektedir.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/miro.medium.com\/v2\/resize:fit:1362\/1*h5_SVb5dh9GyjcSJt--GJQ.png\" alt=\"\"\/><\/figure>\n\n\n\n<p id=\"bc5d\"><strong>Virtual Nodes \u00f6zelli\u011fi nas\u0131l entekre edilir?<\/strong><\/p>\n\n\n\n<p id=\"4d1d\">Virtual nodes \u00f6zelli\u011fini gerek portal \u00fczerinden gerekse komut sat\u0131r\u0131 ile entegre etmek olduk\u00e7a kolayd\u0131r. Portal \u00fczerinde a\u015fa\u011f\u0131daki gibi \u201cVirtual Nodes\u201d opsiyonunu enable olarak i\u015faretlemeniz yeterli olacakt\u0131r.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/miro.medium.com\/v2\/resize:fit:1400\/1*OhM1_h2zRdS9GWUbyZtQRg.png\" alt=\"\"\/><\/figure>\n\n\n\n<p id=\"7eaa\">Azure Kubernetes Service(AKS) ile cluster provision etmek istedi\u011finizde network opsiyonu olarak iki tip network se\u00e7ebilirsiniz. Bunlar basic(Kubenet) ve advanced(cni) network se\u00e7enekleridir. En temel farklar\u0131 advanced network pod\u2019lar i\u00e7in node\u2019lar\u0131n bulundu\u011fu ip havuzundan ip atamas\u0131 yaparken, basic network se\u00e7ene\u011fi her nod \u00fczerinde pod\u2019lar i\u00e7in ayr\u0131 bir IP network\u2019\u00fc yap\u0131land\u0131r\u0131r.<\/p>\n\n\n\n<p id=\"9a84\">Virtual node yap\u0131land\u0131r\u0131lacak olan AKS cluster\u2019\u0131n advanced network olarak konfig\u00fcre edilmi\u015f olmas\u0131 gerekir. B\u00f6ylece virtual nodes kendisine node network i\u00e7erisinde bir subnet olu\u015fturup, \u00fczerindeki pod\u2019lara bu subnetten ip atamas\u0131 yapar hale gelir. Subnet sahip oldu\u011fu delegated permission ile Azure resource\u2019lar\u0131 ve AKS cluster aras\u0131ndaki ileti\u015fimi sa\u011flar. AKS cluster\u2019\u0131 olu\u015ftururken virtual nodes se\u00e7ene\u011fini etkinle\u015ftirdi\u011finizde bu delegasyon i\u015flemleri otomatik olarak tan\u0131mlan\u0131r.<\/p>\n\n\n\n<p id=\"ca1d\">Virtual node se\u00e7ene\u011fi etkinle\u015ftirildi\u011finde, network konfig\u00fcrasyonu ad\u0131m\u0131nda art\u0131k basic network se\u00e7ene\u011finin se\u00e7ilemedi\u011fi g\u00f6r\u00fclmektedir. \u015eekilde i\u015faretledi\u011fim yerde bunun virtual node se\u00e7ene\u011finden kaynakland\u0131\u011f\u0131 da belirtilmektedir.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/miro.medium.com\/v2\/resize:fit:1400\/1*CuDX_0A94eg65CaVQNLLLQ.png\" alt=\"\"\/><\/figure>\n\n\n\n<p id=\"c5bd\">Cluster kurulumunun ard\u0131ndan ilk kontroller yap\u0131ld\u0131\u011f\u0131nda network \u00fczerinde virtual node i\u00e7in bir subnet olu\u015fturuldu\u011fu g\u00f6r\u00fcn\u00fcr. Ayr\u0131ca a\u015fa\u011f\u0131daki \u015fekilde subnetin delegate edildi\u011fi servisin Azure Container Instance(ACI) oldu\u011funu da g\u00f6rebilirsiniz.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/miro.medium.com\/v2\/resize:fit:1400\/1*Yak-iOzM8X-c8vdCZM_VQA.png\" alt=\"\"\/><\/figure>\n\n\n\n<p id=\"896c\">Bu i\u015flemin ard\u0131ndan kubernetes cluster\u2019a ba\u011flan\u0131p node\u2019lar\u0131 listeledi\u011finizde virtual node\u2019un listelendi\u011fini g\u00f6rebilirsiniz.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/miro.medium.com\/v2\/resize:fit:1400\/1*7gHEVTxxCnrT516iOE9MwA.png\" alt=\"\"\/><\/figure>\n\n\n\n<p id=\"2f81\">Virtual node entegrasyonu bu akdar basit. \ud83d\ude42 \u015eimdi bir adet test pod\u2019u virtual node \u00fczerinde schedule edelim.<\/p>\n\n\n\n<p id=\"10a2\"><strong>Schedule i\u015flemi<\/strong><\/p>\n\n\n\n<p id=\"c198\">Test i\u015flemi olarak a\u015fa\u011f\u0131daki \u00f6rnek yaml\u2019\u0131 kullanarak virtual node\u2019un \u00fczerinde bir pod schedule edebiliriz.<\/p>\n\n\n\n<p id=\"6d20\">Resimde i\u015faretledi\u011fim k\u0131s\u0131mlar pod\u2019un virtual node \u00fczerinde schedule olabilmesi i\u00e7in gerekli node selector ve tolerations ayarlar\u0131d\u0131r. E\u011fer cluster i\u00e7erisinde bir pod\u2019u direk virtual node \u00fczerinde schedule etmek isterseniz, siz de kendi pod\u2019lar\u0131n\u0131z i\u00e7in bu ayarlar\u0131 yap\u0131land\u0131rabilirsiniz.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/miro.medium.com\/v2\/resize:fit:918\/1*6RQhLaIE7tE_Q_e331JAVQ.png\" alt=\"\"\/><\/figure>\n\n\n\n<p id=\"c971\">Pod\u2019u deploy ettikten sonra a\u015fa\u011f\u0131daki komut ile pod\u2019un schedule i\u015flemine ili\u015fkin durumunu g\u00f6r\u00fcnt\u00fcleyebilirsiniz.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/miro.medium.com\/v2\/resize:fit:1400\/1*Y5O431L_qjihe1APp1L88w.png\" alt=\"\"\/><\/figure>\n\n\n\n<p id=\"672e\">K\u0131sa s\u00fcre i\u00e7inde pod a\u015fa\u011f\u0131daki gibi running durumuna ge\u00e7ecektir. Burada dikkat etmenizi istedi\u011fim k\u0131s\u0131m, ip adresinin virtual node\u2019un kullanmas\u0131 i\u00e7in olu\u015fturulan subnetten al\u0131nd\u0131\u011f\u0131d\u0131r ve bu pod art\u0131k per\/saniye olarak \u00e7al\u0131\u015ft\u0131\u011f\u0131 s\u00fcre boyunca \u00fccretlendirilecektir.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/miro.medium.com\/v2\/resize:fit:1400\/1*a-2eE0U_hO-CTZfGg4HvYA.png\" alt=\"\"\/><\/figure>\n\n\n\n<p id=\"e9a1\">Platform \u00fczerinden Azure container instance(ACI) kontrol edildi\u011finde, ilgili pod\u2019u \u00e7al\u0131\u015ft\u0131racak olan ACI resource\u2019unun deploy edildi\u011fini g\u00f6rebilirsiniz.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/miro.medium.com\/v2\/resize:fit:1020\/1*ROuwQ0MKNMPq6GKrl6jIoA.png\" alt=\"\"\/><\/figure>\n\n\n\n<p id=\"698d\">Olu\u015fturulan container instance resoure\u2019unun overview k\u0131sm\u0131 bize \u00e7al\u0131\u015ft\u0131r\u0131lan pod hakk\u0131nda ayr\u0131nt\u0131l\u0131 bilgi verecektir. \u00d6rne\u011fin a\u015fa\u011f\u0131daki resimde al\u0131nan IP\u2019nin private oldu\u011fu ve pod i\u00e7erisinde bir adet container \u00e7al\u0131\u015ft\u0131\u011f\u0131n\u0131 g\u00f6rebilirsiniz.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/miro.medium.com\/v2\/resize:fit:1400\/1*KPH18asQhsAZJ4Vgh-ocQw.png\" alt=\"\"\/><\/figure>\n\n\n\n<p id=\"be10\">Uygulamay\u0131 \u00f6rnek olarak internete a\u00e7mak i\u00e7in, Kubernetes cluster \u00fczerinde loadbalancer tipinde bir service olu\u015fturabiliriz. Burada g\u00f6stermek istedi\u011fim service Kubernetes \u00fczerinde internetten expose edilirken, arkas\u0131ndaki podlar\u0131n sorunsuz \u015fekilde Azure Container Instance(ACI) \u00fczerinde \u00e7al\u0131\u015ft\u0131\u011f\u0131 ve eri\u015filebilir oldu\u011fudur.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/miro.medium.com\/v2\/resize:fit:1278\/1*RRWx_0Tk9chk8LOJKpgxTQ.png\" alt=\"\"\/><\/figure>\n\n\n\n<p id=\"2321\"><strong>Peki virtual node\u2019un limitasyonlar\u0131 var m\u0131?<\/strong><\/p>\n\n\n\n<p id=\"fcf2\">Mimari bak\u0131m\u0131ndan bize \u00e7ok esneklik sa\u011flasada \u015fu anda baz\u0131 limitasyonlar\u0131 bulunuyor. Ancak bu limitasyonlar h\u0131zl\u0131 \u015fekilde ortadan kald\u0131r\u0131l\u0131yor diyebilirim. \u00d6zellikle dikkat edilmesi gereken durumlar;<\/p>\n\n\n\n<ul><li>Azure AD service principal authentication desteklenmiyor. Bu y\u00fczden \u00f6nerilen service principal\u2019lar\u0131n cluster i\u00e7erisinde secret olarak saklanmas\u0131.<\/li><li>Network konfig\u00fcrasyonunda peering, Kubernetes network policy ve internete yap\u0131lan outbound trafik \u00fczerinde uygulanm\u0131\u015f nsg\u2019ler desteklenmiyor.<\/li><li>Init container kullan\u0131lan pod\u2019lar desteklenmiyor.<\/li><li>Host Alias desteklenmiyor.<\/li><li>DaemonSet\u2019ler virtual node \u00fczerine pod olarak deploy edilemiyor.<\/li><li>Windows Server node\u2019lar virtual node ile birlikte kullan\u0131lam\u0131yor.<\/li><\/ul>\n\n\n\n<p id=\"041d\">Azure Container Instance(ACI) resource\u2019u sayesinde ek bir infrastructure kayna\u011f\u0131na ihtiya\u00e7 duymadan container\u2019lar\u0131n\u0131z\u0131 AKS cluster\u2019a deploy edebilirsiniz. \u00dcstelik deploy etti\u011finiz bu virtual node private network\u2019\u00fcn\u00fcz \u00fczerindeki \u00f6zel bir subnet\u2019ten pod\u2019lar\u0131n\u0131za ip atamas\u0131 yapar. Bu sayede de AKS cluster ile ACI aras\u0131ndaki ileti\u015fim g\u00fcvenli bir bi\u00e7imde sa\u011flanm\u0131\u015f olur. Bu mimaride virtual node \u00fczerinde \u00e7al\u0131\u015fan node\u2019lar\u0131n\u0131z per\/second olarak \u00fccretlendirilir.<\/p>\n\n\n\n<p id=\"6172\">Bir sonraki b\u00f6l\u00fcmde g\u00f6r\u00fc\u015fmek \u00fczere.<\/p>\n\n\n\n<p id=\"efbf\">Kaynak:\u00a0<a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/bs-latn-ba\/azure\/aks\/virtual-nodes-portal\" target=\"_blank\">https:\/\/docs.microsoft.com\/bs-latn-ba\/azure\/aks\/virtual-nodes-portal<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Uzun zamand\u0131r kulland\u0131\u011f\u0131m daha \u00f6ncelerde de anlatm\u0131\u015f oldu\u011fum Azure Virtual Node konusunu biraz daha geni\u015f \u00e7apl\u0131 olarak ele almak istedim. Umar\u0131m herkes i\u00e7in faydal\u0131 olur. Nedir bu virtual node? Azure \u00fczerinde Azure Container Instance(ACI) isminde container\u2019lar\u0131n\u0131z\u0131 \u00e7al\u0131\u015ft\u0131rabilece\u011finiz, shared bir ortam kullanan ve saniye baz\u0131nda \u00fccretlendirildi\u011finiz bir servis mevcuttur. Bahsi ge\u00e7en \u201cVirtual nodes\u201d \u00f6zelli\u011fi de bu\u2026 <span class=\"read-more\"><a href=\"https:\/\/blog.firatyasar.com\/?p=199\">Read More &raquo;<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":22,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/blog.firatyasar.com\/index.php?rest_route=\/wp\/v2\/posts\/199"}],"collection":[{"href":"https:\/\/blog.firatyasar.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.firatyasar.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.firatyasar.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.firatyasar.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=199"}],"version-history":[{"count":1,"href":"https:\/\/blog.firatyasar.com\/index.php?rest_route=\/wp\/v2\/posts\/199\/revisions"}],"predecessor-version":[{"id":200,"href":"https:\/\/blog.firatyasar.com\/index.php?rest_route=\/wp\/v2\/posts\/199\/revisions\/200"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.firatyasar.com\/index.php?rest_route=\/wp\/v2\/media\/22"}],"wp:attachment":[{"href":"https:\/\/blog.firatyasar.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=199"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.firatyasar.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=199"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.firatyasar.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=199"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}