{"id":3459,"date":"2020-07-26T12:07:50","date_gmt":"2020-07-26T10:07:50","guid":{"rendered":"https:\/\/gokhan-gokalp.com\/?p=3459"},"modified":"2020-07-26T12:17:02","modified_gmt":"2020-07-26T10:17:02","slug":"kubernetes-for-production-some-useful-information","status":"publish","type":"post","link":"https:\/\/gokhan-gokalp.com\/tr\/kubernetes-for-production-some-useful-information\/","title":{"rendered":"Production i\u00e7in Kubernetes: Baz\u0131 Yararl\u0131 Bilgiler"},"content":{"rendered":"<p>Bildi\u011fimiz gibi son y\u0131llarda container orchestration konusunda <em>kubernetes<\/em>, microservice mimarilerimiz i\u00e7in olmazsa olmaz bir standart haline gelmi\u015f durumda.<\/p>\n<p>Kubernetes her ne kadar default ayarlar\u0131 ile de bir \u00e7ok problemimizi \u00e7\u00f6z\u00fcyor olsada, uygulamalar\u0131m\u0131z\u0131n daha <strong>stable<\/strong>, <strong>reliable<\/strong> ve <strong>secure<\/strong> olabilmesi i\u00e7in yapabilece\u011fimiz\/kullanabilece\u011fimiz baz\u0131 best practice&#8217;ler ve uygulamalar da mevcut.<\/p>\n<p>2017 y\u0131l\u0131ndan bu yana kubernetes ortam\u0131nda \u00e7al\u0131\u015f\u0131yorum. \u00d6zellikle son 2 y\u0131ld\u0131r ise cloud ortam\u0131nda kubernetes&#8217;i deneyimlemekteyim. Elbette bu s\u00fcre\u00e7te bir tak\u0131m hatalar yapt\u0131k ve bu hatalardan bir tak\u0131m deneyimler elde ettik. Bu makale kapsam\u0131nda ise \u00f6zellikle production ortam\u0131 i\u00e7in gerekli\/faydal\u0131 buldu\u011fum baz\u0131 bilgileri bir araya toplamaya karar verdim.<\/p>\n<h2>Cluster \u0130htiya\u00e7lar\u0131n\u0131 Belirlemek<\/h2>\n<p>En \u00f6nemli konulardan belki birisi de, bir kubernetes cluster&#8217;\u0131 olu\u015ftururken gereksinimlerin iyi belirlenmesidir.<\/p>\n<p>Bu gereksinimleri belirlerken de, a\u015fa\u011f\u0131daki sorulara cevap vermek gerekir:<\/p>\n<ul>\n<li>Olu\u015fturulacak olan cluster&#8217;a, ka\u00e7 tane uygulamay\u0131 deploy edece\u011fiz?<\/li>\n<li>Deploy edece\u011fimiz uygulamalar\u0131n workload&#8217;u ne olacak, peak time&#8217;\u0131 ne olacak?<\/li>\n<\/ul>\n<p>Bu sorular\u0131n cevaplar\u0131 bize, ortalama ka\u00e7 adet node&#8217;a ihtiya\u00e7 duyaca\u011f\u0131m\u0131z\u0131 ve node&#8217;lar\u0131n \u00f6zelliklerinin nas\u0131l olmas\u0131 gerekti\u011fi konusunda baz\u0131 temel fikirler verecektir.<\/p>\n<p>Tabi i\u015f bununla bitmiyor.<\/p>\n<h3>Allocatable Resource<\/h3>\n<p>Bir di\u011fer \u00f6nemli konu ise, olu\u015fturaca\u011f\u0131m\u0131z cluster i\u00e7erisinde <strong>allocatable resource<\/strong> konusu. Maalesef ki bir cluster&#8217;a tan\u0131mlam\u0131\u015f oldu\u011fumuz CPU ve Memory baz\u0131nda t\u00fcm resource&#8217;lar\u0131 oldu\u011fu tamam\u0131n\u0131 gibi kullanamamaktay\u0131z.<\/p>\n<p>Bir tak\u0131m resource&#8217;lar system daemons (OS, Eviction threshold) i\u00e7in reserve edilecektir. \u00d6rne\u011fin Azure Kubernetes ortam\u0131ndan konu\u015fmak gerekirse, 8 core&#8217;lu bir makinenin 180 milicore&#8217;unu allocate etmektedir. 8GiB memory&#8217;de ise yakla\u015f\u0131k %67 lik bir memory kullan\u0131m\u0131na izin vermektedir.<\/p>\n<figure id=\"attachment_3462\" aria-describedby=\"caption-attachment-3462\" style=\"width: 1139px\" class=\"wp-caption aligncenter\"><a href=\"\/wp-content\/uploads\/2020\/07\/aks-resource.jpg\"><img decoding=\"async\" class=\"wp-image-3462 size-full lazyload\" data-src=\"\/wp-content\/uploads\/2020\/07\/aks-resource.jpg\" alt=\"\" width=\"1139\" height=\"957\" data-srcset=\"https:\/\/gokhan-gokalp.com\/wp-content\/uploads\/2020\/07\/aks-resource.jpg 1139w, https:\/\/gokhan-gokalp.com\/wp-content\/uploads\/2020\/07\/aks-resource-300x252.jpg 300w, https:\/\/gokhan-gokalp.com\/wp-content\/uploads\/2020\/07\/aks-resource-1024x860.jpg 1024w, https:\/\/gokhan-gokalp.com\/wp-content\/uploads\/2020\/07\/aks-resource-768x645.jpg 768w\" data-sizes=\"(max-width: 1139px) 100vw, 1139px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 1139px; --smush-placeholder-aspect-ratio: 1139\/957;\" \/><\/a><figcaption id=\"caption-attachment-3462\" class=\"wp-caption-text\">https:\/\/learnk8s.io\/a\/7c56d074a37a452bbc8ae0132b84cf55.png<\/figcaption><\/figure>\n<p>Allocatable resource konusunu da belirledikten sonra, nas\u0131l bir cluster&#8217;a ihtiyac\u0131m\u0131z\u0131n olaca\u011f\u0131 konusu daha \u00e7ok netle\u015fmi\u015f olacakt\u0131r.<\/p>\n<h3>Networking<\/h3>\n<p>Cloud ortam\u0131 i\u00e7in \u00f6nemli konulardan bir di\u011feri ise networking modelinin belirlenmesi. \u00d6rne\u011fin, <em>Azure Kubernetes<\/em> i\u00e7in &#8220;Kubenet&#8221; ve &#8220;Azure plugin&#8221; olmak \u00fczere iki farkl\u0131 model bulunmakta.<\/p>\n<p>Farkl\u0131 ihtiya\u00e7lardan dolay\u0131 networking modeli olarak &#8220;Azure plugin&#8221; se\u00e7ersek, olu\u015fturacak oldu\u011fumuz cluster&#8217;\u0131n nas\u0131l bir subnet&#8217;e sahip olmas\u0131 gerekti\u011fini iyi hesaplamak gerekir. \u00c7\u00fcnk\u00fc bu networking modelinde, her bir pod bireysel olarak bir private <em>IP<\/em> adresi allocate edecektir.<\/p>\n<p>Bu noktada hesaplamay\u0131 do\u011fru yapamazsak, subnet i\u00e7erisindeki <em>IP<\/em> adresi yetersizli\u011finden dolay\u0131 pod&#8217;lar\u0131 yeterince scale edememe, node&#8217;lar\u0131 g\u00fcncelleyememe, yeni node ekleyememe gibi problemlerle kar\u015f\u0131la\u015fmam\u0131z ka\u00e7\u0131n\u0131lmaz olacakt\u0131r.<\/p>\n<h3>Namespaces<\/h3>\n<p>\u00d6zellikle bir \u00e7ok tak\u0131m\u0131n \u00fczerinde \u00e7al\u0131\u015faca\u011f\u0131 bir cluster tasarl\u0131yorsak, namespace&#8217;leri kullanmak bize daha iyi bir <strong>isolation<\/strong> ve <strong>y\u00f6netim<\/strong> kabiliyeti verecektir. Namespace&#8217;ler ile farkl\u0131 context&#8217;lerde security ve resource limitleme gibi i\u015flemleri kolayl\u0131kla ger\u00e7ekle\u015ftirebilmekteyiz.<\/p>\n<h2>Uygulama A\u00e7\u0131s\u0131ndan<\/h2>\n<p>Cluster ihtiya\u00e7lar\u0131n\u0131n belirlenmesi yan\u0131nda, uygulama a\u00e7\u0131s\u0131ndan da dikkat etmemiz gereken noktalar ve yapabilece\u011fimiz baz\u0131 configuration&#8217;lar da mevcut.<\/p>\n<p>E\u011fer daha \u00f6nce okumad\u0131ysan\u0131z, ilk olarak <strong>cloud-native<\/strong> uygulamalar\u0131n sahip olmas\u0131 gereken bir tak\u0131m prensipleri ele ald\u0131\u011f\u0131m <em><a href=\"https:\/\/gokhan-gokalp.com\/understanding-solid-principles-keep-calm-for-cloud-native-applications\/\" target=\"_blank\" rel=\"noopener noreferrer\">\u015fu makaleme<\/a><\/em> g\u00f6z atman\u0131z\u0131 \u00f6neririm.<\/p>\n<h3 class=\"LC20lb DKV0Md\">F\u00e2ni<\/h3>\n<p>\u00d6ncelikle kubernetes \u00fczerinde konumland\u0131raca\u011f\u0131m\u0131z uygulamalar\u0131n f\u00e2ni, yani her an kolayl\u0131kla bir yenisi ile yer de\u011fi\u015ftirebilece\u011fini unutmamam\u0131z gerekiyor. Ayr\u0131ca yeni geli\u015ftirdi\u011fimiz uygulamalar\u0131, bu yakla\u015f\u0131m\u0131 d\u00fc\u015f\u00fcnerek geli\u015ftirmemiz faydam\u0131za olacakt\u0131r.<\/p>\n<p>Bu sebeple \u00f6zellikle production ortam\u0131 i\u00e7in, kubernetes \u00fczerinde naked-pod kullan\u0131m\u0131ndan da ka\u00e7\u0131nmam\u0131z gerekiyor. Naked-pod&#8217;lar\u0131n herhangi bir hata durumunda yeniden ba\u015flat\u0131lmayaca\u011f\u0131n\u0131 bilmemiz gerekiyor.<\/p>\n<h3>Resource Request Limits<\/h3>\n<p>San\u0131r\u0131m deployment&#8217;lar\u0131m\u0131z\u0131n resource request limitlerini belirleyip kontrol alt\u0131nda tutmak, yapabilece\u011fimiz en iyi \u015feylerden birisi. Kubernetes&#8217;in bize sunmu\u015f oldu\u011fu scalability yetene\u011fi her ne kadar harika bir \u00f6zellik olsa da, dikkatli ve kontroll\u00fc ayarlanmam\u0131\u015f bir hali ise t\u00fcm cluster&#8217;daki uygulamalar\u0131n \u00e7al\u0131\u015fmamas\u0131na sebep olabilir.<\/p>\n<p>Sonu\u00e7ta <em>CPU<\/em> ve memory hem uygulamalar\u0131m\u0131z hem de kubernetes scheduler i\u00e7in birer g\u00fc\u00e7 kayna\u011f\u0131.<\/p>\n<p>Bir pod&#8217;un t\u00fcm available resource&#8217;lar\u0131 consume etmesini konrol alt\u0131nda tutarak, sistemin daha reliable olmas\u0131n\u0131 sa\u011flayabiliriz.<\/p>\n<p>Burada ise dikkat etmemiz gereken iki nokta bulunmaktad\u0131r.<\/p>\n<ul>\n<li><strong>Requests<\/strong>: Bu tan\u0131mlama ile kubernetes scheduler, pod&#8217;u hangi node&#8217;a konumland\u0131raca\u011f\u0131na karar verir ve container&#8217;\u0131n allocate edece\u011fi garanti kayna\u011f\u0131 sa\u011flar.<\/li>\n<li><strong>Limits<\/strong>: Bu tan\u0131mlama ile de container&#8217;\u0131n maksimum allocate edebilece\u011fi kayna\u011f\u0131 belirlenir.<\/li>\n<\/ul>\n<p>Bu tan\u0131mlamalar\u0131 ise helm chart i\u00e7erisinde a\u015fa\u011f\u0131daki gibi ger\u00e7ekle\u015ftirebiliriz.<\/p>\n<pre class=\"lang:default decode:true \">resources:\r\n  requests:\r\n    memory: \"128Mi\"\r\n    cpu: \"100m\"\r\n  limits: \r\n    memory: \"512Mi\"\r\n    cpu: \"300m\"<\/pre>\n<blockquote><p><em><strong>NOT<\/strong><\/em>: <em>CPU<\/em> kaynaklar\u0131 milicore tipinde belirlenir.<\/p><\/blockquote>\n<p>\u00d6zellikle memory kayna\u011f\u0131n\u0131 belirlerken memory&#8217;nin, s\u0131k\u0131\u015ft\u0131r\u0131labilir bir kaynak olarak ele al\u0131nmad\u0131\u011f\u0131n\u0131 ve throttle edilemedi\u011fini unutmamal\u0131y\u0131z. Yani bir pod memory limitine ula\u015ft\u0131\u011f\u0131nda, terminate edilecektir.<\/p>\n<h3>Health Checks<\/h3>\n<p>Uygulamalar\u0131m\u0131z\u0131n sa\u011fl\u0131kl\u0131 bir \u015fekilde \u00e7al\u0131\u015fabilmesi i\u00e7in bir di\u011fer \u00f6nemli konu ise &#8220;<em>liveness<\/em>&#8221; ve &#8220;<em>readiness<\/em>&#8221; probe&#8217;lar\u0131n\u0131n kullan\u0131m\u0131.<\/p>\n<p>Bildi\u011fimiz gibi kubernetes default olarak container ready durumuna ge\u00e7ti\u011finde, trafi\u011fi ilgili pod&#8217;a y\u00f6nlendirmeye ba\u015fl\u0131yor. Fakat container i\u00e7erisindeki pod tam anlam\u0131yla trafi\u011fi kabul etmeye haz\u0131r olmayabilir. Kubernetes&#8217;in bu i\u015flemi daha verimli bir \u015fekilde yapabilmesi i\u00e7in &#8220;<em>liveness<\/em>&#8221; ve &#8220;<em>readiness<\/em>&#8221; probe&#8217;lar\u0131 uygulama \u00f6zelinde belirlememiz gerekiyor.<\/p>\n<p>Liveness probe&#8217;u belirleyerek, kubernetes&#8217;e ilgili container&#8217;\u0131 herhangi bir hata durumunda ne zaman restart edebilece\u011fini s\u00f6ylemi\u015f oluyoruz. Readiness probe ile de uygulaman\u0131n trafi\u011fi ne zaman kabul etmeye haz\u0131r olaca\u011f\u0131n\u0131 belirtiyoruz.<\/p>\n<p>Ayr\u0131ca bu probe&#8217;leri belirlerken, probe \u00f6zelinde &#8220;<em>timeoutSeconds<\/em>&#8221; veya &#8220;<em>initialDelaySeconds<\/em>&#8221; gibi parametreleri de belirleyebilmek m\u00fcmk\u00fcn.<\/p>\n<pre class=\"lang:default decode:true\">livenessProbe:\r\n  httpGet:\r\n    path: \/api\/health\r\n    port: http\r\n  initialDelaySeconds: 20\r\n  timeoutSeconds: 30\r\nreadinessProbe:\r\n  httpGet:\r\n    path: \/api\/health\r\n    port: http<\/pre>\n<h3><\/h3>\n<h3>Horizontal Pod Autoscaling (HPA)<\/h3>\n<p><em>HPA<\/em>, kubernetes&#8217;e deploy etti\u011fimiz uygulamalar i\u00e7in olmazsa olmaz bir \u00f6zellik. <em>HPA<\/em> ile uygulamalar\u0131m\u0131z\u0131 ihtiya\u00e7lar do\u011frultusunda otomatik olarak scale edebilmek m\u00fcmk\u00fcn.<\/p>\n<figure id=\"attachment_3478\" aria-describedby=\"caption-attachment-3478\" style=\"width: 425px\" class=\"wp-caption aligncenter\"><a href=\"\/wp-content\/uploads\/2020\/07\/hpa.png\"><img decoding=\"async\" class=\"wp-image-3478 size-full lazyload\" data-src=\"\/wp-content\/uploads\/2020\/07\/hpa.png\" alt=\"\" width=\"425\" height=\"176\" data-srcset=\"https:\/\/gokhan-gokalp.com\/wp-content\/uploads\/2020\/07\/hpa.png 425w, https:\/\/gokhan-gokalp.com\/wp-content\/uploads\/2020\/07\/hpa-300x124.png 300w\" data-sizes=\"(max-width: 425px) 100vw, 425px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 425px; --smush-placeholder-aspect-ratio: 425\/176;\" \/><\/a><figcaption id=\"caption-attachment-3478\" class=\"wp-caption-text\">https:\/\/docs.microsoft.com\/en-us\/azure\/aks\/media\/concepts-scale\/horizontal-pod-autoscaling.png<\/figcaption><\/figure>\n<p>Ayr\u0131ca cluster i\u00e7in belirledi\u011fimiz kaynaklar\u0131 da efektif olarak kullanabilmek i\u00e7in ideal bir \u00e7\u00f6z\u00fcm.<\/p>\n<p>Uygulamalar\u0131m\u0131z\u0131 <em>CPU<\/em> ve <em>memory<\/em> metriklerine g\u00f6re scale edebilmek i\u00e7in, a\u015fa\u011f\u0131daki gibi ilgili uygulaman\u0131n helm chart&#8217;\u0131n\u0131 yap\u0131land\u0131rmam\u0131z yeterli olacakt\u0131r.<\/p>\n<p>&#8220;<em>hpa.yaml<\/em>&#8221; dosyas\u0131n\u0131n i\u00e7eri\u011fi:<\/p>\n<pre class=\"lang:default decode:true\">{{- if .Values.hpa.enabled -}}\r\napiVersion: autoscaling\/v2beta1\r\nkind: HorizontalPodAutoscaler\r\nmetadata:\r\n  name: {{ include \"testapp.fullname\" . }}\r\n  namespace: {{ .Values.namespace }}\r\nspec:\r\n  scaleTargetRef:\r\n    apiVersion: apps\/v1\r\n    kind: Deployment\r\n    name: {{ include \"testapp.fullname\" . }}\r\n  minReplicas: {{ .Values.hpa.minReplicas }}\r\n  maxReplicas: {{ .Values.hpa.maxReplicas }}\r\n  metrics:\r\n  - type: Resource\r\n    resource:\r\n      name: cpu\r\n      targetAverageUtilization: {{ .Values.hpa.targetCPUUtilizationPercentage }}\r\n  - type: Resource\r\n    resource:\r\n      name: memory\r\n      targetAverageValue: {{ .Values.hpa.targetMemoryAverageValue }}\r\n{{- end}}<\/pre>\n<p>Ard\u0131ndan &#8220;<em>values.yaml<\/em>&#8221; dosyas\u0131n\u0131n i\u00e7erisinde, diledi\u011fimiz auto-scale metri\u011fini a\u015fa\u011f\u0131daki gibi set edebiliriz.<\/p>\n<pre class=\"lang:default decode:true\">hpa:\r\n  enabled: true\r\n  minReplicas: 1\r\n  maxReplicas: 3\r\n  targetCPUUtilizationPercentage: 70\r\n  targetMemoryAverageValue: 256Mi<\/pre>\n<h3><\/h3>\n<h3>Graceful Shutdown<\/h3>\n<p>Tutarl\u0131l\u0131k i\u00e7in \u00f6nemli konulardan bir tanesi de, uygulamalar\u0131n sa\u011fl\u0131kl\u0131 bir bi\u00e7imde shutdown i\u015flemini ger\u00e7ekle\u015ftirebilmesidir.<\/p>\n<p>Daha \u00f6nce de dedi\u011fimiz gibi, kubernetes \u00fczerindeki uygulamalar\u0131m\u0131z f\u00e2ni. Auto-scaling, update i\u015flemleri, pod&#8217;un silinmesi gibi herhangi bir durumda container terminate edilebilir.<\/p>\n<p>Bu termination i\u015flemi s\u0131ras\u0131nda ise ilgili pod, farkl\u0131 veya kritik i\u015flemler de yap\u0131yor olabilir. Bu gibi problemlere engel olabilmek i\u00e7in ise, uygulamalar\u0131m\u0131z\u0131n <em>SIGTERM<\/em> signal&#8217;\u0131n\u0131 handle ediyor olmas\u0131 gerekmektedir. <em>SIGTERM<\/em> signal&#8217;\u0131 g\u00f6nderildikten sonra ilgili pod, default olarak 30 saniye i\u00e7erisinde kendini kapatmal\u0131. Bu s\u00fcre i\u00e7erisinde ilgili pod kendisini kapatmazsa, <em>SIGKILL<\/em> signal&#8217;\u0131 g\u00f6nderilir ve ilgili pod terminate edilir.<\/p>\n<p>Ayr\u0131ca default 30 saniye olan graceful termination s\u00fcresini, &#8220;<em>deployment.yaml<\/em>&#8221; dosyas\u0131 i\u00e7erisinde pod spec seviyesinde customize edebiliriz.<\/p>\n<h3>Service Meshes<\/h3>\n<p>Bildi\u011fimiz gibi service mesh teknolojisinin, \u00f6zellikle b\u00fcy\u00fck \u00f6l\u00e7ekli microservice ekosistemi i\u00e7erisinde service-to-service communication&#8217;\u0131 i\u00e7in b\u00fcy\u00fck bir rol\u00fc bulunmaktrad\u0131r.<\/p>\n<figure id=\"attachment_3482\" aria-describedby=\"caption-attachment-3482\" style=\"width: 1680px\" class=\"wp-caption aligncenter\"><a href=\"\/wp-content\/uploads\/2020\/07\/service-mesh-1680.png\"><img decoding=\"async\" class=\"wp-image-3482 size-full lazyload\" data-src=\"\/wp-content\/uploads\/2020\/07\/service-mesh-1680.png\" alt=\"\" width=\"1680\" height=\"740\" data-srcset=\"https:\/\/gokhan-gokalp.com\/wp-content\/uploads\/2020\/07\/service-mesh-1680.png 1680w, https:\/\/gokhan-gokalp.com\/wp-content\/uploads\/2020\/07\/service-mesh-1680-300x132.png 300w, https:\/\/gokhan-gokalp.com\/wp-content\/uploads\/2020\/07\/service-mesh-1680-1024x451.png 1024w, https:\/\/gokhan-gokalp.com\/wp-content\/uploads\/2020\/07\/service-mesh-1680-768x338.png 768w, https:\/\/gokhan-gokalp.com\/wp-content\/uploads\/2020\/07\/service-mesh-1680-1536x677.png 1536w\" data-sizes=\"(max-width: 1680px) 100vw, 1680px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 1680px; --smush-placeholder-aspect-ratio: 1680\/740;\" \/><\/a><figcaption id=\"caption-attachment-3482\" class=\"wp-caption-text\">https:\/\/www.redhat.com\/cms\/managed-files\/service-mesh-1680.png<\/figcaption><\/figure>\n<p>E\u011fer b\u00fcy\u00fck bir organizasyon i\u00e7erisinde iseniz bir service mesh teknolojisi kullanmak g\u00fcvenlik, g\u00f6zlemlenebilirlik ve dayan\u0131kl\u0131l\u0131k konular\u0131nda faydam\u0131za olacakt\u0131r. Bu konu ile ilgili bir makaleme ise, <em><a href=\"https:\/\/gokhan-gokalp.com\/playing-with-service-mesh-linkerd-ve-azure-kubernetes-service\/\" target=\"_blank\" rel=\"noopener noreferrer\">buradan<\/a><\/em> eri\u015febilirsiniz.<\/p>\n<p>Service mesh&#8217;in bir ba\u015fka faydas\u0131 ise, <strong>long-lived<\/strong> connection&#8217;lar i\u00e7in load-balancing i\u015flemlerini ger\u00e7ekle\u015ftiriyor olmas\u0131. <em>HTTP<\/em> protokol\u00fcn\u00fcn <strong>keep-alive<\/strong> \u00f6zelli\u011fini kulland\u0131\u011f\u0131m\u0131zda, <em>TCP<\/em> connection&#8217;\u0131 bir sonraki request&#8217;ler i\u00e7in de a\u00e7\u0131k b\u0131rak\u0131l\u0131r. Yani ayn\u0131 pod ilgili request&#8217;leri handle eder. Asl\u0131nda throughput ve latency&#8217;den kazan\u0131rken, scaling&#8217;den kaybediyoruz.<\/p>\n<p>Service mesh gibi teknolojileri kullanarak, bu gibi problemlerin de \u00f6n\u00fcne ge\u00e7ebilmek m\u00fcmk\u00fcn.<\/p>\n<h3>Container Security<\/h3>\n<p>Bildi\u011fimiz gibi container&#8217;lar\u0131n g\u00fcvenli\u011fi, bizim sorumlulu\u011fumuz alt\u0131nda. Production ortamlar\u0131 i\u00e7in <em>CNCF<\/em> i\u00e7erisinde bulunan <a href=\"https:\/\/github.com\/falcosecurity\/falco\" target=\"_blank\" rel=\"noopener noreferrer\"><em>Falco Project<\/em><\/a> gibi bir container security activity monit\u00f6r&#8217;\u00fcne sahip olmak, her t\u00fcrl\u00fc faydam\u0131za olacakt\u0131r.<\/p>\n<p>Bu sayede container i\u00e7erisinde bir shell \u00e7al\u0131\u015ft\u0131r\u0131lmas\u0131 veya d\u0131\u015far\u0131ya bir network connection&#8217;\u0131 kurulmas\u0131 gibi uygulamalar\u0131m\u0131zdaki beklenmedik aktivitelerden haberdar olabiliriz.<\/p>\n<h2>Kaynaklar<\/h2>\n<blockquote><p><em>https:\/\/kubernetes.io\/docs\/concepts\/configuration<br \/>\nhttps:\/\/learnk8s.io<br \/>\n<\/em><\/p><\/blockquote>\n","protected":false},"excerpt":{"rendered":"<p>Bildi\u011fimiz gibi son y\u0131llarda container orchestration konusunda kubernetes, microservice mimarilerimiz i\u00e7in olmazsa olmaz bir standart haline gelmi\u015f durumda. Kubernetes her ne kadar default ayarlar\u0131 ile de bir \u00e7ok problemimizi \u00e7\u00f6z\u00fcyor olsada, uygulamalar\u0131m\u0131z\u0131n daha stable, reliable ve secure olabilmesi i\u00e7in yapabilece\u011fimiz\/kullanabilece\u011fimiz baz\u0131 best practice&#8217;ler ve uygulamalar&#8230;<\/p>\n<div class=\"more-link-wrapper\"><a class=\"more-link\" href=\"https:\/\/gokhan-gokalp.com\/tr\/kubernetes-for-production-some-useful-information\/\">Devam\u0131n\u0131 okuyun<span class=\"screen-reader-text\">Production i\u00e7in Kubernetes: Baz\u0131 Yararl\u0131 Bilgiler<\/span><\/a><\/div>\n","protected":false},"author":1,"featured_media":3503,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[68,418,434,368],"tags":[581,537,582,575,583,579,440,580,535],"class_list":["post-3459","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-architectural","category-azure","category-containerizing","category-microservices","tag-allocatable-resource","tag-azure-kubernetes-service","tag-container-security","tag-health-check","tag-helm-chart","tag-k8s","tag-kubernetes","tag-kubernetes-best-practices","tag-service-mesh","entry"],"translation":{"provider":"WPGlobus","version":"3.0.2","language":"tr","enabled_languages":["en","tr"],"languages":{"en":{"title":true,"content":true,"excerpt":false},"tr":{"title":true,"content":true,"excerpt":false}}},"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Production i\u00e7in Kubernetes: Baz\u0131 Yararl\u0131 Bilgiler - G\u00f6khan G\u00f6kalp<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/gokhan-gokalp.com\/kubernetes-for-production-some-useful-information\/\" \/>\n<meta property=\"og:locale\" content=\"tr_TR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Production i\u00e7in Kubernetes: Baz\u0131 Yararl\u0131 Bilgiler - G\u00f6khan G\u00f6kalp\" \/>\n<meta property=\"og:url\" content=\"https:\/\/gokhan-gokalp.com\/kubernetes-for-production-some-useful-information\/\" \/>\n<meta property=\"og:site_name\" content=\"G\u00f6khan G\u00f6kalp\" \/>\n<meta property=\"article:published_time\" content=\"2020-07-26T10:07:50+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-07-26T10:17:02+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/gokhan-gokalp.com\/wp-content\/uploads\/2020\/07\/kubernetes-for-prod2.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"675\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"G\u00f6khan G\u00f6kalp\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Yazan:\" \/>\n\t<meta name=\"twitter:data1\" content=\"G\u00f6khan G\u00f6kalp\" \/>\n\t<meta name=\"twitter:label2\" content=\"Tahmini okuma s\u00fcresi\" \/>\n\t<meta name=\"twitter:data2\" content=\"15 dakika\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/gokhan-gokalp.com\\\/kubernetes-for-production-some-useful-information\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/gokhan-gokalp.com\\\/kubernetes-for-production-some-useful-information\\\/\"},\"author\":{\"name\":\"G\u00f6khan G\u00f6kalp\",\"@id\":\"https:\\\/\\\/gokhan-gokalp.com\\\/#\\\/schema\\\/person\\\/7e2a7fa98babd22a5fdae563c4b8cdbe\"},\"headline\":\"Production i\u00e7in Kubernetes: Baz\u0131 Yararl\u0131 Bilgiler\",\"datePublished\":\"2020-07-26T10:07:50+00:00\",\"dateModified\":\"2020-07-26T10:17:02+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/gokhan-gokalp.com\\\/kubernetes-for-production-some-useful-information\\\/\"},\"wordCount\":2900,\"commentCount\":2,\"publisher\":{\"@id\":\"https:\\\/\\\/gokhan-gokalp.com\\\/#\\\/schema\\\/person\\\/7e2a7fa98babd22a5fdae563c4b8cdbe\"},\"image\":{\"@id\":\"https:\\\/\\\/gokhan-gokalp.com\\\/kubernetes-for-production-some-useful-information\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/gokhan-gokalp.com\\\/wp-content\\\/uploads\\\/2020\\\/07\\\/kubernetes-for-prod2.jpg\",\"keywords\":[\"allocatable resource\",\"azure kubernetes service\",\"container security\",\"health check\",\"helm chart\",\"k8s\",\"kubernetes\",\"kubernetes best practices\",\"service mesh\"],\"articleSection\":[\"Architectural\",\"Azure\",\"Containerizing\",\"Microservices\"],\"inLanguage\":\"tr\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/gokhan-gokalp.com\\\/kubernetes-for-production-some-useful-information\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/gokhan-gokalp.com\\\/kubernetes-for-production-some-useful-information\\\/\",\"url\":\"https:\\\/\\\/gokhan-gokalp.com\\\/kubernetes-for-production-some-useful-information\\\/\",\"name\":\"Production i\u00e7in Kubernetes: Baz\u0131 Yararl\u0131 Bilgiler - G\u00f6khan G\u00f6kalp\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/gokhan-gokalp.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/gokhan-gokalp.com\\\/kubernetes-for-production-some-useful-information\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/gokhan-gokalp.com\\\/kubernetes-for-production-some-useful-information\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/gokhan-gokalp.com\\\/wp-content\\\/uploads\\\/2020\\\/07\\\/kubernetes-for-prod2.jpg\",\"datePublished\":\"2020-07-26T10:07:50+00:00\",\"dateModified\":\"2020-07-26T10:17:02+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/gokhan-gokalp.com\\\/kubernetes-for-production-some-useful-information\\\/#breadcrumb\"},\"inLanguage\":\"tr\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/gokhan-gokalp.com\\\/kubernetes-for-production-some-useful-information\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"tr\",\"@id\":\"https:\\\/\\\/gokhan-gokalp.com\\\/kubernetes-for-production-some-useful-information\\\/#primaryimage\",\"url\":\"https:\\\/\\\/gokhan-gokalp.com\\\/wp-content\\\/uploads\\\/2020\\\/07\\\/kubernetes-for-prod2.jpg\",\"contentUrl\":\"https:\\\/\\\/gokhan-gokalp.com\\\/wp-content\\\/uploads\\\/2020\\\/07\\\/kubernetes-for-prod2.jpg\",\"width\":1200,\"height\":675},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/gokhan-gokalp.com\\\/kubernetes-for-production-some-useful-information\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/gokhan-gokalp.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Kubernetes for Production: Some Useful Information\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/gokhan-gokalp.com\\\/#website\",\"url\":\"https:\\\/\\\/gokhan-gokalp.com\\\/\",\"name\":\"G\u00f6khan G\u00f6kalp\",\"description\":\"C# &amp; Python lover\",\"publisher\":{\"@id\":\"https:\\\/\\\/gokhan-gokalp.com\\\/#\\\/schema\\\/person\\\/7e2a7fa98babd22a5fdae563c4b8cdbe\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/gokhan-gokalp.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"tr\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\\\/\\\/gokhan-gokalp.com\\\/#\\\/schema\\\/person\\\/7e2a7fa98babd22a5fdae563c4b8cdbe\",\"name\":\"G\u00f6khan G\u00f6kalp\",\"pronouns\":\"he\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"tr\",\"@id\":\"https:\\\/\\\/gokhan-gokalp.com\\\/wp-content\\\/litespeed\\\/avatar\\\/e645f66b6264ced10d7b6d8b1f85509b.jpg?ver=1776170659\",\"url\":\"https:\\\/\\\/gokhan-gokalp.com\\\/wp-content\\\/litespeed\\\/avatar\\\/e645f66b6264ced10d7b6d8b1f85509b.jpg?ver=1776170659\",\"contentUrl\":\"https:\\\/\\\/gokhan-gokalp.com\\\/wp-content\\\/litespeed\\\/avatar\\\/e645f66b6264ced10d7b6d8b1f85509b.jpg?ver=1776170659\",\"caption\":\"G\u00f6khan G\u00f6kalp\"},\"logo\":{\"@id\":\"https:\\\/\\\/gokhan-gokalp.com\\\/wp-content\\\/litespeed\\\/avatar\\\/e645f66b6264ced10d7b6d8b1f85509b.jpg?ver=1776170659\"},\"sameAs\":[\"https:\\\/\\\/gokhan-gokalp.com\"],\"url\":\"https:\\\/\\\/gokhan-gokalp.com\\\/tr\\\/author\\\/gok-gokalp\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Production i\u00e7in Kubernetes: Baz\u0131 Yararl\u0131 Bilgiler - G\u00f6khan G\u00f6kalp","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/gokhan-gokalp.com\/kubernetes-for-production-some-useful-information\/","og_locale":"tr_TR","og_type":"article","og_title":"Production i\u00e7in Kubernetes: Baz\u0131 Yararl\u0131 Bilgiler - G\u00f6khan G\u00f6kalp","og_url":"https:\/\/gokhan-gokalp.com\/kubernetes-for-production-some-useful-information\/","og_site_name":"G\u00f6khan G\u00f6kalp","article_published_time":"2020-07-26T10:07:50+00:00","article_modified_time":"2020-07-26T10:17:02+00:00","og_image":[{"width":1200,"height":675,"url":"https:\/\/gokhan-gokalp.com\/wp-content\/uploads\/2020\/07\/kubernetes-for-prod2.jpg","type":"image\/jpeg"}],"author":"G\u00f6khan G\u00f6kalp","twitter_card":"summary_large_image","twitter_misc":{"Yazan:":"G\u00f6khan G\u00f6kalp","Tahmini okuma s\u00fcresi":"15 dakika"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/gokhan-gokalp.com\/kubernetes-for-production-some-useful-information\/#article","isPartOf":{"@id":"https:\/\/gokhan-gokalp.com\/kubernetes-for-production-some-useful-information\/"},"author":{"name":"G\u00f6khan G\u00f6kalp","@id":"https:\/\/gokhan-gokalp.com\/#\/schema\/person\/7e2a7fa98babd22a5fdae563c4b8cdbe"},"headline":"Production i\u00e7in Kubernetes: Baz\u0131 Yararl\u0131 Bilgiler","datePublished":"2020-07-26T10:07:50+00:00","dateModified":"2020-07-26T10:17:02+00:00","mainEntityOfPage":{"@id":"https:\/\/gokhan-gokalp.com\/kubernetes-for-production-some-useful-information\/"},"wordCount":2900,"commentCount":2,"publisher":{"@id":"https:\/\/gokhan-gokalp.com\/#\/schema\/person\/7e2a7fa98babd22a5fdae563c4b8cdbe"},"image":{"@id":"https:\/\/gokhan-gokalp.com\/kubernetes-for-production-some-useful-information\/#primaryimage"},"thumbnailUrl":"https:\/\/gokhan-gokalp.com\/wp-content\/uploads\/2020\/07\/kubernetes-for-prod2.jpg","keywords":["allocatable resource","azure kubernetes service","container security","health check","helm chart","k8s","kubernetes","kubernetes best practices","service mesh"],"articleSection":["Architectural","Azure","Containerizing","Microservices"],"inLanguage":"tr","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/gokhan-gokalp.com\/kubernetes-for-production-some-useful-information\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/gokhan-gokalp.com\/kubernetes-for-production-some-useful-information\/","url":"https:\/\/gokhan-gokalp.com\/kubernetes-for-production-some-useful-information\/","name":"Production i\u00e7in Kubernetes: Baz\u0131 Yararl\u0131 Bilgiler - G\u00f6khan G\u00f6kalp","isPartOf":{"@id":"https:\/\/gokhan-gokalp.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/gokhan-gokalp.com\/kubernetes-for-production-some-useful-information\/#primaryimage"},"image":{"@id":"https:\/\/gokhan-gokalp.com\/kubernetes-for-production-some-useful-information\/#primaryimage"},"thumbnailUrl":"https:\/\/gokhan-gokalp.com\/wp-content\/uploads\/2020\/07\/kubernetes-for-prod2.jpg","datePublished":"2020-07-26T10:07:50+00:00","dateModified":"2020-07-26T10:17:02+00:00","breadcrumb":{"@id":"https:\/\/gokhan-gokalp.com\/kubernetes-for-production-some-useful-information\/#breadcrumb"},"inLanguage":"tr","potentialAction":[{"@type":"ReadAction","target":["https:\/\/gokhan-gokalp.com\/kubernetes-for-production-some-useful-information\/"]}]},{"@type":"ImageObject","inLanguage":"tr","@id":"https:\/\/gokhan-gokalp.com\/kubernetes-for-production-some-useful-information\/#primaryimage","url":"https:\/\/gokhan-gokalp.com\/wp-content\/uploads\/2020\/07\/kubernetes-for-prod2.jpg","contentUrl":"https:\/\/gokhan-gokalp.com\/wp-content\/uploads\/2020\/07\/kubernetes-for-prod2.jpg","width":1200,"height":675},{"@type":"BreadcrumbList","@id":"https:\/\/gokhan-gokalp.com\/kubernetes-for-production-some-useful-information\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/gokhan-gokalp.com\/"},{"@type":"ListItem","position":2,"name":"Kubernetes for Production: Some Useful Information"}]},{"@type":"WebSite","@id":"https:\/\/gokhan-gokalp.com\/#website","url":"https:\/\/gokhan-gokalp.com\/","name":"G\u00f6khan G\u00f6kalp","description":"C# &amp; Python lover","publisher":{"@id":"https:\/\/gokhan-gokalp.com\/#\/schema\/person\/7e2a7fa98babd22a5fdae563c4b8cdbe"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/gokhan-gokalp.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"tr"},{"@type":["Person","Organization"],"@id":"https:\/\/gokhan-gokalp.com\/#\/schema\/person\/7e2a7fa98babd22a5fdae563c4b8cdbe","name":"G\u00f6khan G\u00f6kalp","pronouns":"he","image":{"@type":"ImageObject","inLanguage":"tr","@id":"https:\/\/gokhan-gokalp.com\/wp-content\/litespeed\/avatar\/e645f66b6264ced10d7b6d8b1f85509b.jpg?ver=1776170659","url":"https:\/\/gokhan-gokalp.com\/wp-content\/litespeed\/avatar\/e645f66b6264ced10d7b6d8b1f85509b.jpg?ver=1776170659","contentUrl":"https:\/\/gokhan-gokalp.com\/wp-content\/litespeed\/avatar\/e645f66b6264ced10d7b6d8b1f85509b.jpg?ver=1776170659","caption":"G\u00f6khan G\u00f6kalp"},"logo":{"@id":"https:\/\/gokhan-gokalp.com\/wp-content\/litespeed\/avatar\/e645f66b6264ced10d7b6d8b1f85509b.jpg?ver=1776170659"},"sameAs":["https:\/\/gokhan-gokalp.com"],"url":"https:\/\/gokhan-gokalp.com\/tr\/author\/gok-gokalp\/"}]}},"_links":{"self":[{"href":"https:\/\/gokhan-gokalp.com\/tr\/wp-json\/wp\/v2\/posts\/3459","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/gokhan-gokalp.com\/tr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/gokhan-gokalp.com\/tr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/gokhan-gokalp.com\/tr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/gokhan-gokalp.com\/tr\/wp-json\/wp\/v2\/comments?post=3459"}],"version-history":[{"count":5,"href":"https:\/\/gokhan-gokalp.com\/tr\/wp-json\/wp\/v2\/posts\/3459\/revisions"}],"predecessor-version":[{"id":3504,"href":"https:\/\/gokhan-gokalp.com\/tr\/wp-json\/wp\/v2\/posts\/3459\/revisions\/3504"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/gokhan-gokalp.com\/tr\/wp-json\/wp\/v2\/media\/3503"}],"wp:attachment":[{"href":"https:\/\/gokhan-gokalp.com\/tr\/wp-json\/wp\/v2\/media?parent=3459"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/gokhan-gokalp.com\/tr\/wp-json\/wp\/v2\/categories?post=3459"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/gokhan-gokalp.com\/tr\/wp-json\/wp\/v2\/tags?post=3459"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}