Kubernetes 1.30: Yeni Özellikler ve Production Best Practices

Kubernetes 1.30, container orchestration dünyasında önemli bir güncelleme. Enhanced scheduler, gelişmiş networking ve güvenlik iyileştirmeleri production ortamlarını daha güvenli ve verimli hale getiriyor.

Büyük Yenilikler

1. Enhanced Scheduler

Yeni scheduler algoritmaları daha iyi pod placement sağlıyor:

apiVersion: v1
kind: Pod
metadata:
  name: my-pod
spec:
  schedulerName: enhanced-scheduler
  affinity:
    nodeAffinity:
      requiredDuringSchedulingIgnoredDuringExecution:
        nodeSelectorTerms:
        - matchExpressions:
          - key: node-type
            operator: In
            values:
            - gpu

2. Improved Networking

CNI plugin'leri için daha iyi destek:

apiVersion: v1
kind: Service
metadata:
  name: my-service
spec:
  type: LoadBalancer
  ipFamilyPolicy: RequireDualStack
  ipFamilies:
    - IPv4
    - IPv6
  ports:
  - port: 80
    targetPort: 8080

3. Security Enhancements

Pod Security Standards iyileştirildi:

apiVersion: v1
kind: Namespace
metadata:
  name: production
  labels:
    pod-security.kubernetes.io/enforce: restricted
    pod-security.kubernetes.io/audit: restricted
    pod-security.kubernetes.io/warn: restricted

Production Best Practices

1. Resource Management

apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-app
spec:
  replicas: 3
  template:
    spec:
      containers:
      - name: app
        resources:
          requests:
            memory: "256Mi"
            cpu: "250m"
          limits:
            memory: "512Mi"
            cpu: "500m"

2. Health Checks

containers:
- name: app
  livenessProbe:
    httpGet:
      path: /health
      port: 8080
    initialDelaySeconds: 30
    periodSeconds: 10
  readinessProbe:
    httpGet:
      path: /ready
      port: 8080
    initialDelaySeconds: 5
    periodSeconds: 5

3. Auto-scaling

apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
  name: my-app-hpa
spec:
  scaleTargetRef:
    apiVersion: apps/v1
    kind: Deployment
    name: my-app
  minReplicas: 2
  maxReplicas: 10
  metrics:
  - type: Resource
    resource:
      name: cpu
      target:
        type: Utilization
        averageUtilization: 70

Networking Best Practices

1. Network Policies

apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: app-network-policy
spec:
  podSelector:
    matchLabels:
      app: my-app
  policyTypes:
  - Ingress
  - Egress
  ingress:
  - from:
    - podSelector:
        matchLabels:
          app: frontend
    ports:
    - protocol: TCP
      port: 8080
  egress:
  - to:
    - podSelector:
        matchLabels:
          app: database
    ports:
    - protocol: TCP
      port: 5432

2. Service Mesh Integration

Istio, Linkerd gibi service mesh'lerle entegrasyon:

apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
  name: my-app
spec:
  hosts:
  - my-app
  http:
  - match:
    - headers:
        version:
          exact: v2
    route:
    - destination:
        host: my-app
        subset: v2
  - route:
    - destination:
        host: my-app
        subset: v1

Monitoring ve Observability

Prometheus Metrics

apiVersion: v1
kind: Service
metadata:
  name: my-app
  annotations:
    prometheus.io/scrape: "true"
    prometheus.io/port: "9090"
    prometheus.io/path: "/metrics"

Logging

containers:
- name: app
  env:
  - name: LOG_LEVEL
    value: "info"
  volumeMounts:
  - name: logs
    mountPath: /var/log

Sonuç

Kubernetes 1.30, production ortamları için önemli iyileştirmeler getiriyor. Enhanced scheduler, improved networking ve security enhancements ile daha güvenli ve verimli çalışan cluster'lar oluşturabilirsiniz. Bu best practices'leri uygulayarak sisteminizin güvenilirliğini artırabilirsiniz.