搭建K8s容器化應用的開發調試環境

{"type":"doc","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"對開發人員而言，Kubernetes（簡稱k8s）真的是想說愛你不容易。因爲k8s基本與我們的業務無關，它的關注點是容器編排，涉及到的都是系統的網絡、存儲、計算等基礎資源，是我們比較陌生的領域；另外，因爲衆所周知的原因，谷歌系的網站基本上在國內沒法訪問，這就導致了很多對k8s的探索都是止步於安裝，無果而終。本文是筆者踩坑無數後，在k8s路上的一點收穫，在Win10上搭建單機的k8s環境，進行容器化應用的開發、調試與部署。","attrs":{}}]},{"type":"heading","attrs":{"align":null,"level":3},"content":[{"type":"text","text":"1、容器化帶來的問題","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"把應用容器化是爲了方便測試和部署，解決開發人員“我這裏可以呀”而測試或用戶“我這裏不行”的問題。我們開發出來的軟件需要比較","attrs":{}},{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"良好的可部署性","attrs":{}},{"type":"text","text":"，容器化與無服務器架構是實現這個目標的發展方向和趨勢。Docker和Kubernetes是容器化和容器編排的行業標準，在現階段也相對成熟；無服務器（Serverless）目前支持的業務場景還比較有限，也缺少行業標準，容易被廠商鎖定。","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"作爲開發人員，我們當然還需要","attrs":{}},{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"良好的可調試性","attrs":{}},{"type":"text","text":"。那種把應用編譯部署到容器後，有問題只能看容器裏應用輸出的日誌，而無法做代碼跟蹤、斷點調試的方案，都不是我們想要的。","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"這裏說的","attrs":{}},{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"應用容器化後影響調試","attrs":{}},{"type":"text","text":"，是不包括單體應用的，主要是說部署在容器裏並且跟其他容器裏的應用有交互的應用，也就是服務間相互調用，微服務就是最典型的例子。比如你用docker compose啓動微服務的其它應用，然後試圖在IntelliJ IDEA裏跟蹤調試某個服務，這時你會發現，IDEA跟docker compose啓動的服務不在一個世界，網絡不通。Docker可以暴露端口供外部調用，但IDEA裏啓動的這個應用沒法暴露給容器世界裏的服務，微服務的服務發現（Eureka Server、Zookeeper等）只能發現容器世界裏的服務。","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Java或者其它","attrs":{}},{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"支持遠程調試","attrs":{}},{"type":"text","text":"的語言，雖然提供了一種可行的方式，但在應用部署到容器後，特別是k8s環境，要連接遠程調試端口也變得困難了，何況遠程調試本身就沒有本機來得簡單快捷。K8s對容器進行調度、編排，帶來了比docker更高級的功能，但同時也增加了系統的複雜性。","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"良好的可部署性和可調試性，魚與熊掌，可以兼得嗎？我們不相信世上有可以解決一切問題的銀彈，但卻總是走在尋找銀彈的路上^_^","attrs":{}}]},{"type":"image","attrs":{"src":"https://static001.geekbang.org/infoq/4a/4adc7a0607553dae98f86e3266de3161.jpeg","alt":null,"title":"","style":[{"key":"width","value":"100%"},{"key":"bordertype","value":"none"}],"href":"","fromPaste":false,"pastePass":false}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":3},"content":[{"type":"text","text":"2、解決方案概述","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"筆者給的這個兼顧可部署性和可調試性的開發環境搭建方案，重點是用k3s來解決Kubernetes的安裝難題，用Telepresence來打通容器和IDE進行代碼的跟蹤調試，用Skaffold來自動化處理容器構建和部署。","attrs":{}}]},{"type":"blockquote","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"如果你有更好的建議，還望不吝賜教👏","attrs":{}}]}],"attrs":{}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"K3s是經CNCF一致性認證的Kubernetes發行版，重點是k3s被打包成單個小於60MB的二進制文件，從而簡化了安裝、運行和升級k8s集羣所需的依賴性和步驟，也就是說k3s是開箱即用的，不再需要去聯網下載相關鏡像，“完美”解決了k8s的安裝難題；","attrs":{}}]}]},{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Telepresence爲部署在k8s環境裏的應用提供快速本地化開發功能，其基本原理是在k8s集羣中部署雙向網絡代理，使得本機環境的服務和k8s集羣裏的服務完全互訪，包括k8s的環境變量、Secrets和ConfigMap等；","attrs":{}}]}]},{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Skaffold是谷歌提供的開發支持工具，主要是跟谷歌提供的雲服務(Google Cloud)結合來加速應用的容器化構建、部署，這裏我們只用它的基礎功能就行了，自動構建並部署到應用到k8s集羣。","attrs":{}}]}]}],"attrs":{}},{"type":"image","attrs":{"src":"https://static001.geekbang.org/infoq/62/6277f11af7b5b47997b429d19ec44f51.jpeg","alt":null,"title":"","style":[{"key":"width","value":"100%"},{"key":"bordertype","value":"none"}],"href":"","fromPaste":false,"pastePass":false}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":3},"content":[{"type":"text","text":"3、安裝Docker Desktop","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"下載鏈接： ","attrs":{}},{"type":"link","attrs":{"href":"https://hub.docker.com/editions/community/docker-ce-desktop-windows","title":"","type":null},"content":[{"type":"text","text":"https://hub.docker.com/editions/community/docker-ce-desktop-windows","attrs":{}}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"系統要求：Microsoft Windows 10 Professional or Enterprise 64-bit, or Windows 10 Home 64-bit with WSL 2.","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Docker在後續的容器鏡像構建(build)會用到，所以這裏先提出來做好準備。在Windows開發環境做容器化部署，Docker Desktop也是必備軟件了。","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"這裏再推薦一個終端工具：Windows Terminal，筆者覺得比cmd和power shell用着舒服多了，可以在Microsoft Store上搜索安裝。微軟的store有一個bug，就是很容易“無法加載頁面，請稍候重試”，解決辦法是打開IE（Internet Explorer），在“Internet選項”的“高級”裏勾選TLS1.1和TLS1.2，“應用”即可解決問題。","attrs":{}}]},{"type":"blockquote","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"真的是IE不死，bug長存啊😂微軟Store的這個bug，筆者沒去細究，可能是國內的某些安全工具在坑微軟，或者某些銀行軟件做的修改，但是微軟這個軟件帝國，自己的Store門被堵了也無動於衷，真是夠穩重的啊👍","attrs":{}}]}],"attrs":{}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"給一個在Windows Terminal裏查看Docker Desktop是否就緒的截圖：","attrs":{}}]},{"type":"image","attrs":{"src":"https://static001.geekbang.org/infoq/55/559644b9012cb462cce677e5d4cdfb1a.png","alt":null,"title":"","style":[{"key":"width","value":"100%"},{"key":"bordertype","value":"none"}],"href":"","fromPaste":false,"pastePass":false}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":3},"content":[{"type":"text","text":"4、安裝Multipass","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Multipass是Ubuntu 發行商 Canonical 旗下的一款產品，是一個輕量級 Linux 虛擬機命令行管理工具。通過 Multipass，用戶可以用一條命令啓動虛擬機鏡像，並在短短數秒內讓 Linux在Mac和Windows上運行起來。顯然這裏的Linux是專指Ubuntu，你如果喜歡其它的Linux，也有熟悉的方式和趁手的工具，可以略過這一部分。Canonical這些大廠，爲了推廣自己的產品，也是夠拼的。","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Multipass的官網：","attrs":{}},{"type":"link","attrs":{"href":"https://multipass.run/","title":"","type":null},"content":[{"type":"text","text":"https://multipass.run/","attrs":{}}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Windows版的下載地址：","attrs":{}},{"type":"link","attrs":{"href":"https://multipass.run/download/windows","title":"","type":null},"content":[{"type":"text","text":"https://multipass.run/download/windows","attrs":{}}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"系統要求：Windows 10專業版、企業版、教育版，或者安裝了VirtualBox。","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Multipass安裝就緒後，就可以用命令來管理ubuntu虛擬機了：","attrs":{}}]},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"multipass help 查看幫助，授人以魚不如授人以漁","attrs":{}}]}]},{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"multipass list 查看現有的虛擬機實例","attrs":{}}]}]},{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"multipass find 查看可用的鏡像","attrs":{}}]}]},{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"multipass launch 創建並啓動Ubuntu實例","attrs":{}}]}]},{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"multipass shell 連接實例進行shell操作","attrs":{}}]}]},{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"multipass start 啓動虛擬機","attrs":{}}]}]},{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"multipass stop 停止虛擬機","attrs":{}}]}]},{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"multipass delete 刪除虛擬機","attrs":{}}]}]},{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"multipass recover 恢復刪除的虛擬機","attrs":{}}]}]},{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"multipass purge 徹底清除刪除的虛擬機","attrs":{}}]}]}],"attrs":{}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"接下來我們用Multipass創建一個LTS版的Ubuntu 20.04，取名爲test，shell進去修改root的密碼，然後試一下multipass對虛擬機的管理：啓動、停止、刪除等：","attrs":{}}]},{"type":"image","attrs":{"src":"https://static001.geekbang.org/infoq/9c/9c139b9729cc9355f11d6b256f358a26.png","alt":null,"title":"","style":[{"key":"width","value":"100%"},{"key":"bordertype","value":"boxShadow"}],"href":"","fromPaste":false,"pastePass":false}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https://static001.geekbang.org/infoq/33/333cc8c7b904e4d98b33ba10ca8dc704.png","alt":null,"title":"","style":[{"key":"width","value":"100%"},{"key":"bordertype","value":"boxShadow"}],"href":"","fromPaste":false,"pastePass":false}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https://static001.geekbang.org/infoq/74/7499b24a19a056c319bf8cb3fc72f0e7.png","alt":null,"title":"","style":[{"key":"width","value":"100%"},{"key":"bordertype","value":"boxShadow"}],"href":"","fromPaste":false,"pastePass":false}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"安裝好Docker Desktop和Multipass後，就可以進入正題，開始安裝K3s、Telepresence和Skaffold，搭建有良好可調試性的k8s開發環境。","attrs":{}}]},{"type":"image","attrs":{"src":"https://static001.geekbang.org/infoq/9a/9a7fd5dded59a17c22aad139da6f3d59.jpeg","alt":null,"title":"","style":[{"key":"width","value":"100%"},{"key":"bordertype","value":"none"}],"href":"","fromPaste":false,"pastePass":false}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":3},"content":[{"type":"text","text":"5、安裝K3s","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"先用Multipass創建並啓動Ubuntu虛擬機，作爲安裝k3s的Linux服務器：","attrs":{}}]},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":"# 這個虛擬機命名爲k3s-1，使用LTS版的Ubuntu 20.04\nmultipass launch -n k3s-1 20.04","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"連接虛擬機k3s-1上的ubuntu並修改root的密碼，以便後續使用root進行操作：","attrs":{}}]},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":"# shell連接ubuntu\nmultipass shell k3s-1\n\n# 修改root密碼，Ubuntu默認的root密碼爲空\nsudo passwd\n\n# 修改密碼才能切換用戶爲root\nsu root","attrs":{}}]},{"type":"blockquote","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"如果習慣了XShell等終端工具，可以參考這篇文章：","attrs":{}},{"type":"link","attrs":{"href":"https://www.kindlehub.mobi/t/topic/1134","title":"","type":null},"content":[{"type":"text","text":"https://www.kindlehub.mobi/t/topic/1134","attrs":{}}]}]}],"attrs":{}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"K3s的官網：","attrs":{}},{"type":"link","attrs":{"href":"https://www.rancher.cn/k3s/","title":"","type":null},"content":[{"type":"text","text":"https://www.rancher.cn/k3s/","attrs":{}}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"技術文檔：","attrs":{}},{"type":"link","attrs":{"href":"https://docs.rancher.cn/docs/k3s/quick-start/_index","title":"","type":null},"content":[{"type":"text","text":"https://docs.rancher.cn/docs/k3s/quick-start/_index","attrs":{}}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"國內用戶，可以使用以下方法加速安裝：","attrs":{}}]},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":"curl -sfL http://rancher-mirror.cnrancher.com/k3s/k3s-install.sh | INSTALL_K3S_MIRROR=cn sh -","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"安裝成功的話會輸出如下內容：","attrs":{}}]},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":"[INFO] Finding release for channel stable\n[INFO] Using v1.21.7+k3s1 as release\n[INFO] Downloading hash http://rancher-mirror.cnrancher.com/k3s/v1.21.7-k3s1/sha256sum-amd64.txt\n[INFO] Downloading binary http://rancher-mirror.cnrancher.com/k3s/v1.21.7-k3s1/k3s\n[INFO] Verifying binary download\n[INFO] Installing k3s to /usr/local/bin/k3s\n[INFO] Creating /usr/local/bin/kubectl symlink to k3s\n[INFO] Creating /usr/local/bin/crictl symlink to k3s\n[INFO] Creating /usr/local/bin/ctr symlink to k3s\n[INFO] Creating killall script /usr/local/bin/k3s-killall.sh\n[INFO] Creating uninstall script /usr/local/bin/k3s-uninstall.sh\n[INFO] env: Creating environment file /etc/systemd/system/k3s.service.env\n[INFO] systemd: Creating service file /etc/systemd/system/k3s.service\n[INFO] systemd: Enabling k3s unit\n[INFO] systemd: Starting k3s","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"檢查k3s是否運行正常：","attrs":{}}]},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":"# 查看k3s的進程\nps aux|grep k3s\n\n# k3s的位置\nwhich k3s\n\n# 用kubectl看看node（安裝k3s時也會安裝kubectl，確實比較省心）\nkubectl get node\n\n# 用kubectl看看pod\n# -A參數表示查看所有，可用-n參數指定具體的namespace，默認是default\nkubectl get pod -A","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https://static001.geekbang.org/infoq/a9/a91c1c23a7cd309884c929fa7db5eb4d.png","alt":null,"title":"","style":[{"key":"width","value":"100%"},{"key":"bordertype","value":"boxShadow"}],"href":"","fromPaste":false,"pastePass":false}},{"type":"heading","attrs":{"align":null,"level":3},"content":[{"type":"text","text":"6、在本機上安裝kubectl","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Kubectl是Kubernetes工具，使用kubectl可以對 k8s 集羣運行命令，比如部署應用、監測和管理集羣資源以及查看日誌等。","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"要在本機（windows 10）上訪問k3s-1虛擬機裏安裝的kubernetes集羣，需要先安裝windows版的kubectl，kubectl是用golang開發的，只有一個執行程序，可以直接下載，然後在環境變量path裏增加kubectl執行程序的路徑即可。","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"下載鏈接：","attrs":{}},{"type":"link","attrs":{"href":"https://dl.k8s.io/release/v1.22.0/bin/windows/amd64/kubectl.exe","title":"","type":null},"content":[{"type":"text","text":"https://dl.k8s.io/release/v1.22.0/bin/windows/amd64/kubectl.exe","attrs":{}}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"安裝指導：","attrs":{}},{"type":"link","attrs":{"href":"https://kubernetes.io/zh/docs/tasks/tools/install-kubectl-windows/","title":"","type":null},"content":[{"type":"text","text":"https://kubernetes.io/zh/docs/tasks/tools/install-kubectl-windows/","attrs":{}}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Kubectl安裝好後，還需要配置一下，告訴它待連接的k8s集羣的相關參數。這個配置文件的位置是：","attrs":{}}]},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":"# 檢查kubectl是否安裝就緒，在Power Shell裏執行下述命令\n# 期待的輸出是有具體的Client Version，但是Server連接失敗\nkubectl version\n\n# 進入kubectl的配置路徑\ncd ~/.kube","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Windows上kubectl的配置文件是“~/.kube/config”（這裏的~只在power shell裏有效，跟當前登錄的用戶名有關，在資源管理器裏要替換爲實際的路徑），遠端Ubuntu主機（虛擬機k3s-1）裏k3s的KUBECONFIG是在這個文件裏：/etc/rancher/k3s/k3s.yaml，所以現在要做的就是把k3s.yaml裏的內容，複製到config裏。","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"記得要改Server的IP地址，在k3s.yaml文件裏指向的k8s集羣Server地址是127.0.0.1，在windows的~/.kube/config裏則要修改爲虛擬機k3s-1的地址：","attrs":{}}]},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":"cat /etc/rancher/k3s/k3s.yaml","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https://static001.geekbang.org/infoq/42/42631dd532e7688eaa18f99fa16b70d2.png","alt":null,"title":"","style":[{"key":"width","value":"100%"},{"key":"bordertype","value":"boxShadow"}],"href":"","fromPaste":false,"pastePass":false}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"用Multipass list查看k3s-1的IP地址，以及配置好之後，在windows本機上驗證一下：","attrs":{}}]},{"type":"image","attrs":{"src":"https://static001.geekbang.org/infoq/6a/6a41b74bb099b52c4e3a93fd0a35f438.png","alt":null,"title":"","style":[{"key":"width","value":"100%"},{"key":"bordertype","value":"boxShadow"}],"href":"","fromPaste":false,"pastePass":false}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":3},"content":[{"type":"text","text":"7、用kubectl管理k8s","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Kubernetes的","attrs":{}},{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"基礎知識","attrs":{}},{"type":"text","text":"這裏簡單講一下：","attrs":{}}]},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Node，一個節點就是是一臺主機（虛擬主機或者物理主機），一個k8s集羣可以管理若干主機；","attrs":{}}]}]},{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Pod，在英文中的原意是豆莢的意思，在k8s的一個pod中可以運行一個或者多個容器，並且k8s會爲每個pod都分配一個集羣內唯一的IP地址；K8s一般會爲一個服務部署多個pod副本，副本的數量可以增加或減少，構成一個pod集羣來對外提供服務，所以要訪問k8s集羣裏的服務，直接寫某個pod的地址是不行的；","attrs":{}}]}]},{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Service，是k8s中的一個核心資源，主要就是解決上述服務訪問的問題。Service一旦創建就會分配固定的IP地址，並且在它的整個生命週期裏都不會改變。","attrs":{}}]}]},{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Ingress，可以簡單理解爲Nginx或微服務裏的網關（Zuul，Gateway），如果說Service是解決k8s集羣內服務訪問的問題，Ingress就是把Service暴露到集羣外部，供外部訪問集羣提供的服務。","attrs":{}}]}]}],"attrs":{}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"當然k8s集羣還有一些其它的概念，比如存儲PV、PVC，Secrets，ConfigMap等，這些我們都可以簡單理解爲k8s管理的資源，這些資源彙集起來構成整個集羣。","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"有了用k3s運行的k8s集羣，也瞭解了一些基本的概念，接下來我們實際部署一個簡單的服務，進一步體驗一下k8s的容器編排能力。","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"以bootcamp爲例，這是k8s世界的Hello World。","attrs":{}}]},{"type":"heading","attrs":{"align":null,"level":4},"content":[{"type":"text","text":"7.1 創建Pod","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"先編寫一個部署文件（bootcamp-deployment.yaml）：","attrs":{}}]},{"type":"codeblock","attrs":{"lang":"text"},"content":[{"type":"text","text":"apiVersion: apps/v1\nkind: Deployment\nmetadata:\n labels:\n app: k8s-bootcamp-v1\n name: k8s-bootcamp-v1\nspec:\n replicas: 2\n selector:\n matchLabels:\n app: k8s-bootcamp-v1\n template:\n metadata:\n labels:\n app: k8s-bootcamp-v1\n spec:\n containers:\n - image: jocatalin/kubernetes-bootcamp:v1\n name: k8s-bootcamp-v1\n resources:\n requests:\n memory: \"128Mi\"\n cpu: \"50m\"\n limits:\n memory: \"512Mi\"\n cpu: \"100m\"","attrs":{}}]},{"type":"blockquote","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"上述配置裏資源（resource）的內存（memory）單位Mi=1024*1024字節，cpu的50m則表示50/1000個cpu內核(Core），也可以表示爲0.05","attrs":{}}]}],"attrs":{}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"在windows本機使用kubectl運行部署命令：","attrs":{}}]},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":"kubectl apply -f bootcamp-deployment.yaml","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https://static001.geekbang.org/infoq/01/01e33f8e0c191ef6e523c3c6dcb3e9d2.png","alt":null,"title":"","style":[{"key":"width","value":"100%"},{"key":"bordertype","value":"boxShadow"}],"href":"","fromPaste":false,"pastePass":false}},{"type":"blockquote","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Deployment對應的是Pod","attrs":{}}]}],"attrs":{}},{"type":"heading","attrs":{"align":null,"level":4},"content":[{"type":"text","text":"7.2 創建Service","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"編寫Service文件（bootcamp-svc.yaml）：","attrs":{}}]},{"type":"codeblock","attrs":{"lang":"text"},"content":[{"type":"text","text":"apiVersion: v1\nkind: Service\nmetadata:\n labels:\n app: k8s-bootcamp-v1\n name: k8s-bootcamp-v1\nspec:\n ports:\n - port: 8080\n protocol: TCP\n targetPort: 8080\n selector:\n app: k8s-bootcamp-v1\n type: ClusterIP","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"同樣用kubectl apply發佈這個Service（k8s世界裏通常把service簡稱爲svc）：","attrs":{}}]},{"type":"image","attrs":{"src":"https://static001.geekbang.org/infoq/2f/2ff2ced04602b476d54ecfb7d18902f8.png","alt":null,"title":"","style":[{"key":"width","value":"100%"},{"key":"bordertype","value":"boxShadow"}],"href":"","fromPaste":false,"pastePass":false}},{"type":"heading","attrs":{"align":null,"level":4},"content":[{"type":"text","text":"7.3 創建Ingress","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"k3s內置的Ingress Controller是Traefik，也有基於Nginx的Ingress，Traefik在代理容器化應用時具有一定的優勢，既支持Docker也支持k8s，在容器裏部署的應用實例數量變化時，Traefik可以自動感知，不需要調整配置參數。但不管是哪個具體的Ingress實現，創建Ingress的操作都是一樣的（bootcamp-ingress.yaml）：","attrs":{}}]},{"type":"codeblock","attrs":{"lang":"text"},"content":[{"type":"text","text":"apiVersion: extensions/v1beta1\nkind: Ingress\nmetadata:\n name: \"bootcamp-ingress\"\n labels:\n app: bootcamp-ingress\nspec:\n rules:\n - host: bootcamp.me\n http:\n paths:\n - path: /\n backend:\n serviceName: \"k8s-bootcamp-v1\"\n servicePort: 8080","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"還是kubectl apply來發布這個Ingress：","attrs":{}}]},{"type":"image","attrs":{"src":"https://static001.geekbang.org/infoq/15/15b92fcd2aa4763038bb39054af61efe.png","alt":null,"title":"","style":[{"key":"width","value":"100%"},{"key":"bordertype","value":"boxShadow"}],"href":"","fromPaste":false,"pastePass":false}},{"type":"heading","attrs":{"align":null,"level":4},"content":[{"type":"text","text":"7.4 訪問（內網、外網）","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"至此，已經把應用部署到k8s的Pod，並創建了供內部訪問的Service，也通過Ingress把服務暴露給外部。現在就來驗證一下，在Ubuntu主機上，用curl在內部通過Service的固定IP訪問：","attrs":{}}]},{"type":"image","attrs":{"src":"https://static001.geekbang.org/infoq/15/15f1c6d691fd84d71a860c10855340f8.png","alt":null,"title":"","style":[{"key":"width","value":"100%"},{"key":"bordertype","value":"boxShadow"}],"href":"","fromPaste":false,"pastePass":false}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"在Windows 10本機上，先修改hosts（需要用管理員權限打開文本編輯工具才修改，C:\\Windows\\System32\\drivers\\etc\\hosts），添加域名解析：","attrs":{}}]},{"type":"codeblock","attrs":{"lang":"text"},"content":[{"type":"text","text":"172.28.189.231 bootcamp.me","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"然後在瀏覽器訪問http://bootcamp.me","attrs":{}}]},{"type":"image","attrs":{"src":"https://static001.geekbang.org/infoq/7f/7fb3be66a096096e8aa90df5f00a5b72.png","alt":null,"title":"","style":[{"key":"width","value":"75%"},{"key":"bordertype","value":"boxShadow"}],"href":"","fromPaste":false,"pastePass":false}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"這樣我們的bootcamp就完成部署了！接下來我們稍微接觸一點k8s的高端能力，看看它的容器編排能力。","attrs":{}}]},{"type":"heading","attrs":{"align":null,"level":4},"content":[{"type":"text","text":"7.5 手動擴容（Scale）","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"手工增加或者縮小bootcamp的Pod副本數量，這個能力非常實用，某個服務的負載高了，就增加Pod副本數量來支撐業務的正常運轉，負載小就減少副本數量，把資源讓出來。","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"使用kubectl scale命令，手動擴容和縮容：","attrs":{}}]},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":"kubectl scale deployment k8s-bootcamp-v1 --replicas=3","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https://static001.geekbang.org/infoq/0e/0eaea694bcdbc9b26be25b40924f6032.png","alt":null,"title":"","style":[{"key":"width","value":"100%"},{"key":"bordertype","value":"boxShadow"}],"href":"","fromPaste":false,"pastePass":false}},{"type":"heading","attrs":{"align":null,"level":4},"content":[{"type":"text","text":"7.6 自動擴容（Autoscale）","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"有了手動擴容，來一個自動擴容就是很自然的事情了。K8s的Horizontal Pod Autoscaler（HPA）的控制器，用來實現基於CPU使用率進行自動Pod擴容和縮容的功能。","attrs":{}}]},{"type":"codeblock","attrs":{"lang":"text"},"content":[{"type":"text","text":"# cpu的使用率超過50%就擴容Pod副本的數量，最多10個，至少保留1個\n# 注意這裏的cpu使用率是按depolyment部署指定的資源參數來計算的\n# 可以結合bootcamp-deployment.yaml裏的resources來理解\nkubectl autoscale deployment k8s-bootcamp-v1 --min=1 --max=10 --cpu-percent=50","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https://static001.geekbang.org/infoq/85/85479c341f2f8edef110fba4a925ad8f.png","alt":null,"title":"","style":[{"key":"width","value":"100%"},{"key":"bordertype","value":"boxShadow"}],"href":"","fromPaste":false,"pastePass":false}},{"type":"blockquote","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"HPA是通過循環控制來實現的，默認30秒檢查一次應用使用資源的情況（cpu使用率），擴容的時間間隔是3分鐘，縮容則是5分鐘。所以在進行上述操作的時候，不會立即看到效果。","attrs":{}}]}],"attrs":{}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":4},"content":[{"type":"text","text":"7.7 清理（善後工作）","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"測試的最後，把前面創建的這些資源都釋放掉，完成bootcamp的有始有終。Say Hello之後Say Bye Bye","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"K8s的資源刪除有兩種方式，一種用kubectl執行delete命令，帶上資源類型和資源名稱這兩個參數：","attrs":{}}]},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":"kubectl delete hpa k8s-bootcamp-v1","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"另一種方式是使用yaml文件來傳遞資源類型和名稱這兩個參數：","attrs":{}}]},{"type":"codeblock","attrs":{"lang":"text"},"content":[{"type":"text","text":"kubectl delete -f bootcamp-deployment.yaml","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https://static001.geekbang.org/infoq/95/95cbaaa838dcbfe047bfeb09516caff6.png","alt":null,"title":"","style":[{"key":"width","value":"100%"},{"key":"bordertype","value":"boxShadow"}],"href":"","fromPaste":false,"pastePass":false}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"如果在Windows的hosts文件裏配置了bootcamp.me的域名解析，也別忘了把它刪除掉。","attrs":{}}]},{"type":"heading","attrs":{"align":null,"level":4},"content":[{"type":"text","text":"7.8 小結","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"K8s對容器的管理能力，確實夠強大，但也夠複雜，但相信軟件發展的趨勢，好的東西總是會向前發展並簡化。","attrs":{}}]},{"type":"image","attrs":{"src":"https://static001.geekbang.org/infoq/46/4678b199a22af1afc1f35bf6c67d1fc3.jpeg","alt":null,"title":"","style":[{"key":"width","value":"100%"},{"key":"bordertype","value":"boxShadow"}],"href":"","fromPaste":false,"pastePass":false}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":3},"content":[{"type":"text","text":"8、安裝Teleprensence","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Telepresence是一款爲Kubernetes或者Openshift微服務開發提供快速本地化支持的開源軟件。","attrs":{}}]},{"type":"heading","attrs":{"align":null,"level":4},"content":[{"type":"text","text":"8.1 安裝","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"官網鏈接：","attrs":{}},{"type":"link","attrs":{"href":"https://www.telepresence.io/","title":"","type":null},"content":[{"type":"text","text":"https://www.telepresence.io/","attrs":{}}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"安裝指引：","attrs":{}},{"type":"link","attrs":{"href":"https://www.telepresence.io/docs/latest/howtos/intercepts/?os=windows","title":"","type":null},"content":[{"type":"text","text":"https://www.telepresence.io/docs/latest/howtos/intercepts/?os=windows","attrs":{}}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Windows版的下載地址：","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"link","attrs":{"href":"https://app.getambassador.io/download/tel2/windows/amd64/latest/telepresence.zip","title":"","type":null},"content":[{"type":"text","text":"https://app.getambassador.io/download/tel2/windows/amd64/latest/telepresence.zip","attrs":{}}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"安裝比較簡單，下載後解壓，在Power Shell下執行install-telepresence.ps1","attrs":{}}]},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":"# 進入解壓後的文件夾\ncd telepresence\n\n# 執行install-telepresence.ps1\n.\\install-telepresence","attrs":{}}]},{"type":"blockquote","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"默認安裝在C:\\telepresence","attrs":{}}]}],"attrs":{}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"查看幫助：","attrs":{}}]},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":"telepresence --help","attrs":{}}]},{"type":"heading","attrs":{"align":null,"level":4},"content":[{"type":"text","text":"8.2 連接K8s集羣（Connect）","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"連接（代理）K8s集羣（跟kubectl一樣，也是從~/.kube/config文件裏獲取K8s集羣的信息進行連接）：","attrs":{}}]},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":"PS D:\\temp\\k3s> telepresence connect\nLaunching Telepresence Root Daemon\nLaunching Telepresence User Daemon\nConnected to context default (https://x.x.x.x:6443)","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Connect成功後，就可以在本機上訪問遠端K8s集羣裏的Service了。測試一下，還有用bootcamp。前面我們已經把bootcamp刪除了，但是有了k8s，重新部署很輕鬆：","attrs":{}}]},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":"PS D:\\temp\\k3s> kubectl apply -f bootcamp-deployment.yaml\ndeployment.apps/k8s-bootcamp-v1 created\nPS D:\\temp\\k3s> kubectl apply -f bootcamp-svc.yaml\nservice/k8s-bootcamp-v1 created\nPS D:\\temp\\k3s> kubectl get pod\nNAME READY STATUS RESTARTS AGE\nk8s-bootcamp-v1-7c898bf695-l9vwb 1/1 Running 0 31s\nk8s-bootcamp-v1-7c898bf695-cp52l 1/1 Running 0 31s\nPS D:\\temp\\k3s> kubectl get svc\nNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE\nkubernetes ClusterIP 10.43.0.1 443/TCP 3d19h\nk8s-bootcamp-v1 ClusterIP 10.43.188.82 8080/TCP 72s\nPS D:\\temp\\k3s> curl http://10.43.188.82:8080\nStatusCode : 200\nStatusDescription : OK\nContent : Hello Kubernetes bootcamp! | Running on: k8s-bootcamp-v1-7c898bf695-cp52l | v=1","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"退出Telepresence的connect：","attrs":{}}]},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":"PS D:\\temp\\k3s> telepresence quit\nTelepresence Root Daemon quitting... done\nTelepresence User Daemon quitting... done","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":4},"content":[{"type":"text","text":"8.3 接管K8s集羣的流量（Intercept）","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"接管（攔截）K8s集羣裏的訪問流量，通過代理轉到本機：","attrs":{}}]},{"type":"blockquote","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"telepresence intercept --port [:] --env-file ","attrs":{}}]}],"attrs":{}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"攔截（intercept）操作，稍微要複雜一點，流量攔截到本機後，需要本機啓動一個相應的服務來處理這些流量。如果是調試的話，就應該是用IDE的調試模式來啓動bootcamp，這裏我們用docker啓動。","attrs":{}}]},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":"# 本機啓動一個bootcamp，向外暴露的訪問端口是8081\nPS D:\\temp\\k3s> docker run -p 8081:8080 -d jocatalin/kubernetes-bootcamp:v1\n0934023b1a6a37ef35a4f0bedc21d4306db970b02a80775858972aebe95aa1df\n\n# 測試對本機bootcamp的訪問\nPS D:\\temp\\k3s> curl http://localhost:8081\nStatusCode : 200\nStatusDescription : OK\nContent : Hello Kubernetes bootcamp! | Running on: 0934023b1a6a | v=1\n...\n\n# Telepresence連接K8s集羣，如果已經連接則可以省略\nPS D:\\temp\\k3s> telepresence connect\nLaunching Telepresence Root Daemon\nLaunching Telepresence User Daemon\nConnected to context default (https://172.28.186.230:6443)\n\n# 接管K8s集羣裏k8s-bootcap-v1這個service的流量\nPS D:\\temp\\k3s> telepresence intercept k8s-bootcamp-v1 --port 8081:8080\nUsing Deployment k8s-bootcamp-v1\nintercepted\n Intercept name : k8s-bootcamp-v1\n State : ACTIVE\n Workload kind : Deployment\n Destination : 127.0.0.1:8081\n Service Port Identifier: 8080\n Volume Mount Point : T:\n Intercepting : all TCP connections\nIntercepting all traffic to your service. \n\n# 再次測試對bootcamp的訪問\nPS D:\\temp\\k3s> curl http://10.43.188.82:8080\nStatusCode : 200\nStatusDescription : OK\nContent : Hello Kubernetes bootcamp! | Running on: 0934023b1a6a | v=1","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"爲了更直觀地看到本地8081端口的bootcamp接管了訪問流量，可以看看docker的日誌：","attrs":{}}]},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":"PS D:\\temp\\k3s> docker ps\nCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES\n0934023b1a6a jocatalin/kubernetes-bootcamp:v1 \"/bin/sh -c 'node se…\" 45 minutes ago Up 45 minutes 0.0.0.0:8081->8080/tcp condescending_sinoussi\n\nPS D:\\temp\\k3s> docker logs 0934023b1a6a -f\nKubernetes Bootcamp App Started At: 2021-12-04T08:09:41.108Z | Running On: 0934023b1a6a\n\nRunning On: 0934023b1a6a | Total Requests: 1 | App Uptime: 9.505 seconds | Log Time: 2021-12-04T08:09:50.613Z\nRunning On: 0934023b1a6a | Total Requests: 2 | App Uptime: 288.663 seconds | Log Time: 2021-12-04T08:14:29.771Z","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"結束Intercept：","attrs":{}}]},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":"telepresence leave","attrs":{}}]},{"type":"heading","attrs":{"align":null,"level":3},"content":[{"type":"text","text":"9、安裝Skaffold","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Skaffold可以自動構建鏡像，推送到鏡像倉庫，部署應用。如果團隊已經有這方面的規範流程了，則可以評估一下，看是否需要用Skaffold來代替。比如Maven插件fabric8，或者類似Jenkins這樣的CI/CD工具。","attrs":{}}]},{"type":"heading","attrs":{"align":null,"level":4},"content":[{"type":"text","text":"9.1 安裝","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Skaffold的安裝跟kubectl類似，就是一個獨立的可執行程序，下載後設置一下環境變量path即可。下載下來是skaffold-windows-amd64.exe，爲了後續操作方便，請改名爲skaffold.exe，這樣設置了path後，在Power Shell裏可以直接使用了。","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"下載： ","attrs":{}},{"type":"link","attrs":{"href":"https://storage.googleapis.com/skaffold/releases/latest/skaffold-windows-amd64.exe","title":"","type":null},"content":[{"type":"text","text":"https://storage.googleapis.com/skaffold/releases/latest/skaffold-windows-amd64.exe","attrs":{}}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"官方的安裝指引： ","attrs":{}},{"type":"link","attrs":{"href":"https://skaffold.dev/docs/install/","title":"","type":null},"content":[{"type":"text","text":"https://skaffold.dev/docs/install/","attrs":{}}]}]},{"type":"heading","attrs":{"align":null,"level":4},"content":[{"type":"text","text":"9.2 準備鏡像倉庫","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Skaffold的操作的對象是應用的容器鏡像（Docker Image），所以需要一個K8s集羣和本機環境都可以訪問的容器鏡像倉庫，以這個倉庫爲中轉，完成應用容器鏡像的推送和部署。","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"如果不是純學習，就移動辦公而言，或者爲了自己工作學習的方便，在互聯網上弄一個鏡像倉庫還是很有必要的。像","attrs":{}},{"type":"link","attrs":{"href":"https://www.aliyun.com/product/acr?source=5176.11533457&userCode=hnj2ql3q","title":"","type":null},"content":[{"type":"text","text":"阿里雲提供的容器鏡像服務","attrs":{}}]},{"type":"text","text":"，或者騰訊雲、華爲雲等，都有提供類似的服務。","attrs":{}}]},{"type":"image","attrs":{"src":"https://static001.geekbang.org/infoq/a6/a64585c83ef4ce43f941a6d024faaba0.png","alt":null,"title":"","style":[{"key":"width","value":"100%"},{"key":"bordertype","value":"boxShadow"}],"href":"","fromPaste":false,"pastePass":false}},{"type":"blockquote","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"阿里雲的","attrs":{}},{"type":"link","attrs":{"href":"https://www.aliyun.com/product/acr?source=5176.11533457&userCode=hnj2ql3q","title":"","type":null},"content":[{"type":"text","text":"個人版容器鏡像服務","attrs":{}}]},{"type":"text","text":"，只是學習的話，這點流量就是免費白嫖","attrs":{}}]}],"attrs":{}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"也可以使用Docker的registry鏡像，搭建自己的私有鏡像倉庫，這裏就不贅述了。後續的操作以阿里雲的鏡像容器服務爲例，主要參考Skaffold的官網教程： ","attrs":{}},{"type":"link","attrs":{"href":"https://skaffold.dev/docs/quickstart/","title":"","type":null},"content":[{"type":"text","text":"https://skaffold.dev/docs/quickstart/","attrs":{}}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"先clone官網的例子：","attrs":{}}]},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":"PS> git clone --depth 1 https://github.com/GoogleContainerTools/skaffold\n...\n\nPS> cd skaffold/examples/getting-started\nPS> ls\nMode LastWriteTime Length Name\n---- ------------- ------ ----\n-a---- 2021-12-04 17:54 445 Dockerfile\n-a---- 2021-12-04 17:54 141 k8s-pod.yaml\n-a---- 2021-12-04 17:54 142 main.go\n-a---- 2021-12-04 17:54 579 README.md\n-a---- 2021-12-04 17:54 148 skaffold.yaml","attrs":{}}]},{"type":"blockquote","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"從文件看非常簡單，重點是Dockerfile和yaml文件，那個main.go雖然表明這個例子是go語言開發的，但是不需要你懂go，也不需要安裝go的相關程序。","attrs":{}}]}],"attrs":{}},{"type":"heading","attrs":{"align":null,"level":4},"content":[{"type":"text","text":"9.3 準備訪問鏡像倉庫的secret","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"K8s的Secret用來管理敏感數據，這裏我們創建一個存放鏡像倉庫賬號密碼的Secret，供Deployment從鏡像倉庫拉取鏡像時提供訪問憑證。","attrs":{}}]},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":"# 下述指令裏的***和郵件，請替換你自己的信息\n# 如果是linux請把行尾的`換成\\\nkubectl create secret `\ndocker-registry my-registry-key `\n--docker-server=registry.cn-chengdu.aliyuncs.com/***/getting-started `\n--docker-username=*** `\n--docker-password=*** `\[email protected]","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"編輯getting-started文件夾下的k8s-pod.yaml，把訪問鏡像倉庫的secret配置上去。","attrs":{}}]},{"type":"codeblock","attrs":{"lang":"text"},"content":[{"type":"text","text":"apiVersion: v1\nkind: Pod\nmetadata:\n name: getting-started\nspec:\n imagePullSecrets:\n - name: my-registry-key\n containers:\n - name: getting-started\n image: skaffold-example","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":4},"content":[{"type":"text","text":"9.4 Skaffold run","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"運行Skaffold run命令會執行一次構建和部署。容器鏡像的構建請查看getting-started文件夾下的Dockerfile文件，做了兩件事情，先編譯main.go，然後用編譯得到的可執行程序創建Docker鏡像。部署則是先推送鏡像到鏡像倉庫，然後deployment到k8s集羣。","attrs":{}}]},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":"# 在本機先登錄鏡像倉庫\nPS > docker login --username=*** registry.cn-chengdu.aliyuncs.com\n\nPS > cd skaffold\\examples\\getting-started\n\n# 注意default-repo指向的倉庫地址是skaffold-example的上級路徑\n# 最後得到的鏡像路徑是registry.cn-chengdu.aliyuncs.com/***/skaffold-example\nPS > skaffold run --default-repo=registry.cn-chengdu.aliyuncs.com/*** \n\n# 順利的話，skaffold-example已經部署到k8s集羣\nPS > kubectl get pod\nNAME READY STATUS RESTARTS AGE\ngetting-started 1/1 Running 0 4m4s","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":4},"content":[{"type":"text","text":"9.5 其他","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Skaffold dev則是一直監控代碼的修改，反覆構建、部署。","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Skaffold debug需要下載這個鏡像：gcr.io/k8s-skaffold/skaffold-debug-support/go，無法下載，此路不通。","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"另外，Skaffold還開發了IntelliJ IDEA的插件，在IDE裏輔助開發，主要是結合谷歌雲進行快速部署，被牆了所以沒啥用。","attrs":{}}]},{"type":"image","attrs":{"src":"https://static001.geekbang.org/infoq/f5/f5622050008581b82d9b0e565bc71c6f.jpeg","alt":null,"title":"","style":[{"key":"width","value":"100%"},{"key":"bordertype","value":"boxShadow"}],"href":"","fromPaste":false,"pastePass":false}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":3},"content":[{"type":"text","text":"10、總結及後續","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"不管怎麼說，這個Kubernetes的開發環境算是搭建起來了。","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"K3s總體來講很不錯，給了國內開發人員一個容易上手的K8s，降低了難度，一旦入門，慢慢探索，總會越來越好。","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Telepresence解決了調試的一個大問題，特別是團隊協作的時候，大家基於雲部署一個雲端的k8s開發環境，在聯調方面省很多事，也減少了開發終端的負擔；或者生產環境解決問題的時候，除了遠程調試，也多出一個手段。","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Skaffold本身還是優秀的，只不過跟谷歌雲結合的比較多，對國內開發人員來說有點雞肋。","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"本文有點技術選型的意思，後續有時間考慮結合微服務的開發來實際應用一下，看看還有哪些坑。。。","attrs":{}}]}]}