knative安装与实践

安装knative

官方安装步骤

安装CRD

kubectl apply --filename https://github.com/knative/serving/releases/download/v0.17.0/serving-crds.yaml

安装knative serving
安装serving-core，出现镜像无法拉取错误ImagePullBackOff错误，看了下是镜像地址是墙外地址gcr.io，把他换成阿里云地址：

kubectl edit deployment -nknative-serving

# Please edit the object below. Lines beginning with a '#' will be ignored,
# and an empty file will abort the edit. If an error occurs while saving this file will be
# reopened with the relevant failures.
#
apiVersion: v1
items:
- apiVersion: extensions/v1beta1
  kind: Deployment
  metadata:
    annotations:
      deployment.kubernetes.io/revision: "2"
      kubectl.kubernetes.io/last-applied-configuration: |
        {"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"labels":{"serving.knative.dev/release":"v0.17.0"},"name":"activator","namespace":"knative-serving"},"spec":{"selector":{"matchLabels":{"app":"activator","role":"activator"}},"template":{"metadata":{"annotations":{"cluster-autoscaler.kubernetes.io/safe-to-evict":"false"},"labels":{"app":"activator","role":"activator","serving.knative.dev/release":"v0.17.0"}},"spec":{"containers":[{"env":[{"name":"GOGC","value":"500"},{"name":"POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"POD_IP","valueFrom":{"fieldRef":{"fieldPath":"status.podIP"}}},{"name":"SYSTEM_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}},{"name":"CONFIG_LOGGING_NAME","value":"config-logging"},{"name":"CONFIG_OBSERVABILITY_NAME","value":"config-observability"},{"name":"METRICS_DOMAIN","value":"knative.dev/internal/serving"}],"image":"gcr.io/knative-releases/knative.dev/serving/cmd/activator@sha256:18aadbb4796d7b6316ae971be5233dac28cd794c517e220d127aa9e21d91df42","livenessProbe":{"failureThreshold":12,"httpGet":{"httpHeaders":[{"name":"k-kubelet-probe","value":"activator"}],"port":8012}},"name":"activator","ports":[{"containerPort":9090,"name":"metrics"},{"containerPort":8008,"name":"profiling"},{"containerPort":8012,"name":"http1"},{"containerPort":8013,"name":"h2c"}],"readinessProbe":{"failureThreshold":12,"httpGet":{"httpHeaders":[{"name":"k-kubelet-probe","value":"activator"}],"port":8012}},"resources":{"limits":{"cpu":"1000m","memory":"600Mi"},"requests":{"cpu":"300m","memory":"60Mi"}},"securityContext":{"allowPrivilegeEscalation":false}}],"serviceAccountName":"controller","terminationGracePeriodSeconds":600}}}}
    creationTimestamp: "2020-08-25T06:46:49Z"
    generation: 2
    labels:
      serving.knative.dev/release: v0.17.0
    name: activator
    namespace: knative-serving
    resourceVersion: "22295922"
    selfLink: /apis/extensions/v1beta1/namespaces/knative-serving/deployments/activator
    uid: 581c1b91-b378-4f47-9b3d-ef900d50e23c
  spec:
    progressDeadlineSeconds: 600
    replicas: 1
    revisionHistoryLimit: 10
    selector:
      matchLabels:
        app: activator
        role: activator
    strategy:
      rollingUpdate:
        maxSurge: 25%
        maxUnavailable: 25%
      type: RollingUpdate
    template:
      metadata:
        annotations:
          cluster-autoscaler.kubernetes.io/safe-to-evict: "false"
        creationTimestamp: null
        labels:
          app: activator
          role: activator
          serving.knative.dev/release: v0.17.0
      spec:
        containers:
        - env:
          - name: GOGC
            value: "500"
          - name: POD_NAME
            valueFrom:
              fieldRef:
                apiVersion: v1
                fieldPath: metadata.name
          - name: POD_IP
            valueFrom:
              fieldRef:
                apiVersion: v1
                fieldPath: status.podIP
          - name: SYSTEM_NAMESPACE
            valueFrom:
              fieldRef:
                apiVersion: v1
                fieldPath: metadata.namespace
          - name: CONFIG_LOGGING_NAME
            value: config-logging
          - name: CONFIG_OBSERVABILITY_NAME
            value: config-observability
          - name: METRICS_DOMAIN
            value: knative.dev/internal/serving
          image: registry.cn-shenzhen.aliyuncs.com/shikanon/knative-releases.knative.dev.serving.cmd.activator:v0.17.0
          imagePullPolicy: IfNotPresent
          livenessProbe:
            failureThreshold: 12
            httpGet:
              httpHeaders:
              - name: k-kubelet-probe
                value: activator
              path: /
              port: 8012
              scheme: HTTP
            periodSeconds: 10
            successThreshold: 1
            timeoutSeconds: 1
          name: activator
          ports:
          - containerPort: 9090
            name: metrics
            protocol: TCP
          - containerPort: 8008
            name: profiling
            protocol: TCP
          - containerPort: 8012
            name: http1
            protocol: TCP
          - containerPort: 8013
            name: h2c
            protocol: TCP
          readinessProbe:
            failureThreshold: 12
            httpGet:
              httpHeaders:
              - name: k-kubelet-probe
                value: activator
              path: /
              port: 8012
              scheme: HTTP
            periodSeconds: 10
            successThreshold: 1
            timeoutSeconds: 1
          resources:
            limits:
              cpu: "1"
              memory: 600Mi
            requests:
              cpu: 300m
              memory: 60Mi
          securityContext:
            allowPrivilegeEscalation: false
          terminationMessagePath: /dev/termination-log
          terminationMessagePolicy: File
        dnsPolicy: ClusterFirst
        restartPolicy: Always
        schedulerName: default-scheduler
        securityContext: {}
        serviceAccount: controller
        serviceAccountName: controller
        terminationGracePeriodSeconds: 600
  status:
    availableReplicas: 1
    conditions:
    - lastTransitionTime: "2020-08-25T07:27:17Z"
      lastUpdateTime: "2020-08-25T07:27:17Z"
      message: Deployment has minimum availability.
      reason: MinimumReplicasAvailable
      status: "True"
      type: Available
    - lastTransitionTime: "2020-08-25T07:26:49Z"
      lastUpdateTime: "2020-08-25T07:27:17Z"
      message: ReplicaSet "activator-5d9f6d7d4c" has successfully progressed.
      reason: NewReplicaSetAvailable
      status: "True"
      type: Progressing
    observedGeneration: 2
    readyReplicas: 1
    replicas: 1
    updatedReplicas: 1
- apiVersion: extensions/v1beta1
  kind: Deployment
  metadata:
    annotations:
      deployment.kubernetes.io/revision: "2"
      kubectl.kubernetes.io/last-applied-configuration: |
        {"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"labels":{"serving.knative.dev/release":"v0.17.0"},"name":"autoscaler","namespace":"knative-serving"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"autoscaler"}},"template":{"metadata":{"annotations":{"cluster-autoscaler.kubernetes.io/safe-to-evict":"false"},"labels":{"app":"autoscaler","serving.knative.dev/release":"v0.17.0"}},"spec":{"affinity":{"podAntiAffinity":{"preferredDuringSchedulingIgnoredDuringExecution":[{"podAffinityTerm":{"labelSelector":{"matchLabels":{"app":"autoscaler"}},"topologyKey":"kubernetes.io/hostname"},"weight":100}]}},"containers":[{"env":[{"name":"SYSTEM_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}},{"name":"CONFIG_LOGGING_NAME","value":"config-logging"},{"name":"CONFIG_OBSERVABILITY_NAME","value":"config-observability"},{"name":"METRICS_DOMAIN","value":"knative.dev/serving"}],"image":"gcr.io/knative-releases/knative.dev/serving/cmd/autoscaler@sha256:0af019e5d0b936468f85f5ca3c658b4913e5ac08734cf377bbbd8ba93eaa9db0","livenessProbe":{"httpGet":{"httpHeaders":[{"name":"k-kubelet-probe","value":"autoscaler"}],"port":8080}},"name":"autoscaler","ports":[{"containerPort":9090,"name":"metrics"},{"containerPort":8008,"name":"profiling"},{"containerPort":8080,"name":"websocket"}],"readinessProbe":{"httpGet":{"httpHeaders":[{"name":"k-kubelet-probe","value":"autoscaler"}],"port":8080}},"resources":{"limits":{"cpu":"300m","memory":"400Mi"},"requests":{"cpu":"30m","memory":"40Mi"}},"securityContext":{"allowPrivilegeEscalation":false}}],"serviceAccountName":"controller"}}}}
    creationTimestamp: "2020-08-25T06:46:49Z"
    generation: 2
    labels:
      serving.knative.dev/release: v0.17.0
    name: autoscaler
    namespace: knative-serving
    resourceVersion: "22295236"
    selfLink: /apis/extensions/v1beta1/namespaces/knative-serving/deployments/autoscaler
    uid: 64e12ab1-f79c-44ec-ab19-29a940daa80a
  spec:
    progressDeadlineSeconds: 600
    replicas: 1
    revisionHistoryLimit: 10
    selector:
      matchLabels:
        app: autoscaler
    strategy:
      rollingUpdate:
        maxSurge: 25%
        maxUnavailable: 25%
      type: RollingUpdate
    template:
      metadata:
        annotations:
          cluster-autoscaler.kubernetes.io/safe-to-evict: "false"
        creationTimestamp: null
        labels:
          app: autoscaler
          serving.knative.dev/release: v0.17.0
      spec:
        affinity:
          podAntiAffinity:
            preferredDuringSchedulingIgnoredDuringExecution:
            - podAffinityTerm:
                labelSelector:
                  matchLabels:
                    app: autoscaler
                topologyKey: kubernetes.io/hostname
              weight: 100
        containers:
        - env:
          - name: SYSTEM_NAMESPACE
            valueFrom:
              fieldRef:
                apiVersion: v1
                fieldPath: metadata.namespace
          - name: CONFIG_LOGGING_NAME
            value: config-logging
          - name: CONFIG_OBSERVABILITY_NAME
            value: config-observability
          - name: METRICS_DOMAIN
            value: knative.dev/serving
          image: registry.cn-shenzhen.aliyuncs.com/shikanon/knative-releases.knative.dev.serving.cmd.autoscaler:v0.17.0
          imagePullPolicy: IfNotPresent
          livenessProbe:
            failureThreshold: 3
            httpGet:
              httpHeaders:
              - name: k-kubelet-probe
                value: autoscaler
              path: /
              port: 8080
              scheme: HTTP
            periodSeconds: 10
            successThreshold: 1
            timeoutSeconds: 1
          name: autoscaler
          ports:
          - containerPort: 9090
            name: metrics
            protocol: TCP
          - containerPort: 8008
            name: profiling
            protocol: TCP
          - containerPort: 8080
            name: websocket
            protocol: TCP
          readinessProbe:
            failureThreshold: 3
            httpGet:
              httpHeaders:
              - name: k-kubelet-probe
                value: autoscaler
              path: /
              port: 8080
              scheme: HTTP
            periodSeconds: 10
            successThreshold: 1
            timeoutSeconds: 1
          resources:
            limits:
              cpu: 300m
              memory: 400Mi
            requests:
              cpu: 30m
              memory: 40Mi
          securityContext:
            allowPrivilegeEscalation: false
          terminationMessagePath: /dev/termination-log
          terminationMessagePolicy: File
        dnsPolicy: ClusterFirst
        restartPolicy: Always
        schedulerName: default-scheduler
        securityContext: {}
        serviceAccount: controller
        serviceAccountName: controller
        terminationGracePeriodSeconds: 30
  status:
    availableReplicas: 1
    conditions:
    - lastTransitionTime: "2020-08-25T07:27:07Z"
      lastUpdateTime: "2020-08-25T07:27:07Z"
      message: Deployment has minimum availability.
      reason: MinimumReplicasAvailable
      status: "True"
      type: Available
    - lastTransitionTime: "2020-08-25T07:26:49Z"
      lastUpdateTime: "2020-08-25T07:27:07Z"
      message: ReplicaSet "autoscaler-7c6b98ddf6" has successfully progressed.
      reason: NewReplicaSetAvailable
      status: "True"
      type: Progressing
    observedGeneration: 2
    readyReplicas: 1
    replicas: 1
    updatedReplicas: 1
- apiVersion: extensions/v1beta1
  kind: Deployment
  metadata:
    annotations:
      deployment.kubernetes.io/revision: "2"
      kubectl.kubernetes.io/last-applied-configuration: |
        {"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"labels":{"serving.knative.dev/release":"v0.17.0"},"name":"controller","namespace":"knative-serving"},"spec":{"selector":{"matchLabels":{"app":"controller"}},"template":{"metadata":{"annotations":{"cluster-autoscaler.kubernetes.io/safe-to-evict":"true"},"labels":{"app":"controller","serving.knative.dev/release":"v0.17.0"}},"spec":{"affinity":{"podAntiAffinity":{"preferredDuringSchedulingIgnoredDuringExecution":[{"podAffinityTerm":{"labelSelector":{"matchLabels":{"app":"controller"}},"topologyKey":"kubernetes.io/hostname"},"weight":100}]}},"containers":[{"env":[{"name":"SYSTEM_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}},{"name":"CONFIG_LOGGING_NAME","value":"config-logging"},{"name":"CONFIG_OBSERVABILITY_NAME","value":"config-observability"},{"name":"METRICS_DOMAIN","value":"knative.dev/internal/serving"}],"image":"gcr.io/knative-releases/knative.dev/serving/cmd/controller@sha256:5f118d434661a895096c69c036de20c962aee445e339cc9e1b1bf806895d6fa2","name":"controller","ports":[{"containerPort":9090,"name":"metrics"},{"containerPort":8008,"name":"profiling"}],"resources":{"limits":{"cpu":"1000m","memory":"1000Mi"},"requests":{"cpu":"100m","memory":"100Mi"}},"securityContext":{"allowPrivilegeEscalation":false}}],"serviceAccountName":"controller"}}}}
    creationTimestamp: "2020-08-25T06:46:50Z"
    generation: 2
    labels:
      serving.knative.dev/release: v0.17.0
    name: controller
    namespace: knative-serving
    resourceVersion: "22294426"
    selfLink: /apis/extensions/v1beta1/namespaces/knative-serving/deployments/controller
    uid: bd1f8881-ccc8-42cc-847d-2d584dce8fd2
  spec:
    progressDeadlineSeconds: 600
    replicas: 1
    revisionHistoryLimit: 10
    selector:
      matchLabels:
        app: controller
    strategy:
      rollingUpdate:
        maxSurge: 25%
        maxUnavailable: 25%
      type: RollingUpdate
    template:
      metadata:
        annotations:
          cluster-autoscaler.kubernetes.io/safe-to-evict: "true"
        creationTimestamp: null
        labels:
          app: controller
          serving.knative.dev/release: v0.17.0
      spec:
        affinity:
          podAntiAffinity:
            preferredDuringSchedulingIgnoredDuringExecution:
            - podAffinityTerm:
                labelSelector:
                  matchLabels:
                    app: controller
                topologyKey: kubernetes.io/hostname
              weight: 100
        containers:
        - env:
          - name: SYSTEM_NAMESPACE
            valueFrom:
              fieldRef:
                apiVersion: v1
                fieldPath: metadata.namespace
          - name: CONFIG_LOGGING_NAME
            value: config-logging
          - name: CONFIG_OBSERVABILITY_NAME
            value: config-observability
          - name: METRICS_DOMAIN
            value: knative.dev/internal/serving
          image: registry.cn-shenzhen.aliyuncs.com/shikanon/knative-releases.knative.dev.serving.cmd.controller:v0.17.0
          imagePullPolicy: IfNotPresent
          name: controller
          ports:
          - containerPort: 9090
            name: metrics
            protocol: TCP
          - containerPort: 8008
            name: profiling
            protocol: TCP
          resources:
            limits:
              cpu: "1"
              memory: 1000Mi
            requests:
              cpu: 100m
              memory: 100Mi
          securityContext:
            allowPrivilegeEscalation: false
          terminationMessagePath: /dev/termination-log
          terminationMessagePolicy: File
        dnsPolicy: ClusterFirst
        restartPolicy: Always
        schedulerName: default-scheduler
        securityContext: {}
        serviceAccount: controller
        serviceAccountName: controller
        terminationGracePeriodSeconds: 30
  status:
    availableReplicas: 1
    conditions:
    - lastTransitionTime: "2020-08-25T07:26:55Z"
      lastUpdateTime: "2020-08-25T07:26:55Z"
      message: Deployment has minimum availability.
      reason: MinimumReplicasAvailable
      status: "True"
      type: Available
    - lastTransitionTime: "2020-08-25T07:26:49Z"
      lastUpdateTime: "2020-08-25T07:26:55Z"
      message: ReplicaSet "controller-5589c698d6" has successfully progressed.
      reason: NewReplicaSetAvailable
      status: "True"
      type: Progressing
    observedGeneration: 2
    readyReplicas: 1
    replicas: 1
    updatedReplicas: 1
- apiVersion: extensions/v1beta1
  kind: Deployment
  metadata:
    annotations:
      deployment.kubernetes.io/revision: "2"
      kubectl.kubernetes.io/last-applied-configuration: |
        {"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"labels":{"serving.knative.dev/release":"v0.17.0"},"name":"webhook","namespace":"knative-serving"},"spec":{"selector":{"matchLabels":{"app":"webhook","role":"webhook"}},"template":{"metadata":{"annotations":{"cluster-autoscaler.kubernetes.io/safe-to-evict":"false"},"labels":{"app":"webhook","role":"webhook","serving.knative.dev/release":"v0.17.0"}},"spec":{"affinity":{"podAntiAffinity":{"preferredDuringSchedulingIgnoredDuringExecution":[{"podAffinityTerm":{"labelSelector":{"matchLabels":{"app":"webhook"}},"topologyKey":"kubernetes.io/hostname"},"weight":100}]}},"containers":[{"env":[{"name":"SYSTEM_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}},{"name":"CONFIG_LOGGING_NAME","value":"config-logging"},{"name":"CONFIG_OBSERVABILITY_NAME","value":"config-observability"},{"name":"WEBHOOK_PORT","value":"8443"},{"name":"METRICS_DOMAIN","value":"knative.dev/serving"}],"image":"gcr.io/knative-releases/knative.dev/serving/cmd/webhook@sha256:d36f460aea55b93cce222bcee129776dee356e6499db73f232bfdf482ce28f66","livenessProbe":{"httpGet":{"httpHeaders":[{"name":"k-kubelet-probe","value":"webhook"}],"port":8443,"scheme":"HTTPS"},"periodSeconds":1},"name":"webhook","ports":[{"containerPort":9090,"name":"metrics"},{"containerPort":8008,"name":"profiling"},{"containerPort":8443,"name":"https-webhook"}],"readinessProbe":{"httpGet":{"httpHeaders":[{"name":"k-kubelet-probe","value":"webhook"}],"port":8443,"scheme":"HTTPS"},"periodSeconds":1},"resources":{"limits":{"cpu":"500m","memory":"500Mi"},"requests":{"cpu":"100m","memory":"100Mi"}},"securityContext":{"allowPrivilegeEscalation":false}}],"serviceAccountName":"controller","terminationGracePeriodSeconds":300}}}}
    creationTimestamp: "2020-08-25T06:46:51Z"
    generation: 2
    labels:
      serving.knative.dev/release: v0.17.0
    name: webhook
    namespace: knative-serving
    resourceVersion: "22294932"
    selfLink: /apis/extensions/v1beta1/namespaces/knative-serving/deployments/webhook
    uid: d17a6b43-259b-4367-be4e-0e51bcd4119f
  spec:
    progressDeadlineSeconds: 600
    replicas: 1
    revisionHistoryLimit: 10
    selector:
      matchLabels:
        app: webhook
        role: webhook
    strategy:
      rollingUpdate:
        maxSurge: 25%
        maxUnavailable: 25%
      type: RollingUpdate
    template:
      metadata:
        annotations:
          cluster-autoscaler.kubernetes.io/safe-to-evict: "false"
        creationTimestamp: null
        labels:
          app: webhook
          role: webhook
          serving.knative.dev/release: v0.17.0
      spec:
        affinity:
          podAntiAffinity:
            preferredDuringSchedulingIgnoredDuringExecution:
            - podAffinityTerm:
                labelSelector:
                  matchLabels:
                    app: webhook
                topologyKey: kubernetes.io/hostname
              weight: 100
        containers:
        - env:
          - name: SYSTEM_NAMESPACE
            valueFrom:
              fieldRef:
                apiVersion: v1
                fieldPath: metadata.namespace
          - name: CONFIG_LOGGING_NAME
            value: config-logging
          - name: CONFIG_OBSERVABILITY_NAME
            value: config-observability
          - name: WEBHOOK_PORT
            value: "8443"
          - name: METRICS_DOMAIN
            value: knative.dev/serving
          image: registry.cn-shenzhen.aliyuncs.com/shikanon/knative-releases.knative.dev.serving.cmd.webhook:v0.17.0
          imagePullPolicy: IfNotPresent
          livenessProbe:
            failureThreshold: 3
            httpGet:
              httpHeaders:
              - name: k-kubelet-probe
                value: webhook
              path: /
              port: 8443
              scheme: HTTPS
            periodSeconds: 1
            successThreshold: 1
            timeoutSeconds: 1
          name: webhook
          ports:
          - containerPort: 9090
            name: metrics
            protocol: TCP
          - containerPort: 8008
            name: profiling
            protocol: TCP
          - containerPort: 8443
            name: https-webhook
            protocol: TCP
          readinessProbe:
            failureThreshold: 3
            httpGet:
              httpHeaders:
              - name: k-kubelet-probe
                value: webhook
              path: /
              port: 8443
              scheme: HTTPS
            periodSeconds: 1
            successThreshold: 1
            timeoutSeconds: 1
          resources:
            limits:
              cpu: 500m
              memory: 500Mi
            requests:
              cpu: 100m
              memory: 100Mi
          securityContext:
            allowPrivilegeEscalation: false
          terminationMessagePath: /dev/termination-log
          terminationMessagePolicy: File
        dnsPolicy: ClusterFirst
        restartPolicy: Always
        schedulerName: default-scheduler
        securityContext: {}
        serviceAccount: controller
        serviceAccountName: controller
        terminationGracePeriodSeconds: 300
  status:
    availableReplicas: 1
    conditions:
    - lastTransitionTime: "2020-08-25T07:27:02Z"
      lastUpdateTime: "2020-08-25T07:27:02Z"
      message: Deployment has minimum availability.
      reason: MinimumReplicasAvailable
      status: "True"
      type: Available
    - lastTransitionTime: "2020-08-25T07:26:49Z"
      lastUpdateTime: "2020-08-25T07:27:02Z"
      message: ReplicaSet "webhook-785cf47bd5" has successfully progressed.
      reason: NewReplicaSetAvailable
      status: "True"
      type: Progressing
    observedGeneration: 2
    readyReplicas: 1
    replicas: 1
    updatedReplicas: 1
kind: List
metadata: {}

选择网络层安装

这里我们选择Kong作为网关，安装kong ingress controller：

kubectl apply --filename https://raw.githubusercontent.com/Kong/kubernetes-ingress-controller/0.9.x/deploy/single/all-in-one-dbless.yaml

配置knative serving 使用 Kong:

kubectl patch configmap/config-network \
  --namespace knative-serving \
  --type merge \
  --patch '{"data":{"ingress.class":"kong"}}'

配置DNS

kubectl patch configmap/config-domain \
  --namespace knative-serving \
  --type merge \
  --patch '{"data":{"knative.realibcloud.cn":""}}'