Knative

實驗環境
Ubuntu 20.04
Kubernetes v1.20(單節點)
Knative v0.20.0

安裝 Docker

apt-get update

apt-get install -y apt-transport-https \
   ca-certificates \
   curl \
   gnupg-agent \
   software-properties-common

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -
add-apt-repository \
"deb [arch=amd64] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) \
stable"

apt-get update

apt-get install -y docker-ce docker-ce-cli containerd.io

service docker start

安裝 Kubernetes

(Knative 需要 Kubernetes v1.17 以上的版本)

apt-get update && apt-get install -y apt-transport-https curl

curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
deb https://apt.kubernetes.io/ kubernetes-xenial main
EOF

apt-get update

apt-get install -y kubelet kubeadm kubectl

apt-mark hold kubelet kubeadm kubectl

Docker 連接操作

cat > /etc/docker/daemon.json <<EOF
{
  "exec-opts": ["native.cgroupdriver=systemd"],
  "log-driver": "json-file",
  "log-opts": {
    "max-size": "100m"
  },
  "storage-driver": "overlay2"
}
EOF

mkdir -p /etc/systemd/system/docker.service.d

systemctl daemon-reload

systemctl restart docker

• 關閉 Linux swap

swapoff -a

• 建立叢集

kubeadm init  --pod-network-cidr=10.244.0.0/16

mkdir -p $HOME/.kube

cp -i /etc/kubernetes/admin.conf $HOME/.kube/config

chown $(id -u):$(id -g) $HOME/.kube/config

• 建立CNI

kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

• 汙染節點

kubectl taint nodes --all node-role.kubernetes.io/master-

部屬 Knative

Knative 擴展了 Kubernetes，為開發人員提供了一套工具，可簡化部署和管理可在任何地方運行的事件驅動應用程式的過程。

Knative有兩個組件，可以獨立安裝或一起使用。

• Serving 為基於無狀態請求的從零到零的服務提供了一種抽象。
• Eventing 提供了抽像以啟用綁定事件源（例如Github Webhooks，Kafka）和使用者（例如Kubernetes或Knative Services）的綁定。

參考: https://knative.dev/docs/install/any-kubernetes-cluster/

Installing the Serving component

架構: https://knative.dev/docs/serving/

• Install Serving CRD

kubectl apply --filename https://github.com/knative/serving/releases/download/v0.20.0/serving-crds.yaml

• Install the core components of Serving

kubectl apply --filename https://github.com/knative/serving/releases/download/v0.20.0/serving-core.yaml

• Install networking layer(Istio)

參考: https://knative.dev/docs/install/installing-istio/
部署需求: istioctl (v1.7 or later) installed.
目前官方建議部署istio v1.7

• Installing Istio without sidecar injection

  • istio-minimal-operator.yaml

  cat << EOF > ./istio-minimal-operator.yaml
  apiVersion: install.istio.io/v1alpha1
  kind: IstioOperator
  spec:
    values:
      global:
        proxy:
          autoInject: disabled
        useMCP: false
        # The third-party-jwt is not enabled on all k8s.
        # See: https://istio.io/docs/ops/best-practices/security/#configure-third-party-service-account-tokens
        jwtPolicy: first-party-jwt
  
    addonComponents:
      pilot:
        enabled: true
  
    components:
      ingressGateways:
        - name: istio-ingressgateway
          enabled: true
  EOF
  
  istioctl install -f istio-minimal-operator.yaml
  

  • Install the Knative Istio controller

  kubectl apply --filename https://github.com/knative/net-istio/releases/download/v0.20.0/release.yaml
  

  • Fetch the External IP or CNAME

  kubectl --namespace istio-system get service istio-ingressgateway
  

  

• Configure DNS

  • xip.io：提供一個default domain(k8s job)，為Knative Serving配置預設的DNS後綴。

  注意：This will only work if the cluster LoadBalancer service exposes an IPv4 address or hostname, so it will not work with IPv6 clusters or local setups like Minikube. For these, see “Real DNS” or “Temporary DNS”.

  kubectl apply --filename https://github.com/knative/serving/releases/download/v0.20.0/serving-default-domain.yaml
  

最基本的Knative Serving部署完成。

Optional Serving extensions