Atik sa a fini seri nòt tradui sou OpenWhisk nan men otè a . Jodi a nou pral gade pwosesis pou deplwaye OpenWhisk sou Kubernetes ak kòmandman korije pou travay ak vèsyon aktyèl aplikasyon yo. Li pral kouvri tou pwosesis la nan kouri fonksyon OpenWhisk lè l sèvi avèk Knative ak TektonCD sou Kubernetes lè l sèvi avèk ègzekutabl Nodejs la.
Deplwaye OpenWhisk sou Kubernetes
Pandan kèk jou, mwen te fè eksperyans ak deplwaye OpenWhisk nan Kubernetes pou kreye yon teren tès ki senp epi rapid. Epi kòm mwen nouvo nan Kubernetes, mwen kwè ke yon jou ak yon mwatye te pase sou deplwaman siksè. NAN Repozitwa yo gen enstriksyon trè klè pou deplwaye OpenWhisk sou Kubernetes. Men enstriksyon deplwaman yo te fè pou Mac (Mwen pral fè tou sa sou Linux paske mwen pito Linux. -apeprè tradiktè).
- Enstale manadjè pake a
asdf, apre sa nou otomatikman korije~/.bash_profileoswa ekivalan li tankou sa a:
$ brew install asdf
$ [ -s "/usr/local/opt/asdf/asdf.sh" ] && . /usr/local/opt/asdf/asdf.sh
$ source ~/.bash_profile- Ajoute grefon
minikubeиkubelet:
$ asdf plugin-add kubectl
$ asdf plugin-add minikube- Enstale minikube ak kubelet:
$ asdf install kubectl 1.9.0
$ asdf global kubectl 1.9.0
$ asdf install minikube 0.25.2
$ asdf global minikube 0.25.2Sou Linux, etap sa a fè yon bagay tankou sa a (tout bagay yo mete nan ~/bin, ki nan lis nan PATH mwen an, nòt tradiktè a):
$ curl -L0 minikube https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64 && chmod +x minikube && mv minikube ~/bin/
$ curl -L0 https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl && chmod +x kubectl && mv kubectl ~/bin/- Kreye yon machin vityèl minikube (VirtualBox dwe pre-enstale):
$ minikube start --cpus 2 --memory 4096 --kubernetes-version=v1.9.0 --extra-config=apiserver.Authorization.Mode=RBACminikube start , san paramèt ak valè default. -apeprè tradiktè]
$ minikube start
minikube v1.5.2 on Debian 8.11
Automatically selected the 'virtualbox' driver
Downloading VM boot image ...
> minikube-v1.5.1.iso.sha256: 65 B / 65 B [--------------] 100.00% ? p/s 0s
> minikube-v1.5.1.iso: 143.76 MiB / 143.76 MiB [-] 100.00% 5.63 MiB p/s 26s
Creating virtualbox VM (CPUs=2, Memory=4096MB, Disk=20000MB) ...
Preparing Kubernetes v1.16.2 on Docker '18.09.9' ...
Downloading kubelet v1.16.2
Downloading kubeadm v1.16.2
Pulling images ...
Launching Kubernetes ... Waiting for: apiserver
Done! kubectl is now configured to use "minikube"- Chanje rezo a nan Docker nan mòd promiscuous:
$ minikube ssh -- sudo ip link set docker0 promisc on- Kreye yon espas non epi make ne travayè a:
$ kubectl create namespace openwhisk
$ kubectl label nodes --all openwhisk-role=invoker- Nou jwenn sa ki nan depo a epi pase sou kalite a pou antre nan fichye mycluster.yaml la:
$ git clone https://github.com/apache/incubator-openwhisk-deploy-kube.git
$ cd incubator-openwhisk-deploy-kube/
$ cat << "EOF" > mycluster.yaml
whisk:
ingress:
type: NodePort
api_host_name: 192.168.99.100
api_host_port: 31001
nginx:
httpsNodePort: 31001
EOF- Enstale Helm epi deplwaye li lè l sèvi avèk li:
$ brew install kubernetes-helm
$ helm init # init Helm Tiller, не нужно на Helm v3+
$ kubectl get pods -n kube-system # verify that tiller-deploy is in the running state, не нужно на helm v3+
$ kubectl create clusterrolebinding tiller-cluster-admin --clusterrole=cluster-admin --serviceaccount=kube-system:default
$ helm install ./openwhisk/helm/ --namespace=openwhisk -f mycluster.yaml$ curl -L0 https://get.helm.sh/helm-v3.0.1-linux-amd64.tar.gz | tar -xzvf - linux-amd64/helm --strip-components=1; sudo mv helm /usr/local/bin
$ kubectl create clusterrolebinding tiller-cluster-admin --clusterrole=cluster-admin --serviceaccount=kube-system:default
$ helm install ./openwhisk/helm/ --namespace=openwhisk --generate-name -f mycluster.yaml- Nou tcheke si tout bagay te monte (STATUS = Kouri oswa Konplete):
$ kubectl get pods -n openwhisk
NAME READY STATUS RESTARTS AGE
openwhisk-1576070780-alarmprovider-6868dc694-plvpf 1/1 Running 1 1d5h
openwhisk-1576070780-apigateway-8d56f4979-825hf 1/1 Running 1 1d5h
openwhisk-1576070780-cloudantprovider-544bb46596-9scph 1/1 Running 1 1d5h
openwhisk-1576070780-controller-0 1/1 Running 2 1d5h
openwhisk-1576070780-couchdb-7fd7f6c7cc-42tw6 1/1 Running 1 1d5h
openwhisk-1576070780-gen-certs-z9nsb 0/1 Completed 0 1d5h
openwhisk-1576070780-init-couchdb-r2vmt 0/1 Completed 0 1d5h
openwhisk-1576070780-install-packages-27dtr 0/1 Completed 0 1d4h
openwhisk-1576070780-invoker-0 1/1 Running 1 1d5h
openwhisk-1576070780-kafka-0 1/1 Running 1 1d5h
openwhisk-1576070780-kafkaprovider-f8b4cf4fc-7z4gt 1/1 Running 1 1d5h
openwhisk-1576070780-nginx-6dbdbf69bc-5x76n 1/1 Running 1 1d5h
openwhisk-1576070780-redis-cfd8756f4-hkrt6 1/1 Running 1 1d5h
openwhisk-1576070780-wskadmin 1/1 Running 1 1d5h
openwhisk-1576070780-zookeeper-0 1/1 Running 1 1d5h
wskopenwhisk-1576070780-invoker-00-1-prewarm-nodejs10 1/1 Running 0 61s
wskopenwhisk-1576070780-invoker-00-2-prewarm-nodejs10 1/1 Running 0 61s
wskopenwhisk-1576070780-invoker-00-3-whisksystem-invokerhealtht 1/1 Running 0 59s- Konfigirasyon wsk pou travay:
$ wsk property set --apihost 192.168.99.100:31001
$ wsk property set --auth 23bc46b1-71f6-4ed5-8c54-816aa4f8c502:123zO3xZCLrMN6v2BKK1dXYFpXlPkccOFqm12CdAsMgRU4VrNZ9lyGVCGuMDGIwPNou tcheke:
$ wsk -i list
Entities in namespace: default
packages
actions
triggers
rulesPwoblèm ak solisyon yo
getsockopt: koneksyon refize
$ wsk -i list
error: Unable to obtain the list of entities for namespace 'default': Get http://192.168.99.100:31001/api/v1/namespaces/_/actions?limit=0&skip=0: dial tcp 192.168.99.100:31001: getsockopt: connection refusedTcheke ke resipyan yo nan espas non an openwhisk nan estati Running, paske pafwa li aksidan ak erè CreateContainerConfigError.
Invoker toujou inisyalize - Init:1/2
Pwosesis telechaje divès kalite anviwònman ègzekutabl ka pran yon bon bout tan. Pou pi vit bagay yo, ou ka presize yon lis minimòm ki pi kout nan dosye a mycluster.yaml:
whisk:
runtimes: "runtimes-minimal-travis.json"Veso ki gen non -enstale-pakè- aksidan nan Erè
Jis ogmante timeout yo pou tès liveness.
Enstale OpenWhisk sou Knative
Priti Desai te fè enstalasyon an sou tèt yon gwoup nan nwaj IBM, osi byen ke sou yon minikube regilye, lè l sèvi avèk Knative Build ak BuildTemplates. Mwen pral enstale tou sou tèt minukube, ki baze sou ki jan nan blog nou an pi bonè - lè l sèvi avèk dènye vèsyon lojisyèl yo. Depi Knative Build ak BuildTemplates yo te ofisyèlman depreche, mwen pral itilize ranplasman rekòmande a nan fòm Tekton Pipelines. Rès atik la te ekri apre yo fin li dokimantasyon pou Tekton Pipelines, men li baze sou lide Priti. Pou travay, w ap bezwen aksè nan kèk Rejis Docker - Mwen, tankou otè orijinal la, pral sèvi ak DockerHub.
$ curl -L0 https://github.com/solo-io/gloo/releases/download/v1.2.10/glooctl-linux-amd64; chmod +x glooctl-linux-amd64; mv glooctl-linux-amd64 ~/bin
$ glooctl install knative
$ kubectl get pods -n knative-serving
NAME READY STATUS RESTARTS AGE
activator-77fc555665-rvrst 1/1 Running 0 2m23s
autoscaler-5c98b7c9b6-x8hh4 1/1 Running 0 2m21s
autoscaler-hpa-5cfd4f6845-w87kq 1/1 Running 0 2m22s
controller-7fd74c8f67-tprm8 1/1 Running 0 2m19s
webhook-74847bb77c-txr2g 1/1 Running 0 2m17s
$ kubectl get pods -n gloo-system
NAME READY STATUS RESTARTS AGE
discovery-859d7fbc9c-8xhvh 1/1 Running 0 51s
gloo-545886d9c6-85mwt 1/1 Running 0 51s
ingress-67d4996d75-lkkmw 1/1 Running 0 50s
knative-external-proxy-767dfd656c-wwv2z 1/1 Running 0 50s
knative-internal-proxy-6fdddcc6b5-7vqd8 1/1 Running 0 51s
Bati ak kouri OpenWhisk sou tèt Knative
- Jwenn kontni an :
$ git clone https://github.com/tektoncd/catalog/
$ cd catalog/openwhisk- Nou mete done yo pou jwenn aksè nan Rejis la kòm varyab anviwònman epi sove yo kòm yon sekrè Kubernetes:
$ export DOCKER_USERNAME=<your docker hub username>
$ export DOCKER_PASSWORD=<your docker hub password>
$ sed -e 's/${DOCKER_USERNAME}/'"$DOCKER_USERNAME"'/' -e 's/${DOCKER_PASSWORD}/'"$DOCKER_PASSWORD"'/' docker-secret.yaml.tmpl > docker-secret.yaml
$ kubectl apply -f docker-secret.yamlNou tcheke:
$ kubectl get secret
NAME TYPE DATA AGE
dockerhub-user-pass kubernetes.io/basic-auth 2 21s- Kreye yon kont pou anviwònman bilding:
$ kubectl apply -f service-account.yamlNou tcheke:
$ kubectl get serviceaccount/openwhisk-runtime-builder
NAME SECRETS AGE
openwhisk-runtime-builder 2 31m- Kreye yon travay pou konstwi yon imaj pou OpenWhisk
$ kubectl apply -f openwhisk.yaml
task.tekton.dev/openwhisk created- Nou kouri travay la pou konstwi imaj la (sèvi ak NodeJS kòm yon egzanp):
Kreye yon fichye taskrun.yaml ak sa:
# Git Pipeline Resource for OpenWhisk NodeJS Runtime
apiVersion: tekton.dev/v1alpha1
kind: PipelineResource
metadata:
name: openwhisk-nodejs-runtime-git
spec:
type: git
params:
- name: revision
value: master
- name: url
value: https://github.com/apache/openwhisk-runtime-nodejs.git
---
# Image Pipeline Resource for OpenWhisk NodeJS Sample Application
apiVersion: tekton.dev/v1alpha1
kind: PipelineResource
metadata:
name: openwhisk-nodejs-helloworld-image
spec:
type: image
params:
- name: url
value: docker.io/${DOCKER_USERNAME}/openwhisk-nodejs-helloworld
---
# Task Run to build NodeJS image with the action source
apiVersion: tekton.dev/v1alpha1
kind: TaskRun
metadata:
name: openwhisk-nodejs-helloworld
spec:
serviceAccountName: openwhisk-runtime-builder
taskRef:
name: openwhisk
inputs:
resources:
- name: runtime-git
resourceRef:
name: openwhisk-nodejs-runtime-git
params:
- name: DOCKERFILE
value: "./runtime-git/core/nodejs10Action/knative/Dockerfile"
- name: OW_ACTION_NAME
value: "nodejs-helloworld"
- name: OW_ACTION_CODE
value: "function main() {return {payload: 'Hello World!'};}"
- name: OW_PROJECT_URL
value: ""
outputs:
resources:
- name: runtime-image
resourceRef:
name: openwhisk-nodejs-helloworld-image
---Nou aplike done aktyèl yo pou dosye sa a:
$ sed 's/${DOCKER_USERNAME}/'"$DOCKER_USERNAME"'/' -i taskrun.yamlNou aplike:
$ kubectl apply -f taskrun.yaml
pipelineresource.tekton.dev/openwhisk-nodejs-runtime-git created
pipelineresource.tekton.dev/openwhisk-nodejs-helloworld-image created
taskrun.tekton.dev/openwhisk-nodejs-helloworld createdTcheke travay la konsiste de jwenn non gous la ak gade estati li yo. Ou ka wè tou rejis ekzekisyon chak etap, pou egzanp:
$ kubectl get taskrun
NAME SUCCEEDED REASON STARTTIME COMPLETIONTIME
openwhisk-nodejs-helloworld True Succeeded 5m15s 44s
$ kubectl get pod openwhisk-nodejs-helloworld-pod-4640d3
NAME READY STATUS RESTARTS AGE
openwhisk-nodejs-helloworld-pod-4640d3 0/6 Completed 0 5m20s
$ kubectl logs openwhisk-nodejs-helloworld-pod-4640d3 -c step-git-source-openwhisk-nodejs-runtime-git-r8vhr
{"level":"info","ts":1576532931.5880227,"logger":"fallback-logger","caller":"logging/config.go:69","msg":"Fetch GitHub commit ID from kodata failed: open /var/run/ko/refs/heads/master: no such file or directory"}
{"level":"info","ts":1576532936.538926,"logger":"fallback-logger","caller":"git/git.go:81","msg":"Successfully cloned https://github.com/apache/openwhisk-runtime-nodejs.git @ master in path /workspace/runtime-git"}
{"level":"warn","ts":1576532936.5395331,"logger":"fallback-logger","caller":"git/git.go:128","msg":"Unexpected error: creating symlink: symlink /tekton/home/.ssh /root/.ssh: file exists"}
{"level":"info","ts":1576532936.8202565,"logger":"fallback-logger","caller":"git/git.go:109","msg":"Successfully initialized and updated submodules in path /workspace/runtime-git"}Apre egzekisyon an, nou pral gen yon imaj nan Rejis la ki ka deplwaye lè l sèvi avèk sèvis piblik kn, ki fèt pou travay ak sèvis Knative, pou egzanp:
kn service create nodejs-helloworld --image docker.io/${DOCKER_USERNAME}/openwhisk-nodejs-helloworld
Service 'nodejs-helloworld' successfully created in namespace 'default'.
Waiting for service 'nodejs-helloworld' to become ready ... OK
Service URL:
http://nodejs-helloworld.default.example.comSi ou itilize Gloo, ou ka tcheke fonksyonalite li yo tankou sa a:
$ curl -H "Host: nodejs-helloworld.default.example.com" -X POST $(glooctl proxy url --name knative-external-proxy)
{"OK":true}
$ curl -H "Host: nodejs-helloworld.default.example.com" -X POST $(glooctl proxy url --name knative-external-proxy)
{"payload":"Hello World!"}Lòt atik nan seri a
Sous: www.habr.com