E faʻafefea ona tatala se alalaupapa i totonu o le Kubernetes pod poʻo se koneteina ma tcpserver ma netcat

Manatua. fa'aliliu.: O lenei faʻamatalaga aoga mai le na faia le LayerCI o se faʻataʻitaʻiga sili ona lelei o mea e taʻua o fautuaga & togafiti mo Kubernetes (ma sili atu). O le fofo o loʻo tuʻuina mai iinei e naʻo se tasi o nai mea laiti ma, masalo, e le o se mea e sili ona manino (mo nisi tulaga, o le "native" tasi mo K8s ua uma ona taʻua i faʻamatalaga atonu e talafeagai. kubectl port-forward). Ae ui i lea, e mafai ai ona e vaʻavaʻai i le faʻafitauli mai le vaʻaiga o le faʻaaogaina o mea faʻapitoa masani ma faʻaopoopoina i latou - i le taimi lava e tasi faigofie, fetuutuunai ma mamana (vaʻai "isi manatu" i le faaiuga mo musumusuga).

Va'ai faalemafaufau i se tulaga masani: e te mana'o i se uafu i luga o lau masini fa'apitonu'u e fa'amanino fa'agasolo atu felauaiga i se pod/container (po'o le isi itu).

Fa'aaoga tulaga

1. Siaki po'o le a le mea e toe fo'i mai e le HTTP endpoint /healthz pod i le fuifui gaosiga.
2. Faʻafesoʻotaʻi se TCP debugger i le pod i luga o le masini faʻapitonuʻu.
3. Maua le avanoa i le gaosiga o faʻamaumauga mai meafaigaluega faʻamaumauga i le lotoifale e aunoa ma le faʻalavelave i le faʻamaonia (e masani lava o le localhost e iai aia tatau).
4. Fa'agasolo se fa'amatalaga femalaga'iga e tasi le taimi mo fa'amaumauga i totonu o se fa'asologa fa'asolosolo e aunoa ma le faia o se atigipusa mo ai.
5. Faʻafesoʻotaʻi se VNC vasega i se pusa o loʻo faʻaogaina se komepiuta komepiuta (silasila i le XVFB).

O nai upu e uiga i meafaigaluega manaʻomia

Tcpserver — O se meafaigaluega tatala e maua i le tele o fale teu oloa. LinuxE mafai ai ona e tatalaina se uafu i le lotoifale ma toe fa'asino atu fefa'ataua'iga na maua e ala i le stdin/stdout mai so'o se poloaiga fa'amaoti i ai:

colin@colin-work:~$ tcpserver 127.0.0.1 8080 echo -e 'HTTP/1.0 200 OKrnContent-Length: 19rnrn<body>hello!</body>'&
[1] 17377
colin@colin-work:~$ curl localhost:8080
<body>hello!</body>colin@colin-work:~$

(asciinema.org)

Netcat faia le faafeagai. E faʻatagaina oe e faʻafesoʻotaʻi i se taulaga tatala ma pasi le I / O maua mai ai i stdin / stdout:

colin@colin-work:~$ nc -C httpstat.us 80
GET /200 HTTP/1.0
Host: httpstat.us
HTTP/1.1 200 OK
Cache-Control: private
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.1
Access-Control-Allow-Origin: *
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Set-Cookie: ARRAffinity=93fdbab9d364704de8ef77182b4d13811344b7dd1ec45d3a9682bbd6fa154ead;Path=/;HttpOnly;Domain=httpstat.us
Date: Fri, 01 Nov 2019 17:53:04 GMT
Connection: close
Content-Length: 0

^C
colin@colin-work:~$

(asciinema.org)

I le faʻataʻitaʻiga o loʻo i luga, e talosagaina e le netcat le itulau ile HTTP. Fu'a -C mafua ai ona faʻapipiʻi le CRLF i le pito o le laina.

Feso'ota'iga ma kubectl: fa'alogo ile talimalo ma fa'afeso'ota'i ile pod

Afai tatou te tuʻufaʻatasia meafaigaluega o loʻo i luga ma kubectl, tatou te maua se faʻatonuga pei o lenei:

tcpserver 127.0.0.1 8000 kubectl exec -i web-pod nc 127.0.0.1 8080

I se faʻataʻitaʻiga, ina ia maua le port 80 i totonu o le pod o le a lava lea e fai curl "127.0.0.1:80":

colin@colin-work:~$ sanic kubectl exec -it web-54dfb667b6-28n85 bash
root@web-54dfb667b6-28n85:/web# apt-get -y install netcat-openbsd
Reading package lists... Done
Building dependency tree
Reading state information... Done
netcat-openbsd is already the newest version (1.195-2).
0 upgraded, 0 newly installed, 0 to remove and 10 not upgraded.
root@web-54dfb667b6-28n85:/web# exit
colin@colin-work:~$ tcpserver 127.0.0.1 8000 sanic kubectl exec -i web-54dfb667b6-28n85 nc 127.0.0.1 8080&
[1] 3232
colin@colin-work:~$ curl localhost:8000/healthz
{"status":"ok"}colin@colin-work:~$ exit

(asciinema.org)

Fa'aoga fegalegaleai ata

I le isi itu: faʻalogo i le pod ma faʻafesoʻotaʻi i le talimalo

nc 127.0.0.1 8000 | kubectl exec -i web-pod tcpserver 127.0.0.1 8080 cat

O lenei poloaiga e mafai ai e le pod ona maua le taulaga 8000 i luga o le masini i le lotoifale.

Tusitusi Bash

Na ou tusia se tusitusiga faapitoa mo Bash e mafai ai e oe ona pulea se vaega o gaosiga Kubernetes LayerCIfaʻaaogaina le auala o loʻo faʻamatalaina i luga:

kubetunnel() {
    POD="$1"
    DESTPORT="$2"
    if [ -z "$POD" -o -z "$DESTPORT" ]; then
        echo "Usage: kubetunnel [pod name] [destination port]"
        return 1
    fi
    pkill -f 'tcpserver 127.0.0.1 6666'
    tcpserver 127.0.0.1 6666 kubectl exec -i "$POD" nc 127.0.0.1 "$DESTPORT"&
    echo "Connect to 127.0.0.1:6666 to access $POD:$DESTPORT"
}

Afai e te faʻaopoopoina lenei galuega i ~/.bashrc, e faigofie ona e tatalaina se alalaupapa i totonu o se pod ma le poloaiga kubetunnel web-pod 8080 ma fai curl localhost:6666.

• Mo le alavai i totonu Docker e mafai ona e suia le laina autu i:

  tcpserver 127.0.0.1 6666 docker exec -i "$CONTAINER" nc 127.0.0.1 "$DESTPORT"

• mo tunnel i totonu K3s - sui i:

  tcpserver 127.0.0.1 6666 k3s kubectl exec …

• ma isi.

Sili atu aitia

• E mafai ona e toe faʻafeiloaʻi feoaiga a le UDP e faʻaaoga ai tulafono netcat -l -u -c nai lo tcpserver и netcat -u nai lo netcat faasologa.
• Va'ai I/O e ala ile va'aiga paipa:

  nc 127.0.0.1 8000 | pv --progress | kubectl exec -i web-pod tcpserver 127.0.0.1 8080 cat

• E mafai ona e compress ma decompress feoaiga i pito uma e lua faaaogaina gzip.
• Faʻafesoʻotaʻi e ala i le SSH i se isi komepiuta ma le faila fetaui kubeconfig:

  tcpserver ssh workcomputer "kubectl exec -i my-pod nc 127.0.0.1 80"

• E mafai ona e fa'afeso'ota'i ni pusi se lua i fuifui eseese e fa'aaoga ai mkfifo ma fa'atino poloaiga eseese e lua kubectl.

O avanoa e le gata!

PS mai faaliliu

Faitau foi i la matou blog:

• «Meafaigaluega mo tagata atiaʻe o talosaga o loʻo faʻaogaina i Kubernetes";
• «Kubernetes fautuaga & togafiti: e uiga i atinaʻe faʻapitonuʻu ma Telepresence";
• «kubectl-debug plugin mo le faʻapipiʻiina i Kubernetes pods";
• «Fa'aoga aoga pe a galulue ma Kubernetes".

puna: www.habr.com