knative
/
func
mirror of https://github.com/knative/func.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

docs: setting up remote access to kind clusters

This commit is contained in:
Luke K 2020-08-17 16:28:25 +09:00
parent b3d513031a
commit 6be6b71262
No known key found for this signature in database
GPG Key ID: 4896F75BAF2E1966
9 changed files with 57 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
docs/README.md
View File

@ -2,7 +2,7 @@
[Demo Screencast]
faas is a "Function as a Service" Client Library and CLI for enabling the development of implicitly deployed, platform agnostic code.
`faas` is a "Function as a Service" Client Library and CLI for enabling the development of implicitly deployed, platform agnostic code.
For examples of what's possible, see the [Screencast Series](getting_started_screencast.md) or the [Functions Cookbook](functions_cookbook.md).
@ -11,7 +11,7 @@ Functions can be written in the following languages:
* Go (Golang)
* Node.js (JavaScript)
* Quarkus (Java)
* Rust
* Rust (Coming Soon)
Functions can be deployed on the following platforms:
@ -25,13 +25,15 @@ Functions can be deployed on the following platforms:
[Install the latest CLI](installing_cli.md)
<!-- Plugins coming soon
[Install the VS Code Plugin](installing_vscode.md)
[Install the VIM Plugin](installing_vim.md)
[Install the Emacs Extension](installing_emacs.md)
-->
Functions can be created and managed using the CLI interactively, scripted, using one of the IDE plugins, or by direct integration with the client library. The [Function Developer's Guide](developers_guide.md)and examples herein demonstrate the CLI-based approach.
Functions can be created and managed using the CLI interactively, scripted, or by direct integration with the client library. The [Function Developer's Guide](developers_guide.md)and examples herein demonstrate the CLI-based approach.
For direct integration using the Go client library, it is advisible to first follow these CLI-based guides to become familiar with creating and deploying software in this way, and then proceed to the [Function Integrator's Guide](integrators_guide.md).

19
docs/getting_started_kubernetes.md
View File

@ -10,8 +10,6 @@ Any Kubernetes-compatible API should be capable. Included herein are instructio
[Provision using Kind](provision_kind.md)
[Provision using Minikube](provision_minikube.md)
[Provision using Amazon EKS](provision_eks.md)
## Configuring the Cluster
@ -22,7 +20,7 @@ Create a namespace for your Functions:
```
kubectl create namespace faas
```
Optionally set the default namespace for kubetl commands:
Set the default namespace for subsequent commands:
```
kubectl config set-context --current --namespace=faas
```
@ -46,16 +44,14 @@ Update the networking layer to
kubectl apply -f knative/config-network.yaml
```
Note: for environments where Load Balancers are not supported (such as local Kind or Minikube clusters), the Kourier service should be updated to be of type IP instead of LoadBalancer. This configuration patches the kourier service to be of type NodePort with its networking service attached to the host at ports HTTP 30080 and HTTPS 30443.
Note: for environments where Load Balancers are not supported (such as local Kind clusters), the Kourier service will be stuck in a pending state as it is awaiting the underlying infrastructure to provision a load-balancer. This can be solved by updating the Kourier configuration to type NodePort with its networking service attached to the host at ports HTTP 30080 and HTTPS 30443, you can use the following patch file:
```
kubectl patch -n kourier-system services/kourier -p "$(cat knative/config-kourier-nodeport.yaml)"
```
For bare metal clusters, installing the [MetalLB LoadBalancer](https://metallb.universe.tf/) is also an option.
### Domains
Configure cluster-wide domain TLD+1 by editing k8s/config-domain.yaml to include supported domains.
Update the `knative/config-domain.yaml` to contain your domain of choice and then apply:
First edit `knative/config-domain.yaml` to contain your domain of choice and then apply:
```
kubectl apply -f knative/config-domain.yaml
```
@ -63,11 +59,12 @@ Note that this step is [pending automation](https://github.com/boson-project/faa
### DNS
Register domain(s) to be used, configuring a CNAME to the DNS or IP returned from:
For external routing to the cluster, register domain(s) to be used with a registrar and configure a DNS CNAME to the DNS or IP returned from:
(May also register a wildcard subdomain match).
```
kubectl --namespace kourier-system get service kourier
```
May also register a wildcard subdomain match.
For local installations such as Kind, the Kourier networking layer is configured as a local port, so DNS can be resolved by modifying one's local DNS resolver, or /etc/hosts, to point to the local host.
### TLS
@ -90,7 +87,7 @@ Generate a token with CloudFlare with the following settings:
Base64 encode the token:
```
echo -n 'CLOUDFLARE_TOKEN' | base64
echo -n "$CLOUDFLARE_TOKEN" | base64
```
Update the `tls/cloudflare-secret.yaml` with the base64-encoded token value and create the secret:
```
@ -123,7 +120,7 @@ GitHub events source:
```
kubectl apply --filename https://github.com/knative/eventing-contrib/releases/download/v0.16.0/github.yaml
```
Learn more about the Github source at https://knative.dev/docs/eventing/samples/github-source/index.html
Learn more about the GitHub source at https://knative.dev/docs/eventing/samples/github-source/index.html
Enable Broker for faas namespace:
```

4
docs/integrators_guide.md
View File

@ -24,14 +24,14 @@ func main() {
// Docker to build and push, and a Knative client for deployment.
client, err := faas.New(
faas.WithInitializer(embedded.NewInitializer("")),
faas.WithBuilder(buildpacks.NewBuilder("quay.io", "alice")),
faas.WithBuilder(buildpacks.NewBuilder("quay.io/alice/my-function")),
faas.WithPusher(docker.NewPusher()),
faas.WithDeployer(knative.NewDeployer()))
// Create a Go function which listens for CloudEvents.
// Publicly routable as https://www.example.com.
// Local implementation is written to the current working directory.
if err := client.Create("go", "events", "www.example.com", "."); err != nil {
if err := client.Create("go", "events", "my-function", "quay.io/alice/my-function:v1.0"); err != nil {
log.Fatal(err)
}
}

12
docs/kind/config-local.yaml Normal file
View File

@ -0,0 +1,12 @@
kind: Cluster
apiVersion: kind.sigs.k8s.io/v1alpha3
nodes:
- role: control-plane
- role: worker
extraPortMappings:
- containerPort: 30080
hostPort: 80
listenAddress: "0.0.0.0"
- containerPort: 30443
hostPort: 443
listenAddress: "0.0.0.0"

15
docs/kind/config-remote.yaml Normal file
View File

@ -0,0 +1,15 @@
kind: Cluster
apiVersion: kind.sigs.k8s.io/v1alpha3
networking:
apiServerAddress: "10.10.10.1" # default 127.0.0.1
apiServerPort: 6443 # default random, must be different for each cluster
nodes:
- role: control-plane
- role: worker
extraPortMappings:
- containerPort: 30080
hostPort: 80
listenAddress: "0.0.0.0"
- containerPort: 30443
hostPort: 443
listenAddress: "0.0.0.0"

9
docs/kind/config.yaml
View File

@ -1,9 +0,0 @@
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
networking:
apiServerAddress: "10.10.10.1" # default 127.0.0.1
apiServerPort: 6443 # default random, must be different for each cluster
nodes:
- role: control-plane
- role: worker

4
docs/knative/config-kourier-nodeport.yaml
View File

@ -1,9 +1,9 @@
# Patch for changing kourier to a NodePort for installations where a
# LoadBalancer is not available (for example local Minikube or Kind clusters)
# LoadBalancer is not available (for example local Kind clusters)
spec:
ports:
- name: http2
nodePort: 32080
nodePort: 30080
port: 80
protocol: TCP
targetPort: 8080

45
docs/provision_kind.md
View File

@ -6,34 +6,27 @@ This guide walks through the process of configuring a kind cluster to run Functi
* kind v0.8.1 - [Install Kind](https://kind.sigs.k8s.io/docs/user/quick-start/#installation)
* Kubectl v1.17.3 - [Install kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl)
## Quickstart
Follow either the Local Access configuraiton step or the (optional) more lengthy remote configuration section.
Starting a new cluster with all defaults is as simple as:
## Configuring for local access
Create a two node cluster (control plane with one worker), mapping ports 30443 and 30080 to the host's port 80 and 443 (will be used during Kubernetes configuration for the Kourier networking layer).
```
kind create cluster
```
List available clusters:
```
kind get clusters
```
List running containers will now show a kind process:
```
docker ps
kind create cluster --config kind/config-local.yaml
```
Confirm core services are running:
```
kubectl get po --all-namespaces
```
You should see
## Configure With Remote Access
This section is optional.
Kind is intended to be a locally-running service, and exposing externally is not recommended. However, a fully configured kubernetes cluster can often quickly outstrip the resources available on even a well-specd development workstation. Therefore, creating a Kind cluster network appliance of sorts can be helpful. One possible way to connect to your kind cluster remotely would be to create a [wireguard](https://www.wireguard.com/) interface upon which to expose the API. Following is an example assuming linux hosts with systemd:
Kind is intended to be a locally-running service, and exposing externally is not recommended. However, a fully configured kubernetes cluster can often quickly outstrip the resources available on even a well-specd development workstation. Therefore, creating a Kind cluster network appliance of sorts on our LAN can be helpful. In order to administer the server, the API must be exposed. This should not be exposed publicly, so choose to either listen on a local LAN-only interface, or connect to your kind cluster remotely by creating a [wireguard](https://www.wireguard.com/) interface upon which to expose the API. Following is an example assuming linux hosts with systemd for the latter:
### Create a Secure Tunnel
### Create the Secure Tunnel
[Install Wireguard](https://www.wireguard.com/install/)
@ -132,23 +125,10 @@ Note that in order to import the config, it should be in a file with 0600 permis
### Provision the Cluster
Create a Kind configuration file which instructs the API server to listen on the Wireguard interface and a known port:
`kind-config.yaml`
Create a Kind configuration file which, in addition to mapping the HTTP and HTTPS ports to the host (as in the local config), also instructs the API server to listen on the Wireguard interface and a known port:
`kind/config-remote.yaml`
```
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
networking:
apiServerAddress: "10.10.10.1" # default is 127.0.0.1 (local only)
apiServerPort: 6443 # default is random.
```
Delete the current cluster if necessary:
```
kind delete cluster --name kind
```
Start a new cluster using the config:
```
kind create cluster --config kind-config.yaml
kind create cluster --config kind/config-remote.yaml
```
Export a kubeconfig and move it to the client machine:
```
@ -158,7 +138,8 @@ From the client, confirm that pods can be listed:
```
kubectl get po --all-namespaces --kubeconfig kind-kubeconfig.yaml
```
### Verify Cluster Provisioned
## Verify Cluster Provisioned
You should be able to retrieve a pods list from the cluster, which should include coredns, kube-proxy, etc.
```

1
docs/provision_minikube.md
View File

@ -1 +0,0 @@
# Provision a Minikube Cluster