当前位置:网站首页>Operator-1初识Operator
Operator-1初识Operator
2022-07-02 06:39:00 【saynaihe】
背景:
接触kubernetes也好多年了,开始就各种听说Operator的,但是从来没有深入了解动手写过Operator。开始体验一下简单的Operator
Operator初体验
什么是Operator?
参照:红帽官方文档什么是 Kubernetes Operator?
**coreos2016年引入,**是一种封装、部署和管理 Kubernetes 应用的方法
- crd webhook controller
开发工具:
what is crd
**CRD **全称是 Custom Resource Definition, CRD是一种无需编码就可以扩展原生kubenetes API接口的方式。适合扩展kubernetes的自定义接口和功能。如果想更为灵活的添加逻辑就需要API Aggregation方式.
开始准备
常用的开发工具有一下几种:
我的开发工具 包括goland kubebuilder kustomize,kubernetes1.23.6,工作环境rocky linux 8.5 go 1.17
注意:一定看一下go 版本 与开发工具对应版本,以及与kubernetes的版本
kubebuilder kustomize install
https://github.com/kubernetes-sigs/kubebuilder/releases
[[email protected] ~]# wget https://github.com/kubernetes-sigs/kubebuilder/releases/download/v3.5.0/kubebuilder_linux_amd64
[[email protected] ~]# mv kubebuilder_linux_amd64 /usr/bin/kubebuilder
[[email protected] ~]# chmod +x /usr/bin/kubebuilder
[[email protected] ~]# kubebuilder version
Version: main.version{KubeBuilderVersion:"3.5.0", KubernetesVendor:"1.24.1", GitCommit:"26d12ab1134964dbbc3f68877ebe9cf6314e926a", BuildDate:"2022-06-24T12:17:52Z", GoOs:"linux", GoArch:"amd64"}
[email protected] ~]# wget https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize%2Fv4.5.5/kustomize_v4.5.5_linux_amd64.tar.gz
[[email protected] ~]# tar zxvf kustomize_v4.5.5_linux_amd64.tar.gz
kustomize
[[email protected] ~]# chmod +x kustomize
[[email protected] ~]# mv kustomize /usr/bin/kustomize
[[email protected] ~]# kustomize version
{Version:kustomize/v4.5.5 GitCommit:daa3e5e2c2d3a4b8c94021a7384bfb06734bcd26 BuildDate:2022-05-20T20:25:40Z GoOs:linux GoArch:amd64}
创建并初始化项目
goland创建名为kube-oprator1的项目:
终端执行一下命令:
[[email protected] kube-oprator1]$ kubebuilder init --plugins go/v3 --domain zhangpeng.com --owner "zhang peng"
貌似提示我go版本过低?(go版本 1.17.6我的是)
升级一下go版本
注意:非必须,后面是降低了kubebuilder的版本。go版本就保持1.17版本了,
浏览器打开https://golang.google.cn/dl/ go下载页面,选择1.17最新版本下载并替换本地GO版本!
[[email protected] ~]# wget https://golang.google.cn/dl/go1.17.11.linux-amd64.tar.gz
[[email protected] ~]# tar zxvf go1.17.11.linux-amd64.tar.gz
[[email protected] ~]# which go
/usr/go/bin/go
[[email protected] ~]# cd go/
[[email protected] ~]# cp -Ra * /usr/go/
[[email protected] go]# go version go1.17.11 linux/amd64
。。。。貌似还是报错,仔细看了一眼https://github.com/kubernetes-sigs/kubebuilder/releases我还是换个kubebuilder版本吧…
kubebuilder 版本3.4.1
[[email protected] ~]# wget https://github.com/kubernetes-sigs/kubebuilder/releases/download/v3.4.1/kubebuilder_linux_amd64
[[email protected] ~]# mv kubebuilder_linux_amd64 /usr/bin/kubebuilder
mv:是否覆盖'/usr/bin/kubebuilder'? y
[[email protected] ~]# chmod +x /usr/bin/kubebuilder
[[email protected] ~]# kubebuilder version
Version: main.version{KubeBuilderVersion:"3.4.1", KubernetesVendor:"1.23.5", GitCommit:"d59d7882ce95ce5de10238e135ddff31d8ede026", BuildDate:"2022-05-06T13:58:56Z", GoOs:"linux", GoArch:"amd64"}
kubebuilder init --plugins go/v3 --domain zhangpeng.com --owner "zhang peng"
生成目录结构如下:
重点关注一下config/default/ kustomization.yaml文件:
现在能看懂的配置,命名空间!我这里就不修改了采用默认的配置!
[[email protected] kube-oprator1]$ kubebuilder create api --group myapp1 --version v1 --kind Redis
目录结构如下
注意:关于 domain group version kind对应 :
apiVersion:myapp1.zhangpeng.com/v1
kind: Redis
简单创建一个crd
api/v1/redis_type.go
随手演示删除Foo字段,添加一个Port字段,设置port字段为int类型!
以test目录下yaml文件定制crd
test/redis.yaml
apiVersion: myapp1.zhangpeng.com/v1
kind: Redis
metadata:
name: myapp
spec:
port: 1011
make install创建crd
[[email protected] kube-oprator1]$ kubectl get crd
No resources found
[[email protected] kube-oprator1]$ make install
GOBIN=/home/zhangpeng/GolandProjects/kube-oprator1/bin go install sigs.k8s.io/controller-tools/cmd/[email protected]
/home/zhangpeng/GolandProjects/kube-oprator1/bin/controller-gen rbac:roleName=manager-role crd webhook paths="./..." output:crd:artifacts:config=config/crd/bases
/home/zhangpeng/GolandProjects/kube-oprator1/bin/kustomize build config/crd | kubectl apply -f -
customresourcedefinition.apiextensions.k8s.io/redis.myapp1.zhangpeng.com created
[[email protected] kube-oprator1]$ kubectl get crd
NAME CREATED AT
redis.myapp1.zhangpeng.com 2022-06-28T06:44:52Z
关于reconcile
controllers/redis_controller.go
关于reconcile就先不求甚解了
func (r *RedisReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
_ = log.FromContext(ctx)
// TODO(user): your logic here
redis := &myapp1v1.Redis{}
if err := r.Get(ctx, req.NamespacedName, redis); err != nil {
fmt.Println(err)
} else {
fmt.Println("object", redis)
}
return ctrl.Result{}, nil
}
本地调试 make run
终端一运行
[[email protected] kube-oprator1]$ maker run
终端2运行
[[email protected] kube-oprator1]$ kubectl apply -f test/redis.yaml
观察终端1 得到如下输出:
初步发布到kubernetes集群
注:我的环境安装了podman,关于podman自行百度,镜像仓库使用了腾讯云镜像仓库个人版
关于Podman
先修改docker构建命令为podman!
podman login将密码记住…基本跟docker的使用方法差不多
[[email protected] kube-oprator1]$ podman login --username=xxxxx ccr.ccs.tencentyun.com
dockerhub加速
的特别强调一下dockerhub加速
[[email protected] kube-oprator1]$ vim /etc/containers/registries.conf
文件末尾添加了加速地址!
short-name-mode = "permissive"
[[registry]]
prefix="docker.io"
location="pvurwzu6.mirror.aliyuncs.com"
重启podman服务
[[email protected] kube-oprator1]$ systemctl restart podman
构建发布镜像
Dockerfile文件中添加GOPROXY
ENV GOPROXY=https://goproxy.io
[zhangp[email protected] kube-oprator1]$ make docker-build docker-push IMG=ccr.ccs.tencentyun.com/layatools/zpredis:v1
顺便发现腾讯云个人仓库一个不显示OCI-Image大小的bug…
注:过程很曲折。中间有镜像下不动的科学上网了,自行脑部。如“gcr.io/distroless/static:nonroot镜像我的操作环境为rocky linux 8.5下载不动的时候我直接科学上网了…
发布方式:
[[email protected] kube-oprator1]$ make deploy IMG=ccr.ccs.tencentyun.com/layatools/zpredis:v1
make又失败了最终根据Makefile中deploy手动执行如下命令:
[[email protected] kube-oprator1]$ cd config/manager && kustomize edit set image controller=ccr.ccs.tencentyun.com/layatools/zpredis:v1
[[email protected] kube-oprator1]$ kustomize build config/default | kubectl apply -f -
注意:两条命令都是在kube-oprator1项目根目录下执行的!
默认命名空间没有修改查看kube-oprator1-system namespace命名空间下pod状态!
[[email protected] kube-oprator1]$ kubectl get ns
NAME STATUS AGE
default Active 61d
kube-node-lease Active 61d
kube-oprator1-system Active 25h
kube-public Active 61d
kube-system Active 61d
zhangpeng1 Active 8d
[[email protected] kube-oprator1]$ kubectl get pods -n kube-oprator1-system
理论上pod是没有部署成功的,原因如下:gcr.io/kubebuilder/kube-rbac-proxy:v0.11.0无法下载…我是用的苯方法,rocky开发机科学上网下载镜像上传到腾讯与镜像仓库,然后pull镜像到kuberntes机器work节点。当然了work节点我只有一个测试环境还好~
等待pod running
CRD自定义资源简单验证
以test/redis.yaml为例
apiVersion: myapp1.zhangpeng.com/v1
kind: Redis
metadata:
name: myapp
spec:
port: 1011
参照https://book.kubebuilder.io/reference/markers/crd-validation.html 就设置一下port的范围!
// +kubebuilder:validation:Minimum:=1024
// +kubebuilder:validation:Maximum:=10240
make install 依然失败!还是手动命令了
注:这个地方我做错了好几次,原因是我以为make install =kustomize build config/crd | kubectl apply -f -,仔细看了一眼Makefile:
包含manifests的步骤,尝试了一下果然如此!
[[email protected] kube-oprator1]$ ./bin/controller-gen rbac:roleName=manager-role crd webhook paths="./..." output:crd:artifacts:config=config/crd/bases
[[email protected] kube-oprator1]$ kustomize build config/crd | kubectl apply -f -
[[email protected] kube-oprator1]$ kubectl get crd redis.myapp1.zhangpeng.com -o yaml
[[email protected] kube-oprator1]$ kubectl delete -f test/redis.yaml
[[email protected] kube-oprator1]$ kubectl apply -f test/redis.yaml
得到如下输出:端口小于1024无法创建成功
修改 test/redis.yaml port: 1024
apiVersion: myapp1.zhangpeng.com/v1
kind: Redis
metadata:
name: myapp
spec:
port: 1024
[[email protected] cert]$ kubectl get pods -A|grep cert
cert-manager cert-manager-677874db78-zcm6l 1/1 Running 0 14m
cert-manager cert-manager-cainjector-6c5bf7b759-mf4gf 1/1 Running 0 14m
cert-manager cert-manager-webhook-5685fdbc4b-ncrxl 1/1 Running 0 14m
webhook简单测试
简单准入控制器webhook create
[[email protected] kube-oprator1]$ kubebuilder create webhook --group myapp1 --version v1 --kind Redis --defaulting --programmatic-validation
kube-oprator1 api/v1目录下增加了webhook的相关文件,做了一个简单的验证** name=zhangpeng**
func (r *Redis) ValidateCreate() error {
redislog.Info("validate create", "name", r.Name)
if r.Name == "zhangpeng" {
return errors.New("error name")
}
// TODO(user): fill in your validation logic upon object creation.
return nil
}
证书管理cert-manager:
访问https://github.com/cert-manager/cert-manager/releases下载页面,1.19.0是alpha版本 我用了1.18.2的版本!
[[email protected] cert]$ pwd
/home/zhangpeng/cert
[[email protected] cert]$ wget https://github.com/cert-manager/cert-manager/releases/download/v1.8.2/cert-manager.yaml
[[email protected] cert]$ kubectl apply -f cert-manager.yaml
[[email protected] cert]$ kubectl get pods -A|grep cert
注意:镜像依然要科学上网下载
修改文件
config/default/kustomization.yaml下箭头标注部分解开注释
**config/manager/manager.yaml **
删除crd
make uninstall可以不过我的make总是失败…直接删除了!
[[email protected] kube-oprator1]$kubectl delete crd redis.myapp1.zhangpeng.com
打包镜像发布
打包发布镜像,其实最好应该修改一个镜像标签tag,这里就演示 就先这样了!make install 也不能用不知道那里有问题了 直接复制Makefile中的命令了!构建镜像并发布镜像!
[[email protected] kube-oprator1]$ ./bin/controller-gen rbac:roleName=manager-role crd webhook paths="./..." output:crd:artifacts:config=config/crd/bases
[[email protected] kube-oprator1]$ kustomize build config/crd | kubectl apply -f -
customresourcedefinition.apiextensions.k8s.io/redis.myapp1.zhangpeng.com configured
[[email protected] kube-oprator1]$ make docker-build docker-push IMG=ccr.ccs.tencentyun.com/layatools/zpredis:v1
[[email protected] kube-oprator1]$ make deploy IMG=ccr.ccs.tencentyun.com/layatools/zpredis:v1
[[email protected] kube-oprator1]$ cd config/manager && kustomize edit set image controller=ccr.ccs.tencentyun.com/layatools/zpredis:v1
[[email protected] kube-oprator1]$ kustomize build config/default | kubectl apply -f -
恩修改成zhangpeng1
创建成功了?看一下make run,but make run无法运行了?
本地调试模式注释掉main.go SetupWebhookWithManager
总结:
1.注意开发工具之间版本的匹配
2.make 失败时候看一下Makefile中相关命令可以手动运行一下
3.资源的清理,本地调试模式
4.接下来准备设计一个简单的oprator?
边栏推荐
- 【JetBrain Rider】构建项目出现异常:未找到导入的项目“D:\VisualStudio2017\IDE\MSBuild\15.0\Bin\Roslyn\Microsoft.CSh
- stm32和電機開發(上比特系統)
- Vscode auto format
- pytest--之测试报告allure配置
- Project practice, redis cluster technology learning (10)
- Commutateur Multi - lentilles Blender
- MongoDB-快速上手MongoDB命令行的一些简单操作
- SAP Spartacus express checkout design
- 【虚幻4】UMG组件的简介与使用(更新中...)
- Project practice, redis cluster technology learning (VIII)
猜你喜欢
Following nym, the new project Galaxy token announced by coinlist is gal
VLAN experiment
![[Fantasy 4] introduction and use of UMG components (under update...)](/img/33/7e3b74192b7fd73d5145f85e061d1f.png)
[Fantasy 4] introduction and use of UMG components (under update...)
ue4材质的入门和原理笔记
Unreal material editor foundation - how to connect a basic material
Test -- Summary of interview questions
![[visual studio] every time you open a script of unity3d, a new vs2017 will be automatically reopened](/img/c3/aec0a9fb79cf94b3575d95530aa8e8.png)
[visual studio] every time you open a script of unity3d, a new vs2017 will be automatically reopened
Allure -- common configuration items
Blender体积雾
![[ue5] two implementation methods of AI random roaming blueprint (role blueprint and behavior tree)](/img/dd/cbe608fcbbbdf187dd6f7312271d2e.png)
[ue5] two implementation methods of AI random roaming blueprint (role blueprint and behavior tree)
随机推荐
Delivery mode design of Spartacus UI of SAP e-commerce cloud
UE4夜间打光笔记
Postman--使用
AttributeError: type object ‘Image‘ has no attribute ‘fromarray‘
[unity3d] nested use layout group to make scroll view with dynamic sub object height
【Lua】常见知识点汇总(包含常见面试考点)
使用Windbg静态分析dump文件(实战经验总结)
2021-10-02
Mock Server基本使用方法
【虚幻4】从U3D到UE4的转型之路
SQOOP 1.4.6 INSTALL
Blender海洋制作
Configuration programmée du générateur de plantes du moteur illusoire UE - - Comment générer rapidement une grande forêt
flume 190 INSTALL
2021-09-12
How to achieve the top progress bar effect in background management projects
两数之和,求目标值
Ctrip starts mixed office. How can small and medium-sized enterprises achieve mixed office?
Redis set password
UE4 night lighting notes