简介
KT Connect ( Kubernetes Developer Tool ) 是轻量级的面向 Kubernetes 用户的开发测试环境治理辅助工具。其核心是通过建立本地到集群以及集群到本地的双向通道,从而提升在持续交付生命周期中开发环节的效率问题以及开发测试环境的复用问题:
使用场景
场景一:本地与远端服务联调
在这种场景下,开发者只要直接使用 ktctl connect 打通本地到集群的网络即可,就可以直接在本地通过 PodIP/ClusterIP/DNS 地址访问集群中的服务。
场景二:集群内服务于联调本地
在这个场景下,我们希望集群中所有对服务 C 的访问能够请求到本地正在开发的 C’。因此开发者可以通过 ktctl exhcnage 命令,在集群内部署一个 Shadow 容器已接管所有原本对 C 实例的请求,再通过 Shadow 容器将请求转发到本地。并在退出命令式恢复集群中 C 的实例状态。
场景三:集群内服务于联调本地(共享模式)
mesh 与 exchange 的最大区别在于,exchange 会完全替换原有的应用实例。mesh 命令创建代理容器,但是会保留原应用容器,代理容器会动态生成 version 标签,以便用于可以通过 Istio 流量规则将特定的流量转发到本地,同时保证环境正常链路始终可用。在这种场景下,在确保开发测试环境稳定的同时,基于 Istio 的流量规则,我们可以把部分流量转到本地,从而实现在共享的开发测试环境中的联调能力。
场景四:更复杂的联调场景
在微服务模式下,服务将往往会存在大量的相互依赖。通过 connect/exchange/mesh 的组合,可以方便的实现在团队协作下的开发与联调。通过这种方式,开发人员可以极大的提升本地的开发效率,并且可以快速的实现服务与服务之间的集成与测试。
Dashboard 可视化
Cli 工具从客户端的角度为研发人员提供了相对便捷的方式能够让研发能够在本地快速完成联调测试,而站在测试环境管理的维度上,我们需要了解测试环境的状态,例如,当前有多少服务是被 Exchange 到了开发人员本地,服务一共 Mesh 了多少个本地版本? 这部分内容在 KT Connect 中通过一个集中式的 Dashboard 提供相关的能力支撑,我们可以清楚的了解当前服务下运行了容器实例,同时是否有本地环境接入,从而可以更好的支撑多人协作的场景。
安装 dashboard
设置 RBAC 权限,以使 Dashboard 组件能够获取和监听 Kubernetes 集群的资源变化
rbac-setup.yaml
apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRole metadata: name: ktadmin rules: - apiGroups: [""] resources: - namespaces - nodes - nodes/proxy - services - endpoints - pods verbs: ["get", "list", "watch"] - apiGroups: - extensions resources: - ingresses verbs: ["get", "list", "watch"] - nonResourceURLs: ["/metrics"] verbs: ["get"] --- apiVersion: v1 kind: ServiceAccount metadata: name: ktadmin namespace: default --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding metadata: name: ktadmin roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: ktadmin subjects: - kind: ServiceAccount name: ktadmin namespace: default
创建服务和 Deployment 实例
dashboard.yaml
apiVersion: v1 kind: Service metadata: name: kt-dashboard spec: ports: - port: 80 targetPort: 80 selector: app: kt-dashboard type: NodePort --- apiVersion: extensions/v1beta1 kind: Deployment metadata: labels: app: kt-dashboard name: kt-dashboard spec: replicas: 1 selector: matchLabels: app: kt-dashboard template: metadata: labels: app: kt-dashboard spec: serviceAccount: ktadmin containers: - image: registry.cn-shanghai.aliyuncs.com/kube-helm/kt-dashboard:stable imagePullPolicy: Always name: dashboard ports: - containerPort: 80 - image: registry.cn-shanghai.aliyuncs.com/kube-helm/kt-controller:stable imagePullPolicy: Always name: controller ports: - containerPort: 8000
通过 kubectl 部署
kubectl apply -f rbac-setup.yaml kubectl apply -f dashboard.yaml
可以通过 NodePort 进行访问,或者通过 port-forward 在本地访问:
$ kubectl port-forward deployments/kt-dashboard 8000:80 Forwarding from 127.0.0.1:8000 -> 80 Forwarding from [::1]:8000 -> 80
创建 guest 权限,开发本地配置 kubeConfig
apiVersion: v1
kind: ServiceAccount
metadata:
name: guest
namespace: spt-dev
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: guest:guest
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: guest
subjects:
- kind: ServiceAccount
name: guest
namespace: spt-dev
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
annotations:
rbac.authorization.kubernetes.io/autoupdate: "true"
name: guest
rules:
- apiGroups:
- ""
resources:
- pods/portforward
verbs:
- create
- apiGroups:
- ""
resources:
- configmaps
- endpoints
- persistentvolumeclaims
- pods
- replicationcontrollers
- replicationcontrollers/scale
- serviceaccounts
- services
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- bindings
- events
- limitranges
- namespaces/status
- pods/log
- pods/exec
- pods/status
- replicationcontrollers/status
- resourcequotas
- resourcequotas/status
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- namespaces
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- pods/exec
verbs:
- create
- apiGroups:
- apps
resources:
- daemonsets
- deployments
- deployments/scale
- replicasets
- replicasets/scale
- statefulsets
- statefulsets/scale
verbs:
- get
- list
- watch
- apiGroups:
- autoscaling
resources:
- horizontalpodautoscalers
verbs:
- get
- list
- watch
- apiGroups:
- batch
resources:
- cronjobs
- jobs
verbs:
- get
- list
- watch
- apiGroups:
- extensions
resources:
- daemonsets
- deployments
- deployments/scale
- ingresses
- networkpolicies
- replicasets
- replicasets/scale
- replicationcontrollers/scale
verbs:
- get
- list
- watch
- apiGroups:
- policy
resources:
- poddisruptionbudgets
verbs:
- get
- list
- watch
- apiGroups:
- networking.k8s.io
resources:
- networkpolicies
verbs:
- get
- list
- watch
下载和安装客户端
二进制包
Mac:
Linux:
Mac 用户
安装 sshuttle
brew install sshuttle
下载并安装 KT
$ curl -OL https://rdc-incubators.oss-cn-beijing.aliyuncs.com/stable/ktctl_darwin_amd64.tar.gz $ tar -xzvf ktctl_darwin_amd64.tar.gz $ mv ktctl_darwin_amd64 /usr/local/bin/ktctl $ ktctl -h
Linux 用户
安装 sshuttle
pip install sshuttle
下载并安装 KT
$ curl -OL https://rdc-incubators.oss-cn-beijing.aliyuncs.com/stable/ktctl_linux_amd64.tar.gz $ tar -xzvf ktctl_linux_amd64.tar.gz $ mv ktctl_linux_amd64 /usr/local/bin/ktctl $ ktctl -h
windows 用户
Windows10 上使用 Linux 子系统(WSL)
https://www.cnblogs.com/xiaoliangge/p/9124089.html
KT: A simple kubernetes development tools
欢迎来到这里!
我们正在构建一个小众社区,大家在这里相互信任,以平等 • 自由 • 奔放的价值观进行分享交流。最终,希望大家能够找到与自己志同道合的伙伴,共同成长。
注册 关于