Kubernetes 使用 KT-Connect 让本地环境可以连接 K8S 内部服务

KT-Connect Kubernetes About 5,100 words

需求

对于部署在Kubernetes中的服务:Java、数据库等,本地无法直接访问,对于开发不太友好。

KT-Connect

打通网络

sudo ktctl --kubeconfig ~/k8s/config/dev.yaml --namespace dev-ns connect

输出

❯ sudo ktctl --kubeconfig ~/k8s/config/dev.yaml --namespace dev-ns connect
Password:
10:44AM INF Using cluster context dev-k8s (kubernetes)
10:44AM INF KtConnect 0.3.7 start at 60728 (darwin arm64)
10:44AM INF Fetching cluster time ...
10:44AM INF Fetching cluster time ...
10:44AM INF Fetching cluster time ...
10:44AM INF Using tun2socks mode
10:44AM INF Successful create config map kt-connect-shadow-mfhyw
10:44AM INF Deploying shadow pod kt-connect-shadow-mfhyw in namespace dev-ns
10:44AM INF Waiting for pod kt-connect-shadow-mfhyw ...
10:45AM INF Pod kt-connect-shadow-mfhyw is ready
10:45AM INF Port forward local:24691 -> pod kt-connect-shadow-mfhyw:22 established
10:45AM INF Socks proxy established
10:45AM INF Tun device utun5 is ready
10:45AM INF Adding route to 192.168.0.0/16
10:45AM INF Adding route to 172.16.0.0/16
10:45AM INF Adding route to 192.168.0.128/25
10:45AM INF Adding route to 192.168.0.0/26
10:45AM INF Adding route to 192.168.0.96/27
10:45AM INF Adding route to 192.168.0.80/28
10:45AM INF Adding route to 192.168.0.72/29
10:45AM INF Adding route to 192.168.0.64/30
10:45AM INF Adding route to 192.168.0.68/31
10:45AM INF Adding route to 192.168.0.71/32
10:45AM INF Route to tun device completed
10:45AM INF Setting up dns in local mode
10:45AM INF Port forward local:17582 -> pod kt-connect-shadow-mfhyw:53 established
10:45AM INF Setup local DNS with upstream [tcp:127.0.0.1:17582 udp:192.168.0.1:53]
10:45AM INF Creating udp dns on port 10053
10:45AM INF ---------------------------------------------------------------
10:45AM INF  All looks good, now you can access to resources in the kubernetes cluster
10:45AM INF ---------------------------------------------------------------

断开连接:Ctrl+C断开连接。

^C10:52AM INF Terminal signal is interrupt
10:52AM INF Tun device tun://utun5 stopped
10:52AM INF Removed pid file /Users/fendoudebb/.kt/pid/connect-60728.pid
10:52AM INF Pid file was removed
10:52AM INF Removed key file /Users/fendoudebb/.kt/key/kt-connect-shadow-mfhyw.key
10:52AM INF Drop hosts successful
10:52AM INF Cleaning configmap kt-connect-shadow-mfhyw
10:52AM INF Cleaning shadow pod kt-connect-shadow-mfhyw

请求指向本地环境

使用mesh网关功能。

对于想要指向本地的请求,需在请求头中添加VERSION字段,并设置为KT-Connect显示的值(示例中为'VERSION: xfxcq'

对于页面请求,需配合Mod-Header插件。

ktctl --kubeconfig ~/k8s/config/dev.yaml --namespace dev-ns mesh my-app --expose 8081:8081

输出

❯ ktctl --kubeconfig ~/k8s/config/dev.yaml --namespace dev-ns mesh my-app --expose 8081:8081
10:57AM INF Using cluster context dev-k8s (kubernetes)
10:57AM INF KtConnect 0.3.7 start at 64814 (darwin arm64)
10:57AM INF Fetching cluster time ...
10:57AM INF Using auto mode
10:57AM INF Service my-app locked
10:57AM INF Service my-app-kt-stuntman created
10:57AM INF Service my-app-kt-mesh-xfxcq created
10:57AM INF Router pod my-app-kt-router created
10:57AM INF Waiting for pod my-app-kt-router ...
10:57AM INF Pod my-app-kt-router is ready
10:57AM INF Router pod is ready
10:57AM INF Router pod configuration done
10:57AM INF Successful create config map my-app-kt-mesh-xfxcq
10:57AM INF Deploying shadow pod my-app-kt-mesh-xfxcq in namespace dev-ns
10:57AM INF Waiting for pod my-app-kt-mesh-xfxcq ...
10:57AM INF Pod my-app-kt-mesh-xfxcq is ready
10:57AM INF Forwarding pod my-app-kt-mesh-xfxcq to local via port 8081:8081
10:57AM INF Port forward local:8139 -> pod my-app-kt-mesh-xfxcq:22 established
10:57AM INF Reverse tunnel 0.0.0.0:8081 -> 127.0.0.1:8081 established
10:57AM INF ---------------------------------------------------------------
10:57AM INF  Now you can access your service by header 'VERSION: xfxcq'
10:57AM INF ---------------------------------------------------------------
10:57AM INF Service my-app unlocked

全局配置

设置 kubeconfig

ktctl config set global.kubeconfig ~/k8s/config/dev.yaml

获取 kubeconfig

ktctl config get global.kubeconfig

输出

❯ ktctl config get global.kubeconfig
global.kubeconfig = /Users/fendoudebb/k8s/config/dev.yaml

设置 namespace

ktctl config set global.namespace dev-ns

输出

❯ ktctl config get global.namespace
global.namespace = dev-ns

命令补全

ktctl completion zsh > /usr/local/share/zsh/site-functions/_ktctl

输出

❯ ktctl completion zsh > /usr/local/share/zsh/site-functions/_ktctl
birdseye    -- Show summary of services status in cluster
clean       -- Delete unavailing resources created by kt from kubernetes cluster
completion  -- Generate the autocompletion script for the specified shell
config      -- List, get or set default value for command options
connect     -- Create a network tunnel to kubernetes cluster
exchange    -- Redirect all requests of specified kubernetes service to local
forward     -- Redirect local port to a service or any remote address
mesh        -- Redirect marked requests of specified kubernetes service to local
preview     -- Expose a local service to kubernetes cluster
recover     -- Restore traffic of specified kubernetes service changed by exchange or mesh

参考

https://github.com/alibaba/kt-connect

Views: 292 · Posted: 2024-07-26

————        END        ————

Give me a Star, Thanks:)

https://github.com/fendoudebb/LiteNote

扫描下方二维码关注公众号和小程序↓↓↓

扫描下方二维码关注公众号和小程序↓↓↓
Today On History
Browsing Refresh