OpenShift 4 - Knative教程 (1) 创建Serverless运行环境（附视频）

《OpenShift 4.x HOL教程汇总》
说明：本文已经在OpenShift 4.13 + OpenShift Serverless 1.29.1环境中验证

说明

OpenShift Serverless Operator为无服务器应用提供提供了Knative Serving和Knative Eventing的运行环境。只需要以下步骤就可以在OpenShift上运行Knative应用：安装所需的Operator和配置Knative Serving运行环境。

客户端环境

下载Knative Client。

$ curl -L https://mirror.openshift.com/pub/openshift-v4/clients/serverless/latest/kn-linux-amd64.tar.gz | tar -xzf -
$ sudo mv kn-linux-amd64 /usr/local/bin/kn

执行命令下载以下程序，它们会在后面操作中使用到。

$ curl -LO https://github.com/stern/stern/releases/download/v1.26.0/stern_1.26.0_linux_amd64.tar.gz | tar -xzf -
$ curl -Lo hey https://hey-release.s3.us-east-2.amazonaws.com/hey_linux_amd64
$ curl -Lo yq https://github.com/mikefarah/yq/releases/download/3.2.1/yq_linux_amd64
$ chmod +x hey yq
$ sudo mv stern hey yq /usr/local/bin/

配置Knative环境

我们可以用OpenShift控制台或OpenShift命令行创建Knative及其所需的运行环境。

安装OpenShift Serverless Operator

注意：通过OpenShift Console安装OpenShift Serverless Operator时候，OpenShift会自动安装OpenShift Serverless Operator所依赖的Service Mesh Operator，因此Operator的安装过程非常简单。

1. 用集群管理员登录 OpenShift Console。
2. 在Administrator视图中进入Operators->OperatorHub，然后找到“Red Hat OpenShift Serverless”，点击进入。
3. 在右滑窗口中接受所有缺省配置，然后在“Install Operator”页面中接受默认选项，再点击Install。。
4. 完后上一步后，可以在Operators->Installed Operators中看到安装好的Red Hat OpenShift Serverless。此时就完成了OpenShift Serverless Operator安装。
   

用控制台创建Knative Serving应用运行环境

Knative Serving提供了Serverless应用的支撑运行环境。Knative Serving必须安装在knative-serving项目中。

1. 确认已经有了knative-serving项目。

$ oc get project knative-serving

2. 切换到knative-serving项目，再次进入Operators->Installed Operators，然后进入OpenShift Serverless的配置。
3. 在Overview页面中点击Knative Serving区域的Create Instance链接。
   
4. 在Create Knative Serving界面中接受缺省配置，然后点击Create。
5. 然后进入名为knative-serving的Knative Serving配置。需要等一段时间，直到下图中5个状态全部为True，此时就成功创建了Knative Serving环境。
   

用脚本创建Knative Serving应用运行环境

1. 创建knative-serving.yaml文件，内容为以下部分：

apiVersion: v1
kind: Namespace
metadata:
  name: knative-serving
---
apiVersion: operator.knative.dev/v1alpha1
kind: KnativeServing
metadata:
  name: knative-serving
  namespace: knative-serving

2. 执行命令创建项目和KnativeServing资源

$ oc apply -f knative-serving.yaml

3. 查看knative-serving的状态，成功完成后显示以下内容。

$ oc get knativeserving.operator.knative.dev/knative-serving -n knative-serving --template='{{range .status.conditions}}{{printf "%s =%s\n" .type .status}}{{end}}'
DependenciesInstalled =True
DeploymentsAvailable =True
InstallSucceeded =True
Ready =True
VersionMigrationEligible =True

部署并测试Hello的Serverless应用

1. 创建knative-demo项目。

$ oc new-project knative-demo

2. 部署Knative的Hello应用。其中“–env TARGET=Knative”是将字符串传给TARGET环境变量。

$ kn service create hello --image jimmysong/knative-samples-helloworld-go:latest --env TARGET=Knative
Creating service 'hello' in namespace 'knative-demo':
 
  0.061s The Route is still working to reflect the latest desired specification.
  0.094s ...
  0.131s Configuration "hello" is waiting for a Revision to become ready.
 21.853s ...
 21.913s Ingress has not yet been reconciled.
 21.999s Waiting for load balancer to be ready
 22.245s Ready to serve.
 
Service 'hello' created to latest revision 'hello-00001' is available at URL:
https://hello-knative-demo.apps.cluster-jzmgb.jzmgb.sandbox866.opentlc.com

3. 查看Knative的Service列表。

$ kn service list
NAME    URL                                                                          LATEST        AGE   CONDITIONS   READY   REASON
hello   https://hello-knative-demo.apps.cluster-jzmgb.jzmgb.sandbox866.opentlc.com   hello-00001   80s   3 OK / 3     True

4. 查看knative-demo项目中的所有资源，其中包括Knative的configuration、service、revision、route对象，还有OpenShift的service、deployment、rs对象。注意：当前项目中还没有pod资源。

$ oc get all -n knative-demo
NAME                            TYPE           CLUSTER-IP       EXTERNAL-IP                                                       PORT(S)                             AGE
service/hello                   ExternalName   <none>           cluster-local-gateway.knative-serving-ingress.svc.cluster.local   <none>                              10m
service/hello-nvhqs-1           ClusterIP      172.30.69.130    <none>                                                            80/TCP                              10m
service/hello-nvhqs-1-private   ClusterIP      172.30.125.146   <none>                                                            80/TCP,9090/TCP,9091/TCP,8022/TCP   10m
 
NAME                                       READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/hello-nvhqs-1-deployment   0/0     0            0           10m
 
NAME                                                  DESIRED   CURRENT   READY   AGE
replicaset.apps/hello-nvhqs-1-deployment-66db57b95f   0         0         0       10m
 
NAME                                         CONFIG NAME   K8S SERVICE NAME   GENERATION   READY   REASON
revision.serving.knative.dev/hello-nvhqs-1   hello         hello-nvhqs-1      1            True
 
NAME                                      LATESTCREATED   LATESTREADY     READY   REASON
configuration.serving.knative.dev/hello   hello-nvhqs-1   hello-nvhqs-1   True
 
NAME                              URL                                                                                      READY   REASON
route.serving.knative.dev/hello   http://hello.knative-demo.apps.cluster-shanghai-3d3e.shanghai-3d3e.example.opentlc.com   True
 
NAME                                URL                                                                                      LATESTCREATED   LATESTREADY     READY   REASON
service.serving.knative.dev/hello   http://hello.knative-demo.apps.cluster-shanghai-3d3e.shanghai-3d3e.example.opentlc.com   hello-nvhqs-1   hello-nvhqs-1   True

5. 在OpenShift Console中进入knative-demo项目的Developer视图，可以看到和hello应用相关的资源。
   
6. 访问hello应用的地址，确认可以返回“Hello Knative!”，其中“Knative”为传进去的环境变量。

$ curl -k $(kn route list hello --no-headers | awk 'NR==1 {print $2}')
Hello Knative!

7. 此时立即执行以下命令，确认此时可以查看项目在运行的Pod资源。不过在一分钟以后会又看不到Pod了。

$ oc get pod
NAME                                          READY   STATUS    RESTARTS   AGE
hello-00001-1-deployment-a0cd0125-cfvny   2/2     Running   0          22s

8. 更新名为hello的service的环境变量内容。

$ kn service update hello --env TARGET=Kn
Updating Service 'hello' in namespace 'knative-demo':
 
 10.760s Traffic is not yet migrated to the latest revision.
 10.871s Ingress has not yet been reconciled.
 12.231s Ready to serve.
 
Service 'hello' updated with latest revision 'hello-00002' and URL:
https://hello-knative-demo.apps.cluster-jzmgb.jzmgb.sandbox866.opentlc.com

9. 访问hello应用的地址，确认可以返回结果已经变化。

$  curl -k $(kn route list hello --no-headers | awk 'NR==1 {print $2}')
Hello Kn!

10. 查看项目所有资源，确认OpenShift的deployment、rs对象和Knative的revision对象都已经有了一个新版的配置。

$ oc get all
NAME                                            READY   STATUS    RESTARTS   AGE
pod/hello-00002-deployment-7db4b4c569-cgxdx   2/2     Terminating   0          82s
pod/hello-00002-deployment-7db4b4c569-xswjf   2/2     Running       0          11s

NAME                          TYPE           CLUSTER-IP       EXTERNAL-IP                                                  PORT(S)                                      AGE
service/hello                 ExternalName   <none>           kourier-internal.knative-serving-ingress.svc.cluster.local   80/TCP                                       28m
service/hello-00001           ClusterIP      172.30.92.110    <none>                                                       80/TCP                                       28m
service/hello-00001-private   ClusterIP      172.30.39.193    <none>                                                       80/TCP,9090/TCP,9091/TCP,8022/TCP,8012/TCP   28m
service/hello-00002           ClusterIP      172.30.239.246   <none>                                                       80/TCP                                       82s
service/hello-00002-private   ClusterIP      172.30.250.245   <none>                                                       80/TCP,9090/TCP,9091/TCP,8022/TCP,8012/TCP   82s

NAME                                     READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/hello-00001-deployment   0/0     0            0           28m
deployment.apps/hello-00002-deployment   1/1     1            1           82s

NAME                                                DESIRED   CURRENT   READY   AGE
replicaset.apps/hello-00001-deployment-69ff74646c   0         0         0       28m
replicaset.apps/hello-00002-deployment-7db4b4c569   1         1         1       82s

NAME                                URL                                                                          LATESTCREATED   LATESTREADY   READY   REASON
service.serving.knative.dev/hello   https://hello-knative-demo.apps.cluster-jzmgb.jzmgb.sandbox866.opentlc.com   hello-00002     hello-00002   True

NAME                                       CONFIG NAME   K8S SERVICE NAME   GENERATION   READY   REASON   ACTUAL REPLICAS   DESIRED REPLICAS
revision.serving.knative.dev/hello-00001   hello                            1            True             0                 0
revision.serving.knative.dev/hello-00002   hello                            2            True             1                 1

NAME                                      LATESTCREATED   LATESTREADY   READY   REASON
configuration.serving.knative.dev/hello   hello-00002     hello-00002   True

NAME                              URL                                                                          READY   REASON
route.serving.knative.dev/hello   https://hello-knative-demo.apps.cluster-jzmgb.jzmgb.sandbox866.opentlc.com   True

11. 查看名为hello的service详细信息。确认最新的revision（hello-cfvny-2）接收了100%的请求。

$ kn service describe hello
Name:       hello
Namespace:  knative-demo
Age:        29m
URL:        https://hello-knative-demo.apps.cluster-jzmgb.jzmgb.sandbox866.opentlc.com

Revisions:
  100%  @latest (hello-00002) [2] (2m)
        Image:     gcr.io/knative-samples/helloworld-go (pinned to 5ea96b)
        Replicas:  0/0

Conditions:
  OK TYPE                   AGE REASON
  ++ Ready                   2m
  ++ ConfigurationsReady     2m
  ++ RoutesReady             2m

12. 查看Knative的revision对象。确认结果和（10）看到的项目包括的revision一样。

$ kn revision list
NAME          SERVICE   TRAFFIC   TAGS   GENERATION   AGE     CONDITIONS   READY   REASON
hello-00002   hello     100%             2            2m52s   3 OK / 4     True
hello-00001   hello                      1            30m     3 OK / 4     True

13. 执行命令，将请求平均发给以上2个revision。其中“hello-00001”是GENERATION=1的revision名称。

$ kn service update hello --traffic @latest=50 --traffic hello-00001=50
Updating Service 'hello' in namespace 'knative-demo':
 
  0.066s The Route is still working to reflect the latest desired specification.
  0.090s Ingress has not yet been reconciled.
  1.450s Ready to serve.
 
Service 'hello' with latest revision 'hello-00002' (unchanged) is available at URL:
https://hello-knative-demo.apps.cluster-jzmgb.jzmgb.sandbox866.opentlc.com

14. 查看Knative的service对象，确认配置已被修改为2个revision各自接收50%的请求。

$ kn service describe hello
Name:       hello
Namespace:  knative-demo
Age:        3h
URL:        https://hello-knative-demo.apps.cluster-jzmgb.jzmgb.sandbox866.opentlc.com
 
Revisions:
   50%  @latest (hello-00002) [2] (2h)
        Image:     gcr.io/knative-samples/helloworld-go (pinned to 5ea96b)
        Replicas:  0/0
   50%  hello-00001 [1] (3h)
        Image:     gcr.io/knative-samples/helloworld-go (pinned to 5ea96b)
        Replicas:  0/0
 
Conditions:
  OK TYPE                   AGE REASON
  ++ Ready                   2h
  ++ ConfigurationsReady     2h
  ++ RoutesReady             2h

15. 在OpenShift控制台的Developer视图中可以看到hello应用的Toplogy。
    
16. 点击上图的“设置流量分配”按钮，可以在弹出窗口中可以为不同的Revision分配流量比例。
    
17. 多次访问hello应用，确认返回结果部分是“Hello Knative!”、部分是“Hello Kn!”。

$ curl -k $(kn route list hello --no-headers | awk 'NR==1 {print $2}')
Hello Knative!
$ curl -k $(kn route list hello --no-headers | awk 'NR==1 {print $2}')
Hello Kn!

演示视频

视频