TelepresencegivesdevelopersinfinitescaledevelopmentenvironmentsforKubernetes.WithTelepresence:
Yourunoneservicelocally,usingyourfavoriteIDEandothertoolsYouruntherestofyourapplicationinthecloud,wherethereisunlimitedmemoryandcomputeThisgivesdevelopers:
afastlocaldevloop,withnowaitingforacontainerbuild/push/deployabilitytousetheirfavoritelocaltools(IDE,debugger,etc.)abilitytorunlarge-scaleapplicationsthatcan'trunlocallyTelepresence2Telepresence2isbasedonlearningsfromtheoriginalTelepresencearchitecture.RewritteninGo,Telepresence2providesasimplerandmorepowerfuluserexperience,improvedperformance,andbetterreliabilitythanTelepresence1.MoredetailsonTelepresence2arebelow.
WalkthroughInstallaninterceptableservice:Startwithanemptycluster:
$kubectlcreatedeployhello--image=k8s.gcr.io/echoserver:1.4deployment.apps/hellocreated$kubectlexposedeployhello--port80--target-port8080service/helloexposed$kubectlgetns,svc,deploy,poNAMESTATUSAGEnamespace/kube-systemActive53mnamespace/defaultActive53mnamespace/kube-publicActive53mnamespace/kube-node-leaseActive53mNAMETYPECLUSTER-IPEXTERNAL-IPPORT(S)AGEservice/kubernetesClusterIP10.43.0.1<none>443/TCP53mservice/helloClusterIP10.43.73.112<none>80/TCP2mNAMEREADYUP-TO-DATEAVAILABLEAGEdeployment.apps/hello1/1112mNAMEREADYSTATUSRESTARTSAGEpod/hello-9954f98bf-6p2k91/1Running02m15sChecktelepresenceversion
$telepresenceversionClientv2.0.2Establishaconnectiontothecluster(outboundtraffic)Lettelepresenceconnect:
$telepresenceconnectLaunchingTelepresenceDaemonv2.0.2(apiv3)Connectingtotrafficmanager...Connectedtocontextdefault(https://35.232.104.64)Asessionisnowactiveandoutboundconnectionswillberoutedtothecluster.I.e.yourlaptopis"inside"thecluster.
$curlhello.defaultCLIENTVALUES:client_address=10.42.0.7command=GETrealpath=/query=nilrequest_version=1.1request_uri=https://hello.default:8080/SERVERVALUES:server_version=nginx:1.10.0-lua:10001HEADERSRECEIVED:accept=*/*host=hello.defaultuser-agent=curl/7.71.1BODY:-nobodyinrequest-Intercepttheservice.I.e.redirecttraffictoittoourlaptop(inboundtraffic)Addaninterceptforthehellodeploymentonport9000.Here,wealsostartaservicelisteningonthatport:
$telepresenceintercepthello--port9000--python3-mhttp.server9000UsingdeploymenthellointerceptedState:ACTIVEDestination:127.0.0.1:9000Intercepting:allconnectionsServingHTTPon::port9000(https://[::]:9000/)...Thepython-mhttpserverisnowstartedonport9000andwillrununtilterminatedby<ctrl>-C.Accessitfromabrowserusinghttps://hello/orusecurlfromanotherterminal.Withcurl,itpresentsahtmllistingfromthedirectorywheretheserverwasstarted.Somethinglike:
$curlhello<!DOCTYPEHTMLPUBLIC"-//W3C//DTDHTML4.01//EN""https://www.w3.org/TR/html4/strict.dtd"><html><head><metahttp-equiv="Content-Type"content="text/html;charset=utf-8"><title>Directorylistingfor/</title></head><body><h1>Directorylistingfor/</h1><hr><ul><li><ahref="file1.txt">file1.txt</a></li><li><ahref="file2.txt">file2.txt</a></li></ul><hr></body></html>Observethatthepythonservicereportsthatit'sbeingaccessed:
::ffff:127.0.0.1--[17/Feb/202113:14:20]"GET/HTTP/1.1"200-::ffff:127.0.0.1--[17/Feb/202113:16:54]"GET/HTTP/1.1"200-Sincetelepresenceisnowinterceptingservicesinthedefaultnamespace,allservicesinthatnamespacecannowbereacheddirectlybytheirname.Youcanofcoursestillusethenamespacednametoo,e.g.curlhello.default.
Clean-upandclosedaemonprocessesEndtheservicewith<ctrl>-Candthentrycurlhello.defaultorhttps://hello.defaultagain.Theinterceptisgone,andtheechoservicerespondsasnormal.Usingjustcurlhellowillnolongersucceed.Thisisbecausetelepresencestoppedmappingthedefaultnamespacewhentherewerenomoreinterceptsusingit.
Nowendthesessiontoo.Yourdesktopnolongerhasaccesstotheclusterinternals.
$telepresencequitTelepresenceDaemonquitting...done$curlhello.defaultcurl:(6)Couldnotresolvehost:hello.defaultStartoutboundandinterceptwithonesinglecommandThereisnoneedtostartatelepresencesubshellwhendoinganintercept.Telepresencewillautomaticallydetectthatasessionisactive,andifnot,startone.Thesessionthenendswhenthecommandexits,asshowninthisexample:
telepresenceintercepthello--port9000--python3-mhttp.server9000LaunchingTelepresenceDaemonv2.0.1-64-g814052e(apiv3)Connectingtotrafficmanager...Connectedtocontextdefault(https://35.202.114.63)UsingdeploymenthellointerceptedState:ACTIVEDestination:127.0.0.1:9000Intercepting:allconnectionsServingHTTPon::port9000(https://[::]:9000/)...::ffff:127.0.0.1--[17/Feb/202114:05:37]"GET/HTTP/1.1"200-^CKeyboardinterruptreceived,exiting.Disconnecting...doneTelepresenceDaemonquitting...doneWhatgotinstalledinthecluster?Atfirstglance,wecanseethatthedeploymentisinstalled...
kubectlgetsvc,deploy,podNAMETYPECLUSTER-IPEXTERNAL-IPPORT(S)AGEservice/kubernetesClusterIP10.43.0.1<none>443/TCP25mservice/helloClusterIP10.43.73.112<none>80/TCP23mNAMEREADYUP-TO-DATEAVAILABLEAGEdeployment.apps/hello1/11123mNAMEREADYSTATUSRESTARTSAGEpod/hello-75c8ffd99-dklkl2/2Running015m...andthatthetraffic-managerisinstalledinthe"ambassador"namespace.
kubectl-nambassadorgetsvc,deploy,podNAMETYPECLUSTER-IPEXTERNAL-IPPORT(S)AGEservice/traffic-managerClusterIPNone<none>8022/TCP,8081/TCP23mNAMEREADYUP-TO-DATEAVAILABLEAGEdeployment.apps/traffic-manager1/11123mNAMEREADYSTATUSRESTARTSAGEpod/traffic-manager-596b6cdf68-sclsx1/1Running020mThetraffic-agentisinstalledtoo,inthehellopod.
kubectldescribepodhello-75c8ffd99-dklklName:hello-75c8ffd99-dklklNamespace:defaultPriority:0Node:bobtester/10.88.24.2StartTime:Wed,17Feb202113:13:03+0100Labels:app=hellopod-template-hash=75c8ffd99Annotations:<none>Status:RunningIP:10.42.0.8IPs:IP:10.42.0.8ControlledBy:ReplicaSet/hello-75c8ffd99Containers:echoserver:ContainerID:containerd://270098cea9f15fc8974603bde47fde7d36022524967d7b40a81f18324c657686Image:k8s.gcr.io/echoserver:1.4ImageID:sha256:523cad1a4df732d41406c9de49f932cd60d56ffd50619158a2977fd1066028f9Port:<none>HostPort:<none>State:RunningStarted:Wed,17Feb202113:13:03+0100Ready:TrueRestartCount:0Environment:<none>Mounts:/var/run/secrets/kubernetes.io/serviceaccountfromdefault-token-zkwqq(ro)traffic-agent:ContainerID:containerd://b0253a0e3ecc3d03991d7e92c0ab92123fc60245cc0277a7a07185933690fc4aImage:docker.io/datawire/tel2:2.0.2ImageID:docker.io/datawire/tel2@sha256:9002068a5dc224c029754c80e1b4616139a8f4aca5608942f75488debbe387cfPort:9900/TCPHostPort:0/TCPArgs:agentState:RunningStarted:Wed,17Feb202113:13:04+0100Ready:TrueRestartCount:0Environment:TELEPRESENCE_CONTAINER:echoserverLOG_LEVEL:debugAGENT_NAME:helloAGENT_POD_NAME:hello-75c8ffd99-dklkl(v1:metadata.name)AGENT_NAMESPACE:default(v1:metadata.namespace)APP_PORT:8080Mounts:/var/run/secrets/kubernetes.io/serviceaccountfromdefault-token-zkwqq(ro)Conditions:TypeStatusInitializedTrueReadyTrueContainersReadyTruePodScheduledTrueVolumes:default-token-zkwqq:Type:Secret(avolumepopulatedbyaSecret)SecretName:default-token-zkwqqOptional:falseQoSClass:BestEffortNode-Selectors:<none>Tolerations:node.kubernetes.io/not-ready:NoExecuteop=Existsfor300snode.kubernetes.io/unreachable:NoExecuteop=Existsfor300sEvents:TypeReasonAgeFromMessage-------------------------NormalScheduled19mdefault-schedulerSuccessfullyassigneddefault/hello-75c8ffd99-dklkltobobtesterNormalPulled19mkubeletContainerimage"k8s.gcr.io/echoserver:1.4"alreadypresentonmachineNormalCreated19mkubeletCreatedcontainerechoserverNormalStarted19mkubeletStartedcontainerechoserverNormalPulled19mkubeletContainerimage"docker.io/datawire/tel2:2.0.2"alreadypresentonmachineNormalCreated19mkubeletCreatedcontainertraffic-agentNormalStarted19mkubeletStartedcontainertraffic-agentUninstallingYoucanuninstallthetraffic-agentfromspecificdeploymentsorfromalldeployments.Oryoucanchoosetouninstalleverythinginwhichcasethetraffic-managerandalltraffic-agentswillbeuninstalled.
telepresenceuninstall--everythingwillremoveeverythingthatwasautomaticallyinstalledbytelepresencefromthecluster.
TroubleshootingThetelepresencebackgroundprocessesdaemonandconnectorbothproduceslogfilesthatcanbeveryhelpfulwhenproblemsareencountered.Thefilesarenameddaemon.logandconnector.log.Thelocationofthelogsdifferdependingonwhatplatformthatisused:
macOS~/Library/Logs/telepresenceLinux~/.cache/telepresence/logsComparisontoclassicTelepresenceTelepresencewilllaunchyourcommand,orashell,whenyoustartasession.Whenthatprogramends,thesessionendsandTelepresencecleansup.
WhatworksOutbound:Youcancurlaservicerunningintheclusterwhileasessionisrunning.Inbound:Youcaninterceptadeployment,causingallrequeststothatdeploymenttogotoyourlaptopinstead.Namespaces:Youcaninterceptmultipledeploymentsindifferentnamespacessimultaneously.Environmentvariables:Theenvironmentvariablesoftheinterceptedpodcanbecapturedinafileorpropagatedtoacommand.Filesystemforwardingforvolumemounts:Iftheinterceptedservicehasmountedvolumes,thosearemadeavailableasremotemountsonthedesktopduringanintercept.AlsoProxy:Ifyouhavearesourcethatisexternaltotheclusterthatisneededforyourintercept,youcancreateaHeadlessService(includingExternalName)thatpointstoyourresourcetoaccessitfromyourlocalmachine.Whatdoesn'tworkyetContainermethodWhatbehavesdifferentlyTelepresenceinstallstheTrafficManagerinyourclusterifitisnotalreadypresent.Thisdeploymentremainsunlessyouuninstallit.
TelepresenceinstallstheTrafficAgentasanadditionalcontainerinanydeploymentyouintercept,andmodifiesanyassociatedservicesitfindstoroutetrafficthroughtheagent.Thismodificationpersistsunlessyouuninstallit.
YoucanlaunchotherTelepresencesessionstothesameclusterwhileanexistingsessionisrunning,lettingyouinterceptotherdeployments.
评论