kubebuilder combat eight: a small note of knowledge

头像
程序员欣宸
    阅读 5 分钟
    中文

    Welcome to my GitHub

    https://github.com/zq2599/blog_demos

    Content: Classification and summary of all original articles and supporting source code, involving Java, Docker, Kubernetes, DevOPS, etc.;

    Links to series of articles

    1. kubebuilder combat one: preparation work
    2. kubebuilder combat 2: first experience with kubebuilder
    3. kubebuilder combat three: a
    4. kubebuilder combat four: operator requirement description and design
    5. kubebuilder combat five: operator code
    6. kubebuilder combat six: build, deploy and run
    7. kubebuilder combat seven: webhook
    8. kubebuilder combat eight: a small note of knowledge

    Overview of this article

    Seven articles have been written in the "kubebuilder actual combat" series. I have encountered many problems before. After the bumps are resolved, I intend to summarize in this article as a reminder. It mainly consists of the following parts:

    1. Status field of CRD;
    2. Choose the right mirror warehouse
    3. Skip webhook when running controller locally
    4. The controller pod has two containers
    5. Common operation commands
    6. Next, we will organize them one by one. Without writing code for today’s content, let’s have a relaxed and happy reading;

    Status field of CRD

    • This pit is dug by yourself, I hope you can avoid it in advance;
    • Recalling elasticweb's CRD, its data structure code is as follows:

    在这里插入图片描述

    • The Status data structure of this CRD has only one field <font color="blue">RealQPS</font>, the Tag of this field (that is, the red box in the above figure), and the inside <font color="blue">omitempty</font >Attributes<font color="red"> are very important! ! ! </font>
    • If there is no <font color="blue">omitempty</font> attribute in the RealQPS Tag, what will happen?
    • In fact, before developing the webhook, I accidentally omitted the <font color="blue">omitempty</font> property of RealQPS, but the entire controller can work normally, and the function of elasticweb has reached our expectations, that is If the status field does not have the <font color="blue">omitempty</font> attribute, it will not affect the function of the operator;
    • However, after enabling the webhook, an error was reported when creating the resource object:
    zhaoqin@zhaoqindeMBP-2 elasticweb % kubectl apply -f config/samples/elasticweb_v1_elasticweb.yaml
namespace/dev created
The ElasticWeb "elasticweb-sample" is invalid: status.realQPS: Invalid value: "null": status.realQPS in body must be of type integer: "null"
    • In other words, in the field of the Status data structure, if the json tag has no <font color="blue">omitempty</font> attribute, the creation of the resource object will fail after webhook is enabled;

    Choose the right mirror warehouse

    • If you have read the previous article, you should remember the command to build the image:
    make docker-build docker-push IMG=bolingcavalry/elasticweb:001
    • Because the account I registered on hub.docker.com is <font color="blue">bolingcavalry</font>, the above command can push the prepared local image to hub.docker.com warehouse (remember to advance Log in with the docker login command);
    • As long as the image is uploaded to hub.docker.com, kubernetes that can access the external network can use this operator directly, which is very convenient;
    • But the process of uploading to hub.docker.com is painful. It takes half an hour to wait and exits due to timeout. (Image acceleration is effective when downloading, but when uploading, it seems to me that there is no effect. It may be I won’t use it, please give me some advice if you know);
    • Fortunately, I have registered with Alibaba Cloud and can use the mirror warehouse above. The entrance is as follows:

    在这里插入图片描述

    • As shown in the figure below, create a public mirror warehouse, click the red box 2, you can see the detailed login, upload, and pull commands, click the red box 3 to modify the login password:

    在这里插入图片描述

    • After using Alibaba Cloud's image service, the operation command is changed to the following:
    make docker-build docker-push IMG=registry.cn-hangzhou.aliyuncs.com/bolingcavalry/elasticweb:001
    • The entire upload speed has also been improved a lot, basically the mirror upload can be completed within 3 minutes;
    • If you do not have an Alibaba Cloud account, or are not satisfied with the speed of Alibaba Cloud, you can also build your own mirror warehouse. Of course, the speed in your own intranet will not be mentioned. The details are not expanded here. Here are two reference articles:
    1. CentOS deploys Harbor mirror warehouse
    2. Synology DS218+ deploy Harbor (1.10.3)

    Skip webhook when running controller locally

    • There are two deployment methods for the controller: deployed in the kubernetes environment, or run independently outside the kubernetes environment
    • In the coding stage, we usually choose to run the controller on our own computer, which saves time and troubles related to mirroring operations;
    • However, if webhook is used, due to its special authentication method, the certificate issued by kubernetes needs to be placed locally (/tmp/k8s-webhook-server/serving-certs/ directory), which makes us a dilemma:
    1. Choose to deploy in the kubernetes environment, to make and upload the mirror;
    2. Choose to run outside the kubernetes environment, and place the issued certificate in the specified directory;
    • In the face of the above dilemma, the official gave a suggestion, <font color="blue">if webhook is temporarily not available during the development phase (note this premise)</font>, then you can use a little when running the controller locally Small means to block the webhook function, the specific operation consists of the following two steps:
    • The first is to modify the main.go code, as shown in the figure below. The red box is the newly added code, which actually adds a judgment. If the environment variable <font color="blue">ENABLE_WEBHOOKS</font> is equal to false, it will not be executed. Webhook related logic:
      在这里插入图片描述

    • Second, the command to start the controller locally, which used to be <font color="blue">make run</font>, is now changed to the following command, which adds a parameter:

      make run ENABLE_WEBHOOKS=false
    • Now the controller can be started normally, and the functions are also normal, but all the webhook-related functions are not effective;

    The controller pod has two containers

    • If the controller is deployed in the kubernetes environment, it exists in the form of a pod, which means that the webhook and reconcile code we write runs in this pod;
    • There are actually two containers in the above pod. Use the <font color="blue">kubectl describe</font> command to see this pod, as shown in the figure below, you can see the name is <font color="red">manager</font> The container is where the controller code runs:

    在这里插入图片描述

    • There are two containers in a pod, which have a slight impact on our daily operations. To put it simply, use the <font color="blue">kubectl logs</font> command to view the controller log, use <font color=" blue"> -c </font>The parameter specifies the container, the complete command is as follows:
    kubectl logs -f \
elasticweb-controller-manager-58576f4cb-hzchl \
-c manager \
-n elasticweb-system

    Common operation commands

    • Finally, the commonly used operating commands are sorted out for daily use:
    1. Create the operator project:
    kubebuilder init --domain com.bolingcavalry
    1. Create API
    kubebuilder create api \
--group webapp \
--version v1 \
--kind Guestbook
    1. Create webhook
    kubebuilder create webhook \
--group elasticweb \
--version v1 \
--kind ElasticWeb \
--defaulting \
--programmatic-validation
    1. Build and deploy CRD
    make install
    1. Run the controller locally
    make run
    1. Build an image and push to the warehouse
    make docker-build docker-push IMG=registry.cn-hangzhou.aliyuncs.com/bolingcavalry/elasticweb:001
    1. Deploy the controller to kubernetes
    make deploy IMG=registry.cn-hangzhou.aliyuncs.com/bolingcavalry/elasticweb:001
    1. Create elasticweb resource object
    kubectl apply -f config/samples/elasticweb_v1_elasticweb.yaml
    1. Delete elasticweb resource object
    kubectl delete -f config/samples/elasticweb_v1_elasticweb.yaml
    1. Delete controller
    kustomize build config/default | kubectl delete -f -
    1. Delete CRD
    make uninstall
    1. View log
    kubectl logs -f \
elasticweb-controller-manager-58576f4cb-hzchl \
-c manager \
-n elasticweb-system
    • At this point, the summary of knowledge points during the actual combat of kubebuilder is complete. If you are learning and developing operator, I hope this summary can give you some reference;

    You are not alone, Xinchen and original are with you all the way

    1. Java series
    2. Spring series
    3. Docker series
    4. kubernetes series
    5. database + middleware series
    6. DevOps series

    Welcome to pay attention to the public account: programmer Xin Chen

    Search "Programmer Xin Chen" on WeChat, I am Xin Chen, and I look forward to traveling the Java world with you...
    https://github.com/zq2599/blog_demos
    云计算
    程序员欣宸
    147 声望24 粉丝

    热爱Java和Docker

    « 上一篇
    kubebuilder实战之七:webhook
    下一篇 »
    client-go实战之一:准备工作

    引用和评论

    推荐阅读
    头像
    quarkus依赖注入之十二:禁用类级别拦截器

    程序员欣宸阅读 616

    头像
    数据库的下一场革命:S3 延迟已降至原先的 10%,云数据库架构该进化了

    小猿姐阅读 1.3k

    头像
    一文读懂 DeepSeek 如何使用:慧星云 × DeepSeek 提供高效本地化部署服务

    慧星云阅读 1.1k

    头像
    英伟达打造个人 AI 超级计算机:Project DIGITS 震撼登场

    慧星云阅读 1k

    头像
    在 ApeCloud (云猿生数据)实习是怎样的体验?跟行业大佬练技术修为的一年小记

    小猿姐阅读 818

    头像
    基于 KubeBlocks 的 PikiwiDB(原Pika) 云化下一站

    小猿姐阅读 718

    头像
    阿里巴巴发布开源大模型:QVQ-72B-Preview 惊艳亮相

    慧星云阅读 663

    0 条评论
    得票最新