使用kt-connetct实现k8s网络互通
目录
一、linux直接访问Kubernetes集群内部网络
1.部署实例
2.在k8s集群外的centos主机安装kt-connect
3.连接集群
4.访问集群资源
二、windows直接访问Kubernetes集群内部网络
1.在window机器安装kubeclt
2.配置集群api文件
3.配置kt-connect
4.访问验证
KtConnect介绍:阿里开源的k8s的调试工具,它的作用类似于VPN,实现了开发者本地运行的服务与Kubernetes集群中的服务之间的双向互通。
https://github.com/alibaba/kt-connect
KT: A simple kubernetes development tools
一、linux直接访问Kubernetes集群内部网络
前置条件:在需要访问k8s内部网络的lcentos安装kubectl,并配置好集群证书。
1.部署实例
kubectl create deployment nginx -n lishanbin-public-servcie --image=registry.cn-shenzhen.aliyuncs.com/lishanbin/nginx:1.0.0 --port=80kubectl expose deployment nginx -n lishanbin-public-servcie --port=80 --target-port=80查询Pod和服务的IP地址:
[app@master1 yaml]$ kubectl get svc -n lishanbin-public-servcie
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
nginx ClusterIP 10.207.136.215 80/TCP 3m31s
[app@master1 yaml]$ kubectl get pod -n lishanbin-public-servcie -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-6698c59b8f-lvjbn 1/1 Running 0 7m33s 10.206.36.203 11.12.13.14 可知nginx实例的Pod IP为10.206.36.203,服务的Cluster IP为10.207.136.215,记下待用。
2.在k8s集群外的centos主机安装kt-connect
$ curl -OL https://github.com/alibaba/kt-connect/releases/download/v0.3.5-beta1/ktctl_0.3.5-beta1_Linux_x86_64.tar.gz
$ tar zxf ktctl_0.3.5-beta1_Linux_x86_64.tar.gz
$ mv ktctl /usr/local/bin/ktctl
$ ktctl help3.连接集群
ktctl connect
11:35AM INF Using cluster context local (local)
11:35AM INF KtConnect 0.3.5-beta1 start at 22081 (linux amd64)
11:35AM INF Fetching cluster time ...
11:35AM INF Successful create config map kt-connect-shadow-radtu
11:35AM INF Deploying shadow pod kt-connect-shadow-radtu in namespace default
11:35AM INF Waiting for pod kt-connect-shadow-radtu ...
11:36AM INF Pod kt-connect-shadow-radtu is ready
11:36AM INF Port forward local:16737 -> pod kt-connect-shadow-radtu:22 established
11:36AM INF Socks proxy established
11:36AM INF Tun device kt0 is ready
11:36AM INF Adding route to 10.207.0.0/16
11:36AM INF Adding route to 10.206.0.0/16
11:36AM INF Route to tun device completed
11:36AM INF Setting up dns in local mode
11:36AM INF Port forward local:11083 -> pod kt-connect-shadow-radtu:53 established
11:36AM INF Setup local DNS with upstream [tcp:127.0.0.1:11083 udp:114.114.114.114:53]
11:36AM INF Creating udp dns on port 10053
11:36AM INF ---------------------------------------------------------------
11:36AM INF All looks good, now you can access to resources in the kubernetes cluster
11:36AM INF ---------------------------------------------------------------
4.访问集群资源
curl 10.206.36.203:80
Welcome to nginx!
Welcome to nginx! the version is 1.0.0
If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.
For online documentation and support please refer to
nginx.org.
Commercial support is available at
nginx.com.
Thank you for using nginx.
二、windows直接访问Kubernetes集群内部网络
1.在window机器安装kubeclt
可以参考:在 Windows 上安装 kubectl | Kubernetes
下载windows版kubectl软件包
将下载好的kubectl.exe软件放到G:\Users\Administrator路径下:(Administrator为自己pc登录的用户名)
配置环境变量:
2.配置集群api文件
下载k8s集群的~/.kube/config文件并配置
下载k8s集群~/.kube/config文件,然后在本地pc的G:\Users\Administrator路径下创建.kube目录,然后将下载好的config文件放到该目录下:
3.配置kt-connect
下载windows版本的https://github.com/alibaba/kt-connect/blob/master/docs/zh-cn/guide/downloads.md
下载后使用cmd命令行启动:
ktctl.exe connect
4.访问验证
直接在window访问pod CLUSTER-IP
