使用 YAML 文件安装 Knative 服务¶

本节介绍如何使用kubectl命令行应用 YAML 文件来安装 Knative 服务。

先决条件¶

在安装Knative之前，您必须满足以下前提条件:

For prototyping purposes, Knative works on most local deployments of Kubernetes. For example, you can use a local, one-node cluster that has 3 CPUs and 4 GB of memory.

Tip

You can install a local distribution of Knative for development purposes using the Knative Quickstart plugin
For production purposes, it is recommended that:
- If you have only one node in your cluster, you need at least 6 CPUs, 6 GB of memory, and 30 GB of disk storage.
- If you have multiple nodes in your cluster, for each node you need at least 2 CPUs, 4 GB of memory, and 20 GB of disk storage.
- You have a cluster that uses Kubernetes v1.23 or newer.
- You have installed the kubectl CLI.
- Your Kubernetes cluster must have access to the internet, because Kubernetes needs to be able to fetch images. To pull from a private registry, see Deploying images from a private container registry.

Caution

The system requirements provided are recommendations only. The requirements for your installation might vary, depending on whether you use optional components, such as a networking layer.

安装 Knative Serving 组件¶

安装 Knative Serving 组件。

Install the required custom resources by running the command:

kubectl apply -f https://storage.googleapis.com/knative-nightly/serving/latest/serving-crds.yaml

Install the core components of Knative Serving by running the command:
```
kubectl apply -f https://storage.googleapis.com/knative-nightly/serving/latest/serving-core.yaml
```
Info

For information about the YAML files in Knative Serving, see Knative Serving installation files.

安装网络层¶

下面的选项卡展开显示安装网络层的说明。按照以下步骤选择网络层:

Kourier (Choose this if you are not sure)IstioContour

The following commands install Kourier and enable its Knative integration.

Install the Knative Kourier controller by running the command:

kubectl apply -f https://storage.googleapis.com/knative-nightly/net-kourier/latest/kourier.yaml

Configure Knative Serving to use Kourier by default by running the command:

kubectl patch configmap/config-network \
  --namespace knative-serving \
  --type merge \
  --patch '{"data":{"ingress-class":"kourier.ingress.networking.knative.dev"}}'

Fetch the External IP address or CNAME by running the command:
```
kubectl --namespace kourier-system get service kourier
```
Tip

Save this to use in the following Configure DNS section.

The following commands install Istio and enable its Knative integration.

Install a properly configured Istio by following the Advanced Istio installation instructions or by running the command:

kubectl apply -l knative.dev/crd-install=true -f https://storage.googleapis.com/knative-nightly/net-istio/latest/istio.yaml
kubectl apply -f https://storage.googleapis.com/knative-nightly/net-istio/latest/istio.yaml

Install the Knative Istio controller by running the command:

kubectl apply -f https://storage.googleapis.com/knative-nightly/net-istio/latest/net-istio.yaml

Fetch the External IP address or CNAME by running the command:
```
kubectl --namespace istio-system get service istio-ingressgateway
```
Tip

Save this to use in the following Configure DNS section.

The following commands install Contour and enable its Knative integration.

Install a properly configured Contour by running the command:

kubectl apply -f https://storage.googleapis.com/knative-nightly/net-contour/latest/contour.yaml

Install the Knative Contour controller by running the command:

kubectl apply -f https://storage.googleapis.com/knative-nightly/net-contour/latest/net-contour.yaml

Configure Knative Serving to use Contour by default by running the command:

kubectl patch configmap/config-network \
  --namespace knative-serving \
  --type merge \
  --patch '{"data":{"ingress-class":"contour.ingress.networking.knative.dev"}}'

Fetch the External IP address or CNAME by running the command:
```
kubectl --namespace contour-external get service envoy
```
Tip

Save this to use in the following Configure DNS section.

验证安装¶

Success

监视Knative组件，直到所有组件显示STATUS为Running或Completed。可以通过运行以下命令并检查输出:

kubectl get pods -n knative-serving

Example output:

NAME                                      READY   STATUS    RESTARTS   AGE
3scale-kourier-control-54cc54cc58-mmdgq   1/1     Running   0          81s
activator-67656dcbbb-8mftq                1/1     Running   0          97s
autoscaler-df6856b64-5h4lc                1/1     Running   0          97s
controller-788796f49d-4x6pm               1/1     Running   0          97s
domain-mapping-65f58c79dc-9cw6d           1/1     Running   0          97s
domainmapping-webhook-cc646465c-jnwbz     1/1     Running   0          97s
webhook-859796bc7-8n5g2                   1/1     Running   0          96s

配置 DNS¶

可以配置DNS以避免使用主机标头运行curl命令。

下面的选项卡展开显示配置DNS的说明。按照以下步骤选择DNS:

Magic DNS (sslip.io)Real DNS临时DNS

Knative provides a Kubernetes Job called default-domain that configures Knative Serving to use sslip.io as the default DNS suffix.

kubectl apply -f https://storage.googleapis.com/knative-nightly/serving/latest/serving-default-domain.yaml

Warning

This will only work if the cluster LoadBalancer Service exposes an IPv4 address or hostname, so it will not work with IPv6 clusters or local setups like minikube unless minikube tunnel is running.

In these cases, see the "Real DNS" or "Temporary DNS" tabs.

要为Knative配置DNS，请从建立网络中获取External IP或CNAME，并按照以下方法与您的DNS提供商进行配置:

If the networking layer produced an External IP address, then configure a wildcard A record for the domain:

# Here knative.example.com is the domain suffix for your cluster
*.knative.example.com == A 35.233.41.212

If the networking layer produced a CNAME, then configure a CNAME record for the domain:

# Here knative.example.com is the domain suffix for your cluster
*.knative.example.com == CNAME a317a278525d111e89f272a164fd35fb-1510370581.eu-central-1.elb.amazonaws.com

Once your DNS provider has been configured, direct Knative to use that domain:

# Replace knative.example.com with your domain suffix
kubectl patch configmap/config-domain \
  --namespace knative-serving \
  --type merge \
  --patch '{"data":{"knative.example.com":""}}'

如果您正在使用curl访问样例应用程序，或者您自己的Knative应用程序，并且不能使用"Magic DNS (sslip.io)"或“Real DNS”方法，那么有一种临时的方法。这对于那些希望在不更改DNS配置的情况下评估Knative的人是很有用的，就像"Real DNS"方法一样，或者因为使用本地minikube或IPv6集群而不能使用 "Magic DNS"方法。

要使用curl访问你的应用程序，使用以下方法:

启动应用程序后，获取应用程序的URL:

kubectl get ksvc

The output should be similar to:

NAME            URL                                        LATESTCREATED         LATESTREADY           READY   REASON
helloworld-go   http://helloworld-go.default.example.com   helloworld-go-vqjlf   helloworld-go-vqjlf   True

Instruct curl to connect to the External IP or CNAME defined by the networking layer mentioned in section 3, and use the -H "Host:" command-line option to specify the Knative application's host name. For example, if the networking layer defines your External IP and port to be http://192.168.39.228:32198 and you wish to access the helloworld-go application mentioned earlier, use:
```
curl -H "Host: helloworld-go.default.example.com" http://192.168.39.228:32198
```
In the case of the provided helloworld-go sample application, using the default configuration, the output is:
```
Hello Go Sample v1!
```
Refer to the "Real DNS" method for a permanent solution.

安装可选的服务扩展¶

下面的选项卡展开显示安装每个服务扩展的说明。

HPA autoscalingTLS with cert-managerTLS with HTTP01

Knative also supports the use of the Kubernetes Horizontal Pod Autoscaler (HPA) for driving autoscaling decisions.

Install the components needed to support HPA-class autoscaling by running the command:

kubectl apply -f https://storage.googleapis.com/knative-nightly/serving/latest/serving-hpa.yaml

Knative supports automatically provisioning TLS certificates through cert-manager. The following commands install the components needed to support the provisioning of TLS certificates through cert-manager.

Install cert-manager version v1.0.0 or later.

Install the component that integrates Knative with cert-manager by running the command:

kubectl apply -f https://storage.googleapis.com/knative-nightly/net-certmanager/latest/release.yaml

Configure Knative to automatically configure TLS certificates by following the steps in Enabling automatic TLS certificate provisioning.

Knative supports automatically provisioning TLS certificates using Encrypt HTTP01 challenges. The following commands install the components needed to support TLS.

Install the net-http01 controller by running the command:

kubectl apply -f https://storage.googleapis.com/knative-nightly/net-http01/latest/release.yaml

Configure the certificate-class to use this certificate type by running the command:

kubectl patch configmap/config-network \
  --namespace knative-serving \
  --type merge \
  --patch '{"data":{"certificate-class":"net-http01.certificate.networking.knative.dev"}}'

Enable autoTLS by running the command:

kubectl patch configmap/config-network \
  --namespace knative-serving \
  --type merge \
  --patch '{"data":{"auto-tls":"Enabled"}}'