Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

如何通过karmada控制面apiserver代理访问成员集群 #451

Closed
chestarss opened this issue Jun 18, 2021 · 10 comments
Closed

如何通过karmada控制面apiserver代理访问成员集群 #451

chestarss opened this issue Jun 18, 2021 · 10 comments
Labels
kind/question Indicates an issue that is a support question.

Comments

@chestarss
Copy link

比如分发文件到成员集群中的pod, 希望能通过控制面的apiserver代理到实际的目标集群。

@chestarss chestarss added the good first issue Denotes an issue ready for a new contributor, according to the "help wanted" guidelines. label Jun 18, 2021
@RainbowMango RainbowMango added kind/question Indicates an issue that is a support question. and removed good first issue Denotes an issue ready for a new contributor, according to the "help wanted" guidelines. labels Jun 21, 2021
@RainbowMango
Copy link
Member

如果 join 集群时使用的KUBECONFIG文件中带了Proxy信息,那么Karmada就会使用代理于成员集群通信。

@GitHubxsy
Copy link
Contributor

GitHubxsy commented Jun 23, 2021

我理解@chestarss 的意思是,想通过 karmada-apiserver统一入口 访问成员集群。
扩展Kubernetes API方式

  1. CustomResourceDefinition 扩展 Kubernetes API

  2. 通过聚合层(Aggregation Layer)扩展 Kubernetes API

  3. 设置 Konnectivity 服务(egressSelector )
    https://github.com/kubernetes-sigs/apiserver-network-proxy

  4. 代理模式

  • kubectl 代理

      	kubectl proxy --port=8080
      	curl http://localhost:8080/api/
    
  • apiserver proxy

                    http://kubernetes_master_address/api/v1/namespaces/namespace_name/services/service_name[:port_name]/proxy
    

以上是几种扩展kubernetes API的方式。也许有用。 @chestarss 你有更好的想法吗?

@chestarss
Copy link
Author

我理解@chestarss 的意思是,想通过 karmada-apiserver统一入口 访问成员集群。
扩展Kubernetes API方式

  1. CustomResourceDefinition 扩展 Kubernetes API
  2. 通过聚合层(Aggregation Layer)扩展 Kubernetes API
  3. 设置 Konnectivity 服务(egressSelector )
    https://github.com/kubernetes-sigs/apiserver-network-proxy
  4. 代理模式
  • kubectl 代理
      	kubectl proxy --port=8080
      	curl http://localhost:8080/api/
    
  • apiserver proxy
                    http://kubernetes_master_address/api/v1/namespaces/namespace_name/services/service_name[:port_name]/proxy
    

以上是几种扩展kubernetes API的方式。也许有用。 @chestarss 你有更好的想法吗?

正常情况访问 https://karmada-apiserver/api/v1/namespaces 返回控制面的ns列表。
如果要获取成员某个集群的ns列表,api扩展支持下类似
https://karmada-apiserver/api/v1/namespaces?cluster=member1
https://karmada-apiserver/api/v1/namespaces?cluster=member2

@RainbowMango
Copy link
Member

Yeah, that's the planed feature Aggregated K8s API endpoint.

No clear solution yet.

@wuzhengxuan
Copy link

我理解@chestarss 的意思是,想通过 karmada-apiserver统一入口 访问成员集群。
扩展Kubernetes API方式

  1. CustomResourceDefinition 扩展 Kubernetes API
  2. 通过聚合层(Aggregation Layer)扩展 Kubernetes API
  3. 设置 Konnectivity 服务(egressSelector )
    https://github.com/kubernetes-sigs/apiserver-network-proxy
  4. 代理模式
  • kubectl 代理
      	kubectl proxy --port=8080
      	curl http://localhost:8080/api/
    
  • apiserver proxy
                    http://kubernetes_master_address/api/v1/namespaces/namespace_name/services/service_name[:port_name]/proxy
    

以上是几种扩展kubernetes API的方式。也许有用。 @chestarss 你有更好的想法吗?

如果在karmada创建了deployment,从karmada获取成员集群所有pod的信息,后续是否有考虑支持呢

@RainbowMango
Copy link
Member

如果在karmada创建了deployment,从karmada获取成员集群所有pod的信息,后续是否有考虑支持呢

不仅pod信息,成员集群所有资源信息都会提供查询接口或组件,相关设计正在进行中。如果有任何意见或建议都可以提出来。

针对Pod,可以有更具体的支持,比如查看运行日志,远程登入等。

@2hangchen
Copy link
Contributor

如果在karmada创建了deployment,从karmada获取成员集群所有pod的信息,后续是否有考虑支持呢

不仅pod信息,成员集群所有资源信息都会提供查询接口或组件,相关设计正在进行中。如果有任何意见或建议都可以提出来。

针对Pod,可以有更具体的支持,比如查看运行日志,远程登入等。

请问这个需求目前实现了吗?

@RainbowMango
Copy link
Member

The feature is onboarding, you can refer to #754, and get updates from the community meeting.

@RainbowMango
Copy link
Member

/close
Continue the discussion on #1077.

@karmada-bot
Copy link
Collaborator

@RainbowMango: Closing this issue.

In response to this:

/close
Continue the discussion on #1077.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
kind/question Indicates an issue that is a support question.
Projects
None yet
Development

No branches or pull requests

6 participants