-
Notifications
You must be signed in to change notification settings - Fork 1
268 lines (238 loc) · 12.4 KB
/
gcloud-gke-knative.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
name: Deploy Knative on GKE
on:
workflow_dispatch:
inputs:
push:
#protection to avoid triggering when other workflow is modified
paths:
- '!.github/workflows/**'
- '.github/workflows/gcloud-gke-knative.yml'
env:
GITHUB_REPO: 'knative-on-cloud-kubernetes'
GCP_ZONE: us-central1-c
GCP_VERBOSITY: warning
# action can contain 'create', 'delete', 'create-delete' or ''
GKE_ACTION: create-delete
GKE_CLUSTER: gke-knative-cluster
#KN_VERSION: v0.17.0
KN_VERSION: 0.17
jobs:
deploy-knative-on-GKE-cluster:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Setup gcloud CLI
uses: GoogleCloudPlatform/github-actions/setup-gcloud@master
with:
project_id: ${{ secrets.GCP_PROJECT }}
service_account_key: ${{ secrets.GCP_SA_KEY }}
version: 'latest'
export_default_credentials: true
- name: Get gcloud version & info
run: |-
echo '--- gcloud version ---'
gcloud version
echo '--- gcloud info ---'
gcloud info --anonymize
- name: Cleanup old GKE cluster if needed
run: |-
gcloud container clusters list --verbosity=$GCP_VERBOSITY --zone=$GCP_ZONE --project=${{ secrets.GCP_PROJECT }}
gcloud container clusters delete $GKE_CLUSTER --verbosity=$GCP_VERBOSITY --project=${{ secrets.GCP_PROJECT }} --zone=$GCP_ZONE --quiet || true
- name: Create new GKE cluster
run: |-
if [[ $GKE_ACTION == *"create"* ]]
then
gcloud container clusters create $GKE_CLUSTER \
--addons=HorizontalPodAutoscaling,HttpLoadBalancing \
--enable-autoscaling \
--min-nodes=1 \
--max-nodes=10 \
--machine-type=n1-standard-4 \
--cluster-version=latest \
--enable-stackdriver-kubernetes \
--enable-ip-alias \
--enable-autorepair \
--zone $GCP_ZONE \
--verbosity=$GCP_VERBOSITY \
--project=${{ secrets.GCP_PROJECT }}
gcloud container clusters list --verbosity=$GCP_VERBOSITY --zone=$GCP_ZONE --project=${{ secrets.GCP_PROJECT }}
fi
gcloud container clusters list --verbosity=$GCP_VERBOSITY --project=${{ secrets.GCP_PROJECT }}
- name: Get the GKE credentials to be used with kubectl
run: |-
gcloud container clusters get-credentials $GKE_CLUSTER --zone $GCP_ZONE
- name: Get version via kubectl
run: |-
kubectl version
- name: Install Istio Operator via istioctl
run: |-
echo "create ns istio-system"
kubectl create ns istio-system
curl -L https://istio.io/downloadIstio | ISTIO_VERSION=1.7.0 sh -
export PATH="$PATH:/home/runner/work/$GITHUB_REPO/$GITHUB_REPO/istio-1.7.0/bin"
echo "istioctl version: $(istioctl version --remote=false)"
istioctl operator init
echo "apply istio-operator.yaml"
kubectl apply -f istio/istio-operator.yaml
# wait a bit for istio services to come up...
sleep 60s
# check proper install
echo "istio services:"
kubectl get services -n istio-system
kubectl get services -n istio-system | (grep 'istio-ingressgateway.*LoadBalancer' && echo 'servicei stio-ingressgateway ok')
kubectl get services -n istio-system | (grep 'istiod.*ClusterIP' && echo 'service istiod ok')
kubectl get services -n istio-system | ((wc -l | grep 3) && echo 'no unexpected service')
echo "istio pods:"
kubectl get pods -n istio-system
kubectl get pods -n istio-system | (grep 'istio-ingressgateway.*Running' && echo 'pod istio-ingressgateway ok')
kubectl get pods -n istio-system | (grep 'istiod.*Running' && echo 'pod istiod ok')
kubectl get pods -n istio-system | ((wc -l | grep 3) && echo 'no unexpected pod')
# https://knative.dev/docs/install/index.html
- name: Install the Custom Resource Definitions for Knative Serving features
run: |-
kubectl apply --filename https://github.com/knative/serving/releases/download/v$KN_VERSION.0/serving-crds.yaml
- name: Install the core components for Knative Serving features
run: |-
kubectl apply --filename https://github.com/knative/serving/releases/download/v$KN_VERSION.0/serving-core.yaml
- name: Install the Knative istio gatewway & add xip.io DNS for interactions with deployed workloads from public internet
run: |-
# some wait is needed or controller install may fail
sleep 60s
#
echo "kubectl get namespaces: "
kubectl get namespaces
echo "kubectl api resources: "
kubectl api-resources
echo "kubectl apply net-istio version: "
kubectl apply --filename https://github.com/knative/net-istio/releases/download/v$KN_VERSION.0/release.yaml
#install xip.io
kubectl apply --filename https://github.com/knative/serving/releases/download/v$KN_VERSION.0/serving-default-domain.yaml
- name: Install knative client (kn)
run: |-
curl --output kn https://storage.googleapis.com/knative-nightly/client/latest/kn-linux-amd64
chmod ugo+x kn
- name: Check if knative is running properly
run: |-
# wait a bit for knative to come up fully...
sleep 60s
#check presence of expected namespace knative-serving
kubectl get namespaces | grep 'knative-serving'
#check presence of expected services in namespace knative-serving
echo "kubectl get services -n knative-serving: "
kubectl get services -n knative-serving
kubectl get services -n knative-serving | (grep 'activator-service.*ClusterIP' && echo 'activator-service ok')
kubectl get services -n knative-serving | (grep 'autoscaler.*ClusterIP' && echo 'autoscaler ok')
kubectl get services -n knative-serving | (grep 'controller.*ClusterIP' && echo 'controller ok')
kubectl get services -n knative-serving | (grep 'istio-webhook.*ClusterIP' && echo 'istio-webhook ok')
kubectl get services -n knative-serving | (grep 'webhook.*ClusterIP' && echo 'webhook ok')
kubectl get services -n knative-serving | (grep 'default-domain-service.*ClusterIP' && echo 'default-domain-service ok')
kubectl get services -n knative-serving | ((wc -l | grep 7) && echo 'no unexpected service')
#check presence of expected pods in namespace knative-serving
echo "kubectl get pods -n knative-serving: "
kubectl get pods -n knative-serving
kubectl get pods -n knative-serving | (grep 'activator-.*Running' && echo 'activator pod ok')
kubectl get pods -n knative-serving | (grep 'autoscaler-.*Running' && echo 'autoscaler pod ok')
kubectl get pods -n knative-serving | (grep 'controller-.*Running' && echo 'controller pod ok')
kubectl get pods -n knative-serving | (grep 'default-domain-.*Completed' && echo 'default-domain pod ok')
kubectl get pods -n knative-serving | (grep 'istio-webhook-.*Running' && echo 'istio-webhook pod ok')
kubectl get pods -n knative-serving | (grep 'networking-istio-.*Running' && echo 'networking-istio pod ok')
kubectl get pods -n knative-serving | (grep 'webhook-.*Running' && echo 'istio-webhook pod ok')
kubectl get pods -n knative-serving | ((wc -l | grep 8) && echo 'no unexpected pod')
- name: Deploy helloworld-go and autoscale-go services
run: |-
# helloworld-go
./kn service delete helloworld-go || true
./kn service create helloworld-go --image gcr.io/knative-samples/helloworld-go --env TARGET="Go Sample v1"
echo "kn service desribe for helloworld-go: "
./kn service describe helloworld-go
#check proper deployment
echo 'kubectl get services -n default: '
kubectl get services -n default
kubectl get services -n default | (grep 'helloworld-go.*ClusterIP' && echo 'helloworld-go check 1 ok')
kubectl get services -n default | (grep 'helloworld-go-.*ClusterIP' && echo 'helloworld-go check 2 ok')
kubectl get services -n default | (grep 'helloworld-go-.*private.*ClusterIP' && echo 'helloworld-go check 3 ok')
kubectl get services -n default | (grep 'helloworld-go' | wc -l | grep 3 && echo 'no expected service for helloworld-go')
#autoscale-go
kubectl delete -f https://raw.githubusercontent.com/knative/docs/release-$KN_VERSION/docs/serving/autoscaling/autoscale-go/service.yaml || true
kubectl apply -f https://raw.githubusercontent.com/knative/docs/release-$KN_VERSION/docs/serving/autoscaling/autoscale-go/service.yaml
echo "kn service desribe for autoscale-go: "
./kn service describe autoscale-go
#check proper deployment
echo "kubectl get services -n default: "
kubectl get services -n default
kubectl get services -n default | (grep 'autoscale-go-.*ClusterIP' && echo 'autoscale-go check 1 ok')
kubectl get services -n default | (grep 'autoscale-go-.*private.*ClusterIP' && echo 'autoscale-go check 2 ok')
kubectl get services -n default | (grep 'autoscale-go' | wc -l | grep 2 && echo 'no expected service for autoscale-go')
- name: Grant (wide...) auths
run: |-
kubectl create clusterrolebinding anonymous-cluster-admin-binding --clusterrole=cluster-admin --user=system:anonymous || true
- name: Unit test for services
run: |-
# some time may be needed to propagate new DNS entries annd IP adresses
sleep 60s
#
kubectl get ksvc helloworld-go
export SERVICE_URL=$(kubectl get ksvc helloworld-go | grep -m 1 helloworld-go | awk '{print $2}')
echo "service url: $SERVICE_URL"
export SERVICE_DNS=$(echo "$SERVICE_URL" | sed -e 's/^http:\/\///g' -e 's/^https:\/\///g')
echo "service dns: $SERVICE_DNS"
while [[ $(nslookup "$SERVICE_DNS") == *'NXDOMAIN'* ]]
do
echo "sleep 5s for nslookup |$SERVICE_DNS|"
sleep 5s
done
nslookup "$SERVICE_DNS"
curl --insecure "$SERVICE_URL"
#
kubectl get ksvc autoscale-go
export SERVICE_URL=$(kubectl get ksvc autoscale-go | grep -m 1 autoscale-go | awk '{print $2}')
echo "service url: $SERVICE_URL"
export SERVICE_DNS=$(echo $SERVICE_URL | sed -e 's/^http:\/\///g' -e 's/^https:\/\///g')
echo "service dns: $SERVICE_DNS"
while [[ $(nslookup "$SERVICE_DNS") == *'NXDOMAIN'* ]]
do
echo "sleep 5s for nslookup |$SERVICE_DNS|"
sleep 5s
done
nslookup "$SERVICE_DNS"
curl --insecure "$SERVICE_URL/sleep=10&prime=100&bloat=1"
- name: Install hey
run: |-
sudo snap install hey
which hey
ls -al $(which hey)
- name: Run helloworld-go with max throughput via hey
run: |-
kubectl get ksvc helloworld-go | grep -m 1 helloworld-go
export SERVICE_URL=$(kubectl get ksvc helloworld-go | grep -m 1 helloworld-go | awk '{print $2}')
echo "get pods [before]: "
kubectl get pods -n default
echo "service url: $SERVICE_URL"
echo "run hey:"
hey -n 200000 "$SERVICE_URL"
echo "get pods [after]: "
kubectl get pods -n default
- name: Activate Knative autoscaling for autoscale-go via hey
run: |-
kubectl get ksvc autoscale-go | grep -m 1 autoscale-go
export SERVICE_URL=$(kubectl get ksvc autoscale-go | grep -m 1 autoscale-go | awk '{print $2}')
echo "get pods [before]: "
kubectl get pods -n default
echo "service url: $SERVICE_URL"
echo "run hey:"
hey -z 90s -q 350 "$SERVICE_URL?sleep=100&prime=10000&bloat=5"
echo "get pods [after]: "
kubectl get pods -n default
- name: Use kn to delete installed services
# would also be possible via : kubectl delete kservice helloworld-go. But, we want to test kn...
run: |-
./kn service delete helloworld-go
./kn service delete autoscale-go
- name: Delete GKE cluster
run: |-
if [[ $GKE_ACTION == *"delete"* ]]
then
gcloud container clusters delete $GKE_CLUSTER --verbosity=$GCP_VERBOSITY --project=${{ secrets.GCP_PROJECT }} --zone=$GCP_ZONE --quiet
fi
gcloud container clusters list --verbosity=$GCP_VERBOSITY --project=${{ secrets.GCP_PROJECT }}