Telepresence简介
在微服务架构中,本地开发和调试往往是一项具有挑战性的任务。Telepresence 是一种强大的工具,使得开发者本地机器上开发微服务时能够与运行在 Kubernetes 集群中的其他服务无缝交互。本文将深入探讨 Telepresence 的架构、运行原理,并通过实际的案例演示其强大功能。
Telepresence 架构
Telepresence CLI
Telepresence CLI(命令行界面)负责协调工作站上的各个组件:它启动 Telepresence 后台进程,充当用户接口与 Telepresence User-Daemon
进行交互。
Telepresence Daemons
Telepresence 会在开发者机器上运行2个后台进程,它们作为与集群网络通信的主要交点,以便与集群通信并处理拦截的流量。
User -Daemon
User-Daemon
协调通过与 Traffic Manager
通信创建和删除拦截。所有与集群的请求都经过此 Daemon。
Root-Daemon
Root-Daemon
通过设置虚拟网络设备(VIF)来管理在本地工作站和集群之间处理流量所需的网络。
Traffic Manager
Traffic Manager
是集群中 Traffic Agent
和开发者工作站上的 Telepresence Daemons
之间通信的中心。它负责将 Traffic Agent sidecar
注入到被拦截的 pod 中,代理所有相关的入站和出站流量,并跟踪活动的拦截。
Traffic Manager
可以通过 Helm Chart
由集群管理员安装,或者由 Telepresence User-Daemon
按需安装。当User-Daemon
执行初始连接时,它首先检查集群是否存在 Traffic Manager
部署,如果缺失,则尝试使用其内置的 Helm Chart
进行安装。
Traffic Agent
Traffic Agent
是一个支持拦截的 sidecar
容器。当首次启动拦截时,Traffic Agent
容器被注入到工作负载的 pod(s) 中。您可以通过运行 telepresence list
或 kubectl describe pod <pod-name>
查看 Traffic Agent 的状态。
根据创建的拦截类型,Traffic Agent 将将传入的请求路由到 Traffic Manager
以便路由到开发者的工作站,或将其传递给 pod 中通常在该端口上处理请求的容器。
安装客户端
下载最新的客户端 Releases · telepresenceio/telepresence · GitHub
[root@docker ~]# mv telepresence-linux-amd64 /usr/local/bin/telepresence
[root@docker ~]# chmod u+x /usr/local/bin/telepresence
[root@docker ~]# telepresence version
OSS Client : v2.17.0
Root Daemon: not running
User Daemon: not running
安装 traffic manager
Install/Uninstall the Traffic Manager | Ambassador Telepresence (getambassador.io)
telepresence/charts/telepresence at release/v2 · telepresenceio/telepresence · GitHub
[root@docker ~]# telepresence helm install
Traffic Manager installed successfully
本地直接访问集群内的服务
Telepresence and VPNs | Ambassador Telepresence (getambassador.io)
[root@docker ~]# telepresence connect
telepresence connect: error: connector.Connect: subnet 172.20.0.0/16 overlaps with existing route "0.0.0.0/0 via ::1 dev lo, gw <nil>". Please see https://www.getambassador.io/docs/telepresence/latest/reference/vpn for more information
# 如果提示类似上面的错误信息,将 CLUSTER_CIDR 和 SERVICE_CIDR 添加到 allow-conflicting-subnets 选项中
[root@docker ~]# telepresence connect --allow-conflicting-subnets 172.20.0.0/16,10.244.0.0/16
Launching Telepresence User Daemon
Launching Telepresence Root Daemon
Connected to context admin@kubernetes, namespace default (https://192.168.36.151:6443)
[root@docker ~]# telepresence status
OSS User Daemon: Running
Version : v2.17.0
Executable : /usr/local/bin/telepresence
Install ID : fa4e92f6-4362-41a8-a926-034f33045001
Status : Connected
Kubernetes server : https://192.168.36.151:6443
Kubernetes context: admin@kubernetes
Connection name : admin_kubernetes-default
Namespace : default
Manager namespace : ambassador
Intercepts : 0 total
OSS Root Daemon: Running
Version : v2.17.0
Version : v2.17.0
DNS :
Local IP : 192.168.36.128
Remote IP : 10.244.209.3
Exclude suffixes: [.com .io .net .org .ru]
Include suffixes: []
Timeout : 8s
Also Proxy : (0 subnets)
Never Proxy: (1 subnets)
- 192.168.36.151/32
# 查看当前namespace下有哪些服务
[root@docker ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
http-dump ClusterIP 172.20.156.194 <none> 80/TCP 4m55s
kubernetes ClusterIP 172.20.0.1 <none> 443/TCP 42d
# 现在本地已经可以直接解析和访问集群内的服务了
[root@docker ~]# nslookup http-dump
Server: 192.168.36.128
Address: 192.168.36.128#53
Name: http-dump.default.svc.cluster.local
Address: 172.20.156.194
[root@docker ~]# curl http-dump.default.svc.cluster.local
Server: http-dump-796bc44557-zsckw
GET / HTTP/1.1
Host: http-dump.default.svc.cluster.local
Accept: */*
User-Agent: curl/7.29.0
将集群内服务流量拦截到本地
[root@docker ~]# telepresence list
http-dump: ready to intercept (traffic-agent not yet installed)
# 在本地启动 http-dump 服务
[root@docker http-dump]# ./http-dump
2024/01/29 18:32:53 http-dump is listening at :8080
# 将集群内的 http-dump 服务拦截到本地的 http-dump
[root@docker ~]# telepresence intercept http-dump --port 8080
Using Deployment http-dump
Intercept name : http-dump
State : ACTIVE
Workload kind : Deployment
Destination : 127.0.0.1:8080
Volume Mount Error: sshfs is not installed on your local machine
Intercepting : all TCP connections
[root@docker ~]# telepresence list
http-dump: intercepted
Intercept name: http-dump
State : ACTIVE
Workload kind : Deployment
Destination : 127.0.0.1:8080
Intercepting : all TCP connections
# 再次请求 http-dump.default.svc.cluster.local 服务,已显示是本地服务的响应结果
[root@docker ~]# curl http-dump.default.svc.cluster.local
Server: docker
GET / HTTP/1.1
Host: http-dump.default.svc.cluster.local
Accept: */*
User-Agent: curl/7.29.0
# 删除对http-dump的拦截
[root@docker ~]# telepresence leave http-dump
[root@docker ~]# telepresence quit
Telepresence Daemons disconnecting...done
卸载
[root@docker ~]# telepresence helm uninstall
Traffic Manager uninstalled successfully