Let's walk through how to setup a k8 cluster on digitalocean with knative.
Digital Ocean
Start the cluster
Installing and configure the doctl tool. Then setup a cluster:
|
|
Once that's in place, make sure that you have a domain, in my case
gitgratitude.com
:
|
|
Installing knative
We are going to use the knative operator to setup the install. For
this post, we will only being using serving
.
Operator
|
|
Check status:
|
|
NAME READY UP-TO-DATE AVAILABLE AGE knative-operator 1/1 1 1 24h
Serving
We will now tell the operator to deploy knative serving, and we will
use kourier
, and set our domain to gitgratitude.com
:
serving.yml
:
|
|
|
|
namespace/knative-serving configured knativeserving.operator.knative.dev/knative-serving configured
And to see what the status of the deployment is:
|
|
Add default domain
Lets add the default domain serving as well.
|
|
job.batch/default-domain created service/default-domain-service created
Add the certmanager-controller
:
This tells knative to use the certmanager when services get created/deleted:
|
|
Set the cert-manager
config map
|
|
|
|
configmap/config-certmanager configured
Add revision garbage collection
|
|
|
|
configmap/config-gc configured
Install cert-manager
Install helm package
|
|
|
|
Configure letencrypt
Create certs.yaml
to define how we interact with let-encrypt. I'm
going to use the http challenge here.
Also replace wschenk@gmail.com
with your email address.
|
|
Then apply it:
|
|
DNS
Set the domain
My domain is gitgratitude.com
– you should use yours.
Check above where we setup knative-serving
.
Turn on auto-tls
and autocreate-cluster-domain-claims
:
|
|
configmap/config-network patched (no change)
DNS
Get the IP
|
|
"143.244.212.121"
|
|
ID Type Name Data Priority Port TTL Weight 280306756 A default 143.244.212.121 0 0 1800 0
Then setup a wildcard CNAME
to point to the root.
|
|
ID Type Name Data Priority Port TTL Weight 280306923 CNAME *.default default.gitgratitude.com 0 0 1800 0
Testing out a simple service
|
|
Creating service 'helloworld-go' in namespace 'default': 0.036s The Route is still working to reflect the latest desired specification. 0.064s Configuration "helloworld-go" is waiting for a Revision to become ready. 0.099s ... 17.273s ... 17.343s Ingress has not yet been reconciled. 17.416s Waiting for load balancer to be ready 17.628s Ready to serve. Service 'helloworld-go' created to latest revision 'helloworld-go-00001' is available at URL: http://helloworld-go.default.gitgratitude.com
And you should be able to hit your function now.
|
|
Hello GitHub!
Look to see if a tls endpoint has been added
|
|
NAME URL LATEST AGE CONDITIONS READY REASON helloworld-go https://helloworld-go.default.gitgratitude.com helloworld-go-00001 114s 3 OK / 3 True
Look at the certificates
|
|
NAME READY SECRET AGE route-7bbf3267-6eb1-4516-bbb8-e65d81e0b968 True route-7bbf3267-6eb1-4516-bbb8-e65d81e0b968 62s
|
|
* SSL connection using TLSv1.2 / ECDHE-RSA-CHACHA20-POLY1305 * ALPN, server accepted to use h2 * Server certificate: * subject: CN=helloworld-go.default.gitgratitude.com * start date: Dec 7 10:28:31 2021 GMT * expire date: Mar 7 10:28:30 2022 GMT * issuer: C=US; O=(STAGING) Let's Encrypt; CN=(STAGING) Artificial Apricot R3 * SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway. * Using HTTP2, server supports multi-use * Connection state changed (HTTP/2 confirmed) * Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0 * Using Stream ID: 1 (easy handle 0x120012a00) * Connection state changed (MAX_CONCURRENT_STREAMS == 2147483647)! * Connection #0 to host helloworld-go.default.gitgratitude.com left intact