OpenFaas

OpenFaas を Kubernetes 上にデプロイする

OpenFaas を Kubernetes 上にデプロイする。

Docker をインストールする

Docker インストール

1
2
3
4
5
6
7
8
9
10
11
12
13
14
$ sudo apt-get update
$ sudo apt-get install \
    apt-transport-https \
    ca-certificates \
    curl \
    gnupg2 \
    software-properties-common
$ curl -fsSL https://download.docker.com/linux/$(. /etc/os-release; echo "$ID")/gpg | sudo apt-key add -
$ sudo add-apt-repository \
  "deb [arch=amd64] https://download.docker.com/linux/$(. /etc/os-release; echo "$ID") \
  $(lsb_release -cs) \
  stable"
$ sudo apt-get update
$ sudo apt-get install docker-ce

Docker を一般ユーザー権限で使用できるように設定する

1
$ sudo usermod -g docker foo

faas-cli をインストールする

確認

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
$ curl -sLSf https://cli.openfaas.com | sudo sh
Finding latest version from GitHub
0.13.9
Downloading package https://github.com/openfaas/faas-cli/releases/download/0.13.9/faas-cli as /tmp/faas-cli
Download complete.

Running with sufficient permissions to attempt to move faas-cli to /usr/local/bin
New version of faas-cli installed to /usr/local/bin
Creating alias 'faas' for 'faas-cli'.
  ___                   _____           ____
 / _ \ _ __   ___ _ __ |  ___|_ _  __ _/ ___|
| | | | '_ \ / _ \ '_ \| |_ / _` |/ _` \___ \
| |_| | |_) |  __/ | | |  _| (_| | (_| |___) |
 \___/| .__/ \___|_| |_|_|  \__,_|\__,_|____/
      |_|

CLI:
 commit:  2cec97955a254358de5443987bedf8ceee272cf8
 version: 0.13.9

確認

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
$ faas-cli version
Unknown command "vrsion" for "faas-cli"

Did you mean this?
        version

ken@ken-pc:~$ faas-cli version
  ___                   _____           ____
 / _ \ _ __   ___ _ __ |  ___|_ _  __ _/ ___|
| | | | '_ \ / _ \ '_ \| |_ / _` |/ _` \___ \
| |_| | |_) |  __/ | | |  _| (_| | (_| |___) |
 \___/| .__/ \___|_| |_|_|  \__,_|\__,_|____/
      |_|

CLI:
 commit:  2cec97955a254358de5443987bedf8ceee272cf8
 version: 0.13.9

Minikube をインストールする

1
2
3
4
5
6
7
8
9
10
11
$ curl -LO https://storage.googleapis.com/minikube/releases/latest/minikube_latest_amd64.deb
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 19.8M  100 19.8M    0     0   826k      0  0:00:24  0:00:24 --:--:-- 1008k
ken@ken-pc:~$ sudo dpkg -i minikube_latest_amd64.deb
Selecting previously unselected package minikube.
(Reading database ... 38958 files and directories currently installed.)
Preparing to unpack minikube_latest_amd64.deb ...
Unpacking minikube (1.18.1-0) ...
Setting up minikube (1.18.1-0) ...
$ sudo dpkg -i minikube_latest_amd64.deb

確認

1
2
3
$ minikube version
minikube version: v1.18.1
commit: 09ee84d530de4a92f00f1c5dbc34cead092b95bc

Minikube を起動する

起動前の状態を確認する

1
2
3
$ minikube status
* Profile "minikube" not found. Run "minikube profile list" to view all profiles.
  - To start a cluster, run: "minikube start"

起動

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
$ minikube start --vm-driver=docker
* minikube v1.18.1 on Debian 10.9 (vbox/amd64)
* Using the docker driver based on user configuration

X The requested memory allocation of 2200MiB does not leave room for system overhead (total system memory: 3003MiB). You may face stability issues.
* Suggestion: Start minikube with less memory allocated: 'minikube start --memory=2200mb'

* Starting control plane node minikube in cluster minikube
* Pulling base image ...
* Downloading Kubernetes v1.20.2 preload ...
    > preloaded-images-k8s-v9-v1....: 491.22 MiB / 491.22 MiB  100.00% 519.83 K
* Creating docker container (CPUs=2, Memory=2200MB) ...
* Preparing Kubernetes v1.20.2 on Docker 20.10.3 ...
  - Generating certificates and keys ...
  - Booting up control plane ...
  - Configuring RBAC rules ...
* Verifying Kubernetes components...
  - Using imag

状態確認

1
2
3
4
5
6
7
8
$ minikube status
minikube
type: Control Plane
host: Running
kubelet: Running
apiserver: Running
kubeconfig: Configured
timeToStop: Nonexistent

kubectl をインストールする

インストール

1
2
3
4
5
6
$ curl -LO "https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl"
$ chmod +x ./kubectl
$ sudo mv ./kubectl /usr/local/bin/
$ kubectl version
Client Version: version.Info{Major:"1", Minor:"20", GitVersion:"v1.20.5", GitCommit:"6b1d87acf3c8253c123756b9e61dac642678305f", GitTreeState:"clean", BuildDate:"2021-03-18T01:10:43Z", GoVersion:"go1.15.8", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"20", GitVersion:"v1.20.2", GitCommit:"faecb196815e248d3ecfb03c680a4507229c2a56", GitTreeState:"clean", BuildDate:"2021-01-13T13:20:00Z", GoVersion:"go1.15.5", Compiler:"gc", Platform:"linux/amd64"}

OpenFaaS をデプロイする

定義ファイルをクローンする

1
2
3
4
5
6
7
8
9
10
11
$ git clone https://github.com/openfaas/faas-netes
$ cd faas-netes
$ kubectl apply -f namespaces.yml
$ kubectl get namespaces
NAME              STATUS   AGE
default           Active   22h
kube-node-lease   Active   22h
kube-public       Active   22h
kube-system       Active   22h
openfaas          Active   19h
openfaas-fn       Active   19h

secrets を作成する

1
2
3
$ kubectl -n openfaas create secret generic basic-auth \
--from-literal=basic-auth-user=admin \
--from-literal=basic-auth-password=password

作成した secrets は kubectl edit secret –namespace=openfaas で確認できる。

デプロイする

1
$ kubectl apply -f ./yaml/

確認

1
2
3
4
5
6
7
8
$ kubectl -n openfaas get deploy
NAME                READY   UP-TO-DATE   AVAILABLE   AGE
alertmanager        1/1     1            1           8m37s
basic-auth-plugin   1/1     1            1           8m36s
gateway             1/1     1            1           8m36s
nats                1/1     1            1           8m35s
prometheus          1/1     1            1           8m34s
queue-worker        1/1     1            1           8m33s
1
2
3
4
5
6
7
8
$ kubectl -n openfaas get svc
NAME                TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)          AGE
alertmanager        ClusterIP   10.96.222.244    <none>        9093/TCP         19h
basic-auth-plugin   ClusterIP   10.108.246.7     <none>        8080/TCP         19h
gateway             ClusterIP   10.110.84.33     <none>        8080/TCP         19h
gateway-external    NodePort    10.103.228.90    <none>        8080:31112/TCP   19h
nats                ClusterIP   10.110.198.208   <none>        4222/TCP         19h
prometheus          ClusterIP   10.110.92.71     <none>        9090/TCP         19h
1
2
3
$ kubectl get svc -n openfaas gateway-external -o wide
NAME               TYPE       CLUSTER-IP      EXTERNAL-IP   PORT(S)          AGE   SELECTOR
gateway-external   NodePort   10.103.228.90   <none>        8080:31112/TCP   19h   app=gateway

アクセス先の Kubernetes の IP アドレスを確認する。

1
2
$ minikube ip
192.168.49.2

DNAT を設定する

minikube を起動しているホストの IPアドレス のTCP:80へのアクセスを minikube(192.168.49.2) の TCP:31112 に転送する。

1
2
3
sudo iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 192.168.49.2:31112
sudo iptables -t nat -A POSTROUTING -p tcp -d 192.168.49.2 --dport 31112 -j MASQUERADE
sudo iptables -A FORWARD -p tcp -d 192.168.49.2 --dport 31112 -j ACCEPT

管理画面を開く

http://MACHINE-IP/ui/ にアクセスする。

Function (nslookup) をデプロイする

確認

ログを確認すると、以下の順で Function がデプロイされることがわかる。

  1. Function の ReplicaSet が作成される
  2. コンテナイメージが pull される
  3. コンテナが作成される
  4. コンテナが起動する
1
2
3
4
5
6
7
$ kubectl get events -n openfaas-fn --sort-by=.metadata.creationTimestamp | grep nslookup
94s         Normal    Scheduled           pod/nslookup-794c569cc7-ghcwr    Successfully assigned openfaas-fn/nslookup-794c569cc7-ghcwr to minikube
94s         Normal    ScalingReplicaSet   deployment/nslookup              Scaled up replica set nslookup-794c569cc7 to 1
93s         Normal    Pulling             pod/nslookup-794c569cc7-ghcwr    Pulling image "jockdarock/nslookupfaas:master"
13s         Normal    Created             pod/nslookup-794c569cc7-ghcwr    Created container nslookup
13s         Normal    Pulled              pod/nslookup-794c569cc7-ghcwr    Successfully pulled image "jockdarock/nslookupfaas:master" in 1m19.552929914s
12s         Normal    Started             pod/nslookup-794c569cc7-ghcwr    Started container nslookup

実際に、Function がデプロイされていることを確認する。

1
2
3
$ kubectl -n openfaas-fn get deploy
NAME       READY   UP-TO-DATE   AVAILABLE   AGE
nslookup   1/1     1            1           3m24s

CLI

OpenFaas にログインする

1
$ faas-cli login -u ken -p passwordedi --gateway 192.168.49.2:31112

Function をデプロイする

1
2
3
4
5
6
7
8
9
$ faas-cli store deploy nslookup --gateway 192.168.49.2:31112
WARNING! You are not using an encrypted connection to the gateway, consider using HTTPS.

Deployed. 202 Accepted.
URL: http://192.168.49.2:31112/function/nslookup

$ faas-cli list --gateway 192.168.49.2:31112
Function                        Invocations     Replicas
nslookup                        4               1

デプロイされている Function を確認する

Function を確認する。

1
2
3
$ faas-cli list --gateway 192.168.49.2:31112
Function                        Invocations     Replicas
nslookup                        4               1

Function を利用する

1
2
3
4
$ curl -X POST http://192.168.49.2:31112/function/nslookup -d "www.yahoo.co.jp"

Name:      www.yahoo.co.jp
Address 1: 182.22.28.252

デプロイされた Fucntion を削除する

1
2
3
4
5
 faas-cli remove nslookup --gateway 192.168.49.2:31112
Deleting: nslookup.
Removing old function.
$ faas-cli list --gateway 192.168.49.2:31112
Function                        Invocations     Replicas

エラー

マルチ CPU ではない

エラー内容

1
2
3
4
5
$ minikube start --vm-driver=docker
* minikube v1.18.1 on Debian 10.9 (vbox/amd64)
* Using the docker driver based on user configuration

X Exiting due to RSRC_INSUFFICIENT_CORES: Requested cpu count 2 is greater than the available cpus of 1

対応

マルチ CPU 環境で実行する

メモリーが足りない

エラー内容

1
2
3
4
5
$ minikube start --vm-driver=docker
* minikube v1.18.1 on Debian 10.9 (vbox/amd64)
* Using the docker driver based on user configuration

X Exiting due to RSRC_INSUFFICIENT_CONTAINER_MEMORY: docker only has 987MiB available, less than the required 1800MiB for Kubernetes

対応

メモリーを増やす

参考URL