安裝 Knative serving 機群元件

將 Knative Serving 安裝為 GKE Enterprise 機群元件。

事前準備

• 請先詳閱並確認符合升級規定。

• 本頁面的指令會使用升級準備步驟中的環境變數和遷移指令碼。

• 請務必按照指定順序執行這個程序的每個步驟。

總覽

將 Knative Serving 安裝為機群元件的步驟包括：

1. 在 Google Cloud 專案中啟用機群。
2. 將「閘道」gke-system-gateway複製到「閘道」knative-ingress-gateway。
3. 在叢集中安裝 Knative Serving 自訂資源。

請注意，在此程序期間，現有的 Knative 服務服務會繼續提供流量，不會中斷。

安裝 Knative serving 機群元件

在本節中，您會使用遷移指令碼安裝 Knative Serving 做為車隊元件。

1. 執行下列指令來啟動遷移指令碼：

   ./migration-addon.sh --command install-cloud-run-v2
   

   請注意，如果這個步驟有任何問題或想變更任何內容，可以重新執行這個遷移指令碼指令。

2. 在終端機中，遷移指令碼會提示您確認是否要執行各項動作。在每個提示中輸入 y，即可繼續操作。

   安裝 Knative 服務機群組件時，系統會顯示類似下列的提示：

   In the process of installing the Knative serving fleet component, the
   script performs the following:
   1. Enabling the fleet in your Google Cloud project.
   2. Copy gke-system-gateway Gateway to knative-ingress-gateway Gateway
   3. Installing the Knative serving custom resource in your cluster.
   Continue? [Y/n] y
   
   1. Enabling Anthos services?
   Continue? [Y/n] y
   
   Operation "operations/acf.p2-625914735451-10d4b6ff-68e1-4a09-97c4-79b209be5031" finished successfully.
   
   2. Copying gke-system-gateway Gateway to knative-ingress-gateway Gateway
   
   configmap/original-knative-ingress-gateway-spec unchanged
   gateway.networking.istio.io/knative-ingress-gateway patched (no
   change)
   configmap/config-istio patched
   configmap/config-istio patched
   gateway.networking.istio.io "gke-system-gateway" deleted
   
   3. Install the Knative serving custom resource in your cluster?
   Continue? [Y/n] y
   
   Waiting for Knative serving feature to be enabled
   Knative serving feature is enabled.
   The YAML file for the new operator appdevexperience-operator was created at
   /tmp/tmp.bI7H1qagGa/cloudrun.yaml
   customresourcedefinition.apiextensions.k8s.io/cloudruns.operator.run.cloud.google.com
   condition met
   kubeconfig entry generated for my-gke-cluster.
   Added the custom resource for Knative serving
   
   Waiting for Knative serving serving to be ready...
   Knative serving serving is not ready yet.
   Knative serving serving is ready.
   
   Removing the ValidatingWebhookConfiguration used to prevent deletion
   validatingwebhookconfiguration.admissionregistration.k8s.io
   "prevent-deletion-cloud-run-resources" deleted
   
   Knative serving has been installed as an Anthos fleet component
   

   私人叢集的已知問題

   如果 Knative Serving 安裝在私有叢集 Google Cloud，您可能會收到下列項目的逾時錯誤：

   Waiting for CRD cloudruns.operator.run.cloud.google.com to be created
   

   如要解決逾時錯誤，請執行下列指令：

   cat <<EOF | kubectl apply -f -
   apiVersion: operator.run.cloud.google.com/v1alpha1
   kind: CloudRun
   metadata:
     name: cloud-run
   EOF
   

3. 確認 Knative serving 功能元件已啟用：

   控制台

   在Google Cloud 控制台中查看 Knative serving 元件是否已啟用：

   前往功能管理工具

   指令列

   查看 appdevexperience 狀態是否為 ACTIVE：

   gcloud alpha container hub features list  --project=PROJECT_ID
   

   將 PROJECT_ID 替換為專案 ID。 Google Cloud

   如需詳細資料和其他選項，請參閱 gcloud alpha container hub features list 參考資料。

後續步驟

Cloud Service Mesh 和 Knative serving 安裝完成後，即可開始將流量遷移及推出至新資源。

復原

如要還原透過上述步驟所做的變更，可以使用遷移指令碼執行下列操作：

• 從運算子 appdevexperience-operator 移除 Knative 服務資源的控制權。
• 刪除 Knative serving 自訂資源，並解除安裝運算子 appdevexperience-operator。
• 選用：在Google Cloud 專案的車隊中停用 Knative serving。

如要開始回溯程序，請按照下列步驟操作：

1. 執行下列指令來啟動遷移指令碼：

   ./migration-addon.sh --command rollback-install-cloud-run-v2
   

2. 在終端機中，遷移指令碼會提示您確認是否要執行各項動作。在每個提示中輸入 y，然後繼續操作。

   解除安裝車隊元件時，系統會顯示類似下列內容的提示：

   In the step of rolling back the Knative serving fleet installation, the
   script performs the following:
   1. Remove control of Knative serving resources from the operator
      `appdevexperience-operator`.
   2. Delete the Knative serving custom resource and uninstall the operator
      `appdevexperience-operator`.
   3. Revert the changes installed by the Knative serving fleet component.
   4. Optional: Disable Knative serving in the GKE Enterprise fleet of your
      Google Cloud project.
   Continue? [Y/n] y
   
   1. Removing control of Knative serving resources from the operator
      `appdevexperience-operator`.
   
   Creating a ValidatingWebhookConfiguration to prevent the deletion of the
   resources under the following namespaces:
   knative-serving, cloud-run-system, and gke-system
   
   waiting for OwnerReferences of Knative serving resources to be deleted
   
   OwnerReferences of Knative serving resources are deleted
   
   Waiting for Knative serving serving to be ready...
   Knative serving serving is ready.
   
   2. Delete the Knative serving custom resource and uninstall the operator
      `appdevexperience-operator`?
   Continue? [Y/n] y
   
   cloudrun.operator.run.cloud.google.com "cloud-run" deleted
   clusteractiveoperand.operand.run.cloud.google.com/sha256-3c1c80a329 patched
   
   waiting for appdevexperience namespace to be deleted
   
   3. Revert the changes installed by the fleet component?
   configmap/config-observability patched
   
   4. Optional: Disable Knative serving in the Anthos fleet of your
      Google Cloud project?
      You can choose to skip this step and keep the feature enable within your
      Anthos fleet. For example, you might want to keep the
      Knative serving fleet component enabled because it was enabled prior to
      this migration.
   Continue (or Skip)? [Y/n] n