Overview

This demo shows how setup the domain name for Knative service and call the service with the domain name.

Important

Use virtualbox as vm-driver for minikube These instructions are tested with minikube 0.33.1 and knative v0.3.0 on macOS Knative is deployed and running successfully on minikube Ensure the istio-ingressgateway service type is set to LoadBalancer: kubectl -n istio-system get svc istio-ingressgateway--output jsonpath="{.spec.type}"

Demo Sources

Clone the GitHub repository of this demo locally. We will call this folder as $PROJECT_HOME.

git clone https://github.com/kameshsampath/knative-domain-demo

Setup LoadBalancer with minikube

We will be using minikube tunnel to allow the kubernetes services of type LoadBalancer to be set with ClusterIP as their LoadBalancerIP; it will also allow the services to be accessed from the minikube host using the LoadBalancerIP.

Important

Run minikube tunnel command on a separate terminal, allow it to keep running for the tunneling to work.

minikube tunnel

Verify the if istio-ingressgateway service has LoadBalancer ip assigned.

kubectl get svc istio-ingressgateway -n istio-system

NAME                   TYPE           CLUSTER-IP     EXTERNAL-IP    PORT(S)                                                                                                                   AGE
istio-ingressgateway   LoadBalancer   10.109.11.29   10.109.11.29   80:31380/TCP,443:31390/TCP,31400:31400/TCP,15011:31161/TCP,8060:30090/TCP,853:31865/TCP,15030:32119/TCP,15031:31321/TCP   165m

DNS Server

The demo will be using CoreDNS as the DNS server to resolve the knative services using their domain names.

Download CoreDNS

Download CoreDNS to work folder.

cd $PROJECT_HOME/work

curl -L https://github.com/coredns/coredns/releases/download/v1.3.1/coredns_1.3.1_darwin_amd64.tgz | tar zx

chmod +x ./coredns

#CoreDNS-1.3.1
#darwin/amd64, go1.11.4, 6b56a9c
./coredns --version

DNS configuration

By default Knative service domain suffix is example.com, you view the same using the command:

kubectl -n knative-serving get cm config-domain -oyaml

The command should return an output like:

apiVersion: v1
data:
  example.com: "" #(1)
kind: ConfigMap
metadata:
  name: config-domain
  namespace: knative-serving

1. Default service domain suffix is example.com

You can edit or alter the domain suffixes by updating the config map; but for this demonstration we will use the default domain example.com.

The DNS configuration for CoreDNS is defined in the file Corefile

# An knative example
example.com:53 {
    log
    errors
    file db.example.com #(1)
}

1. The zone file to put the example.com entries

Add istio-ingressgateway address to the file

Running the following command to update the ingress gateway ip

# get the load balancer IP
LB_IP_ADDRESS=`kubectl --namespace istio-system get svc istio-ingressgateway --output jsonpath="{.status.loadBalancer.ingress[*]['ip']}"`
# update the zone file placeholder ingress-gateway with  LB_IP_ADDRESS
sed -i "s/ingress-gateway/$LB_IP_ADDRESS/g" db.example.com

Add the example.com to /etc/resolver

For macOS to be able to resolve the example.com using our CoreDNS server; we need to add the DNS server 127.0.0.1 to a resolver file called /etc/resolver/example.com:

mkdir -p /etc/resolver/
echo 'nameserver 127.0.0.1' | sudo tee /etc/resolver/example.com
# verify the entry for example.com is listed
scutil --dns
# clear dns cache
sudo killall -HUP mDNSResponder; sleep 2;

Important

Clean the macOS DNS resolver cache using the command sudo killall -HUP mDNSResponder;say DNS cache has been flushed An useful link for DNS cache clear command for various versions of macOS.

Start DNS server

The DNS server could be started using the command on a new terminal window:

./coredns

Assuming no errors while staring, let us verify if we are able to resolve *.example.com address.

# should return $LB_IP_ADDRESS
dig  greeter.demos.example.com +short

Note	If you dont find dig, you can install it with brew install bind Sometimes macOS does not pick up the resolver immediatelty, if above command does not return the $LB_IP_ADDRESS; edit/touch the resolver file /etc/resolver/example.com and then run the scutil --dns

Deploy service

With DNS server and its related configuration in place, let us deploy a simple Hello World service and verify the setup:

cd $PROJECT_HOME/service
kubectl create namespace demos
kubectl label namespace demos istio-injection=enabled
eval $(minikube docker-env)
docker build -t dev.local/rhdevelopers/node-greeter:0.0.1 .
kubectl apply -f service.yaml -n demos

Know the service URL

Run the following command to know the service URL

# should return greeter.demos.example.com
kubectl -n demos get services.serving.knative.dev

The above command should return a response like :

NAME      DOMAIN                      LATESTCREATED   LATESTREADY     READY   REASON
greeter   greeter.demos.example.com   greeter-00001   greeter-00001   True

Lets invoke the service using the service url greeter.demos.example.com:

curl greeter.demos.example.com

If all went well you should get a response like "Congratulations! Your Knative service domain setup works well!"

References

• Using Custom Domain