Verifying Knative Serving for Cloud Native Runtimes
This topic tells you how to verify that Knative Serving was successfully installed for Cloud Native Runtimes, commonly known as CNR.
About Verifying Knative Serving
To verify that Knative Serving was successfully installed, create an example Knative service and test it.
The procedure below shows you how to create an example Knative service using the Cloud Native Runtimes sample app, hello-yeti. This sample is custom built for Cloud Native Runtimes and is stored in the VMware Harbor registry.
Note: If you do not have access to the Harbor registry, you can use the Hello World - Go sample app in the Knative documentation.
Prerequisites
Before you verify Knative Serving, you must have a namespace where you want to deploy Knative services. This namespace will be referred as ${WORKLOAD_NAMESPACE} in this tutorial. See step 1 of Verifying Your Installation for more information.
Test Knative Serving
To create an example Knative service and use it to test Knative Serving:
-
If you are verifying on Tanzu Mission Control or vSphere 7.0 with Tanzu, then create a role binding in the
${WORKLOAD_NAMESPACE}namespace. Run:kubectl apply -n "${WORKLOAD_NAMESPACE}" -f - << EOF --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: ${WORKLOAD_NAMESPACE}-psp roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cnr-restricted subjects: - kind: Group name: system:serviceaccounts:${WORKLOAD_NAMESPACE} EOF -
Deploy the sample app using the
knCLI. Run:kn service create hello-yeti -n ${WORKLOAD_NAMESPACE} \ --image projects.registry.vmware.com/tanzu_serverless/hello-yeti@sha256:17d640edc48776cfc604a14fbabf1b4f88443acc580052eef3a753751ee31652 --env TARGET='hello-yeti'If you are verifying on Tanzu Mission Control or vSphere 7.0 with Tanzu, then add
--user 1001to the command above to run it as a non-root user. -
Run one of the following commands to retrieve the external address for your ingress, depending on your IaaS:
IaaS: - Tanzu Kubernetes Grid on AWS
- Tanzu Mission Control on AWS
- Amazon Elastic Kubernetes Service
Run: export EXTERNAL_ADDRESS=$(kubectl get service envoy -n tanzu-system-ingress -ojsonpath="{.status.loadBalancer.ingress[0].hostname}")IaaS: - vSphere 7.0 on Tanzu
- Tanzu Kubernetes Grid on vSphere/Azure/GCP
- Tanzu Kubernetes Grid Integrated Edition
- Tanzu Mission Control on vSphere
- Azure Kubernetes Service
- Google Kubernetes Engine
Run: export EXTERNAL_ADDRESS=$(kubectl get service envoy -n tanzu-system-ingress -ojsonpath="{.status.loadBalancer.ingress[0].ip}")IaaS: - Docker desktop
- Minikube
Run: export EXTERNAL_ADDRESS='localhost:8080'
And set up port-forwarding in a separate terminal:
kubectl -n tanzu-system-ingress port-forward svc/envoy 8080:80 -
Connect to the app. Check the URL for the knative service.
Run:
kn service list -n ${WORKLOAD_NAMESPACE}The result is something like this:
NAME URL LATEST AGE CONDITIONS READY REASON hello-yeti https://hello-yeti.${WORKLOAD_NAMESPACE}.svc.cluster.local hello-yeti-00001 6s 3 OK / 3 TrueNow, take the host name from the URL and set it in an env variable
KSERVICE_HOSTNAMElike so:export KSERVICE_HOSTNAME="hello-yeti.${WORKLOAD_NAMESPACE}.svc.cluster.local"Then, connect to the app:
curl https://${KSERVICE_HOSTNAME} -k --resolve ${KSERVICE_HOSTNAME}:443:${EXTERNAL_ADDRESS}Note: If you have configured DNS locally via
/etc/hostsor externally, the--resolveflag can be omitted, or you can use a web browser.On success, you see a reply from our mascot, Carl the Yeti.
Delete the Example Knative Service
After verifying your serving installation, delete the example Knative service and unset the environment variable:
-
Run:
kn service delete hello-yeti -n ${WORKLOAD_NAMESPACE} unset EXTERNAL_ADDRESS unset KSERVICE_HOSTNAME -
If you created port forwarding in step 3 above, then terminate that process.
