$telepresence intercept lsh-mcp-idp-cd --port 9090:9090--http-match=all --env-file ~/lsh-mcp-idp-cd-intercept.env Flag--http-match has been deprecated,use--http-header
UsingDeployment lsh-mcp-idp-cd
interceptedIntercept name : lsh-mcp-idp-cdState:ACTIVEWorkload kind :DeploymentDestination:127.0.0.1:9090ServicePortIdentifier:9090VolumeMountError: sshfs is not installed on your local machineIntercepting: matching all HTTP requestsPreviewURL: https://sad-thompson-7927.preview.edgestack.meLayer5Hostname: lsh-mcp-idp-cd.default.svc.cluster.local
执行完成后,会发现工作负载被注入了一个 sidecar:
$kubectl get po -lk8s-app=lsh-mcp-idp-cd-test -oyaml | grep -A5 containerID- containerID: docker://6aea792f32af00b2e71f643ea41630de9bb6b0ebbe91251877fd79f67630efa1image: registry.cn-beijing.aliyuncs.com/launcher-agent-only-dev/idp:v1imageID: docker-pullable://registry.cn-beijing.aliyuncs.com/launcher-agent-only-dev/idp@sha256:c3be2545c30eb75fb652d383e9ec5545df9142e40d3b6f7f78633316b0db8103lastState:{}name: idp-cdready:true--- containerID: docker://5acc04048950fdd38be3a8012c4cc0edbfd83079883717e34992f6f31036176fimage: datawire/ambassador-telepresence-agent:1.11.10imageID: docker-pullable://datawire/ambassador-telepresence-agent@sha256:9008fc1a6a91dd27baf3da9ebd0aee024f0d6d6a3f9c24611476474f6583e7f8lastState:{}name: traffic-agentready:true
增加了一个名为 traffic-agent 的容器,正是该容器,负责拦截发送到该 pod 的流量,并负责转发。在 k8s 集群内执行以下命令,请求 lsh-mcp-idp-cd 服务:
$curl20.102.1.158:9090/version
再看本地代码,发现已经收到了请求:
以上就是全局拦截的实践部分,个人拦截 gan 兴趣的同学自己实践吧,另外关于个人拦截,似乎每个账号存在使用次数限制,超过次数后创建个人拦截器时会报错:
telepresence: error:Failed to establish intercept: intercept in error state AGENT_ERROR:You’ve reached your limit of personal intercepts available for your subscription.See usage and available plans at https://app.getambassador.io/cloud/subscriptionsSee logs fordetails(1 error found):"/Users/xxx/Library/Logs/telepresence/daemon.log"See logs fordetails(13609 errors found):"/Users/xxx/Library/Logs/telepresence/connector.log"If you think you have encountered a bug, please run `telepresence gather-logs` and attach the telepresence_logs.zip to your github issue or create a new one: https://github.com/telepresenceio/telepresence/issues/new?template=Bug_report.md .
六、卸载
删除拦截器:执行后,会删除注入工作负载的 sidecar:
$telepresence leave lsh-mcp-idp-cd
删除 telepresence agents and manager,执行后清除所有 sidecar,以及 traffic-manager 控制器,并关闭本地 telepresence 的后台进程: