我正在编写一个位于 k8s api 服务器前面的基于 Golang 的 L7 代理。像这样的东西,
kubectl <----> 网关/代理 <----> AWS EKS API 服务器
, , ,等常用kubectl
命令可以正常工作。但是,对于,卡住/挂起。get pods
exec
run
apply
create
kubectl delete pod <name>
kubectl
通常,这些是kubectl
添加watch=true
标志的情况。在这种情况下,k8s 服务器不发送END_STREAM
,所以我的代理卡在“读帧 WINDOW_UPDATE”中
有人见过这个吗?我正在查看client-go
或kubernetes
repo 以查看设置时如何kubectl
处理响应watch=true
。将不胜感激任何指针。
下面是我的调试日志——
2019/10/11 00:50:19 http2: decoded hpack field header field ":authority" = "myproxy.dev.net:8443"
2019/10/11 00:50:19 http2: decoded hpack field header field ":method" = "GET"
2019/10/11 00:50:19 http2: decoded hpack field header field ":path" = "/api/v1/namespaces/guestbook/pods?fieldSelector=metadata.name%3Dshell-test&resourceVersion=1313006&watch=true"
2019/10/11 00:50:19 http2: decoded hpack field header field ":scheme" = "https"
2019/10/11 00:50:19 http2: decoded hpack field header field "accept" = "application/json"
2019/10/11 00:50:19 http2: decoded hpack field header field "user-agent" = "kubectl/v1.15.2 (darwin/amd64) kubernetes/f627830"
2019/10/11 00:50:19 http2: decoded hpack field header field "authorization" = "Bearer LS<REDACTED>
2019/10/11 00:50:19 http2: decoded hpack field header field "accept-encoding" = "gzip"
2019/10/11 00:50:19 http2: server read frame HEADERS flags=END_STREAM|END_HEADERS stream=5 len=86
2019/10/11 00:50:51 http2: server encoding header ":status" = "200"
2019/10/11 00:50:51 http2: server encoding header "audit-id" = "aaa-9682-d7b95a6daa0e"
2019/10/11 00:50:51 http2: server encoding header "content-type" = "application/json"
2019/10/11 00:50:51 http2: server encoding header "date" = "Fri, 11 Oct 2019 00:50:19 GMT"
2019/10/11 00:50:51 http2: Framer 0xc0004beee0: wrote HEADERS flags=END_HEADERS stream=5 len=32
2019/10/11 00:50:51 http2: Framer 0xc0004beee0: wrote DATA stream=5 len=4096 data="{\"type\":\"MODIFIED\",\"object\":{\"kind\":\"Pod\",\"apiVersion\":\"v1\",\"metadata\":{\"name\":\"shell-test\",\"namespace\":\"guestbook\",\"selfLink\":\"/api/v1/namespaces/guestbook/pods/shell-test\",\"uid\":\"d2baa702-ebc0-11e9-06652f016772\",\"resourceVersion\":\"1313054\",\"creation" (3840 bytes omitted)
2019/10/11 00:50:51 http2: Framer 0xc0004beee0: wrote DATA stream=5 len=4096 data="0}],\"priority\":0,\"enableServiceLinks\":true},\"status\":{\"phase\":\"Running\",\"conditions\":[{\"type\":\"Initialized\",\"status\":\"True\",\"lastProbeTime\":null,\"lastTransitionTime\":\"2019-10-11T00:48:21Z\"},{\"type\":\"Ready\",\"status\":\"False\",\"lastProbeTime\":null,\"lastTransit" (3840 bytes omitted)
2019/10/11 00:50:51 http2: Framer 0xc0004beee0: read WINDOW_UPDATE stream=5 len=4 incr=6291
2019/10/11 00:50:51 http2: server read frame WINDOW_UPDATE stream=5 len=4 incr=6291
代理代码使用 Golang 编写NewSingleHostReverseProxy
,它终止 TLS,修补与 k8s api 服务器的新连接。