[英]How to expose kubernetes nginx-ingress service on public node IP at port 80 / 443?
I installed ingress-nginx
in a cluster. 我在集群中安装了ingress-nginx
。 I tried exposing the service with the kind: nodePort
option, but this only allows for a port range between 30000-32767
(AFAIK)... I need to expose the service at port 80
for http and 443
for tls, so that I can link A Records
for the domains directly to the service. 我尝试使用kind: nodePort
选项公开服务,但这仅允许端口范围在30000-32767
(AFAIK)之间。我需要在http的端口80
和tls的端口443
公开服务,以便可以将域A Records
直接链接到服务。 Does anyone know how this can be done? 有谁知道该怎么做?
I tried with type: LoadBalancer
before, which worked fine, but this creates a new external Load Balancer at my cloud provider for each cluster. 我之前尝试使用type: LoadBalancer
,它可以正常工作,但这会在我的云提供商处为每个集群创建一个新的外部负载均衡器。 In my current situation I want to spawn multiple mini clusters. 在当前情况下,我想生成多个小型集群。 It would be too expensive to create a new (digitalocean) Load Balalancer for each of those, so I decided to run each cluster with it's own internal ingress-controller and expose that directly on 80/443
. 为每个集群创建一个新的(数字海洋)Load Balalancer太昂贵了,因此我决定使用它自己的内部入口控制器运行每个集群,并将其直接暴露在80/443
。
If you want on IP for 80 port from a service you could use the externalIP field in service config yaml. 如果要通过服务使用80端口的IP,则可以使用service config yaml中的externalIP字段。 You could find how to write the yaml here Kubernetes External IP 您可以在此处找到如何编写Yaml的Kubernetes外部IP
But if your usecase is really like getting the ingress controller up and running it does not need the service to be exposed externally. 但是,如果您的用例确实像启动并运行入口控制器,则不需要在外部公开该服务。
if you are on bare metal so change your ingress-controller service type to NodePort
and add a reverse proxy to flow traffic to your ingress-controller service with selected NodePort
. 如果您使用的是裸机, NodePort
Ingress-controller服务类型更改为NodePort
并添加一个反向代理,以使用选择的NodePort
将流量流向您的Ingress-controller服务。
As @Pramod V answerd if you use externalIP
in ingress-controller service so you loose real remote address in your EndPoints. 正如@Pramod V回答的那样,如果您在入口控制器服务中使用externalIP
,则您会在EndPoints中释放真实的远程地址。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.