Kubernetes:将传入流量路由到特定 Pod
[英]Kubernetes: Route incoming traffic to specific Pod
问题描述
I want to deploy many Pods in Google Kubernetes Engine and then establish a TCP connection to each specific Pod by Subdomain like pod-name-or-label.mydomain.com or path routing like protocol://mydomain.com:7878/pod-name-or-label.
我想在 Google Kubernetes Engine 中部署许多 Pod,然后通过像 pod-name-or-label.mydomain.com 这样的子域或像 protocol://mydomain.com:7878/pod- 这样的路径路由建立到每个特定 Pod 的 TCP 连接名称或标签。
I have looked in different directions like Istio or nginx-ingress, but that seems to me to be too complicated.我看过不同的方向,比如 Istio 或 nginx-ingress,但在我看来这太复杂了。
Is not there a simple solution for that?没有一个简单的解决方案吗?
3 个解决方案
解决方案1
1 2018-11-10 18:29:13
For Istio , You can use VirtualService to control the routing rules to the target subset with defining by DestinationRules .对于Istio ,您可以使用VirtualService通过DestinationRules定义来控制到目标子集的路由规则。
The DestinationRule will route to the target Pods by the specified label pods.该DestinationRule将路由至指定标签荚荚目标。
The request flow will like to:请求流将希望:
+--------------------+
| |
| Istio Gateway |
| |
| |
+---------+----------+
|traffic incoming
|
+---------v----------+
| |
| VirtualService |
| |
| |
+---------+----------+
|route to subset by the routing rules
v
+--------------------+
| |
| DestinationRules |
| |
| |
+---------+----------+
|route traffic to target pods
v
+--------------------+
| |
| |
| Pods |
| |
+--------------------+
so as @ericstaples said you should create different Deployments with different pod labels to achieve separating traffic to the target pods , Example:所以正如@ericstaples 所说,您应该使用不同的pod 标签创建不同的部署,以实现将流量分离到目标 pod ,例如:
- create a deployment with pod label: t1创建一个带有 pod 标签的部署:t1
- create a subset in DestinationRule : select t1 label pod as subset s1在DestinationRule 中创建一个子集:选择 t1 标签 pod 作为子集 s1
- control your traffic in VirtualService that route to
s1subset控制路由到s1子集的VirtualService中的流量 s1route to the target pods到目标 Pod 的s1路由
also for expose Gateway , you can use ClusterIP or NodePort like ** Kubernetes** other service did, see more of Istio Traffic .同样对于公开Gateway ,您可以像 ** Kubernetes** 其他服务一样使用ClusterIP或NodePort ,请参阅Istio Traffic 的更多信息。
There are some references maybe it's helpful:有一些参考资料也许有帮助:
https://istio.io/docs/concepts/traffic-management/ https://istio.io/docs/concepts/traffic-management/
https://istio.io/docs/tasks/traffic-management/request-routing/ https://istio.io/docs/tasks/traffic-management/request-routing/
解决方案2
1 2020-08-19 12:39:36
This question is bit old, but in current Kubernetes versions you can do it easly using Nginx Ingress .这个问题有点老了,但在当前的 Kubernetes 版本中,您可以使用Nginx Ingress轻松完成。
If you want to reach your application from outside the cluster you need to expose it using Services .如果您想从集群外部访问您的应用程序,您需要使用Services公开它。 Easiest way is to use Service with selectors when you put the same selector in Deployment/Pod and Service .最简单的方法是当您将相同的选择器放在Deployment/Pod和Service时,将 Service 与选择器一起使用。 Example below:下面的例子:
apiVersion: apps/v1
kind: Deployment
metadata:
name: test1
spec:
replicas: 1
selector:
matchLabels:
key: test1
template:
metadata:
labels:
key: test1
spec:
containers:
- name: hello1
image: gcr.io/google-samples/hello-app:1.0
imagePullPolicy: IfNotPresent
ports:
- containerPort: 8080
---
apiVersion: v1
kind: Service
metadata:
name: test1
spec:
selector:
key: test1
ports:
- port: 80
targetPort: 8080
Path routing will be configured in Ingress .路径路由将在Ingress 中配置。 As on the example below:如下例所示:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: ingress
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- host: my.pod.svc
http:
paths:
- path: /pod
backend:
serviceName: my-pod
servicePort: 80
- host: nginx.test.svc
http:
paths:
- path: /abc
backend:
serviceName: nginx1
servicePort: 80
For more details you can check this thread .有关更多详细信息,您可以查看此线程。
解决方案3
0 2018-11-12 16:03:57
Now i have that solution with istio installed on the cluster:现在我在集群上安装了 istio 的解决方案:
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: echo-gateway
spec:
selector:
istio: ingressgateway # use istio default controller
servers:
- port:
number: 80
name: http
protocol: HTTP
hosts:
- "dev.sample.com"
With that gateway i can apply that Deployment, Service, VirtualService使用该网关,我可以应用该部署、服务、虚拟服务
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-echo-1000-deployment
labels:
echoservice: echo-1000
spec:
replicas: 1
selector:
matchLabels:
echoservice: echo-1000
template:
metadata:
labels:
echoservice: echo-1000
spec:
containers:
- image: gcr.io/google-containers/echoserver:1.10
imagePullPolicy: IfNotPresent
name: my-echo-run-container
ports:
- containerPort: 8080
protocol: TCP
---
apiVersion: v1
kind: Service
metadata:
name: my-echo-1000-service
labels:
echoservice: echo-1000
spec:
ports:
- port: 8080
name: http
selector:
echoservice: echo-1000
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: my-echo-1000-vservice
spec:
hosts:
- "dev.sample.com"
gateways:
- echo-gateway
http:
- match:
- uri:
exact: /echo-1000
route:
- destination:
host: my-echo-1000-service
port:
number: 8080
Get the LoadbalancerIP from istio-ingressgateway and make an entry in /etc/hosts for dev.sample.com从 istio-ingressgateway 获取 LoadbalancerIP 并在 /etc/hosts 中为 dev.sample.com 创建一个条目
Now i can get the echoserver in specific Pod with http://dev.sample.com/echo-1000现在我可以使用http://dev.sample.com/echo-1000在特定 Pod 中获取 echoserver
Is that a good solution or is there a better one?这是一个很好的解决方案还是有更好的解决方案?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.