AWS中的Kubernetes入口
[英]Kubernetes ingress in AWS
问题描述
Please, help me to deal with accessibility of my simple application. 
请帮助我处理我的简单应用程序的可访问性。 I created YML with an application: 我用一个应用程序创建了YML:
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: myapp-test
spec:
replicas: 2
selector:
matchLabels:
app: myapp
template:
metadata:
labels:
app: myapp
spec:
containers:
- name: myapp
image: gcr.io/kubernetes-e2e-test-images/echoserver:2.1
ports:
- containerPort: 8080
---
apiVersion: extensions/v1beta1
kind: Service
apiVersion: v1
metadata:
name: myapp-service
spec:
selector:
app: myapp
ports:
- name: http
protocol: TCP
port: 80
targetPort: 8080
type: NodePort
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: nginx-ingress
spec:
rules:
- host: myapp.com
http:
paths:
- path: /
backend:
serviceName: myapp-service
servicePort: 80
- path: /hello
backend:
serviceName: myapp-service
servicePort: 80
Then I created k8s cluster via kops, like this, all services k8s have risen, I can enter the master: 然后我通过kops创建了k8s集群,像这样,所有k8s服务都已经建立,我可以进入主服务器了:
kops create cluster \
--node-count = 2 \
--node-size = t2.micro \
--master-size = t2.micro \
--master-count = 1 \
--zones = us-east-1a \
--name = ${KOPS_CLUSTER_NAME}
In the end, I can't get to the application on port 80, it write's that the connection is refused! 最后,我无法在端口80上访问该应用程序,它写道,连接被拒绝! Can someone tell me, what is the problem? 有人可以告诉我,这是什么问题? This yml above fully works, but in the minikube environment( 上面的yml完全可以使用,但是在minikube环境中(
1 个解决方案
解决方案1
1 已采纳 2018-12-19 11:11:04
Indeed you have created an Ingress resource, but I presume you have not deployed prior the NGINX Ingress Controller for your on-premise cluster on AWS. 确实,您已经创建了一个Ingress资源,但我想您尚未在NGINX Ingress Controller之前为AWS上的本地集群部署。 It's explained here on how to do this in general. 这里说明了一般的操作方法。
In case of Kubernetes cluster bootsrapped with Kops , things are more complex, and it requires you to modify an existing cluster, to use a dedicated kops add-on: kube-ingress-aws-controller , as explained on their github project page here 在与芭斯 bootsrapped Kubernetes集群的情况下 ,事情比较复杂,它需要你修改现有集群,使用专用的KOPS附加: kube-ingress-aws-controller ,作为他们的GitHub项目页面上解释这里
In current form your app can be reached only via Node/AWS Instance external IP on port assigned from default range (30000-32767). 以当前形式,只能通过从默认范围(30000-32767)分配的端口上的节点/ AWS实例外部IP来访问您的应用程序。 You can check currently assign port via kubectl get svc myapp-service ), but this requires opening it first on firewall (default Inbound rules deny All traffic apart SSH). 您可以通过kubectl get svc myapp-service检查当前分配的端口,但这需要首先在防火墙上打开它(默认入站规则拒绝所有流量(SSH除外))。 Based on you deploy/service manifest files: 根据您的部署/服务清单文件:
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
myapp-service NodePort 100.64.187.80 <none> 80:32076/TCP 37m
with port 32076 open in inbound rules of Security Group assigned to my instance I can now reach app on NodePort: 通过在分配给我的实例的安全组的入站规则中打开端口32076,我现在可以访问NodePort上的应用程序:
curl <node_external_ip>:32076
Hostname: myapp-test-f87bcbd44-8nxpn
Pod Information:
-no pod information available-
Server values:
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.