[英]Kubernetes-Ingress: How do I properly route to two services with HTTPS?
I'm trying to deploy a ReactJs app and an Express-GraphQL server through Kubernetes. 我正在尝试通过Kubernetes部署ReactJs应用程序和Express-GraphQL服务器。 But I'm having trouble setting up an ingress to route traffic to both services.
但是我在设置入口以将流量路由到两个服务时遇到麻烦。 Specifically I can no longer reach my back-end.
具体来说,我无法再到达后端。
When I made the React front-end and Express back-end as separate services and exposed them, it ran fine. 当我将React前端和Express后端作为单独的服务并公开它们时,它运行良好。 But now I'm trying to enable HTTPS and DNS.
但是现在我正在尝试启用HTTPS和DNS。 And route to both of them through Ingress.
并通过Ingress路由到他们两个人。
Here are my service yaml files 这是我的服务Yaml文件
apiVersion: v1
kind: Service
metadata:
name: bpmclient
namespace: default
spec:
ports:
- port: 80
protocol: TCP
targetPort: 5000
selector:
run: bpmclient
type: NodePort
apiVersion: v1
kind: Service
metadata:
name: bpmserver
namespace: default
spec:
ports:
- port: 3090
protocol: TCP
targetPort: 3090
selector:
run: bpmserver
type: NodePort
and my Ingress... 和我的Ingress ...
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: bpm-nginx
annotations:
kubernetes.io/ingress.global-static-ip-name: bpm-ip
networking.gke.io/managed-certificates: bpmclient-cert
ingress.kubernetes.io/enable-cors: "true"
ingress.kubernetes.io/cors-allow-origin: "https://example.com"
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- host: example.com
http:
paths:
- path: /v2/*
backend:
serviceName: bpmserver
servicePort: 3090
- path: /*
backend:
serviceName: bpmclient
servicePort: 80
Through this setup I've been able to visit the client successfully using https. 通过此设置,我已经能够使用https成功访问客户端。 But I can't reach my back-end anymore through the client or just browsing to it.
但是我再也无法通过客户端或浏览到后端了。 I'm getting a 502 server error.
我收到502服务器错误。 But I check the logs for the back-end pod and don't see anything besides 404 logs.
但是我检查了后端Pod的日志,除了404日志之外什么都没有看到。
My front-end is reaching the back-end through example.com/v2/graphql. 我的前端通过example.com/v2/graphql到达后端。 When I run it locally on my machine I go to localhost:3090/graphql.
当我在计算机上本地运行它时,我转到localhost:3090 / graphql。 So I don't see why I'm getting a 404 if the routing is done correctly.
因此,如果路由正确完成,我看不到为什么得到404。
I see few things that might be wrong here: 我在这里看到了几处可能出错的地方:
Ingress objects should be created in the same namespace as the services it routes. 入口对象应在与其路由的服务相同的名称空间中创建。 I see that you have specified
namespace: default
in your services' yamls but not in Ingress. 我看到您已经指定了
namespace: default
服务的Yamls中的namespace: default
,而Ingress中没有。
I don't know which version of Ingress you are using but accorind to the documentation after 0.22.0 我不知道您正在使用哪个版本的Ingress,但根据0.22.0之后的文档
ingress definitions using the annotation nginx.ingress.kubernetes.io/rewrite-target are not backwards compatible with previous versions.
使用注解nginx.ingress.kubernetes.io/rewrite-target的入口定义与先前版本不向后兼容。 In Version 0.22.0 and beyond, any substrings within the request URI that need to be passed to the rewritten path must explicitly be defined in a capture group.
在版本0.22.0及更高版本中,必须在捕获组中显式定义请求URI中需要传递到重写路径的任何子字符串。
path:
should be nested after backend:
and capture group should be added to the nginx.ingress.kubernetes.io/rewrite-target: /
in numered placeholder like $1
path:
应该在backend:
之后嵌套backend:
捕获组应该添加到nginx.ingress.kubernetes.io/rewrite-target: /
中,放在$1
等数字占位符中 So you should try something like this: 所以你应该尝试这样的事情:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: bpm-nginx
namespace: default
annotations:
kubernetes.io/ingress.global-static-ip-name: bpm-ip
networking.gke.io/managed-certificates: bpmclient-cert
ingress.kubernetes.io/enable-cors: "true"
ingress.kubernetes.io/cors-allow-origin: "https://example.com"
nginx.ingress.kubernetes.io/rewrite-target: /$1
spec:
rules:
- host: example.com
http:
paths:
- backend:
serviceName: bpmserver
servicePort: 3090
path: /v2/?(.*)
- backend:
serviceName: bpmclient
servicePort: 80
path: /?(.*)
Please let me know if that helped. 请让我知道是否有帮助。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.