简体   繁体   English

Websocket 在 Kube.netes 集群中与 nginx-ingress 的连接

[英]Websocket connection in Kubernetes cluster with nginx-ingress

I'm trying to get a simple websocket connection working on my server running in a Kube.netes cluster.我正在尝试让一个简单的 websocket 连接在我在 Kube.netes 集群中运行的服务器上运行。

Websocket connections are able to establish on my local test machine but I can't connect my client side to the server after I deploy to GKE with nginx-ingress. Websocket 连接能够在我的本地测试机器上建立,但是在使用 nginx-ingress 部署到 GKE 后,我无法将客户端连接到服务器。

ingress yaml file:入口 yaml 文件:

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: ingress-service
  annotations:
    kubernetes.io/ingress.class: nginx
    nginx.org/websocket-services : "socket-cluster-ip-service"
    nginx.ingress.kubernetes.io/rewrite-target: /
    nginx.ingress.kubernetes.io/websocket-services : "socket-cluster-ip-service"
    nginx.ingress.kubernetes.io/proxy-send-timeout: "1800"
    nginx.ingress.kubernetes.io/proxy-read-timeout: "1800"
spec:
  rules:
    - host: my-socket.com
      http:
        paths:
          - path: /
            backend:
              serviceName: socket-cluster-ip-service
              servicePort: 3000
    - host: www.my-socket.com
      http:
        paths:
          - path: /
            backend:
              serviceName: socket-cluster-ip-service
              servicePort: 3000

service yaml file:服务 yaml 文件:

apiVersion: v1
kind: Service
metadata:
  name: socket-cluster-ip-service
spec:
  type: ClusterIP
  selector:
    component: socket
  ports:
  - port: 3000
    targetPort: 3000

deployment yaml file:部署 yaml 文件:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: socket-deployment
spec:
  replicas: 1
  selector:
    matchLabels:
      component: socket
  template:
    metadata:
      labels:
        component: socket
    spec:
      containers:
      - name: socket
        image: gcr.io/my-socket/socket
        ports:
        - containerPort: 3000

express server code:快递服务器代码:

...

var server = http.createServer(app);
const WebSocket = require('ws');

const wss = new WebSocket.Server({ server: server });

wss.on('connection', function connection(ws) {
  console.log("new connection", ws)
  ws.on('message', function incoming(message) {
    console.log('received: %s', message);
  });

  ws.send('something');
});

...

client side code:客户端代码:

var ws = new WebSocket('ws://www.my-socket.com/');

ws.onopen = () => {
  // connection opened
  ws.send('something'); // send a message
};

ws.onmessage = (e) => {
  // a message was received
  console.log(e.data);
};

ws.onerror = (e) => {
  // an error occurred
  console.log(e.message);
};

ws.onclose = (e) => {
  // connection closed
  console.log(e.code, e.reason);
};

I keep getting the error message "Invalid Sec-WebSocket-Accept response" from the client side.我不断从客户端收到错误消息“无效的 Sec-WebSocket-Accept 响应”。 But I think it's just the fact that the client could not establish websocket connection with the server.但我认为这只是客户端无法与服务器建立 websocket 连接的事实。

The server side library I used is ws我使用的服务器端库是ws

I've added the following annotations to my ingress yaml file as suggested by other post and official ingress-nginx documentation but it's still not working:按照其他帖子官方 ingress-nginx 文档的建议,我已将以下注释添加到我的 ingress yaml 文件中,但它仍然无法正常工作:

nginx.org/websocket-services : "socket-cluster-ip-service"
nginx.ingress.kubernetes.io/websocket-services : "socket-cluster-ip-service"
nginx.ingress.kubernetes.io/proxy-send-timeout: "1800"
nginx.ingress.kubernetes.io/proxy-read-timeout: "1800"

For me it works like a charm!对我来说,它就像一个魅力!
I'm using kong-docker-kubernetes-ingress-controller.bintray.io/kong-ingress-controller:0.9.0 on my private kubernetes cluster.我在我的私有 kubernetes 集群上使用kong-docker-kubernetes-ingress-controller.bintray.io/kong-ingress-controller:0.9.0
Thus, your issue might be related to GCE.因此,您的问题可能与 GCE 有关。

Please also check your TLS configuration.另请检查您的 TLS 配置。
In your post you were mentioning ws://... rather than wss:// , which indicates you don't even use TLS.在您的帖子中,您提到了ws://...而不是wss:// ,这表明您甚至不使用 TLS。 This might be rejected by your browser (eg Chrome).这可能会被您的浏览器(例如 Chrome)拒绝。

im not on GKE however this might help the above issue: https://medium.com/k8scaleio/running-websocket-app-on-kube.netes-2e13eabb4c4f我不在 GKE 上,但这可能有助于解决上述问题: https://medium.com/k8scaleio/running-websocket-app-on-kube.netes-2e13eabb4c4f

it's to do with persistent state. I'm having the same issue works perfectly, when i run the docker image locally(docker run...) but the image deployed inside the cluster (k3d with loadbalacncer exposing its port )...web-socket will not connect.它与持久性 state 有关。当我在本地运行 docker 图像(docker run ...)但图像部署在集群内时(k3d 与 loadbalanccer 公开其端口),我遇到了同样的问题,效果很好...web - 套接字将无法连接。 other services exposed (rest->mysql etc all work fine only the nodejs app with web-socket fails)暴露的其他服务(rest->mysql 等都可以正常工作,只有带有 web-socket 的 nodejs 应用程序失败)

solution is to add annotations to your ingress controller rules:解决方案是为您的入口 controller 规则添加注释:

annotations section in the yaml file: yaml 文件中的注释部分:

certmanager.k8s.io/cluster-issuer: [your issuer]
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/proxy-read-timeout: "1800"
nginx.ingress.kubernetes.io/proxy-send-timeout: "1800"
nginx.ingress.kubernetes.io/rewrite-target: /
nginx.ingress.kubernetes.io/secure-backends: "true"
nginx.ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/websocket-services: ws-service
nginx.org/websocket-services: ws-service

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM