[英]Websocket connection in Kubernetes cluster with nginx-ingress
I'm trying to get a simple websocket connection working on my server running in a Kube.netes cluster.我正在尝试让一个简单的 websocket 连接在我在 Kube.netes 集群中运行的服务器上运行。
Websocket connections are able to establish on my local test machine but I can't connect my client side to the server after I deploy to GKE with nginx-ingress. Websocket 连接能够在我的本地测试机器上建立,但是在使用 nginx-ingress 部署到 GKE 后,我无法将客户端连接到服务器。
ingress yaml file:入口 yaml 文件:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: ingress-service
annotations:
kubernetes.io/ingress.class: nginx
nginx.org/websocket-services : "socket-cluster-ip-service"
nginx.ingress.kubernetes.io/rewrite-target: /
nginx.ingress.kubernetes.io/websocket-services : "socket-cluster-ip-service"
nginx.ingress.kubernetes.io/proxy-send-timeout: "1800"
nginx.ingress.kubernetes.io/proxy-read-timeout: "1800"
spec:
rules:
- host: my-socket.com
http:
paths:
- path: /
backend:
serviceName: socket-cluster-ip-service
servicePort: 3000
- host: www.my-socket.com
http:
paths:
- path: /
backend:
serviceName: socket-cluster-ip-service
servicePort: 3000
service yaml file:服务 yaml 文件:
apiVersion: v1
kind: Service
metadata:
name: socket-cluster-ip-service
spec:
type: ClusterIP
selector:
component: socket
ports:
- port: 3000
targetPort: 3000
deployment yaml file:部署 yaml 文件:
apiVersion: apps/v1
kind: Deployment
metadata:
name: socket-deployment
spec:
replicas: 1
selector:
matchLabels:
component: socket
template:
metadata:
labels:
component: socket
spec:
containers:
- name: socket
image: gcr.io/my-socket/socket
ports:
- containerPort: 3000
express server code:快递服务器代码:
...
var server = http.createServer(app);
const WebSocket = require('ws');
const wss = new WebSocket.Server({ server: server });
wss.on('connection', function connection(ws) {
console.log("new connection", ws)
ws.on('message', function incoming(message) {
console.log('received: %s', message);
});
ws.send('something');
});
...
client side code:客户端代码:
var ws = new WebSocket('ws://www.my-socket.com/');
ws.onopen = () => {
// connection opened
ws.send('something'); // send a message
};
ws.onmessage = (e) => {
// a message was received
console.log(e.data);
};
ws.onerror = (e) => {
// an error occurred
console.log(e.message);
};
ws.onclose = (e) => {
// connection closed
console.log(e.code, e.reason);
};
I keep getting the error message "Invalid Sec-WebSocket-Accept response" from the client side.我不断从客户端收到错误消息“无效的 Sec-WebSocket-Accept 响应”。 But I think it's just the fact that the client could not establish websocket connection with the server.但我认为这只是客户端无法与服务器建立 websocket 连接的事实。
The server side library I used is ws我使用的服务器端库是ws
I've added the following annotations to my ingress yaml file as suggested by other post and official ingress-nginx documentation but it's still not working:按照其他帖子和官方 ingress-nginx 文档的建议,我已将以下注释添加到我的 ingress yaml 文件中,但它仍然无法正常工作:
nginx.org/websocket-services : "socket-cluster-ip-service"
nginx.ingress.kubernetes.io/websocket-services : "socket-cluster-ip-service"
nginx.ingress.kubernetes.io/proxy-send-timeout: "1800"
nginx.ingress.kubernetes.io/proxy-read-timeout: "1800"
For me it works like a charm!对我来说,它就像一个魅力!
I'm using kong-docker-kubernetes-ingress-controller.bintray.io/kong-ingress-controller:0.9.0 on my private kubernetes cluster.我在我的私有 kubernetes 集群上使用kong-docker-kubernetes-ingress-controller.bintray.io/kong-ingress-controller:0.9.0 。
Thus, your issue might be related to GCE.因此,您的问题可能与 GCE 有关。
Please also check your TLS configuration.另请检查您的 TLS 配置。
In your post you were mentioning ws://...
rather than wss://
, which indicates you don't even use TLS.在您的帖子中,您提到了ws://...
而不是wss://
,这表明您甚至不使用 TLS。 This might be rejected by your browser (eg Chrome).这可能会被您的浏览器(例如 Chrome)拒绝。
im not on GKE however this might help the above issue: https://medium.com/k8scaleio/running-websocket-app-on-kube.netes-2e13eabb4c4f我不在 GKE 上,但这可能有助于解决上述问题: https://medium.com/k8scaleio/running-websocket-app-on-kube.netes-2e13eabb4c4f
it's to do with persistent state. I'm having the same issue works perfectly, when i run the docker image locally(docker run...) but the image deployed inside the cluster (k3d with loadbalacncer exposing its port )...web-socket will not connect.它与持久性 state 有关。当我在本地运行 docker 图像(docker run ...)但图像部署在集群内时(k3d 与 loadbalanccer 公开其端口),我遇到了同样的问题,效果很好...web - 套接字将无法连接。 other services exposed (rest->mysql etc all work fine only the nodejs app with web-socket fails)暴露的其他服务(rest->mysql 等都可以正常工作,只有带有 web-socket 的 nodejs 应用程序失败)
solution is to add annotations to your ingress controller rules:解决方案是为您的入口 controller 规则添加注释:
annotations section in the yaml file: yaml 文件中的注释部分:
certmanager.k8s.io/cluster-issuer: [your issuer]
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/proxy-read-timeout: "1800"
nginx.ingress.kubernetes.io/proxy-send-timeout: "1800"
nginx.ingress.kubernetes.io/rewrite-target: /
nginx.ingress.kubernetes.io/secure-backends: "true"
nginx.ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/websocket-services: ws-service
nginx.org/websocket-services: ws-service
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.