堆栈内存溢出
  简体   繁体   English

Kubernetes Nginx入口访问集群外而不使用服务

[英]Kubernetes nginx ingress accesses outside of cluster without using service

 原文  2019-11-26 10:27:07       kubernetes/ kubernetes-ingress/ nginx-ingress

问题描述

Apologies if this has been answered before, but I am a little confused on Ingress Nginx is working together with services. 道歉,如果以前已经回答过,但是我对Ingress Nginx与服务一起工作感到有些困惑。

I am trying to implement an nginx ingress in my Kubernetes environment. 我正在尝试在Kubernetes环境中实现Nginx入口。 So far I have an ingress-nginx-controller-deployment setup, as well as a deployment and service for the default backend. 到目前为止,我有一个ingress-nginx-controller-deployment设置,以及默认后端的部署和服务。 I still need to create my actual Ingress resources, the ingress-nginx-controller-service and also my backend. 我仍然需要创建实际的Ingress资源,ingress-nginx-controller-service和后端。

curl <NodeIP> returns "default backend 404" on port 80 for the Node which the ingress-nginx-controller-deployment is deployed on. curl <NodeIP>在端口80上为部署了ingress-nginx-controller-deployment的节点返回"default backend 404" However, my understanding is that exposing anything out of the cluster requires a service (Nodeport/Loadbalancer), which is the duty of the ingress-nginx-controller-service. 但是,我的理解是,将任何东西暴露出集群都需要一项服务(Nodeport / Loadbalancer),这是ingress-nginx-controller-service的职责。

My question is how is this possible, that I can access port 80 for my Node on my browser, which is outside the cluster? 我的问题是,在群集之外的浏览器上可以访问Node的端口80,这怎么可能? Could I then deploy my backend app on port 80 the same way the above is done? 然后,可以像上面一样将后端应用程序部署在端口80上吗?

I feel like I am misunderstanding a key concept here. 我觉得我误会了这里的一个关键概念。

default backend image: gcr.io/google_containers/defaultbackend:1.0 默认后端图片: gcr.io/google_containers/defaultbackend:1.0默认后端: gcr.io/google_containers/defaultbackend:1.0

nginx-controller image: gcr.io/google_containers/nginx-ingress-controller:0.9.0-beta.3 nginx控制器图片: gcr.io/google_containers/nginx-ingress-controller:0.9.0-beta.3 : gcr.io/google_containers/nginx-ingress-controller:0.9.0-beta.3 - gcr.io/google_containers/nginx-ingress-controller:0.9.0-beta.3

1 个解决方案

解决方案1
 0  2019-11-26 10:58:03

I think you missed a really good article about how nginx-ingress expose to the world! 我认为您错过了一篇有关nginx-ingress如何暴露于世界的非常好的文章

I short: If you're using hostNetwork: true then you bypass the kubernetes network (kube-proxy). 简而言之:如果您使用的是hostNetwork: true那么您将绕过kubernetes网络(kube-proxy)。 in a simple word, you bypass the container and orchestration network and just using the host network then the node with nginx-ingress container will expose port 80 to the world. 简而言之,您绕过了容器和业务流程网络,而仅使用主机网络,那么具有nginx-ingress容器的节点将向世界公开端口80。

There are other ways that you can use to expose nginx port to outside of the cluster (node-port, network load balancer like MetalLB). 您还可以使用其他方法将nginx端口公开到群集外部(节点端口,网络负载平衡器,例如MetalLB)。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Nginx Kube.netes 集群上的入口 - Nginx Ingress on Kubernetes Cluster 不带选择器的Kubernetes Nginx入口控制器在服务中 - Kubernetes Nginx Ingress Controller on Service without Selector 使用 nginx-ingress 从 kubernetes 集群外部向 RabbitMQ 发送消息 - Send messages to RabbitMQ from outside kubernetes cluster using nginx-ingress Kubernetes nginx 入口在集群内部工作,但在外部不可见 - Kubernetes nginx ingress working inside cluster but not visible outside 使用入口在远程Kubernetes集群中的访问服务 - Access service in remote Kubernetes cluster using ingress 通过 Ingress 为 Kubernetes 集群之外的 HTTP/HTTPS 服务提供服务 - Serving HTTP/HTTPS service which is outside of Kubernetes cluster through Ingress 如何通过入口向外部 Kubernetes 集群公开服务? - How to expose a service to outside Kubernetes cluster via ingress? 具有集群 ip 服务和默认 nginx 的 kubernetes 入口控制器无法按预期工作 - kubernetes ingress controller with cluster ip service and default nginx not working as expected 没有负载均衡器的 Kubernetes 入口无法在集群外工作 - Kubernetes ingress without load balancer not working outside the cluster 使用 nginx-Ingress 在 Kubernetes 中暴露集群外的 TCP 端口 - Exposing a TCP port out of cluster in Kubernetes using nginx-Ingress
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM