使用 nginx 入口在 k8s 中设置 rabbitmq controller
[英]setting up rabbitmq in k8s with nginx ingress controller
问题描述
I am trying to setup rabbitmq, deployed as a pod, in k8s cluster .
我正在尝试在 k8s 集群中设置 rabbitmq,部署为 pod 。 Also did setup Nginx ingress controller in order to have external access for the services in the cluster by using URLs.还设置了 Nginx ingress controller,以便使用 URL 对集群中的服务进行外部访问。
Here is the working config through which I am able to access the rabbitmq management console :这是我能够访问 rabbitmq 管理控制台的工作配置:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: nginx-gateway
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
tls:
- hosts:
- ***ABC***.com
secretName: gateway-tls-secret
rules:
- host: ***ABC***.com
http:
paths:
- backend:
serviceName: ie-rabbitmq
servicePort: 15672
path: /
Logs in Nginx controller登录 Nginx controller
10.202.3.59 - - [24/Dec/2019:06:59:19 +0000] "GET /api/auth HTTP/2.0" 200 57 "https://***ABC***.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 324 0.003 [ie-poc-ie-rabbitmq-15672] [] 10.244.5.235:15672 57 0.003 200 eed95f6d3ee6bddae7a7128b4b500152
10.202.3.59 - - [24/Dec/2019:06:59:19 +0000] "GET /js/tmpl/login.ejs?0.16274381270760774 HTTP/2.0" 200 630 "https://***ABC***.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 48 0.001 [ie-poc-ie-rabbitmq-15672] [] 10.244.5.235:15672 630 0.001 200 75c43c0e3e3d8de715c4ffa540a4b0a8
But when I change the backend.path to /rabbit from / , the service is not reachable .但是当我将backend.path从/更改为/rabbit时,服务无法访问。
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: nginx-gateway
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
tls:
- hosts:
- ***ABC***.com
secretName: gateway-tls-secret
rules:
- host: ***ABC***.com
http:
paths:
- backend:
serviceName: ie-rabbitmq
servicePort: 15672
path: /rabbit
From Nginx controller logs what I see is, for this config the request is being directed to [upstream-default-backend] 10.244.3.84:8080 but ideally it should re-direct the request to [ie-poc-ie-rabbitmq-15672] [] 10.244.5.235:15672 which is observed when the request was successful.从 Nginx controller 记录我看到的是,对于此配置,请求被定向到[upstream-default-backend] 10.244.3.84:8080但理想情况下它应该将请求重新定向到[ie-poc-ie-rabbitmq-15672] [] 10.244.5.235:15672在请求成功时观察到。
10.202.3.59 - - [24/Dec/2019:06:57:15 +0000] "GET /api/auth HTTP/2.0" 404 21 "https://i***ABC***.com/rabbit" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 57 0.001 [upstream-default-backend] [] 10.244.3.84:8080 21 0.001 404 2a1d6b6abf1b7ff03884f275c4a15c14
10.202.3.59 - - [24/Dec/2019:06:57:15 +0000] "GET /js/tmpl/login.ejs?0.4076380641124395 HTTP/2.0" 404 21 "https://***ABC***.com/rabbit" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 47 0.001 [upstream-default-backend] [] 10.244.3.84:8080 21 0.001 404 df534e5e9b2e5aabb9fa6bb272d4b5e9
Can someone help me to understand why the second config is not working/loading rabbitmq config ?有人可以帮我理解为什么第二个配置不工作/加载 rabbitmq 配置吗?
4 个解决方案
解决方案1
0 2020-01-09 09:03:38
Try adding the management.path_prefix = /rabbit to your Rabbitmq configmap.尝试将management.path_prefix = /rabbit添加到您的 Rabbitmq 配置映射中。 That fixed the issue for me.那为我解决了这个问题。
解决方案2
0 2020-04-20 14:56:03
Try below the NGINX Ingress Rewrite rule, it works for me:试试下面的 NGINX Ingress Rewrite 规则,它对我有用:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: nginx-gateway
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /$1
spec:
rules:
- http:
paths:
- backend:
serviceName: rmq-rabbitmq-ha
servicePort: 15672
path: /rabbit/(.*)
And here is the screenshot:这是屏幕截图:
By the way, if you don't need the subpath, the Ingress config file is this:顺便说一句,如果您不需要子路径,则 Ingress 配置文件是这样的:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: nginx-gateway
spec:
rules:
- http:
paths:
- backend:
serviceName: rmq-rabbitmq-ha
servicePort: 15672
path: /
解决方案3
0 2020-06-11 23:24:24
I solved this by serving RabbitMQ at the root path on a subdomain as host, configured with an Azure DNS Zone.我通过在作为主机的子域的根路径提供 RabbitMQ 解决了这个问题,并配置了 Azure DNS 区域。
First I used Helm v3 to install RabbitMQ on my AKS k8s cluster:首先,我使用Helm v3在我的 AKS k8s 集群上安装 RabbitMQ:
helm install rabbitmq-resource -f .\rabbitmq.production-values.yaml bitnami/rabbitmq
Unfortunately the Healthcheck API in the chart is configured to use the root path of the provided host.不幸的是,图表中的 Healthcheck API 被配置为使用所提供主机的根路径。 As I am already working with an static IP for the Ingress controller and also with a DNS Zone to bind my custom domain(s) to the cluster it is easy to set an extra alias for the static Ingress IP and configure this as subdomain host in the Ingress resource.由于我已经在使用 Ingress 控制器的静态 IP 以及 DNS 区域来将我的自定义域绑定到集群,因此很容易为静态 Ingress IP 设置额外的别名并将其配置为子域主机入口资源。
So in the RabbitMQ config values which I applied in the previous command with the file rabbitmq.production-values.yaml, amke sure you use the root path at the following values:因此,在我在上一个命令中使用文件 rabbitmq.production-values.yaml 应用的 RabbitMQ 配置值中,请确保您使用以下值的根路径:
...
rabbitmq:
...
extraConfiguration: |-
...
#management.path_prefix = /
...
ingress:
...
enabled: true
path: /
In the Azure Portal go to your k8s specific cluster ResourceGroup, it has the name convention:在 Azure 门户中转到您的 k8s 特定集群 ResourceGroup,它具有命名约定:
MC_<primary_cluster_resource_group>_<cluster_name>_<region>
Go to the Public IP address that is bound to your Ingress controller.转到绑定到 Ingress 控制器的公共 IP 地址。 then go to Settings > Configuration and click on 'Create alias record', fill in a subdomain name of an existing DNS Zone.然后转到设置 > 配置并单击“创建别名记录”,填写现有 DNS 区域的子域名。 For example rabbitmq.yourdomain.com例如rabbitmq.yourdomain.com
Now edit your Ingress resource so that it looks somehow like the following:现在编辑您的 Ingress 资源,使其看起来像以下内容:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: ingress-resource-handler
annotations:
kubernetes.io/ingress.class: nginx
cert-manager.io/cluster-issuer: letsencrypt-prod
nginx.ingress.kubernetes.io/rewrite-target: /$1
spec:
tls:
- hosts:
- yourdomain.com
- rabbitmq.yourdomain.com
secretName: tls-secret
rules:
- host: yourdomain.com
http:
paths:
- backend:
serviceName: website
servicePort: 80
path: /(.*)
- host: rabbitmq.yourdomain.com
http:
paths:
- backend:
serviceName: rabbitmq-resource
servicePort: 15672
path: /(.*)
Note that via the main namespace of your domain you can serve a website or other service on the root path and via the subdomain you can serve RabbitMQ (Management), also via the root path without interfering with the Healthcheck API.请注意,通过域的主命名空间,您可以在根路径上提供网站或其他服务,通过子域,您可以提供 RabbitMQ(管理),也可以通过根路径提供服务,而不会干扰 Healthcheck API。
Now apply the Ingress resource and everything will be working smoothly!现在应用 Ingress 资源,一切都会顺利进行!
解决方案4
0 2022-12-10 18:51:37
I fixed this issue by introducing 'management.path_prefix = /rabbit-mgmt/' in RabbitMQ additionalConfig.我通过在 RabbitMQ additionalConfig 中引入 'management.path_prefix = /rabbit-mgmt/' 解决了这个问题。
"rabbitmq" = {
"additionalPlugins" = [
"rabbitmq_management",
"rabbitmq_peer_discovery_k8s",
]
"additionalConfig" = <<-EOT
management.path_prefix = /rabbit-mgmt/
EOT
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.