如何将 kubernetes pod 暴露给外部 IP?
[英]How to expose kubernetes pod to outside IP?
问题描述
I have a kubernetes file that looks like this:
我有一个看起来像这样的 kubernetes 文件:
apiVersion: apps/v1
kind: Deployment
metadata:
name: <some_name>
spec:
replicas: 1
template:
spec:
dnsPolicy: ClusterFirst
restartPolicy: Always
terminationGracePeriodSeconds: 30
containers:
- image: <some_image>
imagePullPolicy: Always
name: <some_name>
env:
- name: ES_HOST
value: blahblah.us-west-2.es.amazonaws.com
- name: ES_PORT
value: "443"
- name: DATALOADER_QUEUE
value: some_sqs_queue
- name: AWS_DEFAULT_REGION
value: us-west-2
...<bunch of variable>
limits: &main_limits
cpu: 500m
memory: 256Mi
requests: *main_limits
If I wanted to expose this to the outside world traffic because say my application exposes app metrics using prometheus on a port.. how do I expose that port to the outside world?如果我想将其公开给外部世界的流量,因为假设我的应用程序在端口上使用普罗米修斯公开应用程序指标..我如何将该端口公开给外部世界?
my application has these two lines that starts an http server that needs to be exposed:我的应用程序有这两行启动需要公开的 http 服务器:
METRICS_PORT=9100
start_http_server(METRICS_PORT)
that's a prometheus server这是一个普罗米修斯服务器
4 个解决方案
解决方案1
0 2020-03-12 21:48:49
It's a bit weird to expose Prom metrics outside the local network but that aside, you use a Service.在本地网络之外公开 Prom 指标有点奇怪,但除此之外,您使用服务。 Usually a LoadBalancer type but sometimes NodeIP in special situations.通常是 LoadBalancer 类型,但有时在特殊情况下是 NodeIP。 Check out the documentation for more info.查看文档以获取更多信息。
解决方案2
0 2020-03-13 03:53:21
Try the below sample试试下面的示例
apiVersion: v1
kind: Service
metadata:
name: hello
spec:
selector:
app: hello
ports:
- protocol: "TCP"
port: 80
targetPort: 80
type: NodePort
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: hello
spec:
selector:
matchLabels:
app: hello
replicas: 1
template:
metadata:
labels:
app: hello
spec:
containers:
- name: nginx
image: nginx
you should be able to access the hello service at http://HOST_IP:NODE_PORT您应该能够在http://HOST_IP:NODE_PORT访问 hello 服务
解决方案3
0 2020-03-13 10:04:02
There are some ways to expose your application in Kubernetes.有一些方法可以在 Kubernetes 中公开您的应用程序。
Services could be used to expose internally, for others applications running in the same cluster (type: ClusterIP), externally binding a host port to your application node (type: NodePort) or loadbalancing the traffice between the nodes (type: LoadBalancer)服务可用于在内部公开,对于在同一集群中运行的其他应用程序(类型:ClusterIP),在外部将主机端口绑定到您的应用程序节点(类型:NodePort)或负载平衡节点之间的流量(类型:LoadBalancer)
ClusterIP : Exposes the Service on a cluster-internal IP.
NodePort : Exposes the Service on each Node's IP at a static port (the NodePort).
LoadBalancer : Exposes the Service externally using a cloud provider's load balancer.
If you are using a cloud provider , you could use a service type LoadBalancer , then your service will get an external IP from your cloud provider and will be accessible publicly:如果您使用的是云提供商,您可以使用服务类型LoadBalancer ,那么您的服务将从您的云提供商处获得一个外部 IP,并且可以公开访问:
apiVersion: v1
kind: Service
metadata:
name: <<some name>>
spec:
selector:
app: my_app_name # << HERE
ports:
- protocol: TCP
port: 80
targetPort: 80
type: LoadBalancer
Please note that for it works, you need to add a selector in your deployment file to service know for what pods redirect the requests.请注意,为了使其有效,您需要在部署文件中添加一个selector ,以便服务知道哪些 Pod 重定向了请求。 Like this:像这样:
apiVersion: apps/v1
kind: Deployment
metadata:
name: <some_name>
spec:
selector:
app: my_app_name # <= SELECTOR HERE
replicas: 1
template:
...
To check if everything is ok, use the command below and check for EXTERNAL-IP :要检查一切是否正常,请使用以下命令并检查EXTERNAL-IP :
kubectl get svc <some_name>
References:参考:
https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types
https://kubernetes.io/docs/concepts/services-networking/service/#with-selectors https://kubernetes.io/docs/concepts/services-networking/service/#with-selectors
https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer
解决方案4
0 2020-03-13 12:03:00
In general it's recommended to expose pods via services and not expose the pod directly considering the ephemerality of the pod.一般来说,考虑到 Pod 的短暂性,建议通过服务公开 Pod,而不是直接公开 Pod。 As mentioned above by KoopaKiller, the ways to expose a service include:正如 KoopaKiller 上面提到的,暴露服务的方式包括:
ClusterIP: Exposes the Service on a cluster-internal IP making the Service only reachable from within the cluster.
ClusterIP:在集群内部 IP 上公开服务,使服务只能从集群内部访问。 For your purpose, this will not suffice.就您的目的而言,这还不够。NodePort: Exposes the Service on each Node's IP at a static port.
NodePort:在静态端口的每个节点的 IP 上公开服务。 For your purpose, you will be able to connect the NodePort Service from outside the cluster by connecting to the nodeport for your service.出于您的目的,您将能够通过连接到服务的节点端口来从集群外部连接节点端口服务。LoadBalancer: Exposes the Service externally using a cloud provider's load balancer.
LoadBalancer:使用云提供商的负载均衡器在外部公开服务。 This is a safer option to use at high scale, however, note certain load balancers cost a decent amount.这是在大规模使用时更安全的选择,但是,请注意某些负载均衡器的成本相当可观。 You might want to take that into account before choosing.在选择之前,您可能需要考虑到这一点。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.