[英]How to expose a Kubernetes service on AWS using `service.spec.externalIPs` and not `--type=LoadBalancer`?
I've deployed a Kubernetes cluster on AWS using kops
and I'm able to expose my pods using a service with --type=LoadBalancer
:我已经使用
kops
在 AWS 上部署了一个 Kubernetes 集群,并且能够使用带有--type=LoadBalancer
的服务来公开我的 pod:
kubectl run sample-nginx --image=nginx --replicas=2 --port=80
kubectl expose deployment sample-nginx --port=80 --type=LoadBalancer
However, I cannot get it to work by specifying service.spec.externalIPs
with the public IP of my master node.但是,我无法通过使用我的主节点的公共 IP 指定
service.spec.externalIPs
来使其工作。
I've allowed ingress traffic the specified port and used https://kubernetes.io/docs/concepts/services-networking/service/#external-ips as documentation.我已经允许指定端口的入口流量并使用https://kubernetes.io/docs/concepts/services-networking/service/#external-ips作为文档。
Can anyone clarify how to expose a service on AWS without using the cloud provider's native load balancer?谁能澄清如何在不使用云提供商的本地负载均衡器的情况下在 AWS 上公开服务?
If you want to avoid using Loadbalancer
then you case use NodePort
type of service.如果您想避免使用
Loadbalancer
那么您可以使用NodePort
类型的服务。
NodePort
exposes service on each Node's IP at a static port (the NodePort
). NodePort
在静态端口( NodePort
)上公开每个节点 IP 上的服务。 ClusterIP
service that NodePort
service routes is created along. NodePort
服务路由的ClusterIP
服务是沿着创建的。 You will be able to reach the NodePort
service, from outside by requesting:您将能够通过以下请求从外部访问
NodePort
服务:
<NodeIP>:<NodePort>
That means that if you access any node with that port you will be able to reach your service.这意味着如果您使用该端口访问任何节点,您将能够访问您的服务。 It worth to remember that NodePorts are high-numbered ports (30 000 - 32767)
值得记住的是,NodePorts 是高编号端口 (30 000 - 32767)
Coming back specifically to AWS here is theirs official document how to expose a services along with NodePort
explained.这里专门回到 AWS 是他们的官方文档如何公开服务以及
NodePort
解释。
Do note very important inforamation there about enabling the ports:请注意有关启用端口的非常重要的信息:
Note: Before you access NodeIP:NodePort from an outside cluster, you must enable the security group of the nodes to allow incoming traffic through your service port.
注意:在从外部集群访问NodeIP:NodePort之前,您必须启用节点的安全组以允许通过您的服务端口的传入流量。
Let me know if this helps.如果这有帮助,请告诉我。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.