Docker桌面自带的kubernetes小集群如何暴露低号端口
[英]How to expose low-numbered ports in the kubernetes mini-cluster that comes with Docker Desktop
问题描述
I'm using the kubernetes cluster built in to Docker Desktop to develop my application.
我正在使用Docker 桌面内置的 kubernetes 集群来开发我的应用程序。
I would like to expose services inside the cluster as ports on localhost .我想将集群内的服务公开为localhost上的端口。
I can do so using kubectl expose deployment foobar --type=NodePort --port=30088 , which creates a service like this:我可以使用kubectl expose deployment foobar --type=NodePort --port=30088来做到这一点,它会创建这样的服务:
apiVersion: v1
kind: Service
metadata:
labels:
role: web
name: foobar
spec:
externalTrafficPolicy: Cluster
ports:
- nodePort: 30088
port: 80
protocol: TCP
targetPort: 80
selector:
role: web
type: NodePort
But it only works for very high numbered ports.但它仅适用于编号非常高的端口。 If I try something lower I get:如果我尝试更低的东西,我会得到:
The Service "kafka-external" is invalid: spec.ports[0].nodePort: Invalid value: 9092: provided port is not in the valid range. The range of valid ports is 30000-32767
It seems there is a kubernetes apiserver setting called ServiceNodePortRange which would allow me to override this restriction, but I can't figure out how to set it on Docker's builtin cluster.似乎有一个名为ServiceNodePortRange的 kubernetes apiserver 设置可以让我覆盖这个限制,但我不知道如何在 Docker 的内置集群上设置它。
So my question is: how do I expose a specific, low-numbered port (like 9092) on Docker's kubernetes cluster?所以我的问题是:如何在 Docker 的 kubernetes 集群上公开一个特定的低编号端口(如 9092)? Is there a way to override that setting?有没有办法覆盖该设置? Or a better way to expose the service than NodePort ?还是比NodePort更好的公开服务的方法?
1 个解决方案
解决方案1
4 已采纳 2020-05-14 10:35:16
NodePort is intended to be a building block for load-balancers or other NodePort旨在成为负载均衡器或其他
ingress modes.入口模式。 This means it didn't matter which port you got as long as这意味着你得到哪个端口并不重要,只要
you got one.你有一个。 This makes it a little clunky to use directly - you can't这使得直接使用有点笨拙 - 你不能
have just any port.有任何端口。 You can change the port range, but you run the risk of您可以更改端口范围,但您冒着以下风险
conflicts with real things running on your nodes and with any pod HostPorts.与在您的节点上运行的真实事物以及任何 pod HostPorts 发生冲突。
The default range is indeed 30000-32767 but it can be changed by setting the --service-node-port-range Update the file /etc/kubernetes/manifests/kube-apiserver.yaml and add the line --service-node-port-range=xxxxx-yyyyy .默认范围确实是 30000-32767 但可以通过设置--service-node-port-range来更改它 更新文件/etc/kubernetes/manifests/kube-apiserver.yaml并添加行--service-node-port-range=xxxxx-yyyyy 。
In the Kubernetes cluster there is a kube-apiserver.yaml file which is in the directory - /etc/kubernetes/manifests/kube-apiserver.yaml but not on the kube-apiserver container/pod but on the master itself. In the Kubernetes cluster there is a kube-apiserver.yaml file which is in the directory - /etc/kubernetes/manifests/kube-apiserver.yaml but not on the kube-apiserver container/pod but on the master itself.
Login to Docker VM:
登录 Docker 虚拟机:Add the following line to the pod spec:
将以下行添加到 pod 规范中:spec: containers: - command: - kube-apiserver... - --service-node-port-range=xxxxx-yyyyy # <-- add this line...
Save and exit.保存并退出。 Pod kube-apiserver will be restarted with new parameters. Pod kube-apiserver 将使用新参数重新启动。
Exit Docker VM (for
screen:Ctrl-a,k, for container:Ctrl-d)退出 Docker VM(对于screen:Ctrl-a,k,对于容器:Ctrl-d)Check the results:
检查结果:
$ kubectl get pod kube-apiserver-docker-desktop -o yaml -n kube-system | less
Take a look: service-pod-range , changing pod range , changing-nodeport-range .看一下: service-pod-range ,改变 pod range , 改变-nodeport-range 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.