在 Kubernetes 中连接前端和后端
[英]Connecting Frontend and Backend in Kubernetes
问题描述
My frontend is setup as:
我的前端设置为:
this.http.post<any>(`${environment.apiUrl}/auth/login`, {email, password})
Where apiUrl: 'http://backend/api'其中apiUrl: 'http://backend/api'
I built the frontend in a container and exposed it to a loadbalancer service and I am trying to hook it up through a ClusterIP service to a backend on port 3000.我在一个容器中构建了前端并将其暴露给负载均衡器服务,我试图通过 ClusterIP 服务将它连接到端口 3000 上的后端。
Frontend YAML:前端 YAML:
apiVersion: v1
kind: Service
metadata:
name: frontend
spec:
selector:
tier: frontend
ports:
- port: 80
targetPort: 80
type: LoadBalancer
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: frontend
spec:
selector:
matchLabels:
tier: frontend
replicas: 1
template:
metadata:
labels:
tier: frontend
spec:
containers:
- name: frontend
image: <Image>
imagePullPolicy: Always
ports:
- containerPort: 80
Backend YAML:后端 YAML:
apiVersion: apps/v1
kind: Deployment
metadata:
name: backend
spec:
selector:
matchLabels:
app: app
tier: backend
replicas: 1
template:
metadata:
labels:
app: app
tier: backend
spec:
containers:
- name: frontend-container
image: <Image>
ports:
- containerPort: 3000
---
apiVersion: v1
kind: Service
metadata:
name: backend
spec:
selector:
app: app
tier: backend
ports:
- protocol: TCP
port: 80
targetPort: 3000
As explained in the doc here .正如这里的文档中所解释的那样。
But it doesn't work when I try to access it from the browser, I receive Unknown Error!!但是当我尝试从浏览器访问它时它不起作用,我收到未知错误!
Here are screenshots from inside the frontend making sure it is able to reach the backend internally.这是前端内部的屏幕截图,确保它能够在内部到达后端。
I don't understand where I went wrong here.我不明白我在哪里出错了。 I am thinking the apiUrl var set to http://backend is not being translated correctly because if I changed that to a loadbalancer IP and rebuilt the image, exposed the backend to a LB service instead of ClusterIP.我认为设置为 http://backend 的 apiUrl var 未正确翻译,因为如果我将其更改为负载均衡器 IP 并重建图像,将后端暴露给 LB 服务而不是 ClusterIP。 It does work.它确实有效。
But obviously I don't want to expose my backend to a LB service.但显然我不想将我的后端暴露给 LB 服务。
Any idea?任何想法?
3 个解决方案
解决方案1
2 已采纳 2020-10-02 12:39:52
Look at the following:请看以下内容:
outside world | k8s cluster
|
Browser --> | Nginx-pod --> backend-pod
|
|
The url http://backend/api is only resolvable within the cluster, but your browser is in the outside world, so it does not know what this url is. url http://backend/api只能在集群内解析,但是你的浏览器在外面,所以不知道这个url是什么。
You ideally would use an ingress to manage routes to cluster pods.理想情况下,您将使用ingress来管理集群 pod 的路由。
解决方案2
1 2020-10-02 14:37:24
As @Elgarni said, clients' browser could not access your cluster, so http://backend/api is not resolvable outside to cluster.正如@Elgarni 所说,客户端的浏览器无法访问您的集群,因此http://backend/api无法在集群外部解析。
If you defined ingress, use kubectl get ingress command and learn your external IP.如果您定义了入口,请使用kubectl get ingress命令并了解您的外部 IP。 then replace your ${environment.apiUrl} to http://$EXTERNAL_IP/api/ or define DNS record for your external IP and reach via your defined domain.然后将您的${environment.apiUrl}替换为http://$EXTERNAL_IP/api/或为您的外部 IP 定义 DNS 记录并通过您定义的域进行访问。
解决方案3
0 2022-08-28 02:53:21
We can use nginx reverse proxy as well.我们也可以使用 nginx 反向代理。 In which backend-service needs not to expose using ingress or load balancer.其中后端服务不需要使用入口或负载均衡器公开。 Below steps works fine for me以下步骤对我来说很好
For example: replace http://api-service/api/getsomething to
例如:将 http://api-service/api/getsomething 替换为
/api/getsomething/api/getsomething/api/getsomething - this will tell the browser that it will send the request to the same server that served your frontend app (nginx in this case)
/api/getsomething - 这将告诉浏览器它将请求发送到为您的前端应用程序提供服务的同一服务器(在这种情况下为 nginx)Then via nginx server the call can be forwarder to your api using the K8S
然后通过 nginx 服务器,呼叫可以使用 K8S 转发到您的 api
DNS.DNS。 (It is called reverse proxy) (称为反向代理)sample docker file:
样品 docker 文件:### STAGE 1: Build ### FROM node:16 as build # Create app directory WORKDIR /app # Install app dependencies # A wildcard is used to ensure both package.json AND package-lock.json are copied # where available (npm@5+) COPY package*.json./ RUN npm install # Bundle app source COPY. . RUN npm run build ###STAGE 2: Run ### FROM nginx:alpine RUN rm -rf /usr/share/nginx/html/* && rm -rf /etc/nginx/conf.d/default.conf && rm -rf /etc/nginx/nginx.conf COPY nginx.conf /etc/nginx COPY --from=build /app/dist/angular-frontend /usr/share/nginx/html #Optional to mention expose as it will be taken by nginx sever, port 80 wil be taken from nginx server EXPOSE 80sample nginx config file:
示例 nginx 配置文件:worker_processes 1; events { worker_connections 1024; } http { #upstream local { #server localhost:5000; #} upstream backend { server backend-service:80; } server { listen 80; #server_name localhost; server_name backend-service; root /usr/share/nginx/html; index index.html index.htm; include /etc/nginx/mime.types; gzip on; gzip_min_length 1000; gzip_proxied expired no-cache no-store private auth; gzip_types text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript; location / { try_files $uri $uri/ /index.html; } location /api/ { proxy_pass http://backend; } #location /api/v1/ { #proxy_pass http://local; #} }}
}
Note: This worked fine with k8s integration.注意:这适用于 k8s 集成。 But for local testing i used wsl2 in windows machine and and once replaced k8s backend-service config with localhost backend container.但是对于本地测试,我在 windows 机器中使用了 wsl2,并且曾经用 localhost 后端容器替换了 k8s 后端服务配置。 I got below error: *3 connect() failed (111: Connection refused) while connecting to upstream, client: 172.17.0.1,我收到以下错误:*3 connect() failed (111: Connection refused) while connection to upstream, client: 172.17.0.1,
I think there is an issue with wsl2 integration as mentioned here.我认为这里提到的 wsl2 集成存在问题。 https://github.com/Budibase/budibase/issues/4996 https://github.com/Budibase/budibase/issues/4996
But works fine with k8s.但适用于 k8s。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.