[英]Make ingresses/services publicly DNS resolvable on GKE
We have a GKE cluster set up on Google Cloud and we want new ingress routes to be automatically resolvable under the according subdomain.我们在 Google Cloud 上设置了一个 GKE 集群,我们希望新的入口路由能够在相应的子域下自动解析。
We have a subdomain (lets say app-dev.company.com) which already resolves to the public IP of our ingress controller (Traefik) and when I create a service "hello-world" on k8s, it should be automatically publicly resolvable under hello-world.app-dev.company.com as well.我们有一个子域(假设是 app-dev.company.com),它已经解析为我们入口 controller(Traefik)的公共 IP ,当我在 k8s 上创建服务“hello-world”时,它应该可以自动公开解析还有 hello-world.app-dev.company.com。
I used to work with a cluster on Azure before, where it was simply a matter of configuring CoreDNS with stub domain and upstream DNS and it just worked after that.之前我曾经在 Azure 上使用集群,这只是简单地配置 CoreDNS 与存根域和上游 DNS 的问题,然后它就可以工作了。 Now Google still uses kube-dns for some reason;
现在谷歌出于某种原因仍然使用 kube-dns; I tried configuring the stub domain "app-dev.company.com" in kube-dns and installing CoreDNS (and scaling kube-dns down to 0) but that did not work and broke some other things, so I rolled it back.
我尝试在 kube-dns 中配置存根域“app-dev.company.com”并安装 CoreDNS(并将 kube-dns 缩小到 0)但这没有用并且破坏了其他一些东西,所以我将其回滚。
I also looked into Googles Cloud DNS service (since Google recommends it), but I don't want that hard vendor lock in tbh, also I'm not sure if that even does what I want.我还查看了 Google 的 Cloud DNS 服务(因为 Google 推荐它),但我不想让供应商硬锁在 tbh 中,而且我不确定这是否符合我的要求。
Can someone point me in the right direction here?有人可以在这里指出我正确的方向吗?
A few things:一些东西:
Reserve a static IP address:预留static IP地址:
gcloud compute addresses create ${ADDRESS} --global
Replace ${ADDRESS} with any name you like.将 ${ADDRESS} 替换为您喜欢的任何名称。
Annotate your Ingress resource to tell the load balancer to use the static IP created above注释您的 Ingress 资源以告诉负载均衡器使用上面创建的 static IP
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: helloweb
annotations:
kubernetes.io/ingress.global-static-ip-name: ${ADDRESS}
Replace ${ADDRESS} with the name of the static IP created in the previous step将 ${ADDRESS} 替换为上一步创建的 static IP 的名称
Configure multiple backend apps配置多个后端应用
Path-based : 基于路径:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: multi-app-fanout
annotations:
kubernetes.io/ingress.global-static-ip-name: ${ADDRESS}
spec:
rules:
- http:
paths:
- path: /*
pathType: ImplementationSpecific
backend:
service:
name: app1
port:
number: 8080
- path: /app2/*
pathType: ImplementationSpecific
backend:
service:
name: app2
port:
number: 8080
- path: /app3/*
pathType: ImplementationSpecific
backend:
service:
name: app3
port:
number: 8080
You would access your apps as follows:您将按如下方式访问您的应用程序:
Name-based virtual hosting : 基于名称的虚拟主机:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: multi-app-virtual
annotations:
kubernetes.io/ingress.global-static-ip-name: ${ADDRESS}
spec:
rules:
- host: app1.app-dev.company.com
http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: app1
port:
number: 8080
- host: app2.app-dev.company.com
http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: app2
port:
number: 8080
- host: ap32.app-dev.company.com
http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: app3
port:
number: 8080
You would access your apps as follows:您将按如下方式访问您的应用程序:
Configure DNS records If you choose to do path-based routing, then you just need to add a single DNS A record which maps app-dev.company.com to the global IP address created above.配置 DNS 记录如果您选择进行基于路径的路由,那么您只需要添加一条 DNS A 记录,它将app-dev.company.com映射到上面创建的全局地址 IP。
If you choose name-based virtual hosting, you'll need to create a wildcard record mapping * .app-dev.company.com to the global IP address.如果您选择基于名称的虚拟主机,则需要创建通配符记录映射 * .app-dev.company.com到全局地址 IP。
See https://cloud.google.com/kube.netes-engine/docs/tutorials/configuring-domain-name-static-ip for more info.有关详细信息,请参阅https://cloud.google.com/kube.netes-engine/docs/tutorials/configuring-domain-name-static-ip 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.