nginx 入口控制器无法访问后端服务?
[英]nginx ingress controller don't reach backend service?
问题描述
我目前正在尝试通过入口控制器公开 kubernetes 服务,但我似乎不能这样做? 主机/路径从未解析为我想要使用的 clusterIp 和端口的奇怪原因是谁,即使这应该通过我的入口控制器和资源来解决?...
apiVersion: v1
kind: Service
metadata:
name: hello-kubernetes
spec:
type: LoadBalancer
ports:
- port: 80
targetPort: 8080
selector:
app: hello-kubernetes
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: hello-kubernetes
spec:
replicas: 3
selector:
matchLabels:
app: hello-kubernetes
template:
metadata:
labels:
app: hello-kubernetes
spec:
containers:
- name: hello-kubernetes
image: paulbouwer/hello-kubernetes:1.5
ports:
- containerPort: 8080
---
apiVersion: v1
kind: ConfigMap
metadata:
name: nginx-ingress-controller-conf
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: nginx-ingress-controller
namespace: default
spec:
replicas: 1
revisionHistoryLimit: 3
template:
metadata:
labels:
app: nginx-ingress-lb
spec:
terminationGracePeriodSeconds: 60
serviceAccount: nginx
containers:
- name: nginx-ingress-controller
image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.9.0
imagePullPolicy: Always
readinessProbe:
httpGet:
path: /healthz
port: 10254
scheme: HTTP
livenessProbe:
httpGet:
path: /healthz
port: 10254
scheme: HTTP
initialDelaySeconds: 10
timeoutSeconds: 5
args:
- /nginx-ingress-controller
- --default-backend-service=$(POD_NAMESPACE)/default-backend-service
- --configmap=$(POD_NAMESPACE)/nginx-ingress-controller-conf
- --v=2
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
ports:
- name: http
containerPort: 80
- name: https
containerPort: 443
---
apiVersion: v1
kind: Service
metadata:
name: nginx-ingress
spec:
type: NodePort
ports:
- port: 80
targetPort: 80
name: http
- port: 443
targetPort: 443
name: https
selector:
app: nginx-ingress
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: nginx
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: nginx-role
rules:
- apiGroups:
- ""
resources:
- configmaps
- endpoints
- nodes
- pods
- secrets
verbs:
- list
- watch
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- apiGroups:
- ""
resources:
- services
verbs:
- get
- list
- update
- watch
- apiGroups:
- extensions
resources:
- ingresses
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
- apiGroups:
- extensions
resources:
- ingresses/status
verbs:
- update
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: nginx-role
namespace: default
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: nginx-role
subjects:
- kind: ServiceAccount
name: nginx
namespace: default
---
#Ingress ressource
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: ingress-hello
spec:
rules:
- host: dev.hello.com
http:
paths:
- backend:
serviceName: hello-kubernetes
servicePort: 80
---
##Default backend
apiVersion: v1
kind: Service
metadata:
name: default-backend-service
labels:
app: default-backend
spec:
ports:
- port: 80
protocol: TCP
targetPort: 8080
selector:
app: default-backend
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: default-backend
labels:
app: default-http-backend
spec:
selector:
matchLabels:
app: default-backend
serviceName: default-backend-service
replicas: 2
template:
metadata:
labels:
app: default-backend
spec:
terminationGracePeriodSeconds: 60
containers:
- name: default-backend
image: gcr.io/google_containers/defaultbackend:1.0
livenessProbe:
httpGet:
path: /healthz
port: 8080
scheme: HTTP
initialDelaySeconds: 30
timeoutSeconds: 5
ports:
- containerPort: 8080
resources:
limits:
cpu: 10m
memory: 20Mi
requests:
cpu: 10m
memory: 20Mi
---
我试图制作一个 MVP - 但由于某种原因我无法解析路径dev.hello.com我想用它来告诉入口我想连接哪个服务......但由于某种原因,这永远不会解决一个 IP 地址 - 它似乎没有命中任何东西?
为什么? 这是设置不正确吗?
2 个解决方案
解决方案1
0 2020-01-17 13:01:40
hello-kubernetes 的服务不应该是LoadBalancer类型,因为您希望入口作为 Loadbalancer 工作。 所以把hello-kubernetes的服务改成ClusterIP 。
apiVersion: v1
kind: Service
metadata:
name: hello-kubernetes
spec:
type: ClusterIP
ports:
- port: 80
targetPort: 8080
selector:
app: hello-kubernetes
解决方案2
0 2020-01-20 10:51:55
很难理解你到底想要什么。 你应该更准确地知道你到底想要什么。
1.使用 ClusterIP 的 Ingress。
就像 Arghya Sadhu 写的那样,当您使用Ingress您不需要指定LoadBalancer 。
2.使用NodePort Ingress
请记住,您还可以将NodePort与Ingress NodePort使用。 好的解释和示例可以在这里找到。
3. Ingress YAML 根据官方Kubernetes Docs 的最小 Ingress 资源如下所示:
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: test-ingress
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- http:
paths:
- path: /testpath
backend:
serviceName: test
servicePort: 80
在您的 Ingress 中,我找不到spec.rules.http.paths.path 。
4. LoadBalancer的IP
同样非常重要的是您的集群在哪里。 如果您使用 GKE、AWS、AZURE 等On-Prem部署,您的LoadBalancer将自动获取externalIP ,允许您从外部连接到您的集群。 但是,如果您使用本地机器,则需要使用MetalLB 。
此外,请查看 kubernetes docs about Connect a Front End to a Back End Using a Service 。
另请查看本教程,它可能对您有所帮助。
NGINX Ingress Controller 和默认后端为 nginx 服务的 Ingress 有什么区别?
[英]What is the difference between NGINX Ingress Controller and Ingress with default backend as nginx service?
更新 ingress-nginx-controller ConfigMap 以将客户端 IP 传递给后端服务
[英]Updating ingress-nginx-controller ConfigMap to Pass Client IP to Backend Service
Azure日志分析不会在Azure Kubernetes服务上检索NGINX入口的日志
[英]Azure Log Analytics don't retrieve log of NGINX Ingress on Azure Kubernetes Service
HTTPS重定向不适用于Nginx-ingress-controller的默认后端
[英]HTTPS redirect not working for default backend of nginx-ingress-controller
NGINX 入口 controller 返回 502,后端应用程序 pod 中没有日志
[英]NGINX Ingress controller returning 502 with no logs in backend application pod
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
nginx 入口没有 controller 服务
NGINX Ingress Controller 和默认后端为 nginx 服务的 Ingress 有什么区别?
NGINX入口控制器的默认后端
nginx入口:无法重定向到后端服务
Kubernetes nginx 入口找不到后端服务
更新 ingress-nginx-controller ConfigMap 以将客户端 IP 传递给后端服务
Azure日志分析不会在Azure Kubernetes服务上检索NGINX入口的日志
HTTPS重定向不适用于Nginx-ingress-controller的默认后端
NGINX 入口 controller 返回 502,后端应用程序 pod 中没有日志
Nginx 入口找不到服务
相关标签