[英]How to test if NGINX ingress controller of K8S cluster is working correctly?
我正在尝试使用以下命令为我的集群设置一个 NGINX 入口 controller:
[root@onekube-ip-193-144-35-177 ~]# kubectl apply -f https://raw.githubusercontent.com/kube.netes/ingress-nginx/controller-v0.34.1/deploy/static/provider/baremetal/deploy.yaml
这给了我这个 output
namespace/ingress-nginx unchanged serviceaccount/ingress-nginx unchanged configmap/ingress-nginx-controller configured clusterrole.rbac.authorization.k8s.io/ingress-nginx unchanged clusterrolebinding.rbac.authorization.k8s.io/ingress-nginx unchanged role.rbac.authorization.k8s.io/ingress-nginx unchanged rolebinding.rbac.authorization.k8s.io/ingress-nginx unchanged service/ingress-nginx-controller-admission unchanged service/ingress-nginx-controller unchanged deployment.apps/ingress-nginx-controller created validatingwebhookconfiguration.admissionregistration.k8s.io/ingress-nginx-admission configured clusterrole.rbac.authorization.k8s.io/ingress-nginx-admission unchanged clusterrolebinding.rbac.authorization.k8s.io/ingress-nginx-admission unchanged job.batch/ingress-nginx-admission-create unchanged job.batch/ingress-nginx-admission-patch unchanged role.rbac.authorization.k8s.io/ingress-nginx-admission unchanged rolebinding.rbac.authorization.k8s.io/ingress-nginx-admission unchanged serviceaccount/ingress-nginx-admission unchanged
然后我使用以下命令编辑 ingress-nginx-controller 服务:
kubectl edit svc -n ingress-nginx ingress-nginx-controller
我在externalIPs下添加了K8S集群的外部IP,在spec下:
[...]
spec:
clusterIP: 10.99.1.223
externalIPs:
- 193.144.35.177
externalTrafficPolicy: Cluster
ports:
[...]
为了测试 NGINX 入口 controller 是否正常工作,我现在应该能够浏览指向 K8S 集群地址 IP 的子域(例如 prometheus.grapevine-project.eu)(由 DNS Lookup 确认),以及URL 应该包含由 NGINX 入口 controller 返回的"404 Not Found page"
,如果 controller 确实已正确设置。 但是,我目前收到"This site can't be reached prometheus.grapevine-project.eu took too long to respond."
我的 Inte.net 浏览器上的页面。
这是测试 NGINX 是否正常工作的正确/推荐方法吗? 我设置的 NGINX 入口 controller 会不会有任何问题?
聚苯乙烯
[root@onekube-ip-193-144-35-177 ~]# kubectl get svc -n ingress-nginx ingress-nginx-controller -o wide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
ingress-nginx-controller NodePort 10.105.197.205 193.144.35.177 80:30498/TCP,443:30781/TCP 14d app.kubernetes.io/component=controller,app.kubernetes.io/instance=ingress-nginx,app.kubernetes.io/name=ingress-nginx
无法通过评论对其进行故障排除,让我们通过答案来解决? 我将根据进展编辑这篇文章。
我们可以看到一个type: NodePort
服务name: ingress-nginx-controller
。
这意味着您将拥有类似的东西:
ubectl get svc ingress-nginx-controller -n ingress-nginx
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ingress-nginx-controller NodePort 10.99.1.223 193.144.35.177 80:30498/TCP,443:30781/TCP 8m40s
我可以看到在主机上的 NodePort 范围内恰好打开了 2 个端口。
PORT STATE SERVICE
30498/tcp filtered unknown
30781/tcp filtered unknown
请检查您是否能够通过 CLUSTER-IP:80 和 CLUSTER-IP:443 从集群内部访问应用程序
更新:
我刚刚复制了您的设置,就我而言,它运行良好。
$ kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v0.34.1/deploy/static/provider/baremetal/deploy.yaml
$ kubectl get all -n ingress-nginx
NAME READY STATUS RESTARTS AGE
pod/ingress-nginx-admission-create-rh2b4 0/1 Completed 0 82m
pod/ingress-nginx-admission-patch-l7ttw 0/1 Completed 0 82m
pod/ingress-nginx-controller-547b58f6cb-whrck 1/1 Running 0 82m
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/ingress-nginx-controller NodePort 10.0.12.124 <none> 80:31691/TCP,443:30114/TCP 82m
service/ingress-nginx-controller-admission ClusterIP 10.0.1.61 <none> 443/TCP 82m
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/ingress-nginx-controller 1/1 1 1 82m
NAME DESIRED CURRENT READY AGE
replicaset.apps/ingress-nginx-controller-547b58f6cb 1 1 1 82m
NAME COMPLETIONS DURATION AGE
job.batch/ingress-nginx-admission-create 1/1 6s 82m
job.batch/ingress-nginx-admission-patch 1/1 7s 82m
$ kubectl -n ingress-nginx get ep
NAME ENDPOINTS AGE
ingress-nginx-controller 10.52.0.49:80,10.52.0.49:443 82m
ingress-nginx-controller-admission 10.52.0.49:8443 82m
即使没有编辑服务,我也能够将请求从我的本地电脑发送到 K8s 集群(我的防火墙允许我这样做)。
$ curl K8S_node_IP:31691
<html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.19.1</center>
</body>
</html>
$ curl K8S_node_IP:30114
<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx/1.19.1</center>
</body>
</html>
ingress-nginx-controller
是NodePort
类型的,所以在我的例子中,不需要编辑它,因为我已经知道我的 K8s_node_IP。
为了解决您所描述的问题(服务器超时),可以执行以下操作:
kubectl
cli 轻松部署的最小容器。$ kubectl create deployment server-gog -n ingress-nginx --image=nkolchenko/enea:server_go_latest
deployment.apps/server-gog created
$ kubectl expose -n ingress-nginx deployment server-gog --type=NodePort --port=8180 --selector=app=server-gog
$ kubectl get svc -o wide -n ingress-nginx server-gog
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
server-gog NodePort 10.0.10.254 <none> 8180:32068/TCP 76s app=server-gog
### our app is avaliable at K8S_node_IP:32068 and 10.0.10.254:8180
$ curl K8S_node_IP:32068/some_string
Hello from ServerGo. You requested: /some_string
如果以上确实有效,那么问题出在您的ingress-nginx
设置中。 并且需要按组件检查它。
我会尽量回答你的两个问题,但这可能会让你在 ingress controller 完全运行之前还有更多工作要做
404
,但即使你实现了这一点,在完成整个循环之前你可能仍然会遗漏一些问题(像 SSL 终止这样的东西是最明显的陷阱,但还有更多)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.