[英]How to test if NGINX ingress controller of K8S cluster is working correctly?
我正在嘗試使用以下命令為我的集群設置一個 NGINX 入口 controller:
[root@onekube-ip-193-144-35-177 ~]# kubectl apply -f https://raw.githubusercontent.com/kube.netes/ingress-nginx/controller-v0.34.1/deploy/static/provider/baremetal/deploy.yaml
這給了我這個 output
namespace/ingress-nginx unchanged serviceaccount/ingress-nginx unchanged configmap/ingress-nginx-controller configured clusterrole.rbac.authorization.k8s.io/ingress-nginx unchanged clusterrolebinding.rbac.authorization.k8s.io/ingress-nginx unchanged role.rbac.authorization.k8s.io/ingress-nginx unchanged rolebinding.rbac.authorization.k8s.io/ingress-nginx unchanged service/ingress-nginx-controller-admission unchanged service/ingress-nginx-controller unchanged deployment.apps/ingress-nginx-controller created validatingwebhookconfiguration.admissionregistration.k8s.io/ingress-nginx-admission configured clusterrole.rbac.authorization.k8s.io/ingress-nginx-admission unchanged clusterrolebinding.rbac.authorization.k8s.io/ingress-nginx-admission unchanged job.batch/ingress-nginx-admission-create unchanged job.batch/ingress-nginx-admission-patch unchanged role.rbac.authorization.k8s.io/ingress-nginx-admission unchanged rolebinding.rbac.authorization.k8s.io/ingress-nginx-admission unchanged serviceaccount/ingress-nginx-admission unchanged
然后我使用以下命令編輯 ingress-nginx-controller 服務:
kubectl edit svc -n ingress-nginx ingress-nginx-controller
我在externalIPs下添加了K8S集群的外部IP,在spec下:
[...]
spec:
clusterIP: 10.99.1.223
externalIPs:
- 193.144.35.177
externalTrafficPolicy: Cluster
ports:
[...]
為了測試 NGINX 入口 controller 是否正常工作,我現在應該能夠瀏覽指向 K8S 集群地址 IP 的子域(例如 prometheus.grapevine-project.eu)(由 DNS Lookup 確認),以及URL 應該包含由 NGINX 入口 controller 返回的"404 Not Found page"
,如果 controller 確實已正確設置。 但是,我目前收到"This site can't be reached prometheus.grapevine-project.eu took too long to respond."
我的 Inte.net 瀏覽器上的頁面。
這是測試 NGINX 是否正常工作的正確/推薦方法嗎? 我設置的 NGINX 入口 controller 會不會有任何問題?
聚苯乙烯
[root@onekube-ip-193-144-35-177 ~]# kubectl get svc -n ingress-nginx ingress-nginx-controller -o wide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
ingress-nginx-controller NodePort 10.105.197.205 193.144.35.177 80:30498/TCP,443:30781/TCP 14d app.kubernetes.io/component=controller,app.kubernetes.io/instance=ingress-nginx,app.kubernetes.io/name=ingress-nginx
無法通過評論對其進行故障排除,讓我們通過答案來解決? 我將根據進展編輯這篇文章。
我們可以看到一個type: NodePort
服務name: ingress-nginx-controller
。
這意味着您將擁有類似的東西:
ubectl get svc ingress-nginx-controller -n ingress-nginx
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ingress-nginx-controller NodePort 10.99.1.223 193.144.35.177 80:30498/TCP,443:30781/TCP 8m40s
我可以看到在主機上的 NodePort 范圍內恰好打開了 2 個端口。
PORT STATE SERVICE
30498/tcp filtered unknown
30781/tcp filtered unknown
請檢查您是否能夠通過 CLUSTER-IP:80 和 CLUSTER-IP:443 從集群內部訪問應用程序
更新:
我剛剛復制了您的設置,就我而言,它運行良好。
$ kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v0.34.1/deploy/static/provider/baremetal/deploy.yaml
$ kubectl get all -n ingress-nginx
NAME READY STATUS RESTARTS AGE
pod/ingress-nginx-admission-create-rh2b4 0/1 Completed 0 82m
pod/ingress-nginx-admission-patch-l7ttw 0/1 Completed 0 82m
pod/ingress-nginx-controller-547b58f6cb-whrck 1/1 Running 0 82m
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/ingress-nginx-controller NodePort 10.0.12.124 <none> 80:31691/TCP,443:30114/TCP 82m
service/ingress-nginx-controller-admission ClusterIP 10.0.1.61 <none> 443/TCP 82m
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/ingress-nginx-controller 1/1 1 1 82m
NAME DESIRED CURRENT READY AGE
replicaset.apps/ingress-nginx-controller-547b58f6cb 1 1 1 82m
NAME COMPLETIONS DURATION AGE
job.batch/ingress-nginx-admission-create 1/1 6s 82m
job.batch/ingress-nginx-admission-patch 1/1 7s 82m
$ kubectl -n ingress-nginx get ep
NAME ENDPOINTS AGE
ingress-nginx-controller 10.52.0.49:80,10.52.0.49:443 82m
ingress-nginx-controller-admission 10.52.0.49:8443 82m
即使沒有編輯服務,我也能夠將請求從我的本地電腦發送到 K8s 集群(我的防火牆允許我這樣做)。
$ curl K8S_node_IP:31691
<html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.19.1</center>
</body>
</html>
$ curl K8S_node_IP:30114
<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx/1.19.1</center>
</body>
</html>
ingress-nginx-controller
是NodePort
類型的,所以在我的例子中,不需要編輯它,因為我已經知道我的 K8s_node_IP。
為了解決您所描述的問題(服務器超時),可以執行以下操作:
kubectl
cli 輕松部署的最小容器。$ kubectl create deployment server-gog -n ingress-nginx --image=nkolchenko/enea:server_go_latest
deployment.apps/server-gog created
$ kubectl expose -n ingress-nginx deployment server-gog --type=NodePort --port=8180 --selector=app=server-gog
$ kubectl get svc -o wide -n ingress-nginx server-gog
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
server-gog NodePort 10.0.10.254 <none> 8180:32068/TCP 76s app=server-gog
### our app is avaliable at K8S_node_IP:32068 and 10.0.10.254:8180
$ curl K8S_node_IP:32068/some_string
Hello from ServerGo. You requested: /some_string
如果以上確實有效,那么問題出在您的ingress-nginx
設置中。 並且需要按組件檢查它。
我會盡量回答你的兩個問題,但這可能會讓你在 ingress controller 完全運行之前還有更多工作要做
404
,但即使你實現了這一點,在完成整個循環之前你可能仍然會遺漏一些問題(像 SSL 終止這樣的東西是最明顯的陷阱,但還有更多)
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.