如何將 AKS 入口外部 IP 鏈接到 Azure DNS 區域?
[英]How to link AKS ingress external IP to Azure DNS zone?
問題描述
我正在嘗試將入口添加到我的 AKS 群集並將其鏈接到我購買的域,但該站點始終無法在瀏覽器中加載。 不管我是否使用 DNS 名稱的 IP 地址,都一樣失敗。
我在負載均衡器上添加了一個 DNS 區域和一個指向前端 IP 配置的條目。
這個 IP 對應於 ingress 的外部 IP。
我還可以運行 curl 請求,該請求似乎返回了我的反應應用程序的詳細信息
curl -v -k --resolve oconnorevents.co.uk:443:20.90.138.208 https://oconnorevents.co.uk
* Added oconnorevents.co.uk:443:20.90.138.208 to DNS cache
* Hostname oconnorevents.co.uk was found in DNS cache
* Trying 20.90.138.208:443...
* Connected to oconnorevents.co.uk (20.90.138.208) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: C:/Program Files/Git/mingw64/ssl/certs/ca-bundle.crt
* CApath: none
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use h2
* Server certificate:
* subject: CN=oconnorevents.co.uk; O=aks-ingress-tls
* start date: May 18 18:41:04 2021 GMT
* expire date: May 18 18:41:04 2022 GMT
* issuer: CN=oconnorevents.co.uk; O=aks-ingress-tls
* SSL certificate verify result: self signed certificate (18), continuing anyway.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x1c41bb41a30)
> GET / HTTP/2
> Host: oconnorevents.co.uk
> user-agent: curl/7.75.0
> accept: */*
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
* Connection state changed (MAX_CONCURRENT_STREAMS == 128)!
< HTTP/2 200
< date: Tue, 18 May 2021 22:31:05 GMT
< content-type: text/html
< content-length: 3179
< last-modified: Tue, 18 May 2021 19:15:59 GMT
< etag: "60a4126f-c6b"
< accept-ranges: bytes
< strict-transport-security: max-age=15724800; includeSubDomains
<
<!doctype html><html lang="en"><head><meta charset="utf-8"/><link rel="icon" href="/favicon.ico"/><meta name="viewport" content="width=device-width,initial-scale=1"/><meta name="theme-color" content="#000000"/><meta name="description" content="Web site created using create-react-app"/><link rel="apple-touch-icon" href="/logo192.png"/><link rel="manifest" href="/manifest.json"/><link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap"/><title>React App</title><link href="/static/css/main.6dea0f05.chunk.css" rel="stylesheet"></head><body><noscript>You need to enable JavaScript to run this app.</noscript><div id="root"></div><script>!function(e){function r(r){for(var n,a,i=r[0],c=r[1],l=r[2],s=0,p=[];s<i.length;s++)a=i[s],Object.prototype.hasOwnProperty.call(o,a)&&o[a]&&p.push(o[a][0]),o[a]=0;for(n in c)Object.prototype.hasOwnProperty.call(c,n)&&(e[n]=c[n]);for(f&&f(r);p.length;)p.shift()();return u.push.apply(u,l||[]),t()}function t(){for(var e,r=0;r<u.length;r++){for(var t=u[r],n=!0,i=1;i<t.length;i++){var c=t[i];0!==o[c]&&(n=!1)}n&&(u.splice(r--,1),e=a(a.s=t[0]))}return e}var n={},o={1:0},u=[];function a(r){if(n[r])return n[r].exports;var t=n[r]={i:r,l:!1,exports:{}};return e[r].call(t.exports,t,t.exports,a),t.l=!0,t.exports}a.e=function(e){var r=[],t=o[e];if(0!==t)if(t)r.push(t[2]);else{var n=new Promise((function(r,n){t=o[e]=[r,n]}));r.push(t[2]=n);var u,i=document.createElement("script");i.charset="utf-8",i.timeout=120,a.nc&&i.setAttribute("nonce",a.nc),i.src=function(e){return a.p+"static/js/"+({}[e]||e)+"."+{2:"edb3d180",4:"2f2d3220",5:"40109260"}[e]+".chunk.js"}(e);var c=new Error;u=function(r){i.onerror=i.onload=null,clearTimeout(l);var t=o[e];if(0!==t){if(t){var n=r&&("load"===r.type?"missing":r.type),u=r&&r.target&&r.target.src;c.message="Loading chunk "+e+" failed.\n("+n+": "+u+")",c.name="ChunkLoadError",c.type=n,c.request=u,t[1](c)}o[e]=void 0}};var l=setTimeout((function(){u({type:"timeout",target:i})}),12e4);i.onerror=i.onload=u,document.head.appendChild(i)}return Promise.all(r)},a.m=e,a.c=n,a.d=function(e,r,t){a.o(e,r)||Object.defineProperty(e,r,{enumerable:!0,get:t})},a.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},a.t=function(e,r){if(1&r&&(e=a(e)),8&r)return e;if(4&r&&"object"==typeof e&&e&&e.__esModule)return e;var t=Object.create(null);if(a.r(t),Object.defineProperty(t,"default",{enumerable:!0,value:e}),2&r&&"string"!=typeof e)for(var n in e)a.d(t,n,function(r){return e[r]}.bind(null,n));return t},a.n=function(e){var r=e&&e.__esModule?function(){return e.default}:function(){return e};return a.d(r,"a",r),r},a.o=function(e,r){return Object.prototype.hasOwnProperty.call(e,r)},a.p="/",a.oe=function(e){throw console.error(e),e};var i=this["webpackJsonpoconnorevents.react"]=this["webpackJsonpoconnorevents.react"]||[],c=i.push.bind(i);i.push=r,i=i.slice();for(var l=0;l<i.length;l++)r(i[l]);var f=c;t()}([])</script><script src="/static/js/3.5e3399a8.chunk.js"></script><script src="/static/js/main.8eab695a.chunk.js"></script></body></html>* Connection #0 to host oconnorevents.co.uk left intact
這是我的入口的詳細信息
Name: ingress
Namespace: default
Address: 20.90.138.208
Default backend: default-http-backend:80 (<error: endpoints "default-http-backend" not found>)
TLS:
aks-ingress-tls terminates oconnorevents.co.uk
Rules:
Host Path Backends
---- ---- --------
oconnorevents.co.uk
/(.*) svc-oconnorevents-react:80 (10.244.0.41:80)
Annotations: kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/rewrite-target: /$2
nginx.ingress.kubernetes.io/use-regex: true
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Sync 0s (x2 over 23s) nginx-ingress-controller Scheduled for sync
Normal Sync 0s (x2 over 23s) nginx-ingress-controller Scheduled for sync
這是我入口的.yaml ...
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ingress
namespace: default
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/use-regex: "true"
nginx.ingress.kubernetes.io/rewrite-target: /$2
spec:
tls:
- hosts:
- oconnorevents.co.uk
secretName: aks-ingress-tls
rules:
- host: oconnorevents.co.uk
http:
paths:
- path: /(.*)
pathType: Prefix
backend:
service:
name: svc-oconnorevents-react
port:
number: 80
這就是它指向的服務和應用程序
apiVersion: v1
kind: Service
metadata:
name: svc-oconnorevents-react
labels:
version: dev
product: oconnorevents-react
spec:
selector:
app: oconnorevents-react
type: ClusterIP
ports:
- port: 80
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: dep-oconnorevents-react
spec:
replicas: 1
selector:
matchLabels:
app: oconnorevents-react
template:
metadata:
labels:
app: oconnorevents-react
spec:
containers:
- name: oconnorevents-react
image: oconnorevents.azurecr.io/oconnoreventsreact:#{Build.BuildId}#
ports:
- containerPort: 80
resources:
limits:
cpu: "0.10"
imagePullSecrets:
- name: acr-secret
我覺得我很接近但我哪里錯了?
1 個解決方案
解決方案1
0 2021-05-20 12:32:20
通過瀏覽器訪問時遇到什么樣的錯誤?
curl 請求成功,因為您使用“-k”顯式忽略了自簽名證書。
如何在 Azure AKS 上的一個入口控制器上創建多個負載均衡器 IP 地址
[英]how to create multiple loadbalancer ip addresses on one ingress controller on Azure AKS
入口規則無法解析 Azure AKS 上的后端服務器 IP 地址
[英]Ingress rule cannot resolve the backend server ip address on Azure AKS
Azure Kubernetes 服務,AKS 與 terraform,私有 ZB3BF60B851EBAEF2768B01A2F2 鏈接
[英]Azure Kubernetes Service, AKS with terraform, private dns link
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.
相關問題
如何使用 Azure 私有 DNS 設置 Aks Ingress
使用Azure AKS進入IP
Azure AKS 中公共 IP 的多個 DNS 名稱
如何將dns設置為azure aks?
如何在 Azure AKS 上的一個入口控制器上創建多個負載均衡器 IP 地址
AKS群集外部IP-適用於Python的Azure SDK
入口規則無法解析 Azure AKS 上的后端服務器 IP 地址
Azure 專用鏈接 - DNS 區域設置
Azure Kubernetes 服務,AKS 與 terraform,私有 ZB3BF60B851EBAEF2768B01A2F2 鏈接
如何查找 Azure AKS 傳出 IP
相關標簽