堆棧內存溢出
  簡體   English   中英

Kube.netes:無法配置 Nginx Ingress 訪問內部服務

[英]Kubernetes: Unable to configure Nginx Ingress to access an internal service

 原文  2021-08-20 01:33:46       docker/ kubernetes/ nginx-ingress

問題描述

我正在按照教程訪問在服務后面的 Kube.netes集群內運行的pod 此 Kube.netes 集群在 Windows 10 上運行,使用桌面 Docker(通過啟用 Kube.netes 選項)

我無法使用此https://local.ticket.dev/api/users/currentuser訪問它,它總是說“無法訪問站點:local.ticket.dev 意外關閉了連接。”

我已禁用重定向,但它仍將HTTP重定向到HTTPs

Request URL: http://local.ticket.dev/api/users/currentuser
Request Method: GET
Status Code: 307 Internal Redirect
Referrer Policy: strict-origin-when-cross-origin

Location: https://local.ticket.dev/api/users/currentuser
Non-Authoritative-Reason: HSTS

這是視覺上我想要的

Kubernetes Nginx 入口

kubectl 獲取

NAME              CLASS    HOSTS              ADDRESS   PORTS   AGE
ingress-service   <none>   local.ticket.dev             80      29s

kubectl get services請注意它在本地機器 windows 10 和 Docker 桌面上運行。 並且 LoadBalancer外部IP 即使在 6 小時后也始終保持掛起狀態

NAME                                       TYPE           CLUSTER-IP       EXTERNAL-IP   PORT(S)                      AGE
auth-srv                                   ClusterIP      10.96.254.94     <none>        3000/TCP                     45s
kubernetes                                 ClusterIP      10.96.0.1        <none>        443/TCP                      5h17m
nginx-ingress-1629401528-controller        LoadBalancer   10.110.199.210   <pending>     80:31430/TCP,443:32346/TCP   5h13m
nginx-ingress-1629401528-default-backend   ClusterIP      10.108.79.252    <none>        80/TCP                       5h13m

kubectl 獲取 pod

NAME                                                        READY   STATUS    RESTARTS   AGE
auth-depl-c98cdf66f-txqxt                                   1/1     Running   0          54s
nginx-ingress-1629401528-controller-569576ddbd-2htxz        1/1     Running   0          5h13m
nginx-ingress-1629401528-default-backend-69c7fc6549-xxf8w   1/1     Running   0          5h13m

我的配置方式如下

1 - 通過以下命令安裝 Nginx

helm install stable/nginx-ingress --generate-name

2 - 腳手架開發

Listing files to watch...
 - billo/ticket_auth
Generating tags...
 - billo/ticket_auth -> billo/ticket_auth:latest
Some taggers failed. Rerun with -vdebug for errors.
Checking cache...
 - billo/ticket_auth: Found Locally
Starting test...
Tags used in deployment:
 - billo/ticket_auth -> billo/ticket_auth:d869228....
Starting deploy...
 - deployment.apps/auth-depl created
 - service/auth-srv created
 - ingress.networking.k8s.io/ingress-service created
Waiting for deployments to stabilize...
 - deployment/auth-depl is ready.
Deployments stabilized in 2.302 seconds
Waiting for deployments to stabilize...
Deployments stabilized in 6.9904ms
Press Ctrl+C to exit
Watching for changes...
[auth]
[auth] > auth@1.0.0 start
[auth] > ts-node-dev --poll src/index.ts
[auth]
[auth] [INFO] 00:59:23 ts-node-dev ver. 1.1.8 (using ts-node ver. 9.1.1, typescript ver. 4.3.5)
[auth] Auth!!!! listen to 3000 port

如果我查看最后一行,我的 Auth Pod 似乎正在 3000 端口上運行。

auth-depl.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: auth-depl
spec:
  replicas: 1
  selector:
    matchLabels:
      app: auth
  template:
    metadata:
      labels:
        app: auth
    spec:
      containers:
        - name: auth
          image: billo/ticket_auth
          imagePullPolicy: Never
---
apiVersion: v1
kind: Service
metadata:
  name: auth-srv
spec:
  selector:
    app: auth
  ports:
    - name: auth
      protocol: TCP
      port: 3000
      targetPort: 3000

入口-srv.yaml

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: ingress-service
  annotations:
    kubernetes.io/ingress.class: nginx
    nginx.ingress.kubernetes.io/use-regex: "true"
    nginx.ingress.kubernetes.io/ssl-redirect: "false"
spec:
  rules:
    - host: local.ticket.dev
      http:
        paths:
          - path: /api/users/?(.*)
            pathType: Prefix
            backend:
              service:
                name: auth-srv
                port:
                  number: 3000

Host文件中的配置

# Added by Docker Desktop
127.0.0.1 host.docker.internal
127.0.0.1 gateway.docker.internal
# To allow the same kube context to work on the host and the container:
127.0.0.1 kubernetes.docker.internal
# End of section
127.0.0.1 ingress.local
127.0.0.1 local.ticket.dev

1 個解決方案

解決方案1
 0  2021-08-20 03:48:49

首先首先禁用 HTTPS 重定向

nginx.ingress.kubernetes.io/ssl-redirect: "false"

在入口添加注解

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: ingress-service
  annotations:
    kubernetes.io/ingress.class: nginx
    nginx.ingress.kubernetes.io/use-regex: "true"
    nginx.ingress.kubernetes.io/ssl-redirect: "false"
spec:
  rules:
    - host: local.ticket.dev
      http:
        paths:
          - path: /api/users/?(.*)
            pathType: Prefix
            backend:
              service:
                name: auth-srv
                port:
                  number: 3000

您是否為 Nginx controller svc 獲取了外部 IP? 當您在本地系統上時,它顯示為待處理。

您可能還需要將條目添加到主機文件中

手動將入口的主機名添加到/etc/hosts

127.0.0.1     ingress.local
127.0.0.1     local.ticket.dev
OR 

Host IP       local.ticket.dev

暫無
暫無

聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.

相關問題 無法使用 Ingress Kubernetes 連接到服務 通過 Kubernetes 上的 nginx 入口中的服務公開容器中的基本路徑 如何從客戶端訪問使用 Nginx Ingress+Kubernetes 托管的 MySql Ingress 在 Kubernetes v1.21.5 中找不到后端服務 遠程訪問 Kubernetes 入口 Kubernetes Nginx 未找到入口“ingress-nginx-admission” 無法從 kube.netes 主節點訪問服務 Kubernetes ingress-nginx從非默認命名空間調用服務 使用 ingress-nginx 在 kube.netes 中提供 static 個資產 Nginx 入口 Controller 返回 404 Kubernetes
相關標簽
 
粵ICP備18138465號  © 2020-2024 STACKOOM.COM