从应用程序引擎连接到kubernetes引擎 [英] Connect to kubernetes engine from app engine
问题描述
我们想使用App Engine灵活的流程来更新我们的ElasticSearch索引,该索引位于Google Kubernetes Engine上.我们需要通过http地址连接到ElasticSearch.推荐的方法是什么?我们不希望将群集公开给外部网络,因为我们前面没有身份验证.
We want to use an app engine flexible process to update our ElasticSearch index, which is on Google Kubernetes Engine. We need to connect to ElasticSearch via a http(s) address. What's the recommended way to do this? We don't want to expose the cluster to the external networks since we don't have authentication in front of it.
我已经看到了此 SO帖子,但自问题/答案以来的两年中,k8和AE都发生了很大变化.
I've seen this SO post but both k8s and AE have changed a lot in the 2 years since the question/answer.
感谢您的帮助!
推荐答案
您链接到的帖子是有关App Engine Standard的. App Engine Flex建立在Google Compute Engine虚拟机和Google Kubernetes Engine群集所使用的同一Google Cloud网络之上.只要将App Engine flex应用程序放入与Google Kubernetes Engine群集相同的VPC中,您就应该能够使用内部网络在它们之间进行通信.
The post you linked to was about App Engine Standard. App Engine Flex is built on top of the same Google Cloud networking that is used by Google Compute Engine virtual machines and Google Kubernetes Engine clusters. As long as you put the App Engine flex application into the same VPC as the Google Kubernetes Engine cluster you should be able to communicate between them using internal networking.
另一方面,要将Kubernetes服务公开给在群集外部运行的任何内容,则需要修改该服务以进行弹性搜索,因为默认情况下,只能从群集内部访问Kubernetes服务(由于服务IP是通过IPTables Magic分配和访问的).您需要公开"服务,而不是通过外部负载均衡器将其公开给Internet,而是使用内部负载均衡器将其公开给VPC.请参见 https://cloud.google.com/kubernetes -engine/docs/how-to/internal-load-balancing .
On the other hand, to expose a Kubernetes service to anything running outside of the cluster will require you to modify the service for Elastic search because by default Kubernetes services are only reachable from inside of the cluster (due to the way that the service IPs are allocated and reached via IPTables magic). You need to "expose" the service, but rather than exposing it to the internet via an external load balancer, you expose it to the VPC using an internal load balancer. See https://cloud.google.com/kubernetes-engine/docs/how-to/internal-load-balancing.
这篇关于从应用程序引擎连接到kubernetes引擎的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
