Kubernetes ALB入口:如何在入口资源上公开多个端口 [英] Kubernetes ALB ingress: How to expose multiple ports on ingress resource

问题描述

我正在尝试解决似乎很常见的问题的解决方案.

I'm trying to find a solution for the problem that seems like something very common.

1. 我有一个k8s集群ip服务，它公开了两个端口:8088和60004
2. 我想在ALB上公开这些相同的端口，而不使用基于路径的路由

这适用于在8088端口上公开一项服务:

This works for exposing one service on 8088 port:

---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: myingress
  namespace: myns
  annotations:
    kubernetes.io/ingress.class: alb
    alb.ingress.kubernetes.io/healthcheck-path: /ping
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/tags: Environment=dev,Team=test
    alb.ingress.kubernetes.io/target-type: ip
    alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 8088}]'
spec:
  rules:
    - host: myhost
      http:
        paths:
          - path: /*
            backend:
              serviceName: firstservice
              servicePort: 8088

如何使用一个入口对两种服务实现相同的目的?

How can the same thing be achieved for both services using ONE ingress?

谢谢.

推荐答案

最终，为了解决此问题，我使用了ALB入口控制器组功能，该功能当前处于Alpha状态: https://github.com/kubernetes-sigs/aws-alb-ingress-controller/issues/914

Eventually, to solve this problem, I've used ALB ingress controller group feature, which is currently in alpha state: https://github.com/kubernetes-sigs/aws-alb-ingress-controller/issues/914

这是我的入口资源现在的样子:

This is how my ingress resource looks now:

---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: myingress_1
  namespace: myns
  annotations:
    kubernetes.io/ingress.class: alb
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/tags: Environment=dev,Team=test
    alb.ingress.kubernetes.io/target-type: ip
    alb.ingress.kubernetes.io/group.name: mygroup
    alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 8088}]'
spec:
  rules:
    - host: <HOST>
      http:
        paths:
          - path: /*
            backend:
              serviceName: myservice
              servicePort: 8088
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: myingress_2
  namespace: myns
  annotations:
    kubernetes.io/ingress.class: alb
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/tags: Environment=dev,Team=test
    alb.ingress.kubernetes.io/target-type: ip
    alb.ingress.kubernetes.io/group.name: mygroup
    alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 60004}]'
spec:
  rules:
    - host: <HOST>
      http:
        paths:
          - path: /*
            backend:
              serviceName: myservice
              servicePort: 60004

关键是

alb.ingress.kubernetes.io/group.name: mygroup

连接这两个入口资源.

因此，我最终得到以下结果:

Therefore, I end up with following:

• 在k8中具有多个(两个)端口的服务，其中暴露有两个单独的入口 资源，但它们都指向同一个AWS ALB(因为同一个组 名称)
• 在AWS ALB方面，我得到一个带有两个端口的ALB:8088和 60004，它们每个都指向相同的k8s服务，但是 同一Pod上的不同端口(这很可能是两个不同的k8s服务 如果需要的话)

• Service with multiple (two) ports in k8s exposed with two separate ingress resources but they both point to the same AWS ALB (because of the same group name)
• On the AWS ALB side, I get one ALB with two ports exposed: 8088 and 60004 and each of them points to same k8s service but different port on the same pod (this could easily be two different k8s services if that was needed)

这篇关于Kubernetes ALB入口:如何在入口资源上公开多个端口的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！