Google Cloud Kubernetes入口静态IP地址未反映并且与设置不同 [英] Google Cloud Kubernetes Ingress Static IP address not reflected and different from setup
问题描述
我正在尝试使用GKE在Google Cloud上部署完整的Web应用程序(后端为nodejs,前端为angular).然后为它启用SSL.
I am trying to deploy a complete web application using GKE on Google Cloud (backend as nodejs, and frontend angular). Then enable SSL for it afterward.
我创建了一个全局IP地址(然后在列表中看到了它): gcloud计算地址创建mathbux-static-ip --global
I created a global IP address (And saw it in the list afterward): gcloud compute addresses create mathbux-static-ip --global
之后,我同时部署了后端和前端-容器和yaml文件.
After that I have deployed both my backend and frontend - containers and yaml files.
这里的问题是,反映在入口控制器上的IP地址来自任何地方,并且与我设置的IP地址不同(我刚才在上面设置的静态IP地址).
The problem here is that the IP address reflected on the ingress controller comes from nowhere, and is different from what I set it to (the static IP address I just made above).
我遵循以下有关在GKE上安装Nginx-ingress设置的准则: https://kubernetes.github.io/ingress-nginx/deploy/#gce-gke
I have followed the guidelines of how to install Nginx-ingress setup on GKE by following this: https://kubernetes.github.io/ingress-nginx/deploy/#gce-gke
kubectl create clusterrolebinding cluster-admin-binding \
--clusterrole cluster-admin \
--user $(gcloud config get-value account)
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v0.34.1/deploy/static/provider/cloud/deploy.yaml
这是我的ingress.yaml中的一个代码段:
Here is a snippet part of my ingress.yaml:
.... truncated . . .
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: mathbux-ingress-frontend
namespace: default
annotations:
kubernetes.io/ingress.class: nginx
kubernetes.io/ingress.global-static-ip-name: "mathbux-static-ip"
networking.gke.io/managed-certificates: mathbux-ssl
nginx.ingress.kubernetes.io/rewrite-target: /
这是我的托管证书文件的摘录,如Google文档中所述:
And here's a snippet of my managed certificate file as in Google Documentation:
apiVersion: networking.gke.io/v1beta2
kind: ManagedCertificate
metadata:
name: mathbux-ssl
spec:
domains:
- mathbux.com
- www.mathbux.com
当我转到生成的IP地址时,整个应用程序运行完美,并且仅按预期工作:
The whole application works perfectly when I go to the generated IP address, and works as intended only that:
1.)IP地址不是我在ingress.yaml中创建并假定设置的特定静态全局IP地址
2.)分别,SSL也失败. (请注意,我已经将我的域名指向我手动设置的静态IP地址)
推荐答案
您正在使用的注释-kubernetes.io/ingress.global-static-ip-name
-可用于默认的GKE入口,它实际上是google负载均衡器-请参见此处的文档- https://cloud.google.com/kubernetes-engine/docs/tutorials/http -balancer .
The annotation that you are using - kubernetes.io/ingress.global-static-ip-name
- is available for default GKE ingress, which is essentially a google load balancer - see documentation here - https://cloud.google.com/kubernetes-engine/docs/tutorials/http-balancer.
但是,您要做的是部署了ingress-nginx(这是一个不同的入口提供程序),并通过kubernetes.io/ingress.class: nginx
将入口资源分配给了它,这实际上使您的静态ip注释毫无意义.
However, what you did instead is you deployed ingress-nginx (which is a different ingress provider) and assigned your ingress resource to it via kubernetes.io/ingress.class: nginx
which essentially makes your static ip annotation meaningless.
因此,您需要确定要使用哪个入口.如果要使用GKE的负载均衡器,请删除入口nginx并遵循我上面链接的默认GKE入口的文档.
So, you need to decide which ingress you want to use. If you want to use GKE's load balancer, remove ingress nginx and follow documentation for default GKE ingress that I linked above.
如果您想使用Ingress Nginx,则可以在此处找到其文档,包括ssl配置- https://kubernetes.github.io/ingress-nginx/.
If instead you want to use ingress nginx, you can find its documentation, including ssl configuration, here - https://kubernetes.github.io/ingress-nginx/.
这篇关于Google Cloud Kubernetes入口静态IP地址未反映并且与设置不同的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!