Nginx入口控制器无法到达后端服务? [英] nginx ingress controller don't reach backend service?
问题描述
我目前正在尝试通过入口控制器公开kubernetes服务,但是我似乎不能这样做吗?
I am currently trying to expose an kubernetes service via an ingress controller, but I cannot seem to so? Who some odd reason does the host/path never resolve to the clusterIp and port that I want to use, eventhough this should have been resolved via my ingress controller and the ressource?...
apiVersion: v1
kind: Service
metadata:
name: hello-kubernetes
spec:
type: LoadBalancer
ports:
- port: 80
targetPort: 8080
selector:
app: hello-kubernetes
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: hello-kubernetes
spec:
replicas: 3
selector:
matchLabels:
app: hello-kubernetes
template:
metadata:
labels:
app: hello-kubernetes
spec:
containers:
- name: hello-kubernetes
image: paulbouwer/hello-kubernetes:1.5
ports:
- containerPort: 8080
---
apiVersion: v1
kind: ConfigMap
metadata:
name: nginx-ingress-controller-conf
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: nginx-ingress-controller
namespace: default
spec:
replicas: 1
revisionHistoryLimit: 3
template:
metadata:
labels:
app: nginx-ingress-lb
spec:
terminationGracePeriodSeconds: 60
serviceAccount: nginx
containers:
- name: nginx-ingress-controller
image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.9.0
imagePullPolicy: Always
readinessProbe:
httpGet:
path: /healthz
port: 10254
scheme: HTTP
livenessProbe:
httpGet:
path: /healthz
port: 10254
scheme: HTTP
initialDelaySeconds: 10
timeoutSeconds: 5
args:
- /nginx-ingress-controller
- --default-backend-service=$(POD_NAMESPACE)/default-backend-service
- --configmap=$(POD_NAMESPACE)/nginx-ingress-controller-conf
- --v=2
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
ports:
- name: http
containerPort: 80
- name: https
containerPort: 443
---
apiVersion: v1
kind: Service
metadata:
name: nginx-ingress
spec:
type: NodePort
ports:
- port: 80
targetPort: 80
name: http
- port: 443
targetPort: 443
name: https
selector:
app: nginx-ingress
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: nginx
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: nginx-role
rules:
- apiGroups:
- ""
resources:
- configmaps
- endpoints
- nodes
- pods
- secrets
verbs:
- list
- watch
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- apiGroups:
- ""
resources:
- services
verbs:
- get
- list
- update
- watch
- apiGroups:
- extensions
resources:
- ingresses
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
- apiGroups:
- extensions
resources:
- ingresses/status
verbs:
- update
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: nginx-role
namespace: default
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: nginx-role
subjects:
- kind: ServiceAccount
name: nginx
namespace: default
---
#Ingress ressource
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: ingress-hello
spec:
rules:
- host: dev.hello.com
http:
paths:
- backend:
serviceName: hello-kubernetes
servicePort: 80
---
##Default backend
apiVersion: v1
kind: Service
metadata:
name: default-backend-service
labels:
app: default-backend
spec:
ports:
- port: 80
protocol: TCP
targetPort: 8080
selector:
app: default-backend
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: default-backend
labels:
app: default-http-backend
spec:
selector:
matchLabels:
app: default-backend
serviceName: default-backend-service
replicas: 2
template:
metadata:
labels:
app: default-backend
spec:
terminationGracePeriodSeconds: 60
containers:
- name: default-backend
image: gcr.io/google_containers/defaultbackend:1.0
livenessProbe:
httpGet:
path: /healthz
port: 8080
scheme: HTTP
initialDelaySeconds: 30
timeoutSeconds: 5
ports:
- containerPort: 8080
resources:
limits:
cpu: 10m
memory: 20Mi
requests:
cpu: 10m
memory: 20Mi
---
我尝试制作MVP-但由于某些原因,我无法解析路径dev.hello.com
我想用它来告诉入口我想连接到哪个服务...但是由于某种原因,它永远都无法解析为ip地址-它似乎没有命中任何东西?
I tried to make an MVP - but for some reason I can't resolve the path dev.hello.com
I want to use that to tell the ingress which service I want to connect to... but for some reason this never resolves to an ip address - it does not seem to hit anything?
为什么?这是设置不正确吗?
Why? Is this incorrectly setup?
推荐答案
很难理解您到底想要什么.您应该更加精确地确定自己想要的东西.
It's hard to understand what you exactly wants. You should be more precise what you exactly wants.
1..通过ClusterIP进入.
1. Ingress with ClusterIP.
就像Arghya Sadhu写道,在使用Ingress时,您无需指定
Like Arghya Sadhu wrote, as you are using Ingress you don't need to specify LoadBalancer.
2.通过NodePort
请记住,您也可以将NodePort与Ingress一起使用.可以在此处.
Keep in mind that you can also use NodePort with Ingress. Good explenation and example can be found here.
3..入口YAML 根据官方 Kubernetes文档,最小的Ingress资源看起来像:
3. Ingress YAML As per official Kubernetes Docs minimal Ingress resources looks like:
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: test-ingress
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- http:
paths:
- path: /testpath
backend:
serviceName: test
servicePort: 80
在您的Ingress中找不到spec.rules.http.paths.path.
In your Ingress I couldn't find spec.rules.http.paths.path.
4. LoadBalancer的IP地址
4. IP of LoadBalancer
同样重要的是您在哪里拥有集群.如果您正在使用On-Prem(例如GKE,AWS,AZURE等),则LoadBalancer将自动获取externalIP,这使您可以从外部连接到群集.但是,如果您使用本地计算机,则需要使用 MetalLB .
Also very important is where are you have your cluster. If you are using On-Prem like GKE, AWS, AZURE, etc. your LoadBalancer will automatically get externalIP which allow you to connect to your cluster from outside. However, if you are using local machine you will need to use MetalLB.
此外,请查看有关使用服务将前端连接到后端.
还请检查本教程,可能会对您有所帮助.
Also please check this tutorial, it might help you.
这篇关于Nginx入口控制器无法到达后端服务?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
