GKE负载平衡器连接被拒绝 [英] GKE Load Balancer Connection Refused
问题描述
我正在尝试在GKE上设置我的应用,并使用内部负载平衡器进行公共访问.我能够部署群集/负载平衡器服务而没有任何问题,但是当我尝试访问负载平衡器的外部ip地址时,连接被拒绝,并且我不确定什么是错误的/如何调试它.>
这些是我执行的步骤:
我通过 kubectl apply -f file.yaml
应用了部署 yaml
文件,然后,我将负载均衡器服务 yaml
文件应用于 kubectl apply -f service.yaml
.部署完这两项之后,我做了 kubectl get service
来从负载均衡器中获取外部IP地址.
这是我的 deployment.yaml
文件:
apiVersion:apps/v1种类:部署元数据:名称:my-app规格:复制品:1选择器:matchLabels:应用:我的应用模板:元数据:标签:应用:我的应用规格:容器:-名称:my-app-api图片:gcr.io/...端口:-containerPort:8000资源:要求:内存:"250M"cpu:"250m"限制:内存:"1G"cpu:"500m"-名称:my-app图片:gcr.io/...端口:-containerPort:3000资源:要求:内存:"250M"cpu:"250m"限制:内存:"1G"cpu:"500m"
这是我的 service.yaml
文件:
apiVersion:v1种类:服务元数据:名称:my-app-ilb注释:cloud.google.com/load-balancer-type:内部"标签:应用程式:my-app-ilb规格:类型:LoadBalancer选择器:应用:我的应用端口:-端口:3000targetPort:3000协议:TCP
我的部署文件有两个容器;后端api和前端.我想发生的是,我应该能够继续使用 [外部IP地址]:3000
并查看我的Web应用程序.
我希望这是足够的信息;请让我知道是否还有其他我想念的东西/可以补充.
谢谢大家!
您需要通过创建防火墙规则来允许流量流入群集.
gcloud计算防火墙规则创建my-rule --allow = tcp:3000
删除此注释:
批注:cloud.google.com/load-balancer-type:内部"
您需要外部负载均衡器.
I am trying to set up my app on GKE and use an internal load balancer for public access. I am able to deploy the cluster / load balancer service without any issues, but when I try to access the external ip address of the load balancer, I get Connection Refused and I am not sure what is wrong / how to debug this.
These are the steps I did:
I applied my deployment yaml
file via kubectl apply -f file.yaml
then after, I applied my load balancer service yaml
file with kubectl apply -f service.yaml
. After both were deployed, I did kubectl get service
to fetch the External IP Address from the Load Balancer.
Here is my deployment.yaml
file:
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-app
spec:
replicas: 1
selector:
matchLabels:
app: my-app
template:
metadata:
labels:
app: my-app
spec:
containers:
- name: my-app-api
image: gcr.io/...
ports:
- containerPort: 8000
resources:
requests:
memory: "250M"
cpu: "250m"
limits:
memory: "1G"
cpu: "500m"
- name: my-app
image: gcr.io/...
ports:
- containerPort: 3000
resources:
requests:
memory: "250M"
cpu: "250m"
limits:
memory: "1G"
cpu: "500m"
and here is my service.yaml
file:
apiVersion: v1
kind: Service
metadata:
name: my-app-ilb
annotations:
cloud.google.com/load-balancer-type: "Internal"
labels:
app: my-app-ilb
spec:
type: LoadBalancer
selector:
app: my-app
ports:
- port: 3000
targetPort: 3000
protocol: TCP
My deployment file has two containers; a backend api and a frontend. What I want to happen is that I should be able to go on [external ip address]:3000
and see my web app.
I hope this is enough information; please let me know if there is anything else I may be missing / can add.
Thank you all!
You need to allow traffic to flow into your cluster by creating firewall rule.
gcloud compute firewall-rules create my-rule --allow=tcp:3000
Remove this annotation :
annotations:
cloud.google.com/load-balancer-type: "Internal"
You need external Load Balancer.
这篇关于GKE负载平衡器连接被拒绝的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!