如何使用MetalLB配置k8s反向代理服务 [英] How to configure a k8s reverse proxy service with MetalLB
问题描述
我需要从端口80到达jupyter-lab,并将k8s配置重定向到8888.这是我自己设定的知识,以了解k8s联网,并且还可以运行jupyter-lab.
I'd need to reach jupyter-lab from port 80 and have the k8s configuration redirect to 8888. This is a problem I have set myself to learn about k8s networking, and also get a jupyter-lab running.
这是MetalLB配置图.本地DNS解析"jupyter-lab.k8s.home".这些IP地址
Here is the MetalLB config map. Local DNS resolves "jupyter-lab.k8s.home" to these ip addresses
---
apiVersion: v1
kind: ConfigMap
metadata:
namespace: metallb-system
name: config
data:
config: |
address-pools:
- name: default
protocol: layer2
addresses:
- 10.10.10.24-10.10.10.26
这是我的LoadBalancer指向入口控制器,这不是公开端口80并重定向到目标8888吗?
Here is my LoadBalancer pointing to the ingress controller, is this not exposing port 80 and redirecting to the target 8888 ?
---
apiVersion: v1
kind: Service
metadata:
name: jupyter-lab-lb
namespace: default
spec:
type: LoadBalancer
ports:
- port: 80
targetPort: 8888
selector:
app: jupyter-lab-ingress
这是我的入口控制器,它是否正确配置了带有指向CIP的入口对象?
This is my ingress controller, is it correctly configured the with ingress object pointing to the CIP ?
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: jupyter-lab-ingress
annotations:
# nginx.ingress.kubernetes.io/rewrite-target: /
nginx.ingress.kubernetes.io: /
spec:
rules:
- host: jupyter-lab.k8s.home
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: jupyter-lab-cip
port:
number: 8888
这是针对我的jupyer-lab部署的CIP
This is the CIP that targets my deployment of jupyer-lab
---
apiVersion: v1
kind: Service
metadata:
name: jupyter-lab-cip
namespace: default
spec:
type: ClusterIP
ports:
- port: 8888
targetPort: 8888
selector:
app: jupyter-lab
这是我在端口8888上运行jupyter-lab的部署
This is my deployment that is running jupyter-lab on port 8888
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: jupyter-lab-dpt
namespace: default
spec:
replicas: 1
selector:
matchLabels:
app: jupyter-lab
template:
metadata:
labels:
app: jupyter-lab
spec:
volumes:
- name: jupyter-lab-home
persistentVolumeClaim:
claimName: jupyter-lab-pvc
containers:
- name: jupyter-lab
image: docker.io/jupyter/tensorflow-notebook
ports:
- containerPort: 8888
volumeMounts:
- name: jupyter-lab-home
mountPath: /var/jupyter-lab_home
env:
- name: "JUPYTER_ENABLE_LAB"
value: "yes"
我确实看到了jupyter-lab.k8s.home:8888,但是我无法使用从 kubectl日志中获得的令牌登录-n默认jupyter-lab-dpt-dfbd554b7-bf7fk
I do see jupyter-lab.k8s.home:8888, but I can't log in with the token I get from kubectl logs -n default jupyter-lab-dpt-dfbd554b7-bf7fk
如何设置配置,以便可以浏览到 http://jupyter-lab.k8s.home?noportnumber
How do I set the configuration up so that I can browse to http://jupyter-lab.k8s.home?noportnumber
推荐答案
After you installed nginx ingress conrtoller (this is the link from your previous question) there should be a service created:
# Source: ingress-nginx/templates/controller-service.yaml
apiVersion: v1
kind: Service
metadata:
annotations:
labels:
helm.sh/chart: ingress-nginx-3.23.0
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.44.0
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller
name: ingress-nginx-controller
namespace: ingress-nginx
spec:
type: NodePort
ports:
- name: http
port: 80
protocol: TCP
targetPort: http
- name: https
port: 443
protocol: TCP
targetPort: https
selector:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/component: controller
您可以通过运行以下命令来确保它存在:
You can make sure it exists by running:
kubectl get svc -n ingress-nginx ingress-nginx-controller
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ingress-nginx-controller NodePort 10.105.157.46 <none> 80:30835/TCP,443:31421/TCP 17s
请注意,其类型为NodePort,并且您需要LoadBalancer.运行 kubectl edit svc -n ingress-nginx ingress-nginx-controller 并将 NodePort 更改为 LoadBalancer .
Notice its type is NodePort and you want LoadBalancer. Run kubectl edit svc -n ingress-nginx ingress-nginx-controller and change NodePort to LoadBalancer.
现在您应该这样做:
kubectl get svc -n ingress-nginx ingress-nginx-controller
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ingress-nginx-controller LoadBalancer 10.105.157.46 <pending> 80:30835/TCP,443:31421/TCP 83s
如果您的metalLB配置正确,则应该有一个IP代替< pending>.现在,将您的域指向该IP.
If your metalLB is configured correctly there should be an IP in place of a <pending>. Now point your domain to this IP.
您提到:本地DNS解析"jupyter-lab.k8s.home".这些IP地址.不要解析所有地址.使用分配给LB的那个.只有这个.
You mentioned that: Local DNS resolves "jupyter-lab.k8s.home" to these ip addresses. Don't resolve to all addresses. Use the one that is assigned to the LB. Only this one.
您的入口看起来不错,但是您不需要此注释.
Your ingress looks fine but you don't need this annotations.
jupyter-lab-cip服务也不错.
jupyter-lab-cip service also looks good.
我不喜欢jupyter-lab-lb服务.不用了您需要的是一个负载均衡器,但需要如前所述指向入口控制器.
I don't like the jupyter-lab-lb service. You don't need it. What you need is a load balancer but pointing to ingress controller as described earlier.
我也不知道这是什么:
selector:
app: jupyter-lab-ingress
您的deploymet没有 app:jupyter-lab-ingress 标签.Nginx入口控制器也没有(除非您添加了它,并且没有提及).因此,我不确定其背后的想法是什么,以及您试图实现的目标.无论如何,您可能不需要它.
Your deploymet doesn't have app: jupyter-lab-ingress label. Nginx ingress controller also doesn't have it (unless you added it, and didn't mention). So I am not sure what was the idea behind it and what you've tried to achieve. Anyway, you probably don't need it.
我确实看到了jupyter-lab.k8s.home:8888,但是我无法使用从kubectl日志中获得的令牌登录-n默认jupyter-lab-dpt-dfbd554b7-bf7fk
I do see jupyter-lab.k8s.home:8888, but I can't log in with the token I get from kubectl logs -n default jupyter-lab-dpt-dfbd554b7-bf7fk
我不确定这为什么行得通,因为您提供的配置不允许这样做(除非我遗漏了某事).
I am not sure why this works because the configuration you provided shouln't allow it (Unless I am missing sth).
这篇关于如何使用MetalLB配置k8s反向代理服务的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
