Kubernetes ALB 入口:如何在入口资源上公开多个端口 [英] Kubernetes ALB ingress: How to expose multiple ports on ingress resource

问题描述

我正在为这个看似很常见的问题寻找解决方案.

I'm trying to find a solution for the problem that seems like something very common.

1. 我有一个 k8s 集群 ip 服务，它公开了两个端口:8088 和 60004
2. 我想在 ALB 上公开这些相同的端口，而不是使用基于路径的路由

这适用于在 8088 端口上公开一项服务:

This works for exposing one service on 8088 port:

---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: myingress
  namespace: myns
  annotations:
    kubernetes.io/ingress.class: alb
    alb.ingress.kubernetes.io/healthcheck-path: /ping
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/tags: Environment=dev,Team=test
    alb.ingress.kubernetes.io/target-type: ip
    alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 8088}]'
spec:
  rules:
    - host: myhost
      http:
        paths:
          - path: /*
            backend:
              serviceName: firstservice
              servicePort: 8088

如何使用 ONE Ingress 为两种服务实现相同的目标?

How can the same thing be achieved for both services using ONE ingress?

提前致谢.

推荐答案

最终，为了解决这个问题，我使用了 ALB 入口控制器组功能，目前处于 alpha 状态:https://github.com/kubernetes-sigs/aws-alb-ingress-controller/issues/914

Eventually, to solve this problem, I've used ALB ingress controller group feature, which is currently in alpha state: https://github.com/kubernetes-sigs/aws-alb-ingress-controller/issues/914

这是我的入口资源现在的样子:

This is how my ingress resource looks now:

---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: myingress_1
  namespace: myns
  annotations:
    kubernetes.io/ingress.class: alb
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/tags: Environment=dev,Team=test
    alb.ingress.kubernetes.io/target-type: ip
    alb.ingress.kubernetes.io/group.name: mygroup
    alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 8088}]'
spec:
  rules:
    - host: <HOST>
      http:
        paths:
          - path: /*
            backend:
              serviceName: myservice
              servicePort: 8088
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: myingress_2
  namespace: myns
  annotations:
    kubernetes.io/ingress.class: alb
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/tags: Environment=dev,Team=test
    alb.ingress.kubernetes.io/target-type: ip
    alb.ingress.kubernetes.io/group.name: mygroup
    alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 60004}]'
spec:
  rules:
    - host: <HOST>
      http:
        paths:
          - path: /*
            backend:
              serviceName: myservice
              servicePort: 60004

关键在哪里

alb.ingress.kubernetes.io/group.name: mygroup

连接这两个入口资源.

因此，我最终得到以下结果:

Therefore, I end up with following:

• 在 k8s 中具有多个(两个)端口的服务暴露在两个单独的入口资源，但它们都指向同一个 AWS ALB(因为同一个组姓名)
• 在 AWS ALB 方面，我得到一个 ALB，其中公开了两个端口:8088 和60004 并且每个都指向相同的 k8s 服务但是同一个 pod 上的不同端口(这很容易是两个不同的 k8s 服务如果需要)

这篇关于Kubernetes ALB 入口:如何在入口资源上公开多个端口的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！