外部请求通过Ingress进入k8s pod的确切流程图是什么? [英] What's the exactly flow chart of an outside request comes into k8s pod via Ingress?
问题描述
全部
-
我非常了解k8s在服务中的nodePort和ClusterIP类型.
I knew well about k8s' nodePort and ClusterIP type in services.
但是我对Ingress方式感到非常困惑,因为通过这种Ingress方式,请求将如何进入k8s的Pod中?
But I am very confused about the Ingress way, because how will a request come into a pod in k8s by this Ingress way?
假设在设置Ingress之后,K8的主IP为 1.2.3.4 ,并且可以通过端口(例如, 9000 )
Suppose K8s master IP is 1.2.3.4, after Ingress setup, and can connect to backend service(e.g, myservice) with a port(e.g, 9000)
现在,我如何在外面访问此 myservice:9000 ?即通过 1.2.3.4 ?由于 1.2.3.4 计算机上没有进入端口.
Now, How can I visit this myservice:9000 outside? i.e, through 1.2.3.4? As there's no entry port on the 1.2.3.4 machine.
许多文档总是说是通过在入口YAML文件中配置的"foo.com"来访问此文件的.但这确实很有趣,因为 xxx.com 确实需要DNS,让您重新发明任何您想成为真实网站的 xxx.com 并不是魔术.将您的 xxx.com 映射到您的计算机!
And many docs always said visit this via 'foo.com' configed in the ingress YAML file. But that is really funny, because xxx.com definitely needs DNS, it's not a magic to let you new-invent any xxx.com you like be a real website and can map your xxx.com to your machine!
推荐答案
图片的关键部分是可以是nginx或haproxy或其他入口类型)并在集群内部运行.它充当入口点,使您可以添加更复杂的路由规则.它读取与应用程序一起部署的入口资源并定义了路由规则.这样,每个应用程序都可以说出Ingress Controller路由到该应用程序需要执行的操作.
The key part of the picture is the Ingress Controller. It's an instance of a proxy (could be nginx or haproxy or another ingress type) and runs inside the cluster. It acts as an entrypoint and lets you add more sophisticated routing rules. It reads Ingress Resources that are deployed with apps and which define the routing rules. This allows each app to say what the Ingress Controller needs to do for routing to it.
由于控制器在集群内部运行,因此需要将其暴露给外界.您可以通过NodePort进行此操作,但是如果您使用的是云提供商,则使用LoadBalancer更为常见.这为您提供了一个到达Ingress控制器的外部IP和端口,您可以在其中指向DNS条目.如果确实将DNS指向它,那么您可以选择使用基于DNS的路由规则(例如为不同的应用程序使用不同的子域).
Because the controller runs inside the cluster, it needs to be exposed to the outside world. You can do this by NodePort but if you're using a cloud provider then it's more common to use LoadBalancer. This gives you an external IP and port that reaches the Ingress controller and you can point DNS entries at that. If you do point DNS at it then you have the option to use routing rules base on DNS (such as using different subdomains for different apps).
The article 'Kubernetes NodePort vs LoadBalancer vs Ingress? When should I use what?' has some good explanations and diagrams - here's the diagram for Ingress:
这篇关于外部请求通过Ingress进入k8s pod的确切流程图是什么?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
