如何定义/使用端点从Javascript连接到Kubernetes [英] How to define/use endpoints to connect to Kubernetes from Javascript

问题描述

我对如何构造我的dockerized堆栈(在两个容器中简化以在此处获得帮助)有疑问:

• static:NGINX提供静态资源(JS/HTML).
• rest:REST Api的express.js后端.

没有Kubernetes，只是在一个节点上docker-compose， rest 只是在另一个端口上侦听，并且使用Javascript，请求转到 same_host:rest_port ，否问题在这里.

对于Kubernetes，我了解到我需要使用Kubernetes的服务名称，例如"rest"(使服务本身透明)，但是该名称只能在为静态资源提供服务的docker容器中可见. /p>

我的问题:我是否需要将流量从NGINX转发到REST Api?例如，Kubernetes是否公开了可从Javascript使用的公共服务名称?

谢谢.

解决方案

对于Kubernetes，我知道我需要使用来自 Kubernetes，类似于休息"(使服务透明化) 本身)，但该名称仅在docker容器中可见 服务静态资源.

您的理解是正确的. 只要您在集群中运行了kube-dns插件，您的服务名称(域名)就可以解析具有相同的kubernetes群集和名称空间.换句话说，正如您所说，休息"仅适用于kubernetes集群.

我的问题:我是否需要将流量从NGINX转发到REST Api? Kubernetes是否公开了可从Javascript使用的公共服务名称， 例如?

这是实现此目的的一种方法.

这种方法的

优势是，您将避免所有相同起源策略/CORS的麻烦，您的微服务(快速)身份验证详细信息将从用户的浏览器中提取出来. (这不一定是优点).

缺点是，您的后端微服务(快速)将与前端紧密耦合(反之亦然，具体取决于您的看法)，这将扩大后端从属.您的后端未暴露.因此，如果您还有其他使用者(比如说一个Android应用)，它将无法访问您的服务.

另一种解决方案

创建一个入口(并在集群中使用入口控制器)并公开您的Microservice(Express).

I have a doubt regarding how to structure my dockerized stack, simplified in two containers to get help here:

• static: NGINX serving static resources (JS/HTML).
• rest: express.js backend for the REST Api.

Without Kubernetes, just docker-compose on a node, rest is simply listening on a different port and, from Javascript, the requests go to same_host:rest_port, no problem here.

With Kubernetes, I understand that I need to use the service name from Kubernetes, something like "rest" (to make transparent the service itself), but that name would only be visible from the docker container serving the static resources.

My question: do I need to forward traffic from NGINX to the REST Api? Does Kubernetes expose a public service name usable from Javascript, for example?

Thank you.

解决方案

With Kubernetes, I understand that I need to use the service name from Kubernetes, something like "rest" (to make transparent the service itself), but that name would only be visible from the docker container serving the static resources.

Your understanding is correct. As long as you have a kube-dns add-on running in your cluster, your service name as Domain name is resolvable with in the same kubernetes cluster and namespace. In other words, as you said, "rest" will work only with in the kubernetes cluster.

My question: do I need to forward traffic from NGINX to the REST Api? Does Kubernetes expose a public service name usable from Javascript, for example?

This is one way to achieve this.

Advantage of this approach is, you will avoid all the Same Origin Policy/CORS headaches, your microservice (express) authentication details will be abstracted out from user's browser. (This is not necessarily an advantage).

Disadvantage of this approach is, your backend microservice (express) will have a tight coupling with front end (or vice-versa depending on how you look at it), This will make the scaling of backend dependent on front end. Your Backend is not exposed. So, if you have another consumer (let's just say an android app) it will not be able to access your service.

Another Solution

Create an ingress (and use an ingress controller in your cluster) and expose your Microservice(Express).

这篇关于如何定义/使用端点从Javascript连接到Kubernetes的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！