Kubernetes-将负载平衡的公共IP作为环境变量传递到Pod [英] Kubernetes - Pass Public IP of Load Balance as Environment Variable into Pod

问题描述

我有一个 ConfigMap ，它为我的Pod提供了必要的环境变量:

I have a ConfigMap which provides necessary environment variables to my pods:

apiVersion: v1
kind: ConfigMap
metadata:
  name: global-config
data:
  NODE_ENV: prod
  LEVEL: info

  # I need to set API_URL to the public IP address of the Load Balancer
  API_URL: http://<SOME IP>:3000

  DATABASE_URL: mongodb://database:27017
  SOME_SERVICE_HOST: some-service:3000

我正在Google Cloud上运行Kubernetes集群，因此它将自动为我的服务创建一个公共端点:

I am running my Kubernetes Cluster on Google Cloud, so it will automatically create a public endpoint for my service:

apiVersion: v1
kind: Service
metadata:
  name: gateway
spec:
  selector:
    app: gateway
  ports:
    - name: http
      port: 3000
      targetPort: 3000
      nodePort: 30000
  type: LoadBalancer

问题

我有一个Web应用程序，需要从客户端的浏览器向 gateway 服务发出HTTP请求.但是，为了向外部服务发出请求，Web应用程序需要知道它的IP地址.

Issue

I have an web application that needs to make HTTP requests from the client's browser to the gateway service. But in order to make a request to the external service, the web app needs to know it's ip address.

因此，我已经设置了pod，该pod以某种方式服务于Web应用程序，它选择了环境变量" API_URL "，从而使所有HTTP请求都对该URL进行了请求.

So I've set up the pod, which serves the web application in a way, that it picks up an environment variable "API_URL" and as a result makes all HTTP requests to this url.

因此，我只需要一种方法即可将 API_URL 环境变量设置为 gateway 服务的公共IP地址，以便在启动时将其传递到pod中.

So I just need a way to set the API_URL environment variable to the public IP address of the gateway service to pass it into a pod when it starts.

推荐答案

您正尝试从客户端的浏览器访问网关服务.

You are trying to access gateway service from client's browser.

我想向您推荐另一种解决方案，该解决方案与您当前尝试实现的解决方案略有不同但这可以解决您的问题.

I would like to suggest you another solution that is slightly different from what you are currently trying to achieve but it can solve your problem.

根据您的问题，我可以推断出您的Web应用程序和网关应用程序在同一群集中.

From your question I was able to deduce that your web app and gateway app are on the same cluster.

在我的解决方案中，您不需要类型为LoadBalancer的服务，而基本的Ingress足以使其正常工作.

In my solution you dont need a service of type LoadBalancer and basic Ingress is enough to make it work.

您只需要创建一个Service对象(请注意，选项 type:LoadBalancer 现在已消失)

You only need to create a Service object (notice that option type: LoadBalancer is now gone)

apiVersion: v1
kind: Service
metadata:
name: gateway
spec:
selector:
  app: gateway
ports:
  - name: http
    port: 3000
    targetPort: 3000
    nodePort: 30000

，您还需要一个入口对象(请记住，必须将一个Ingress Controller部署到集群才能使其工作)，如下所示:有关如何部署Nginx Ingress控制器的更多信息，可以在此处找到.如果您已经在使用一个(可能是另一个)，则可以跳过此步骤.

and you alse need an ingress object (remember that na Ingress Controller needs to be deployed to cluster in order to make it work) like one below: More on how to deploy Nginx Ingress controller you can finde here and if you are already using one (maybe different one) then you can skip this step.

apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: gateway-ingress
annotations:
  nginx.ingress.kubernetes.io/rewrite-target: /
spec:
rules:
  - host: gateway.foo.bar.com
    http:
      paths:
      - path: /
          backend:
            serviceName: gateway
            servicePort: 3000

请注意主持人字段.

您需要为您的Web应用程序重复同样的操作.切记使用适当的主机名(DNS名称)例如对于Web应用程序: foo.bar.com 和对于网关: gateway.foo.bar.com 然后只需使用 gateway.foo.bar.com dns名称从客户端Web浏览器连接到网关应用.

The same you need to repeat for your web application. Remember to use appropriate host name (DNS name) e.g. for web app: foo.bar.com and for gateway: gateway.foo.bar.com and then just use the gateway.foo.bar.com dns name to connect to the gateway app from clients web browser.

您还需要创建一个DNS条目，该条目将 *.foo.bar.com 指向Ingress的公共IP地址因为Ingress控制器将创建自己的负载均衡器.

You also need to create a dns entry that points *.foo.bar.com to Ingress's public ip address as Ingress controller will create its own load balancer.

流量如下:

+-------------+   +---------+   +-----------------+   +---------------------+
| Web Browser |-->| Ingress |-->| gateway Service |-->| gateway application |
+-------------+   +---------+   +-----------------+   +---------------------+

这种方法更好，因为它不会导致客户端浏览器中的跨域资源共享(CORS)问题.

This approach is better becaues it won't cause issues with Cross-Origin Resource Sharing (CORS) in clients browser.

我从kubernetes官方文档中获取的Ingress和Service清单示例，并做了一些修改.

Examples of Ingress and Service manifests I took from official kubernetes documentation and modified slightly.

有关Ingress的更多信息，您可以在此处并在服务上此处

More on Ingress you can find here and on Services here

这篇关于Kubernetes-将负载平衡的公共IP作为环境变量传递到Pod的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！