如何将Minikube集群暴露给Internet [英] How to expose Minikube cluster to internet
问题描述
我知道minikube仅应用于本地,但我想为我的应用程序创建一个测试环境.
为此,我希望将运行在minikube集群中的应用程序暴露给外部访问(从公共Internet上的任何设备-如4G智能手机).
I know minikube should be used for local only, but i'd like to create a test environment for my applications.
In order to do that, I wish to expose my applications running inside the minikube cluster to external access (from any device on public internet - like a 4G smartphone).
注意:我使用-driver = docker
kubectl获取服务
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
web8080 NodePort 10.99.39.162 <none> 8080:31613/TCP 3d1h
minikube ip
192.168.49.2
一种方法如下:
firewall-cmd --add-port=8081/tcp
kubectl port-forward --address 0.0.0.0 services/web8080 8081:8080
然后我可以使用:
curl localhost:8081 (directly from the machine running the cluster inside a VM)
curl 192.168.x.xx:8081 (from my Mac in same network - this is the private ip of the machine running the cluster inside a VM)
curl 84.xxx.xxx.xxx:8081 (from a phone connected in 4G - this is the public ip exposed by my router)
我不想使用此解决方案,因为 kubectl port-forward
较弱,每次端口转发不再活动时都需要运行.
I don't want to use this solution because kubectl port-forward
is weak and need to be run every time the port-forwarding is no longer active.
我该如何实现?
(已编辑)-使用LOADBALANCER
当使用 LoadBalancer
类型和 minikube隧道
时,我只能在运行集群的计算机内部公开该服务.
when using LoadBalancer
type and minikube tunnel
, I can expose the service only inside the machine running the cluster.
kubectl获取服务
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
my-service LoadBalancer 10.111.61.218 10.111.61.218 8080:31831/TCP 3d3h
curl 10.111.61.218:8080
(运行群集的计算机内部)正在运行
但是 curl 192.168.x.xx:8080
(来自同一局域网中的Mac)无法正常工作
curl 10.111.61.218:8080
(inside the machine running the cluster) is working
but curl 192.168.x.xx:8080
(from my Mac on same LAN) is not working
谢谢
推荐答案
Minikube
作为用于单节点的开发工具,Kubernetes集群在Kubernetes与外部设备之间提供了固有的隔离层(具体而言,<从 LAN
/ WAN
到您的群集的强>入站流量.
Minikube
as a development tool for a single node Kubernetes cluster provides inherent isolation layer between Kubernetes and the external devices (being specific the inbound traffic to your cluster from LAN
/WAN
).
>不同的驱动程序允许灵活使用将在何处生成Kubernetes集群以及如何在网络上运行.
Different --drivers are allowing for flexibility when it comes to the place where your Kubernetes cluster will be spawned and how it will behave network wise.
旁注(解决方法)!
A side note (workaround)!
由于您的 minikube
已经驻留在 VM
中,并且使用-driver = docker
,因此您可以尝试使用-driver= none
(您将能够从 LAN
中 curl VM_IP:NodePort
).它将直接在 VM
上生成您的Kubernetes集群.
As your minikube
already resides in a VM
and uses --driver=docker
you could try to use --driver=none
(you will be able to curl VM_IP:NodePort
from the LAN
). It will spawn your Kubernetes cluster directly on the VM
.
请考虑检查其文档,因为存在某些限制/缺点:
Consider checking it's documentation as there are some certain limitations/disadvantages:
由于此设置已经基于 VM
(具有未知的虚拟机管理程序),并且该群集打算暴露在LAN之外,因此建议您继续使用生产就绪的设置.这将从根本上消除您面临的连接问题.Kubernetes集群将直接在 VM
上进行配置,而不是在 Docker
容器中进行配置.
As this setup is already basing on the VM
(with unknown hypervisor) and the cluster is intended to be exposed outside of your LAN, I suggest you going with the production-ready setup. This will inherently eliminate the connectivity issues you are facing. Kubernetes cluster will be provisioned directly on a VM
and not in the Docker
container.
解释使用的-driver = docker
:它将在主机系统中产生一个带有Kubernetes的容器.在此容器内,将再次使用 Docker
生成必要的 Pods
以运行Kubernetes集群.
Explaining the --driver=docker
used: It will spawn a container on a host system with Kubernetes inside of it. Inside of this container, Docker
will be used once again to spawn the necessary Pods
to run the Kubernetes cluster.
关于用于配置Kubernetes集群的工具,您将需要选择最适合您的需求的选项.其中的一些:
As for the tools to provision your Kubernetes cluster you will need to chose the option that suits your needs the most. Some of them are the following:
在 VM
上创建Kubernetes集群后,可以将流量从路由器直接转发到 VM
.
After you created your Kubernetes cluster on a VM
you could forward the traffic from your router directly to your VM
.
您可能会发现有用的其他资源:
Additional resources that you might find useful:
这篇关于如何将Minikube集群暴露给Internet的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!