具有私有IP的Kubernetes入口控制器 [英] Kubernetes Ingress Controller with private IP
问题描述
是否可以在没有公共IP地址的情况下部署入口控制器(nginx)?
谢谢!
是否可以在没有公共IP地址的情况下部署入口控制器(nginx)?
毫无疑问,是的,如果Ingress控制器的 Service
类型为:NodePort
,则Ingress控制器的专用IP地址为每个 Node
的IP地址,位于指向 Service
的:80
和:443
的端口上.秘密地,这正是 type:LoadBalancer
所发生的一切,只是在负载平衡器的IP地址和与 Node
的绑定之间映射了云提供商的额外糖衣的端口.
因此,要结束该循环:如果您希望拥有100%内部Ingress控制器,请使用 hostNetwork:true
并将Ingress控制器的 ports:
绑定到是主机的端口80和443;然后,为每个虚拟主机创建一个DNS(A记录| CNAME记录),该DNS解析为群集中每个 Node
的地址,并带有:100%非面向Internet的入口控制器./p>
is it possible to deploy an ingress controller (nginx) without a public ip address?
Thanks!
is it possible to deploy an ingress controller (nginx) without a public ip address?
Without question, yes, if the Ingress controller's Service
is of type: NodePort
then the Ingress controller's private IP address is every Node
's IP address, on the port(s) pointing to :80
and :443
of the Service
. Secretly, that's exactly what is happening anyway with type: LoadBalancer
, just with the extra sugar coating of the cloud provider mapping between the load balancer's IP address and the binding to the Node
's ports.
So, to close that loop: if you wished to have a 100% internal Ingress controller, then use a hostNetwork: true
and bind the Ingress controller's ports:
to be the host's port 80 and 443; then, make a DNS (A record|CNAME record) for each virtual-host that resolve to the address of every Node
in the cluster, and poof: 100% non-Internet-facing Ingress controller.
这篇关于具有私有IP的Kubernetes入口控制器的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!