具有私有IP的Kubernetes入口控制器 [英] Kubernetes Ingress Controller with private IP

问题描述

是否可以在没有公共IP地址的情况下部署入口控制器(nginx)?

谢谢！

解决方案

是否可以在没有公共IP地址的情况下部署入口控制器(nginx)?

毫无疑问，是的，如果Ingress控制器的 Service 类型为:NodePort ，则Ingress控制器的专用IP地址为每个 Node 的IP地址，位于指向 Service 的:80 和:443 的端口上.秘密地，这正是 type:LoadBalancer 所发生的一切，只是在负载平衡器的IP地址和与 Node 的绑定之间映射了云提供商的额外糖衣的端口.

因此，要结束该循环:如果您希望拥有100％内部Ingress控制器，请使用 hostNetwork:true 并将Ingress控制器的 ports:绑定到是主机的端口80和443；然后，为每个虚拟主机创建一个DNS(A记录| CNAME记录)，该DNS解析为群集中每个 Node 的地址，并带有:100％非面向Internet的入口控制器./p>

is it possible to deploy an ingress controller (nginx) without a public ip address?

Thanks!

解决方案

is it possible to deploy an ingress controller (nginx) without a public ip address?

Without question, yes, if the Ingress controller's Service is of type: NodePort then the Ingress controller's private IP address is every Node's IP address, on the port(s) pointing to :80 and :443 of the Service. Secretly, that's exactly what is happening anyway with type: LoadBalancer, just with the extra sugar coating of the cloud provider mapping between the load balancer's IP address and the binding to the Node's ports.

So, to close that loop: if you wished to have a 100% internal Ingress controller, then use a hostNetwork: true and bind the Ingress controller's ports: to be the host's port 80 and 443; then, make a DNS (A record|CNAME record) for each virtual-host that resolve to the address of every Node in the cluster, and poof: 100% non-Internet-facing Ingress controller.

这篇关于具有私有IP的Kubernetes入口控制器的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！