EKS ALB 无法自动发现子网 [英] EKS ALB is not to able to auto-discover subnets
问题描述
背景:
我有一个
VPC和 3 个公共子网(子网可以访问互联网网关)我在这个 VPC 中有一个 EKS 集群,EKS 集群是从控制台创建的,而不是使用
eksctl我使用了
这里是子网的路由表,你可以看到它们附加了一个 Internet 网关:
我到处搜索,他们都在谈论添加标签,我从头开始创建了一个全新的集群,但仍然遇到这个问题,还有其他我遗漏的东西吗?
我检查了这个答案,但它不相关,因为它用于 ELB 而不是 ALB,
================================
更新:
我明确添加了子网:
alb.ingress.kubernetes.io/subnets:subnet-xxxxxx、subnet-xxxxx、subnet-xxx现在我得到了我的外部 IP,但有一些警告
$ kubectl describe ingress/ingress-2048 -n game-2048名称:ingress-2048命名空间:game-2048地址:k8s-game2048-ingress2-330cc1efad-115981283.eu-central-1.elb.amazonaws.com默认后端:default-http-backend:80(<错误:未找到端点default-http-backend">)规则:主机路径后端---- ---- --------*/* 服务-2048:80 (172.31.13.183:80)注释:alb.ingress.kubernetes.io/scheme:面向互联网alb.ingress.kubernetes.io/subnets:subnet-8ea768e4、subnet-bf2821f2、subnet-7c023801alb.ingress.kubernetes.io/target-type: ipkubernetes.io/ingress.class:alb事件:键入来自消息的原因年龄---- ------ ---- ---- -------警告 FailedDeployModel 43s ingress 由于 ListenerNotFound 导致部署模型失败:未找到一个或多个侦听器状态代码:400,请求 ID:e866eba4-328c-4282-a399-4e68f55ee266正常成功Reconciled 43s ingress 成功reconciled同样进入浏览器并使用外部ip返回:
503 Service Temporously Unavailable解决方案确保 aws-load-balancer-controller 部署中的 --cluster-name 配置正确.
使用
kubectl get deployment -n kube-system aws-load-balancer-controller -oyaml |grep 集群名称"获取部署中的集群名称.
如果不正确,请使用下一个命令编辑部署并重命名:
kubectl edit deployment -n kube-system aws-load-balancer-controllerBackground:
I have a
VPCwith 3 publicsubnets(the subnets have access to an internet gateway)I have an EKS Cluster in this VPC, the EKS cluster is created from the console and not using
eksctlI used this tutorial from the official aws documentation, I managed to set my ALB controller and the controller is running perfectly:
The cluster contains two node groups:
- First node group has one node of type:
t3a.micro - Second node group has one node of type:
t3.small
$ kubectl get deployment -n kube-system aws-load-balancer-controller NAME READY UP-TO-DATE AVAILABLE AGE aws-load-balancer-controller 1/1 1 1 60mI used their game example and here is the manifest file:
--- apiVersion: v1 kind: Namespace metadata: name: game-2048 --- apiVersion: apps/v1 kind: Deployment metadata: namespace: game-2048 name: deployment-2048 spec: selector: matchLabels: app.kubernetes.io/name: app-2048 replicas: 1 template: metadata: labels: app.kubernetes.io/name: app-2048 spec: containers: - image: alexwhen/docker-2048 imagePullPolicy: Always name: app-2048 ports: - containerPort: 80 --- apiVersion: v1 kind: Service metadata: namespace: game-2048 name: service-2048 spec: ports: - port: 80 targetPort: 80 protocol: TCP type: NodePort selector: app.kubernetes.io/name: app-2048 --- apiVersion: extensions/v1beta1 kind: Ingress metadata: namespace: game-2048 name: ingress-2048 annotations: kubernetes.io/ingress.class: alb alb.ingress.kubernetes.io/scheme: internet-facing alb.ingress.kubernetes.io/target-type: ip spec: rules: - http: paths: - path: /* backend: serviceName: service-2048 servicePort: 80However when I describe ingress: I get the following messages
DNDT@DNDT-DEV-2 MINGW64 ~/Desktop/.k8s $ kubectl describe ingress/ingress-2048 -n game-2048 Name: ingress-2048 Namespace: game-2048 Address: Default backend: default-http-backend:80 (<error: endpoints "default-http-backend" not found>) Rules: Host Path Backends ---- ---- -------- * /* service-2048:80 (172.31.4.64:80) Annotations: alb.ingress.kubernetes.io/scheme: internet-facing alb.ingress.kubernetes.io/target-type: ip kubernetes.io/ingress.class: alb Events: Type Reason Age From Message ---- ------ ---- ---- ------- Warning FailedBuildModel 9s (x13 over 32s) ingress Failed build model due to couldn't auto-discover subnets: unable to discover at least one subnetHere are the tags set on the 3 subnets:
And here are the route table for the subnets, as you can see they have an internet gw attached:
I searched everywhere and they all talk about adding the tags, I created a completely new cluster from scratch but still getting this issue, are there any other things I'm missing?
I checked this answer, but its not relevant because its for ELB not ALB,
================================
Update:
I explicitly added the subnets:
alb.ingress.kubernetes.io/subnets: subnet-xxxxxx, subnet-xxxxx, subnet-xxxAnd now I got my external IP, but with some warning
$ kubectl describe ingress/ingress-2048 -n game-2048 Name: ingress-2048 Namespace: game-2048 Address: k8s-game2048-ingress2-330cc1efad-115981283.eu-central-1.elb.amazonaws.com Default backend: default-http-backend:80 (<error: endpoints "default-http-backend" not found>) Rules: Host Path Backends ---- ---- -------- * /* service-2048:80 (172.31.13.183:80) Annotations: alb.ingress.kubernetes.io/scheme: internet-facing alb.ingress.kubernetes.io/subnets: subnet-8ea768e4, subnet-bf2821f2, subnet-7c023801 alb.ingress.kubernetes.io/target-type: ip kubernetes.io/ingress.class: alb Events: Type Reason Age From Message ---- ------ ---- ---- ------- Warning FailedDeployModel 43s ingress Failed deploy model due to ListenerNotFound: One or more listeners not found status code: 400, request id: e866eba4-328c-4282-a399-4e68f55ee266 Normal SuccessfullyReconciled 43s ingress Successfully reconciledAlso going to the browser and using the external ip return:
503 Service Temporarily Unavailable解决方案Ensure that --cluster-name in the aws-load-balancer-controller deployment is correct configured.
Use
kubectl get deployment -n kube-system aws-load-balancer-controller -oyaml |grep "cluster-name"to get the cluster name in the deployment.
If it isn't correct, edit deployment with next command and rename it:
kubectl edit deployment -n kube-system aws-load-balancer-controller这篇关于EKS ALB 无法自动发现子网的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
