外部请求通过 Ingress 进入 k8s pod 的具体流程图是什么? [英] What's the exactly flow chart of an outside request comes into k8s pod via Ingress?

问题描述

全部

1. 我很了解 k8s 在服务中的 nodePort 和 ClusterIP 类型.

2. 但是我对 Ingress 的方式很困惑，因为一个请求将如何通过这种 Ingress 方式进入 k8s 中的 pod?

假设 K8s 的主 IP 为 1.2.3.4，在 Ingress 设置后，可以通过端口(例如，)连接后端服务(例如，myservice)9000)

现在，我如何在外面访问这个 myservice:9000?即通过1.2.3.4?由于 1.2.3.4 机器上没有入口端口.

并且许多文档总是说通过在入口 YAML 文件中配置的foo.com"来访问它.但这真的很有趣，因为 xxx.com 肯定需要 DNS，让您新发明任何您喜欢的 xxx.com 成为一个真正的网站并可以将您的 xxx.com 映射到您的机器！

解决方案

图片的关键部分是

all

1. I knew well about k8s' nodePort and ClusterIP type in services.

2. But I am very confused about the Ingress way, because how will a request come into a pod in k8s by this Ingress way?

Suppose K8s master IP is 1.2.3.4, after Ingress setup, and can connect to backend service(e.g, myservice) with a port(e.g, 9000)

Now, How can I visit this myservice:9000 outside? i.e, through 1.2.3.4? As there's no entry port on the 1.2.3.4 machine.

And many docs always said visit this via 'foo.com' configed in the ingress YAML file. But that is really funny, because xxx.com definitely needs DNS, it's not a magic to let you new-invent any xxx.com you like be a real website and can map your xxx.com to your machine!

解决方案

The key part of the picture is the Ingress Controller. It's an instance of a proxy (could be nginx or haproxy or another ingress type) and runs inside the cluster. It acts as an entrypoint and lets you add more sophisticated routing rules. It reads Ingress Resources that are deployed with apps and which define the routing rules. This allows each app to say what the Ingress Controller needs to do for routing to it.

Because the controller runs inside the cluster, it needs to be exposed to the outside world. You can do this by NodePort but if you're using a cloud provider then it's more common to use LoadBalancer. This gives you an external IP and port that reaches the Ingress controller and you can point DNS entries at that. If you do point DNS at it then you have the option to use routing rules base on DNS (such as using different subdomains for different apps).

The article 'Kubernetes NodePort vs LoadBalancer vs Ingress? When should I use what?' has some good explanations and diagrams - here's the diagram for Ingress:

这篇关于外部请求通过 Ingress 进入 k8s pod 的具体流程图是什么?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！