Kubernetes - 将负载平衡的公共 IP 作为环境变量传递到 Pod [英] Kubernetes - Pass Public IP of Load Balance as Environment Variable into Pod

问题描述

我有一个 ConfigMap，它为我的 Pod 提供必要的环境变量:

I have a ConfigMap which provides necessary environment variables to my pods:

apiVersion: v1
kind: ConfigMap
metadata:
  name: global-config
data:
  NODE_ENV: prod
  LEVEL: info

  # I need to set API_URL to the public IP address of the Load Balancer
  API_URL: http://<SOME IP>:3000

  DATABASE_URL: mongodb://database:27017
  SOME_SERVICE_HOST: some-service:3000

我在 Google Cloud 上运行我的 Kubernetes 集群，因此它会自动为我的服务创建一个公共端点:

I am running my Kubernetes Cluster on Google Cloud, so it will automatically create a public endpoint for my service:

apiVersion: v1
kind: Service
metadata:
  name: gateway
spec:
  selector:
    app: gateway
  ports:
    - name: http
      port: 3000
      targetPort: 3000
      nodePort: 30000
  type: LoadBalancer

问题

我有一个 Web 应用程序，需要从客户端的浏览器向 gateway 服务发出 HTTP 请求.但是为了向外部服务发出请求，Web 应用程序需要知道它的 IP 地址.

Issue

I have an web application that needs to make HTTP requests from the client's browser to the gateway service. But in order to make a request to the external service, the web app needs to know it's ip address.

所以我设置了 pod，它以某种方式为 Web 应用程序提供服务，它选择一个环境变量API_URL"，结果是将所有 HTTP 请求发送到这个 url.

So I've set up the pod, which serves the web application in a way, that it picks up an environment variable "API_URL" and as a result makes all HTTP requests to this url.

所以我只需要一种方法将 API_URL 环境变量设置为 gateway 服务的公共 IP 地址，以便在它启动时将其传递到 Pod 中.

So I just need a way to set the API_URL environment variable to the public IP address of the gateway service to pass it into a pod when it starts.

推荐答案

您正在尝试从客户端的浏览器访问网关服务.

You are trying to access gateway service from client's browser.

我想向您推荐另一种与您目前尝试实现的略有不同的解决方案但它可以解决您的问题.

I would like to suggest you another solution that is slightly different from what you are currently trying to achieve but it can solve your problem.

根据您的问题，我可以推断出您的 Web 应用程序和网关应用程序位于同一个集群中.

From your question I was able to deduce that your web app and gateway app are on the same cluster.

在我的解决方案中，您不需要 LoadBalancer 类型的服务，基本的 Ingress 就足以让它工作.

In my solution you dont need a service of type LoadBalancer and basic Ingress is enough to make it work.

您只需要创建一个 Service 对象(注意选项 type: LoadBalancer 现在消失了)

You only need to create a Service object (notice that option type: LoadBalancer is now gone)

apiVersion: v1
kind: Service
metadata:
name: gateway
spec:
selector:
  app: gateway
ports:
  - name: http
    port: 3000
    targetPort: 3000
    nodePort: 30000

并且您还需要一个入口对象(请记住，需要将入口控制器部署到集群才能使其工作)，如下所示:有关如何部署 Nginx Ingress 控制器的更多信息，您可以在 这里找到如果您已经在使用一个(可能是不同的)，那么您可以跳过这一步.

and you alse need an ingress object (remember that na Ingress Controller needs to be deployed to cluster in order to make it work) like one below: More on how to deploy Nginx Ingress controller you can finde here and if you are already using one (maybe different one) then you can skip this step.

apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: gateway-ingress
annotations:
  nginx.ingress.kubernetes.io/rewrite-target: /
spec:
rules:
  - host: gateway.foo.bar.com
    http:
      paths:
      - path: /
          backend:
            serviceName: gateway
            servicePort: 3000

注意主机字段.

您需要为您的 Web 应用程序重复相同的操作.请记住使用适当的主机名(DNS 名称)例如对于 Web 应用程序:foo.bar.com 和对于网关:gateway.foo.bar.com然后只需使用 gateway.foo.bar.com dns 名称从客户端 Web 浏览器连接到网关应用程序.

The same you need to repeat for your web application. Remember to use appropriate host name (DNS name) e.g. for web app: foo.bar.com and for gateway: gateway.foo.bar.com and then just use the gateway.foo.bar.com dns name to connect to the gateway app from clients web browser.

您还需要创建一个 dns 条目，将 *.foo.bar.com 指向 Ingress 的公共 ip 地址因为入口控制器将创建自己的负载均衡器.

You also need to create a dns entry that points *.foo.bar.com to Ingress's public ip address as Ingress controller will create its own load balancer.

流量如下:

+-------------+   +---------+   +-----------------+   +---------------------+
| Web Browser |-->| Ingress |-->| gateway Service |-->| gateway application |
+-------------+   +---------+   +-----------------+   +---------------------+

这种方法更好，因为它不会导致客户端浏览器中的跨域资源共享 (CORS) 出现问题.

This approach is better becaues it won't cause issues with Cross-Origin Resource Sharing (CORS) in clients browser.

我从官方 kubernetes 文档中获取并稍作修改的 Ingress 和服务清单示例.

Examples of Ingress and Service manifests I took from official kubernetes documentation and modified slightly.

有关 Ingress 的更多信息，您可以在这里找到和关于服务这里

More on Ingress you can find here and on Services here

这篇关于Kubernetes - 将负载平衡的公共 IP 作为环境变量传递到 Pod的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！