我正在使用头盔使用--set grafana.enabled=true安装istio-1.0.0版本。
要访问grafana仪表板,我必须使用kubectl命令进行端口转发。还行吧但是,我想使用公共ip访问它,因此我正在使用此网关yaml文件
---
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: grafana-gateway
namespace: agung-ns
spec:
selector:
istio: ingressgateway # use Istio default gateway implementation
servers:
- port:
number: 15031
name: http-grafana
protocol: HTTP
hosts:
- "*"
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: grafana-global-route
namespace: agung-ns
spec:
hosts:
- "grafana.domain"
gateways:
- grafana-gateway
- mesh
http:
- route:
- destination:
host: "grafana.istio-system"
port:
number: 3000
weight: 100
我尝试curl,但它返回404状态,这意味着路由逻辑和/或上述配置有问题。
curl -HHost:grafana.domain http://<my-istioingressgateway-publicip>:15031 -I
HTTP/1.1 503 Service Unavailable
date: Tue, 14 Aug 2018 13:04:27 GMT
server: envoy
transfer-encoding: chunked
有什么主意吗?
答案 0 :(得分:1)
我认为问题在于您在其他名称空间中引用了服务。您需要添加FQDN(grafana.istio-system.svc.cluster.local)。
如果您需要将istio,grafana,prometheus和jaeger集成在一起,通过网关公开并且启用了安全性,则可以检查我正在从事的项目: https://github.com/kyma-project/kyma
答案 1 :(得分:1)
我确实是这样暴露它的:
grafana.yml
---
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: grafana-gateway
namespace: istio-system
spec:
selector:
istio: ingressgateway # use istio default controller
servers:
- port:
number: 80
name: http
protocol: HTTP
hosts:
- "my.dns.com"
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: grafana-vts
namespace: istio-system
spec:
hosts:
- "my.dns.com"
gateways:
- grafana-gateway
http:
- match:
- uri:
prefix: /
route:
- destination:
host: grafana
port:
number: 3000
然后:
kubectl apply grafana.yml