我正在根据this article尝试将Linkerd与我的kubernetes上的grpc服务集成,以解决负载平衡问题,但是当与Linkerd一起使用并且grpc客户端冻结时,我的grpc服务无法收到任何请求,不会抛出异常。服务和客户端都是.Net Core应用程序,并且使用不安全的凭据。
我做了一些测试。 grpc服务器可以在没有Linkerd的情况下工作,而Linkerd可以与ASP.NET Core Web API一起工作。
我遵循官方指示:Getting Started和Adding Your Service。这是生成的Yaml:
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
creationTimestamp: null
labels:
app: demogrpc
name: demogrpc
spec:
replicas: 3
selector:
matchLabels:
app: demogrpc
strategy: {}
template:
metadata:
annotations:
linkerd.io/created-by: linkerd/cli stable-2.1.0
linkerd.io/proxy-version: stable-2.1.0
creationTimestamp: null
labels:
app: demogrpc
linkerd.io/control-plane-ns: linkerd
linkerd.io/proxy-deployment: demogrpc
spec:
containers:
- env:
- name: GRPC_HOST
valueFrom:
fieldRef:
fieldPath: status.podIP
- name: SERVICE_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: GRPC_PORT
value: "8000"
image: 192.168.99.25:30000/demogrpchost:1.0.9
imagePullPolicy: Always
name: demogrpc
resources: {}
- env:
- name: LINKERD2_PROXY_LOG
value: warn,linkerd2_proxy=info
- name: LINKERD2_PROXY_BIND_TIMEOUT
value: 10s
- name: LINKERD2_PROXY_CONTROL_URL
value: tcp://linkerd-proxy-api.linkerd.svc.cluster.local:8086
- name: LINKERD2_PROXY_CONTROL_LISTENER
value: tcp://0.0.0.0:4190
- name: LINKERD2_PROXY_METRICS_LISTENER
value: tcp://0.0.0.0:4191
- name: LINKERD2_PROXY_OUTBOUND_LISTENER
value: tcp://127.0.0.1:4140
- name: LINKERD2_PROXY_INBOUND_LISTENER
value: tcp://0.0.0.0:4143
- name: LINKERD2_PROXY_DESTINATION_PROFILE_SUFFIXES
value: .
- name: LINKERD2_PROXY_POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: gcr.io/linkerd-io/proxy:stable-2.1.0
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
path: /metrics
port: 4191
initialDelaySeconds: 10
name: linkerd-proxy
ports:
- containerPort: 4143
name: linkerd-proxy
- containerPort: 4191
name: linkerd-metrics
readinessProbe:
httpGet:
path: /metrics
port: 4191
initialDelaySeconds: 10
resources: {}
securityContext:
runAsUser: 2102
terminationMessagePolicy: FallbackToLogsOnError
imagePullSecrets:
- name: kubernetes-registry
initContainers:
- args:
- --incoming-proxy-port
- "4143"
- --outgoing-proxy-port
- "4140"
- --proxy-uid
- "2102"
- --inbound-ports-to-ignore
- 4190,4191
image: gcr.io/linkerd-io/proxy-init:stable-2.1.0
imagePullPolicy: IfNotPresent
name: linkerd-init
resources: {}
securityContext:
capabilities:
add:
- NET_ADMIN
privileged: false
terminationMessagePolicy: FallbackToLogsOnError
status: {}
这是来自linkerd-proxy之一的日志消息:
INFO linkerd2_proxy::app::main using controller at Some(Name(NameAddr { name: DnsName(DNSName("linkerd-proxy-api.linkerd.svc.cluster.local")), port: 8086 }))
INFO linkerd2_proxy::app::main routing on V4(127.0.0.1:4140)
INFO linkerd2_proxy::app::main proxying on V4(0.0.0.0:4143) to None
INFO linkerd2_proxy::app::main serving Prometheus metrics on V4(0.0.0.0:4191)
INFO linkerd2_proxy::app::main protocol detection disabled for inbound ports {25, 3306}
INFO linkerd2_proxy::app::main protocol detection disabled for outbound ports {25, 3306}
WARN 10.244.1.137:8000 linkerd2_proxy::proxy::reconnect connect error to Config { target: Target { addr: V4(10.244.1.137:8000), tls: None(InternalTraffic), _p: () }, settings: Http2, _p: () }: Connection refused (os error 111) (address: 127.0.0.1:8000)
如何使我的grpc服务与Linkerd一起使用?还是在kubernetes中有更好的解决方案来负载均衡grpc服务?
答案 0 :(得分:0)
通过将GRPC_HOST指定为127.0.0.1,Linkerd可以连接到grpc服务器。由于在这种情况下,链接代理将使用环回地址连接到其他容器,因此grpc服务。