我正在尝试与websockets建立连接,并且正在使用通过头盔管理的nginx入口控制器。当我使用abc.com访问应用程序时,它无法建立websocket连接,并始终说该连接已关闭。
谁能对此有任何经验,我需要进行任何其他配置。
我的deployment.yaml如下所示-
apiVersion: v1
kind: Service
metadata:
name: creditlibraryui
namespace: kube-system
labels:
app: creditlibraryui
spec:
ports:
- port: 3000
name: http
selector:
app: creditlibraryui
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: creditlibraryui-v1
namespace: kube-system
spec:
replicas: 1
template:
metadata:
labels:
app: creditlibraryui
version: v1
spec:
containers:
- name: creditlibraryui
image: abc/creditlibraryui:0.0.1
imagePullPolicy: Always
ports:
- containerPort: 3000
name: http
---
apiVersion: v1
kind: Service
metadata:
name: creditlibraryservice
labels:
app: creditlibraryservice
namespace: kube-system
spec:
ports:
- port: 8102
name: http
selector:
app: creditlibraryservice
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: creditlibraryservice-v1
namespace: kube-system
spec:
replicas: 1
template:
metadata:
labels:
app: creditlibraryservice
version: v1
spec:
containers:
- name: creditlibraryservice
image: abc/creditlibraryservice:0.0.1
imagePullPolicy: Always
ports:
- containerPort: 8102
---
apiVersion: v1
kind: Service
metadata:
name: creditlibrarydb
labels:
app: creditlibrarydb
namespace: kube-system
spec:
ports:
- port: 27017
name: http
selector:
app: creditlibrarydb
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: creditlibrarydb-v1
namespace: kube-system
spec:
replicas: 1
template:
metadata:
labels:
app: creditlibrarydb
version: v1
spec:
containers:
- name: creditlibrarydb
image: mongo:latest
imagePullPolicy: Always
ports:
- containerPort: 27017
我的ingress.yaml看起来像-
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: creditlibrary-ingress
namespace : kube-system
annotations:
kubernetes.io/tls-acme: "true"
kubernetes.io/ingress.class: nginx
certmanager.k8s.io/acme-challenge-type: dns01
certmanager.k8s.io/acme-dns01-provider: cloudflare
certmanager.k8s.io/cluster-issuer: letsencrypt-staging
nginx.org/websocket-services: "creditlibraryui,creditlibraryservice"
spec:
rules:
- host: abc.com
http:
paths:
- path: "/"
backend:
serviceName: creditlibraryui
servicePort: 3000
- path: "/api"
backend:
serviceName: creditlibraryservice
servicePort: 8102
tls:
- hosts:
- "abc.com"
secretName: abc-tls
答案 0 :(得分:0)
我通过在入口中添加websocket的另一条路径来解决此问题,如下所示-
rules:
- host: abc.com
http:
paths:
- path: "/"
backend:
serviceName: creditlibraryui
servicePort: 3000
- path: "/api"
backend:
serviceName: creditlibraryservice
servicePort: 8102
- path: "/ws"
backend:
serviceName: creditlibraryservice
servicePort: 8102
答案 1 :(得分:0)
在花了 2 天试图弄清楚为什么我收到 426 http 套接字连接错误代码后,我意识到 nignxserver 块中需要代理升级标头来升级 websocket 连接。
nginx.ingress.kubernetes.io/server-snippets: |
location / {
proxy_set_header Upgrade $http_upgrade;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_set_header Connection "upgrade";
proxy_cache_bypass $http_upgrade;
}
对于 websockets 和 nginx 入口控制器(kubernetes 维护)有 426 个 http 错误代码问题的任何人,您可以尝试我创建的这个要点 https://gist.github.com/acidbotmaker/4b356e68d39dd46fa92537ab2ffea842