我在没有头盔的 kubernetes 上安装了 istio 。
我可以看到在istio-system名称空间中创建了pod和服务。
创建了诸如grafana,Prometheus之类的所有服务,并且未公开其端口。
由于创建了负载均衡器服务,因此也在AWS中创建了一个负载均衡器,我想通过新创建的负载均衡器终端节点从外部网络访问grafana,prometheus等仪表板,但无法从负载均衡器访问该仪表板端点。
我尝试了istio docs推荐的端口转发:
kubectl -n istio-system port-forward $(kubectl -n istio-system get pod -l app=grafana -o jsonpath='{.items[0].metadata.name}') 3000:3000 &
这些仅适用于http://localhost:3000,而不能用于http://publicip:3000
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
grafana ClusterIP 172.20.192.71 <none> 3000/TCP 1m
istio-citadel ClusterIP 172.20.111.103 <none> 8060/TCP,15014/TCP 1m
istio-egressgateway ClusterIP 172.20.123.112 <none> 80/TCP,443/TCP,15443/TCP 1m
istio-galley ClusterIP 172.20.45.229 <none> 443/TCP,15014/TCP,9901/TCP 1m
istio-ingressgateway LoadBalancer 172.20.94.157 xxxx-yyyy.us-west-2.elb.amazonaws.com 15020:31336/TCP,80:31380/TCP,443:31390/TCP,31400:31400/TCP,15029:32146/TCP,15030:30126/TCP,15031:31506/TCP,15032:30501/TCP,15443:31053/TCP 1m
istio-pilot ClusterIP 172.20.27.87 <none> 15010/TCP,15011/TCP,8080/TCP,15014/TCP 1m
istio-policy ClusterIP 172.20.222.108 <none> 9091/TCP,15004/TCP,15014/TCP 1m
istio-sidecar-injector ClusterIP 172.20.240.198 <none> 443/TCP 1m
istio-telemetry ClusterIP 172.20.157.227 <none> 9091/TCP,15004/TCP,15014/TCP,42422/TCP 1m
jaeger-agent ClusterIP None <none> 5775/UDP,6831/UDP,6832/UDP 1m
jaeger-collector ClusterIP 172.20.92.248 <none> 14267/TCP,14268/TCP 1m
jaeger-query ClusterIP 172.20.168.197 <none> 16686/TCP 1m
kiali ClusterIP 172.20.236.20 <none> 20001/TCP 1m
prometheus ClusterIP 172.20.21.205 <none> 9090/TCP 1m
tracing ClusterIP 172.20.231.66 <none> 80/TCP 1m
zipkin ClusterIP 172.20.200.32 <none> 9411/TCP 1m
如上所示,我正在尝试使用负载平衡器和端口转发来访问grafana仪表板,但我没有grafana仪表板
答案 0 :(得分:0)
您可以创建Istio Gateway and VirtualService以便将请求转发到默认在端口3000上运行的import numpy as np
time, trials, neurons = (100, 256, 16)
a, b = (8, 12)
x = np.random.rand(time, trials, neurons)
L = np.random.randint(a, b, size=neurons)
# let's say the time t=50
x1 = []
for n in range(neurons):
x1.append(x[50-L[n],:,n])
x1 = np.stack(x1, axis=1)
# use two list to index the intersection, but notice transposing needed.
x2 = x[50-L,:,range(neurons)].T
print(np.all(x1==x2))
服务
首先,让我们检查grafana和grafana服务
istio-ingressgateway因此,我们有kubectl get svc grafana istio-ingressgateway -n istio-system
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
grafana ClusterIP 100.71.67.105 <none> 3000/TCP 18h
istio-ingressgateway LoadBalancer 100.64.42.106 <Public IP address> 15020:31766/TCP,80:31380/TCP,443:31390/TCP,31400:31400/TCP,15029:32576/TCP,15030:30728/TCP,15031:31037/TCP,15032:31613/TCP,15443:32501/TCP 18h
运行的服务正在端口3000上侦听,而默认的grafana LoadBalancer服务正在使用分配的公共IP地址运行。
然后,我们创建istio-ingressgateway来使用此默认LoadBalancer。
gateway然后为通过此网关进入的流量配置到$ kubectl apply -f - <<EOF
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: grafana-gateway
namespace: istio-system # Use same namespace with backend service
spec:
selector:
istio: ingressgateway # use Istio default gateway implementation
servers:
- port:
number: 80
name: HTTP
protocol: HTTP
hosts:
- "*"
EOF
的路由:
grafana service然后点击$ kubectl apply -f - <<EOF
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: grafana
namespace: istio-system # Use same namespace with backend service
spec:
hosts:
- "*"
gateways:
- grafana-gateway # define gateway name
http:
- match:
- uri:
prefix: "/"
route:
- destination:
port:
number: 3000 # Backend service port
host: grafana # Backend service name
EOF
,您应该会看到grafana仪表板
希望对您有帮助。
答案 1 :(得分:-1)
kubectl -n istio-system port-forward svc/kiali 20001
然后点击http://localhost:20001/kiali/