我遇到了大使(特使)的问题。大使不能同时支持HTTP和HTTPS。因此,作为一种解决方法,我必须部署两组大使(一组用于HTTP,另一组用于HTTPS)。我已经部署了两组大使。
NAME READY STATUS RESTARTS AGE
pod/ambassador-k7nlr 2/2 Running 0 55m
pod/ambassador-t2dbm 2/2 Running 0 55m
pod/ambassador-tls-7h6td 2/2 Running 0 107s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/ambassador-admin NodePort 10.233.58.170 <none> 8877:30857/TCP 18d
service/ambassador-admin-tls NodePort 10.233.33.29 <none> 8878:32339/TCP 28m
service/ambassador-monitor ClusterIP None <none> 9102/TCP 18d
NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
daemonset.apps/ambassador 2 2 2 2 2 node-role.kubernetes.io/node= 58m
daemonset.apps/ambassador-tls 1 1 1 1 1 node-role.kubernetes.io/node=tls 107s
在我想用于http的两组豆荚下面
pod/ambassador-k7nlr 2/2 Running 0 55m
pod/ambassador-t2dbm 2/2 Running 0 55m
这个是https
pod/ambassador-tls-7h6td 2/2 Running 0 107s
下面是我的服务注释
getambassador.io/config: |
---
apiVersion: ambassador/v0
kind: Module
name: tls
config:
server:
secret: dashboard-certs
---
apiVersion: ambassador/v0
kind: Mapping
name: dashboard_test_mapping
host: dashboard.example.com
service: https://dashboard.test.svc.cluster.local
prefix: /
这里apiVersion: ambassador/v0指的是两个大使馆,因此我在服务注释中所做的任何更改都将反映在这两个大使馆中。
我想为特定的大使守护程序(HTTPS)设置此服务注释。
任何建议??
答案 0 :(得分:2)
您可以为此使用AMBASSADOR_ID,
getambassador.io/config: |
---
ambassador_id: ambassador-1
apiVersion: ambassador/v0
kind: Module
name: tls
config:
server:
secret: dashboard-certs
---
ambassador_id: ambassador-1
apiVersion: ambassador/v0
kind: Mapping
name: dashboard_test_mapping
host: dashboard.example.com
service: https://dashboard.test.svc.cluster.local
prefix: /
,然后在DaemonSet的env变量中指定此ID:
env:
- name: AMBASSADOR_ID
value: ambassador-1
请参阅文档: https://www.getambassador.io/reference/running/#ambassador_id