我正在尝试在minikube(Kubernetes)上运行android docker,并且正在使用https://pdfbox.apache.org/。
我创建了POD和服务。这是我的POD代码:
apiVersion: v1
kind: Pod
metadata:
name: android
labels:
app: android
spec:
containers:
- name: android
image: budtmo/docker-android-x86-8.1
securityContext:
privileged: true
ports:
- containerPort: 6080
- containerPort: 5554
- containerPort: 5555
env:
- name: DEVICE
value: "Samsung Galaxy S6"
这是我的服务代码:
apiVersion: v1
kind: Service
metadata:
name: android-service
spec:
ports:
- port: 6080
name: serving
protocol: TCP
- port: 5555
name: srv
protocol: TCP
- port: 5554
name: srv2
protocol: TCP
selector:
app: android
创建POD和服务后,我运行:
kubectl proxy --address='0.0.0.0' --port=8001 --accept-hosts='.*'
然后尝试输入-http://localhost:8001/api/v1/namespaces/default/services/android-service:serving/proxy/
。
输入该地址后,我会收到以下消息:
Error: 'read tcp 172.16.0.1:43218->172.16.0.18:6080: read: connection reset by peer'
Trying to reach: 'http://172.16.0.18:6080/'
POD已启动(不会重新启动),这是其日志:
2019-07-30 11:01:07,281 CRIT Supervisor running as root (no user in config file)
2019-07-30 11:01:07,288 INFO supervisord started with pid 7
2019-07-30 11:01:08,580 INFO spawned: 'xvfb' with pid 10
2019-07-30 11:01:08,582 INFO spawned: 'port-forward' with pid 11
2019-07-30 11:01:08,716 INFO spawned: 'novnc' with pid 12
2019-07-30 11:01:08,728 INFO spawned: 'openbox' with pid 13
2019-07-30 11:01:08,730 INFO spawned: 'x11vnc' with pid 14
2019-07-30 11:01:08,740 INFO spawned: 'android-screen-mirror' with pid 15
2019-07-30 11:01:08,754 INFO spawned: 'docker-appium' with pid 16
2019-07-30 11:01:09,136 INFO spawned: 'atd' with pid 29
2019-07-30 11:01:09,671 INFO spawned: 'auto-recording' with pid 42
2019-07-30 11:01:09,681 INFO spawned: 'adb-utils' with pid 46
2019-07-30 11:01:09,681 INFO exited: android-screen-mirror (exit status 0; expected)
2019-07-30 11:01:09,682 INFO exited: atd (exit status 0; not expected)
2019-07-30 11:01:09,685 INFO success: xvfb entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2019-07-30 11:01:09,686 INFO success: port-forward entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2019-07-30 11:01:09,686 INFO success: novnc entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2019-07-30 11:01:09,727 INFO success: openbox entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2019-07-30 11:01:09,727 INFO exited: x11vnc (exit status 1; not expected)
2019-07-30 11:01:11,574 INFO spawned: 'x11vnc' with pid 53
2019-07-30 11:01:11,580 INFO success: docker-appium entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2019-07-30 11:01:12,725 INFO spawned: 'atd' with pid 55
2019-07-30 11:01:12,727 INFO success: auto-recording entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2019-07-30 11:01:12,727 INFO success: adb-utils entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2019-07-30 11:01:13,767 INFO success: x11vnc entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2019-07-30 11:01:13,767 INFO success: atd entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2019-07-30 11:01:15,182 INFO exited: atd (exit status 0; expected)
2019-07-30 11:01:15,765 INFO exited: auto-recording (exit status 0; expected)
2019-07-30 11:04:17,019 INFO exited: docker-appium (exit status 0; expected)
P.s。我认为它不相关,但是我也有istio,所以当我检查kubectl get pods
吊舱时,我得到:
NAME READY STATUS RESTARTS AGE
android 2/2 Running 0 54m
当我运行kubectl logs android istio-init
时,我得到:
+ iptables -t nat -A ISTIO_REDIRECT -p tcp -j REDIRECT --to-port 15001
+ iptables -t nat -N ISTIO_IN_REDIRECT
+ iptables -t nat -A ISTIO_IN_REDIRECT -p tcp -j REDIRECT --to-port 15001
+ '[' -n 6080,5554,5555 ']'
+ '[' REDIRECT = TPROXY ']'
+ table=nat
+ iptables -t nat -N ISTIO_INBOUND
+ iptables -t nat -A PREROUTING -p tcp -j ISTIO_INBOUND
+ '[' 6080,5554,5555 == '*' ']'
+ for port in '${INBOUND_PORTS_INCLUDE}'
+ '[' REDIRECT = TPROXY ']'
+ iptables -t nat -A ISTIO_INBOUND -p tcp --dport 6080 -j ISTIO_IN_REDIRECT
+ for port in '${INBOUND_PORTS_INCLUDE}'
+ '[' REDIRECT = TPROXY ']'
+ iptables -t nat -A ISTIO_INBOUND -p tcp --dport 5554 -j ISTIO_IN_REDIRECT
+ for port in '${INBOUND_PORTS_INCLUDE}'
+ '[' REDIRECT = TPROXY ']'
+ iptables -t nat -A ISTIO_INBOUND -p tcp --dport 5555 -j ISTIO_IN_REDIRECT
+ iptables -t nat -N ISTIO_OUTPUT
+ iptables -t nat -A OUTPUT -p tcp -j ISTIO_OUTPUT
+ '[' -z '' ']'
+ iptables -t nat -A ISTIO_OUTPUT -o lo '!' -d 127.0.0.1/32 -j ISTIO_REDIRECT
+ for uid in '${PROXY_UID}'
+ iptables -t nat -A ISTIO_OUTPUT -m owner --uid-owner 1337 -j RETURN
+ for gid in '${PROXY_GID}'
+ iptables -t nat -A ISTIO_OUTPUT -m owner --gid-owner 1337 -j RETURN
+ iptables -t nat -A ISTIO_OUTPUT -d 127.0.0.1/32 -j RETURN
+ '[' -n '' ']'
+ '[' '*' == '*' ']'
+ iptables -t nat -A ISTIO_OUTPUT -j ISTIO_REDIRECT
+ set +o nounset
+ '[' -n '' ']'
+ ip6tables -F INPUT
+ ip6tables -A INPUT -m state --state ESTABLISHED -j ACCEPT
+ ip6tables -A INPUT -i lo -d ::1 -j ACCEPT
+ ip6tables -A INPUT -j REJECT
+ dump
+ iptables-save
# Generated by iptables-save v1.6.0 on Tue Jul 30 17:49:14 2019
*mangle
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
COMMIT
# Completed on Tue Jul 30 17:49:14 2019
# Generated by iptables-save v1.6.0 on Tue Jul 30 17:49:14 2019
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:ISTIO_INBOUND - [0:0]
:ISTIO_IN_REDIRECT - [0:0]
:ISTIO_OUTPUT - [0:0]
:ISTIO_REDIRECT - [0:0]
-A PREROUTING -p tcp -j ISTIO_INBOUND
-A OUTPUT -p tcp -j ISTIO_OUTPUT
-A ISTIO_INBOUND -p tcp -m tcp --dport 6080 -j ISTIO_IN_REDIRECT
-A ISTIO_INBOUND -p tcp -m tcp --dport 5554 -j ISTIO_IN_REDIRECT
-A ISTIO_INBOUND -p tcp -m tcp --dport 5555 -j ISTIO_IN_REDIRECT
-A ISTIO_IN_REDIRECT -p tcp -j REDIRECT --to-ports 15001
-A ISTIO_OUTPUT ! -d 127.0.0.1/32 -o lo -j ISTIO_REDIRECT
-A ISTIO_OUTPUT -m owner --uid-owner 1337 -j RETURN
-A ISTIO_OUTPUT -m owner --gid-owner 1337 -j RETURN
-A ISTIO_OUTPUT -d 127.0.0.1/32 -j RETURN
-A ISTIO_OUTPUT -j ISTIO_REDIRECT
-A ISTIO_REDIRECT -p tcp -j REDIRECT --to-ports 15001
COMMIT
# Completed on Tue Jul 30 17:49:14 2019
+ ip6tables-save
# Generated by ip6tables-save v1.6.0 on Tue Jul 30 17:49:14 2019
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED -j ACCEPT
-A INPUT -d ::1/128 -i lo -j ACCEPT
-A INPUT -j REJECT --reject-with icmp6-port-unreachable
COMMIT
# Completed on Tue Jul 30 17:49:14 2019