我有一个容器化的应用程序,并且我正在尝试将标题proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;从我的nginx传递到我的rails应用程序。
但是当我使用此标头时,就绪性和活动性探针开始失败,状态为502 and awaiting headers,并且我的部署未成功完成。
这是kubectl describe pod的输出,我们在其中看到502
Warning Unhealthy 11m kubelet, gke-cluster-1-upgraded-pool--v82p Liveness probe failed: Get http://10.16.0.1:3000/users/sign_in: dial tcp 10.16.0.221:3000: connect: connection refused
Warning Unhealthy 11m kubelet, gke-cluster-1-upgraded-pool--v82p Readiness probe failed: HTTP probe failed with statuscode: 502
Warning Unhealthy 11m kubelet, gke-cluster-1-upgraded-pool--v82p Liveness probe failed: HTTP probe failed with statuscode: 502
Warning Unhealthy 11m kubelet, gke-cluster-1-upgraded-pool--v82p Readiness probe failed: Get http://10.16.0.1:3000/users/sign_in: dial tcp 10.16.0.221:3000: connect: connection refused
Warning Unhealthy 11m kubelet, gke-cluster-1-upgraded-pool--v82p Liveness probe failed: Get http://10.16.0.1:3000/users/sign_in: net/http: request canceled (Client.Timeout exceeded while awaiting headers)
Warning BackOff 84s (x33 over 8m56s) kubelet, gke-cluster-1-upgraded-pool--v82p Back-off restarting failed container
以前,标头值为proxy_set_header X-Forwarded-For $http_x_forwarded_for;
以下是我的nginx.conf
http {
set_real_ip_from 1.2.3.4; -- example ip
real_ip_header X-Forwarded-For;
real_ip_recursive on;
server {
listen 80 default_server;
server_name _;
client_max_body_size 16m;
location @app {
proxy_pass http://127.0.0.1:3000;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
}
}
}
下面是我的部署文件,我尝试仅保留相关部分并删除了庞大的安装和数据库连接设置
apiVersion: apps/v1beta1
kind: Deployment
metadata:
name: backend
spec:
template:
metadata:
labels:
app: backend
spec:
initContainers:
- name: nginx-config
image: my_nginx
command: ['/bin/sh', '-c']
args: ["sed -i -e 's/gzip_types/gzip_types application\\/json/g' /etc/nginx/nginx.conf && mv /etc/nginx/* /etc/nginx-new/"]
volumeMounts:
- name: nginx-config
mountPath: /etc/nginx-new
- name: copy-assets
image: unicorn_image
command: ['sh', '-c', 'cp -a /app/public/* /mnt/']
volumeMounts:
- name: assets
mountPath: /mnt
containers:
- name: unicorn
image: unicorn_image
ports:
- containerPort: 3000
env:
livenessProbe:
httpGet:
path: /users/sign_in
port: 3000
scheme: HTTP
initialDelaySeconds: 10
readinessProbe:
httpGet:
path: /users/sign_in
port: 3000
scheme: HTTP
initialDelaySeconds: 10
- name: nginx
image: my_nginx
ports:
- containerPort: 80
livenessProbe:
httpGet:
path: /users/sign_in
port: 80
scheme: HTTP
initialDelaySeconds: 10
readinessProbe:
httpGet:
path: /users/sign_in
port: 80
scheme: HTTP
initialDelaySeconds: 10
volumeMounts:
- name: assets
mountPath: /var/www
readOnly: true
- name: nginx-config
mountPath: /etc/nginx
更新:我看到没有创建nginx容器。请看下面
kubectl exec -it backend-6f4974cfd6-jtnqk -c nginx -- /bin/bash
error: unable to upgrade connection: container not found ("nginx")
不确定更新标头是如何引起问题的。
有人可以向我指出正确的解决方法,谢谢。
答案 0 :(得分:0)
1。。根据第二个问题,请在您的volumes中添加deployment.spec.template.spec section和emptyDir or hostPath
apiVersion: apps/v1
kind: Deployment
metadata:
name: backend
spec:
replicas: 2
selector:
matchLabels:
app: backend
template:
metadata:
labels:
app: backend
spec:
initContainers:
- name: ubuntu
image: ubuntu
command: ["/bin/sh"]
args: ["-c", " echo test > /test1/index.html "]
volumeMounts:
- name: nginx-index
mountPath: /test1
containers:
- name: nginx
image: nginx
ports:
- containerPort: 80
volumeMounts:
- name: nginx-index
mountPath: /usr/share/nginx/html
volumes:
- name: nginx-index
emptyDir: {}
2。。如果您使用的是标准nginx图像,请记住,提供args and commands将会更改f..e入口点defined in Dockerimage
3。。我认为,最好使用configMap来为nginx
提供特定的配置希望获得帮助