Kubernetes ALB入口:如何在入口资源上公开多个端口

时间:2019-09-23 15:41:16

标签: kubernetes kubernetes-ingress aws-alb

我正在尝试解决似乎很常见的问题的解决方案。

  1. 我有一个k8s集群ip服务,它公开了两个端口:8088和60004
  2. 我想在ALB上公开这些相同的端口,而不使用基于路径的路由

这适用于在8088端口上公开一项服务:

---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: myingress
  namespace: myns
  annotations:
    kubernetes.io/ingress.class: alb
    alb.ingress.kubernetes.io/healthcheck-path: /ping
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/tags: Environment=dev,Team=test
    alb.ingress.kubernetes.io/target-type: ip
    alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 8088}]'
spec:
  rules:
    - host: myhost
      http:
        paths:
          - path: /*
            backend:
              serviceName: firstservice
              servicePort: 8088

如何使用一个入口实现两种服务的相同目的?

谢谢。

2 个答案:

答案 0 :(得分:1)

最终,为了解决此问题,我使用了ALB入口控制器组功能,该功能当前处于Alpha状态:https://github.com/kubernetes-sigs/aws-alb-ingress-controller/issues/914

这是我的入口资源现在的样子:

---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: myingress_1
  namespace: myns
  annotations:
    kubernetes.io/ingress.class: alb
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/tags: Environment=dev,Team=test
    alb.ingress.kubernetes.io/target-type: ip
    alb.ingress.kubernetes.io/group.name: mygroup
    alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 8088}]'
spec:
  rules:
    - host: <HOST>
      http:
        paths:
          - path: /*
            backend:
              serviceName: myservice
              servicePort: 8088
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: myingress_2
  namespace: myns
  annotations:
    kubernetes.io/ingress.class: alb
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/tags: Environment=dev,Team=test
    alb.ingress.kubernetes.io/target-type: ip
    alb.ingress.kubernetes.io/group.name: mygroup
    alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 60004}]'
spec:
  rules:
    - host: <HOST>
      http:
        paths:
          - path: /*
            backend:
              serviceName: myservice
              servicePort: 60004

关键是

alb.ingress.kubernetes.io/group.name: mygroup

连接这两个入口资源。

因此,我最终得到以下结果:

  • 在k8中具有多个(两个)端口的服务,其中暴露有两个单独的入口 资源,但它们都指向同一个AWS ALB(因为同一个组 名称)
  • 在AWS ALB端,我得到了一个ALB,其中有两个暴露的端口:8088和 60004,它们每个都指向相同的k8s服务,但是 同一Pod上的不同端口(这很可能是两个不同的k8s服务 如果需要的话)

答案 1 :(得分:0)

我试过这个,对我有用;

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: "ingress"
  namespace: "env"
  annotations:
    kubernetes.io/ingress.class: alb
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/target-type: ip
    alb.ingress.kubernetes.io/certificate-arn: xxxxxx
    alb.ingress.kubernetes.io/ssl-policy: ELBSecurityPolicy-TLS-1-1-2017-01
    alb.ingress.kubernetes.io/listen-ports: '[{"HTTP":80},{"HTTP":443}]'
    alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}'
spec:
  rules:
  - http:
      paths:
      - backend:
          serviceName: ssl-redirect
          servicePort: use-annotation
  - host: 123.example.com
    http:
      paths:
      - backend:
          serviceName: 1-server-tg
          servicePort: 80
  - host: 234.example.com
    http:
      paths:
      - backend:
          serviceName: 2-server-tg
          servicePort: 80
相关问题
最新问题