我有一个带有1个节点的rancher集群,它们的本地IP:10.39.93.180
我使用ExternalIp: 10.39.93.180
从3个复制和负载均衡器开始一个pod
可以访问Pod端口,但不能访问负载均衡器。
Pod描述。
Name: development-review-inventory-api-66b6ccfc44-jm59c
Namespace: development-review-inventory
Priority: 0
Node: 10.39.93.185/10.39.93.185
Start Time: Wed, 16 Oct 2019 01:27:59 -0400
Labels: pod-template-hash=66b6ccfc44
run=development-review-inventory-api
Annotations: cni.projectcalico.org/podIP: 10.42.0.13/32
Status: Running
IP: 10.42.0.13
IPs: <none>
Controlled By: ReplicaSet/development-review-inventory-api-66b6ccfc44
Containers:
development-review-inventory-api:
Container ID: docker://103d34497d590cdb391c5c4959b2f308fbacf9abf5e2042314be9583f9cf5dd1
Image: 10.39.93.29:5000/development-review-inventory-api
Image ID: docker-pullable://10.39.93.29:5000/development-review-inventory-api@sha256:b54f5c6e499fb1b9981c97fb00f20a38b75c87c493551d1833928b9e78a1260b
Port: 8510/TCP
Host Port: 0/TCP
State: Running
Started: Wed, 16 Oct 2019 01:28:00 -0400
Ready: True
Restart Count: 0
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-8ptvb (ro)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
default-token-8ptvb:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-8ptvb
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 9m43s default-scheduler Successfully assigned development-review-inventory/development-review-inventory-api-66b6ccfc44-jm59c to 10.39.93.185
Normal Pulling 9m42s kubelet, 10.39.93.185 Pulling image "10.39.93.29:5000/development-review-inventory-api"
Normal Pulled 9m42s kubelet, 10.39.93.185 Successfully pulled image "10.39.93.29:5000/development-review-inventory-api"
Normal Created 9m42s kubelet, 10.39.93.185 Created container development-review-inventory-api
Normal Started 9m42s kubelet, 10.39.93.185 Started container development-review-inventory-api
访问盒8510
[root@localhost inventory-api]# k exec -it -n development-review-inventory development-review-inventory-api-66b6ccfc44-n4wks -- curl 0.0.0.0:8510
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Error</title>
</head>
<body>
<pre>Cannot GET /</pre>
</body>
</html>
LoadBalancer配置
[root@localhost inventory-api]# k get svc -n development-review-inventory development-review-inventory-api -o=yaml --export
Flag --export has been deprecated, This flag is deprecated and will be removed in future.
apiVersion: v1
kind: Service
metadata:
creationTimestamp: null
labels:
run: development-review-inventory-api
name: development-review-inventory-api
selfLink: /api/v1/namespaces/development-review-inventory/services/development-review-inventory-api
spec:
externalIPs:
- 10.39.93.180
externalTrafficPolicy: Cluster
ports:
- nodePort: 31717
port: 8510
protocol: TCP
targetPort: 8510
selector:
run: development-review-inventory-api
sessionAffinity: None
type: LoadBalancer
status:
loadBalancer: {}
路径SVC外部IP
kubectl patch svc -n development-review-inventory development-review-inventory-api -p '{"spec":{"externalIPs":["10.39.93.180"]}}'
获取SVC
[root@localhost inventory-api]# k get svc -n development-review-inventory
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
development-review-inventory-api LoadBalancer 10.43.52.1 10.39.93.180 8510:31717/TCP 15m
无法通过平衡器访问
[root@localhost inventory-api]# curl 10.39.93.180:31717
curl: (7) Failed connect to 10.39.93.180:31717; Connection refused
答案 0 :(得分:0)
您应该通过裸露的端口访问它,尝试打开
10.39.93.180:8501
如果您可以在此应用程序中添加一个公共URI(如果它需要任何身份验证令牌),然后点击其路由以验证响应,那就很好了
10.39.93.180:8501/publicURI
我对我的应用程序确实很喜欢,而且效果很好
答案 1 :(得分:0)
我在裸机上安装了k8s牧场主集群,它不支持SVC类型:类似云提供商(AWS,GCL ...)的LoadBalancer。需要安装https://metallb.universe.tf/才能完成工作,而无需更改任何配置。
Kubernetes不提供用于裸机群集的网络负载平衡器(类型为LoadBalancer的服务)的实现。 Kubernetes附带的Network LB的实现都是调用各种IaaS平台(GCP,AWS,Azure等)的粘合代码。如果您未在受支持的IaaS平台(GCP,AWS,Azure等)上运行,则LoadBalancers在创建后将无限期保持“待处理”状态。