我已经建立了一个裸机k8集群(1个主节点-Raspberry pi上的intel NUC和2个工作节点)。我设法设置了Metal-lb负载平衡和Nginx入口控制器。我已经启动了两个应用程序,ghost(监听默认端口2368)和nextcloud(监听默认端口80)。我正在尝试从公用ip myhomeserver.io(访问幻影应用程序)和nextcloud.myhomeserver.io(访问下一个云应用程序)访问应用程序。我可以访问ghost应用程序,但似乎无法访问nextcloud。下面是用于入口和服务的yaml文件。不知道我要去哪里错了。
kubectl get services --all-namespaces
NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
default kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 98d
ghost ghost-service ClusterIP 10.107.116.108 <none> 2368/TCP 7h37m
ingress-nginx ingress-nginx LoadBalancer 10.109.177.223 192.168.178.200 80:31619/TCP,443:30365/TCP 7d23h
kube-system kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP,9153/TCP 98d
nextcloud nextcloud-service ClusterIP 10.105.24.162 <none> 8080/TCP 137m
=============================================================================================================================
NAMESPACE NAME HOSTS ADDRESS PORTS AGE
ghost ingress-ghost myhomeserver.io 192.168.178.200 80 7d22h
nextcloud ingress-nextcloud nextcloud.myhomeserver.io 192.168.178.200 80 140m
=============================================================================================================================
cat ingress-object-ghost.yaml
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: ingress-ghost
namespace: ghost
spec:
rules:
- host: myhomeserver.io
http:
paths:
- backend:
serviceName: ghost-service
servicePort: 2368
=============================================================================================================================
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: ingress-nextcloud
namespace: nextcloud
spec:
rules:
- host: nextcloud.myhomeserver.io
http:
paths:
- backend:
serviceName: nextcloud-service
servicePort: 8080
================================================================================================================================
cat ingress-object-nextcloud.yaml
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: ingress-nextcloud
namespace: nextcloud
spec:
rules:
- host: nextcloud.myhomeserver.io
http:
paths:
- backend:
serviceName: nextcloud-service
servicePort: 8080
===================================================================================
apiVersion: apps/v1
kind: Deployment
metadata:
name:
deployment-nextcloud
namespace: nextcloud
labels:
env: prod
app: nextcloud-app
spec:
template:
metadata:
name: nextcloud-app-pod
labels:
app: nextcloud-app
env: production
spec:
containers:
- name: nextcloud
image: arm32v7/nextcloud
imagePullPolicy: IfNotPresent
ports:
- containerPort: 8080
volumeMounts:
- mountPath: /var/www/html
name: nextcloud-data
securityContext:
privileged: True
volumes:
- name: nextcloud-data
persistentVolumeClaim:
claimName: pvc-nextcloud
nodeSelector:
kubernetes.io/arch: arm
replicas: 2
selector:
matchLabels:
app: nextcloud-app
================================================================================================================
apiVersion: v1
kind: Service
metadata:
name: nextcloud-service
namespace: nextcloud
labels:
app: nextcloud-app
spec:
type: ClusterIP
selector:
app: nextcloud-app
ports:
- port: 8080
targetPort: 8080
protocol: TCP
答案 0 :(得分:2)
请注意,您的nginx入口控制器在ghost命名空间中运行,因此它仅了解ghost服务。如果要在其中添加一个入口,则需要为nextcloud命名空间使用另一个入口控制器。如果您不希望使用其他入口控制器,则可以通过以下方式{@ 1}来定位nextcloud服务来解析nextcloud服务。
一方面,对应用程序进行如此多的划分实际上没有意义。 Kubernetes已经为您提供了在相同名称空间中的应用程序之间足够的隐私性。
更新
只要您只有servicename.namespacename.svc.cluster.local,就可以使用适合您的入口。由于有两个服务,因此我添加了一条路径规则,该规则将被重写为1 INGRESS CONTROLLER,因此每个服务都将收到一个干净的URI。使用/到达myhomeserver.io/ghost,使用ghost到达nextcloud。
myhomeserver.io/nextcloud 更新2
因此,您的apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: ingress-ghost
namespace: ghost
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- host: myhomeserver.io
http:
paths:
- path: /ghost
backend:
serviceName: ghost-service
servicePort: 2368
- path: /nextcloud
backend:
serviceName: nextcloud-service.nextcloud.svc.cluster.local
servicePort: 8080
在ghost命名空间中运行。因此,您的入口必须部署在ghost命名空间中。注意每个主机的http规则。
ingress controller