Nginx Ingress控制器设置问题

时间:2019-11-08 22:19:40

标签: kubernetes kubernetes-ingress nginx-ingress

我已经建立了一个裸机k8集群(1个主节点-Raspberry pi上的intel NUC和2个工作节点)。我设法设置了Metal-lb负载平衡和Nginx入口控制器。我已经启动了两个应用程序,ghost(监听默认端口2368)和nextcloud(监听默认端口80)。我正在尝试从公用ip myhomeserver.io(访问幻影应用程序)和nextcloud.myhomeserver.io(访问下一个云应用程序)访问应用程序。我可以访问ghost应用程序,但似乎无法访问nextcloud。下面是用于入口和服务的yaml文件。不知道我要去哪里错了。

kubectl get services --all-namespaces
NAMESPACE       NAME                TYPE           CLUSTER-IP       EXTERNAL-IP       PORT(S)                      AGE
default         kubernetes          ClusterIP      10.96.0.1        <none>            443/TCP                      98d
ghost           ghost-service       ClusterIP      10.107.116.108   <none>            2368/TCP                     7h37m
ingress-nginx   ingress-nginx       LoadBalancer   10.109.177.223   192.168.178.200   80:31619/TCP,443:30365/TCP   7d23h
kube-system     kube-dns            ClusterIP      10.96.0.10       <none>            53/UDP,53/TCP,9153/TCP       98d
nextcloud       nextcloud-service   ClusterIP      10.105.24.162    <none>            8080/TCP                     137m

=============================================================================================================================
NAMESPACE   NAME                HOSTS                       ADDRESS           PORTS   AGE
ghost       ingress-ghost       myhomeserver.io             192.168.178.200   80      7d22h
nextcloud   ingress-nextcloud   nextcloud.myhomeserver.io   192.168.178.200   80      140m


=============================================================================================================================
cat ingress-object-ghost.yaml

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: ingress-ghost
  namespace: ghost

spec:
  rules:
  - host: myhomeserver.io
    http:
      paths:
      - backend:
          serviceName: ghost-service
          servicePort: 2368


=============================================================================================================================
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: ingress-nextcloud
  namespace: nextcloud

spec:
  rules:
  - host: nextcloud.myhomeserver.io
    http:
      paths:
      - backend:
          serviceName: nextcloud-service
          servicePort: 8080

================================================================================================================================

cat ingress-object-nextcloud.yaml

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: ingress-nextcloud
  namespace: nextcloud

spec:
  rules:
  - host: nextcloud.myhomeserver.io
    http:
      paths:
      - backend:
          serviceName: nextcloud-service
          servicePort: 8080
===================================================================================
apiVersion: apps/v1

kind: Deployment
metadata:
  name:
    deployment-nextcloud
  namespace: nextcloud
  labels:
    env: prod
    app: nextcloud-app

spec:
  template:
    metadata:
      name: nextcloud-app-pod
      labels:
        app:  nextcloud-app
        env:  production
    spec:
      containers:
        - name: nextcloud
          image: arm32v7/nextcloud
          imagePullPolicy: IfNotPresent
          ports:
            - containerPort: 8080
          volumeMounts:
           - mountPath: /var/www/html
             name: nextcloud-data
          securityContext:
            privileged: True


      volumes:
      - name: nextcloud-data
        persistentVolumeClaim:
          claimName: pvc-nextcloud
      nodeSelector:
        kubernetes.io/arch: arm

  replicas: 2
  selector:
    matchLabels:
      app: nextcloud-app


================================================================================================================
apiVersion: v1
kind: Service
metadata:
  name: nextcloud-service
  namespace: nextcloud
  labels:
    app: nextcloud-app
spec:
  type: ClusterIP
  selector:
    app: nextcloud-app
  ports:
  - port: 8080
    targetPort: 8080
    protocol: TCP

1 个答案:

答案 0 :(得分:2)

请注意,您的nginx入口控制器在ghost命名空间中运行,因此它仅了解ghost服务。如果要在其中添加一个入口,则需要为nextcloud命名空间使用另一个入口控制器。如果您不希望使用其他入口控制器,则可以通过以下方式{@ 1}来定位nextcloud服务来解析nextcloud服务。

一方面,对应用程序进行如此多的划分实际上没有意义。 Kubernetes已经为您提供了在相同名称空间中的应用程序之间足够的隐私性。

更新
只要您只有servicename.namespacename.svc.cluster.local,就可以使用适合您的入口。由于有两个服务,因此我添加了一条路径规则,该规则将被重写为1 INGRESS CONTROLLER,因此每个服务都将收到一个干净的URI。使用/到达myhomeserver.io/ghost,使用ghost到达nextcloud。

myhomeserver.io/nextcloud

更新2 因此,您的apiVersion: extensions/v1beta1 kind: Ingress metadata: name: ingress-ghost namespace: ghost annotations: kubernetes.io/ingress.class: nginx nginx.ingress.kubernetes.io/rewrite-target: / spec: rules: - host: myhomeserver.io http: paths: - path: /ghost backend: serviceName: ghost-service servicePort: 2368 - path: /nextcloud backend: serviceName: nextcloud-service.nextcloud.svc.cluster.local servicePort: 8080 在ghost命名空间中运行。因此,您的入口必须部署在ghost命名空间中。注意每个主机的http规则。

ingress controller