我是kubernetes的新手,我具有deployment.yaml文件
apiVersion: apps/v1
kind: Deployment
metadata:
name: pdemo
namespace: default
spec:
replicas: 1
selector:
matchLabels:
papi: web
template:
metadata:
labels:
papi: web
spec:
containers:
- name: pdemodemo-site
image:pdemoapi:4.0
ports:
- containerPort: 443
---
apiVersion: v1
kind: Service
metadata:
name: pdemo-entrypoint
namespace: default
spec:
type: LoadBalancer
selector:
bb: web
ports:
- port: 44328
targetPort: 443
我应用了这个deployment.yaml文件并请求kubectl get服务
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 19h
pdemo-entrypoint LoadBalancer 10.111.16.228 localhost 44328:31656/TCP 60m
然后我做了kubectl port-forward service/pdemo-entrypoint --address "localhost" 31656:44328
产生了
Forwarding from 127.0.0.1:31656 -> 443
Forwarding from [::1]:31656 -> 443
Handling connection for 31656
Handling connection for 31656
然后,当我尝试从浏览器请求时,我得到了
E1116 09:35:14.268697 2692 portforward.go:400] an error occurred forwarding 31656 -> 443: error forwarding port 443 to pod 54c1096fd343af2d0bc356c3ee52a54ac0db586e0f978fd3a0062278fe7aeb98, uid : exit status 1: 2019/11/16 14:35:14 socat[33825] E connect(21, AF=2 127.0.0.1:443, 16): Connection refused
这是我的docker映像文件
FROM mcr.microsoft.com/dotnet/core/aspnet:2.2-alpine3.8 AS base
WORKDIR /app
EXPOSE 443
COPY ./xyz/publish .
ENV ASPNETCORE_URLS=https://+:443;http://+80
ENTRYPOINT ["dotnet","xyz.dll"]
仅供参考:我正在使用docker-desktop
答案 0 :(得分:1)
如果您输入浏览器localhost:31656,则并不意味着路由到https的流量,默认情况下浏览器会将其转换为http://localhost:31656,换句话说,您将未加密的流量路由到了加密的端点。
https://
curl -LO https://localhost:31656