我们在k8s上运行traefik,我能够建立到http服务的路由,但不能建立到TCP的路由,例如我可以使用whoami服务,但不能使用postgres服务。
初始设置:
我通过标准头盔图表安装了postgres
我也通过头盔图安装了traefik。
这有效:
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} -s [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [NC,L]
RewriteRule ^(.*) /index.html [NC,L]
我能够打开浏览器,导航至http://example.com并获得预期的whomai页面。
由于我们通过头盔部署了postgres,并且该服务的类型为ClusterIP,因此如何为开发人员提供对数据库的访问权限? 我再次选择了“ k8s入口”,而不是CRD,因为我不是专家。
在这里,我认为我缺少一些基本知识,我知道他们正在尝试使用客户端来达成这样的目标:
jdbc:postgresql://example.com:5432 / postgres(当然,客户端允许输入用户/密码/数据库)
状态集:
apiVersion: apps/v1
metadata:
name: whoami
namespace: shared
labels:
app: containous
name: whoami
spec:
replicas: 2
selector:
matchLabels:
app: containous
task: whoami
template:
metadata:
labels:
app: containous
task: whoami
spec:
containers:
- name: containouswhoami
image: containous/whoami
ports:
- containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: whoami
namespace: shared
spec:
ports:
- name: http
port: 80
selector:
app: containous
task: whoami
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: whoami
namespace: shared
annotations:
kubernetes.io/ingress.class: traefik
spec:
rules:
- host: example.com
postgres:
paths:
- backend:
serviceName: whoami
servicePort: http
服务:
+ kubectl get statefulset -n shared
NAME READY AGE
admindb-postgresql 1/1 23h
状态集描述:
+ kubectl get service -n shared
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
admindb-postgresql ClusterIP 10.100.75.113 <none> 5432/TCP 23h
admindb-postgresql-headless ClusterIP None <none> 5432/TCP 23h
whoami ClusterIP 10.100.25.131 <none> 80/TCP 44m
服务说明:
+ kubectl describe statefulset admindb-postgresql -n shared
Name: admindb-postgresql
Namespace: shared
CreationTimestamp: Tue, 10 Mar 2020 11:05:43 +0200
Selector: app=postgresql,release=admindb,role=master
Labels: app=postgresql
chart=postgresql-8.3.3
heritage=Helm
release=admindb
Annotations: <none>
Replicas: 1 desired | 1 total
Update Strategy: RollingUpdate
Pods Status: 1 Running / 0 Waiting / 0 Succeeded / 0 Failed
Pod Template:
Labels: app=postgresql
chart=postgresql-8.3.3
heritage=Helm
release=admindb
role=master
Init Containers:
init-chmod-data:
Image: docker.io/bitnami/minideb:buster
Port: <none>
Host Port: <none>
Command:
/bin/sh
-cx
echo "current user id: `id`"
mkdir -p /bitnami/postgresql/data
chmod 700 /bitnami/postgresql/data
find /bitnami/postgresql -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" | \
xargs chown -R 1001:1001
chmod -R 777 /dev/shm
Requests:
cpu: 250m
memory: 256Mi
Environment: <none>
Mounts:
/bitnami/postgresql from data (rw)
/dev/shm from dshm (rw)
Containers:
admindb-postgresql:
Image: docker.io/bitnami/postgresql:11.6.0-debian-10-r5
Port: 5432/TCP
Host Port: 0/TCP
Requests:
cpu: 250m
memory: 256Mi
Liveness: exec [/bin/sh -c exec pg_isready -U "postgres" -h 127.0.0.1 -p 5432] delay=30s timeout=5s period=10s #success=1 #failure=6
Readiness: exec [/bin/sh -c -e exec pg_isready -U "postgres" -h 127.0.0.1 -p 5432
[ -f /opt/bitnami/postgresql/tmp/.initialized ] || [ -f /bitnami/postgresql/.initialized ]
] delay=5s timeout=5s period=10s #success=1 #failure=6
Environment:
BITNAMI_DEBUG: false
POSTGRESQL_PORT_NUMBER: 5432
POSTGRESQL_VOLUME_DIR: /bitnami/postgresql
PGDATA: /bitnami/postgresql/data
POSTGRES_USER: postgres
POSTGRES_PASSWORD: <set to the key 'postgresql-password' in secret 'pg-default-password'> Optional: false
POSTGRESQL_ENABLE_LDAP: no
Mounts:
/bitnami/postgresql from data (rw)
/dev/shm from dshm (rw)
Volumes:
dshm:
Type: EmptyDir (a temporary directory that shares a pod's lifetime)
Medium: Memory
SizeLimit: 1Gi
Volume Claims:
Name: data
StorageClass:
Labels: <none>
Annotations: <none>
Capacity: 30Gi
Access Modes: [ReadWriteOnce]
Events: <none>