Kubernetes MetalLB外部IP无法访问

时间:2020-03-21 10:48:02

标签: nginx kubernetes load-balancing kubernetes-helm dhcp

我无法访问MetalLB负载均衡器分配的网络IP

我在k3s中创建了一个Kubernetes集群。它的1名主人和1名工人。每个人都有自己的专用IP。

大师192.168.0.13

工人192.168.0.13

我用INSTALL_K3S_EXEC=" --no-deploy servicelb --no-deploy traefik"安装了k3s

现在我正尝试使用MetalLB和nginx入口部署应用程序

  --set configInline.address-pools[0].name=default \
  --set configInline.address-pools[0].protocol=layer2 \
  --set configInline.address-pools[0].addresses[0]=192.168.0.21-192.168.0.30

helm install nginx-ingress stable/nginx-ingress --namespace kube-system \
    --set controller.image.repository=quay.io/kubernetes-ingress-controller/nginx-ingress-controller\
    --set controller.image.tag=0.30.0 \
    --set controller.image.runAsUser=33 \
    --set defaultBackend.enabled=false

我可以看到每个吊舱都已启动并运行

NAME                                             READY   STATUS    RESTARTS   AGE    IP             NODE             NOMINATED NODE   READINESS GATES
coredns-d798c9dd-lsdnp                           1/1     Running   5          37h    10.42.0.25     c271-k3s-ocrh    <none>           <none>
local-path-provisioner-58fb86bdfd-bcpl7          1/1     Running   5          37h    10.42.0.22     c271-k3s-ocrh    <none>           <none>
metrics-server-6d684c7b5-v9tmh                   1/1     Running   5          37h    10.42.0.24     c271-k3s-ocrh    <none>           <none>
metallb-speaker-4kbmw                            1/1     Running   0          4m7s   192.168.0.14   c271-k3s-agent   <none>           <none>
metallb-controller-75bf779d4f-nb47l              1/1     Running   0          4m7s   10.42.1.45     c271-k3s-agent   <none>           <none>
metallb-speaker-776p9                            1/1     Running   0          4m7s   192.168.0.13   c271-k3s-ocrh    <none>           <none>
nginx-ingress-default-backend-5b967cf596-554bq   1/1     Running   0          98s    10.42.1.46     c271-k3s-agent   <none>           <none>
nginx-ingress-controller-674675d5b6-blndp        1/1     Running   0          98s    10.42.1.47     c271-k3s-agent   <none>           <none>

应用获得IP 192.168.0.21 

❯ kubectl get services  -n kube-system -l app=nginx-ingress -o wide
NAME                            TYPE           CLUSTER-IP      EXTERNAL-IP    PORT(S)                      AGE    SELECTOR
nginx-ingress-default-backend   ClusterIP      10.43.170.195   <none>         80/TCP                       112s   app=nginx-ingress,component=default-backend,release=nginx-ingress
nginx-ingress-controller        LoadBalancer   10.43.220.166   192.168.0.21   80:31735/TCP,443:31566/TCP   111s   app=nginx-ingress,component=controller,release=nginx-ingress

我可以通过curl到nginx控制器容器从管理员和工作人员访问该应用程序

HTTP/1.1 200 OK
Server: nginx/1.17.8
Date: Sat, 21 Mar 2020 10:43:34 GMT
Content-Type: text/html
Content-Length: 153
Connection: keep-alive

但是无法从本地192.168.0.21

访问该IP

诊断:DHCP处于打开状态,并且192.168.0.21-192.168.0.30完全免费。,当我尝试通过netplan config将192.168.0.21分配给主服务器或代理时,他们将获得IP。

请指导我,我所缺少的。

2 个答案:

答案 0 :(得分:0)

您需要确保保留源IP地址(metallb分配的外部IP)。为此,请将 ingress-controller服务规范的externalTrafficPolicy字段的值设置为Local。例如

apiVersion: v1
kind: Service
metadata:
  name: my-app
  labels:
    helm.sh/chart: webapp-0.1.0
    app.kubernetes.io/name: webapp
    app.kubernetes.io/instance: my-app
    app.kubernetes.io/version: "1.16.0"
    app.kubernetes.io/managed-by: Helm
spec:
  type: ClusterIP
  ports:
    - port: 80
      targetPort: http
      protocol: TCP
      name: http
  selector:
    app.kubernetes.io/name: webapp
    app.kubernetes.io/instance: my-app
  externalTrafficPolicy: Local

externalTrafficPolicy字段的默认值为'Cluster'。因此将其更改为本地

答案 1 :(得分:-2)

只有服务nginx-ingress-controller正常运行时,MetalLB才能使IP可访问。

相关问题
最新问题