我正在关注此文档 https://kubernetes.io/docs/concepts/services-networking/connect-applications-service/
但我希望能够卷曲一些 localhost:8080 或类似的东西。
从主机期望的确切 curl 命令和端口是什么。不在集群上,不在节点上,而是来自主机。
我在 microk8s 中运行。
这是我申请的文件,从文档中复制:
apiVersion: v1
kind: Service
metadata:
name: my-nginx
labels:
run: my-nginx
spec:
type: NodePort
ports:
- port: 8080
targetPort: 80
protocol: TCP
name: http
- port: 443
protocol: TCP
name: https
selector:
run: my-nginx
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-nginx
spec:
selector:
matchLabels:
run: my-nginx
replicas: 1
template:
metadata:
labels:
run: my-nginx
spec:
volumes:
- name: secret-volume
secret:
secretName: nginxsecret
- name: configmap-volume
configMap:
name: nginxconfigmap
containers:
- name: nginxhttps
image: bprashanth/nginxhttps:1.0
ports:
- containerPort: 443
- containerPort: 80
volumeMounts:
- mountPath: /etc/nginx/ssl
name: secret-volume
- mountPath: /etc/nginx/conf.d
name: configmap-volume
这是 k get deployment my-nginx -o yaml
命令的输出:
apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
deployment.kubernetes.io/revision: "1"
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"my-nginx","namespace":"default"},"spec":{"replicas":1,"selector":{"matchLabels":{"run":"my-nginx"}},"template":{"metadata":{"labels":{"run":"my-nginx"}},"spec":{"containers":[{"image":"bprashanth/nginxhttps:1.0","name":"nginxhttps","ports":[{"containerPort":443},{"containerPort":80}],"volumeMounts":[{"mountPath":"/etc/nginx/ssl","name":"secret-volume"},{"mountPath":"/etc/nginx/conf.d","name":"configmap-volume"}]}],"volumes":[{"name":"secret-volume","secret":{"secretName":"nginxsecret"}},{"configMap":{"name":"nginxconfigmap"},"name":"configmap-volume"}]}}}}
creationTimestamp: "2021-01-31T19:25:30Z"
generation: 1
managedFields:
- apiVersion: apps/v1
fieldsType: FieldsV1
fieldsV1:
f:metadata:
f:annotations:
.: {}
f:kubectl.kubernetes.io/last-applied-configuration: {}
f:spec:
f:progressDeadlineSeconds: {}
f:replicas: {}
f:revisionHistoryLimit: {}
f:selector: {}
f:strategy:
f:rollingUpdate:
.: {}
f:maxSurge: {}
f:maxUnavailable: {}
f:type: {}
f:template:
f:metadata:
f:labels:
.: {}
f:run: {}
f:spec:
f:containers:
k:{"name":"nginxhttps"}:
.: {}
f:image: {}
f:imagePullPolicy: {}
f:name: {}
f:ports:
.: {}
k:{"containerPort":80,"protocol":"TCP"}:
.: {}
f:containerPort: {}
f:protocol: {}
k:{"containerPort":443,"protocol":"TCP"}:
.: {}
f:containerPort: {}
f:protocol: {}
f:resources: {}
f:terminationMessagePath: {}
f:terminationMessagePolicy: {}
f:volumeMounts:
.: {}
k:{"mountPath":"/etc/nginx/conf.d"}:
.: {}
f:mountPath: {}
f:name: {}
k:{"mountPath":"/etc/nginx/ssl"}:
.: {}
f:mountPath: {}
f:name: {}
f:dnsPolicy: {}
f:restartPolicy: {}
f:schedulerName: {}
f:securityContext: {}
f:terminationGracePeriodSeconds: {}
f:volumes:
.: {}
k:{"name":"configmap-volume"}:
.: {}
f:configMap:
.: {}
f:defaultMode: {}
f:name: {}
f:name: {}
k:{"name":"secret-volume"}:
.: {}
f:name: {}
f:secret:
.: {}
f:defaultMode: {}
f:secretName: {}
manager: kubectl-client-side-apply
operation: Update
time: "2021-01-31T19:25:30Z"
- apiVersion: apps/v1
fieldsType: FieldsV1
fieldsV1:
f:metadata:
f:annotations:
f:deployment.kubernetes.io/revision: {}
f:status:
f:availableReplicas: {}
f:conditions:
.: {}
k:{"type":"Available"}:
.: {}
f:lastTransitionTime: {}
f:lastUpdateTime: {}
f:message: {}
f:reason: {}
f:status: {}
f:type: {}
k:{"type":"Progressing"}:
.: {}
f:lastTransitionTime: {}
f:lastUpdateTime: {}
f:message: {}
f:reason: {}
f:status: {}
f:type: {}
f:observedGeneration: {}
f:readyReplicas: {}
f:replicas: {}
f:updatedReplicas: {}
manager: kube-controller-manager
operation: Update
time: "2021-01-31T19:25:31Z"
name: my-nginx
namespace: default
resourceVersion: "764711"
selfLink: /apis/apps/v1/namespaces/default/deployments/my-nginx
uid: 77061fd6-8a88-4e0d-891b-6dcc5df2c95e
spec:
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
run: my-nginx
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
creationTimestamp: null
labels:
run: my-nginx
spec:
containers:
- image: bprashanth/nginxhttps:1.0
imagePullPolicy: IfNotPresent
name: nginxhttps
ports:
- containerPort: 443
protocol: TCP
- containerPort: 80
protocol: TCP
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /etc/nginx/ssl
name: secret-volume
- mountPath: /etc/nginx/conf.d
name: configmap-volume
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
terminationGracePeriodSeconds: 30
volumes:
- name: secret-volume
secret:
defaultMode: 420
secretName: nginxsecret
- configMap:
defaultMode: 420
name: nginxconfigmap
name: configmap-volume
status:
availableReplicas: 1
conditions:
- lastTransitionTime: "2021-01-31T19:25:31Z"
lastUpdateTime: "2021-01-31T19:25:31Z"
message: Deployment has minimum availability.
reason: MinimumReplicasAvailable
status: "True"
type: Available
- lastTransitionTime: "2021-01-31T19:25:30Z"
lastUpdateTime: "2021-01-31T19:25:31Z"
message: ReplicaSet "my-nginx-5b6fb7fb46" has successfully progressed.
reason: NewReplicaSetAvailable
status: "True"
type: Progressing
observedGeneration: 1
readyReplicas: 1
replicas: 1
updatedReplicas: 1
文档中也有这个 default.conf
cat default.conf
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
listen 443 ssl;
root /usr/share/nginx/html;
index index.html;
server_name localhost;
ssl_certificate /etc/nginx/ssl/tls.crt;
ssl_certificate_key /etc/nginx/ssl/tls.key;
location / {
try_files $uri $uri/ =404;
}
}
答案 0 :(得分:0)
试试 curl -k 127.0.0.1:80
或 curl -k localhost:80
。实际上 8080
端口是用于 service
但是当您尝试 localhost
或 127.0.0.1
时它们不通过 service
连接所以 port
需要成为 container
的端口,即 80
。
答案 1 :(得分:0)
您可以为您的 Pod 设置代理:
kubectl port-forward [name of your pod] [port-on-the-host]:[pod-port]
然后您可以通过您的主机访问它:
$ curl 127.0.0.1:pod-port
在你的情况下: $卷曲127.0.0.1:80
在您的情况下,80
是一个 targetPort
,它是请求发送到的 pod 上的端口
但它是不使用 services 的解决方案。
阅读更多:kubernetes-port-forward。