我正在尝试实现以下目标,我在 AWS EC2 上使用 kops 安装了 Kube 集群(1.18 版)。它已启动并正在运行,但现在我想通过子域向 Internet 公开一些工作负载,但它没有按预期工作,因此我使用了 ingress。
更多详情如下:
Client Version: v1.18.3
Server Version: v1.18.3
helm version --short
Client: v2.17.0+ga690bad
Server: v2.17.0+ga690bad
图表如下:
deploy.yaml:
name: custom-smscs
branch: k8s
git: git@github.com:REDACTED
image:
repository: <account_id>.dkr.ecr.eu-west-1.amazonaws.com/custom_smscs
service:
port: 80
internalPort: 80
healthEndpoint: /health
deployment.yaml:
apiVersion: apps/v1
kind: Deployment
metadata:
name: "{{ .Chart.Name }}-deployment"
labels:
app: {{ .Values.name }}
spec:
replicas: {{ .Values.replicaCount }}
selector:
matchLabels:
app: {{ .Values.name }}
template:
metadata:
labels:
app: {{ .Values.name }}
spec:
containers:
- name: {{ .Values.name }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
ports:
- containerPort: {{ .Values.service.internalPort }}
env:
- name: NODE_ENV
value: {{ .Values.environment }}
livenessProbe:
httpGet:
path: {{ .Values.service.healthEndpoint }}
port: {{ .Values.service.internalPort }}
initialDelaySeconds: 15
timeoutSeconds: 10
periodSeconds: {{ .Values.service.healthPeriod }}
successThreshold: 1
failureThreshold: {{ .Values.service.healthThreshold }}
resources:
{{ toYaml .Values.resources | indent 12 }}
service.yaml:
apiVersion: v1
kind: Service
metadata:
name: "{{ .Values.name }}-service"
labels:
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
spec:
type: {{ .Values.service.type }}
selector:
app: "{{ .Values.name }}"
ports:
- port: {{ .Values.service.port }}
targetPort: {{ .Values.service.internalPort }}
protocol: TCP
name: http
{{- if .Values.service.ports }}
{{- range $name, $port := .Values.service.ports }}
- port: {{ $port }}
targetPort: {{ $port }}
protocol: TCP
name: {{ $name }}
{{- end }}
{{- end }}
selector:
app: {{ .Values.name }}
ingress.yaml:
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: {{ .Values.name }}-ingress
namespace: default
annotations:
kubernetes.io/ingress.class: nginx
spec:
rules:
- host: customsmscs.my-domain.com
http:
paths:
- path: /
backend:
serviceName: {{ .Values.name }}-service
servicePort: {{ .Values.service.port }}
values.yaml:
replicaCount: 1
image:
repository: replaced
tag: "0.0.1"
pullPolicy: Always
service:
type: ClusterIP
name: replaced
port: 80
internalPort: 80
healthEndpoint: /health
healthPeriod: 30
healthThreshold: 3
environment: production
resources:
limits:
cpu: 256m
memory: 256Mi
requests:
cpu: 100m
memory: 128Mi
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 2
target: 80
nginx 是使用以下命令安装的:
kc apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v0.46.0/deploy/static/provider/aws/deploy-tls-termination.yaml
正确运行 nginx-ingress 所需的一切:
kc -n ingress-nginx get po
NAME READY STATUS RESTARTS AGE
ingress-nginx-admission-create-qltch 0/1 Completed 0 154m
ingress-nginx-admission-patch-6ll84 0/1 Completed 0 154m
ingress-nginx-controller-b4678dfcb-8gn56 1/1 Running 0 154m
kc get all | grep custom
pod/custom-smscs-deployment-6cd5f58bb8-ht49w 1/1 Running 0 37m
service/custom-smscs-service ClusterIP 100.70.5.207 <none> 80/TCP 37m
deployment.apps/custom-smscs-deployment 1/1 1 1 37m
replicaset.apps/custom-smscs-deployment-6cd5f58bb8 1 1 1 37m
kc get ing
NAME CLASS HOSTS ADDRESS PORTS AGE
custom-smscs-ingress <none> customsmscs.my-domain.com <ELB>.amazonaws.com 80 38m
kc get ep
NAME ENDPOINTS AGE
custom-smscs-service 100.101.173.27:80 40m
但是当我描述入口时,我注意到了一些错误,不确定这是不是一个原因:
nginx 日志:
I0525 09:47:46.702227 6 controller.go:146] "Configuration changes detected, backend reload required"
I0525 09:47:46.780938 6 controller.go:163] "Backend successfully reloaded"
I0525 09:47:46.781209 6 event.go:282] Event(v1.ObjectReference{Kind:"Pod", Namespace:"ingress-nginx", Name:"ingress-nginx-controller-b4678dfcb-8gn56", UID:"d5d9246b-63a8-4eba-8467-fdec0f3f9b3f", APIVersion:"v1", ResourceVersion:"89646", FieldPath:""}): type: 'Normal' reason: 'RELOAD' NGINX reload triggered due to a change in configuration
I0525 09:48:19.528969 6 status.go:284] "updating Ingress status" namespace="default" ingress="custom-smscs-ingress" currentValue=[] newValue=[{IP: Hostname:<ELB>.eu-west-1.elb.amazonaws.com Ports:[]}]
I0525 09:48:19.533791 6 event.go:282] Event(v1.ObjectReference{Kind:"Ingress", Namespace:"default", Name:"custom-smscs-ingress", UID:"309890dd-1148-4aa8-bc14-62e57bbd969f", APIVersion:"networking.k8s.io/v1beta1", ResourceVersion:"267393", FieldPath:""}): type: 'Normal' reason: 'Sync' Scheduled for sync
<错误:未找到端点“default-http-backend”>
kc describe ing custom-smscs-ingress
Name: custom-smscs-ingress
Namespace: default
Address: <ELB>.eu-west-1.elb.amazonaws.com
Default backend: default-http-backend:80 (<error: endpoints "default-http-backend" not found>)
Rules:
Host Path Backends
---- ---- --------
customsmscs.my-domain.com
/ custom-smscs-service:80 (100.101.173.27:80)
Annotations: kubernetes.io/ingress.class: nginx
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Sync 43m (x2 over 43m) nginx-ingress-controller Scheduled for sync
所以除了上面的错误之外,一切看起来都很好,但是当我尝试在浏览器中打开 app.example.com 时,我收到“嗯……无法访问此页面”。但是当我在浏览器中打开 ELB DNS 端点 URL 时,我得到“404 not found”,我猜这是正确的响应,因为我称之为默认后端。
我注意到的另一件事是在 ELB 上只有两个节点中的一个在服务:
我真的花了 4 天的时间,但无法让它工作。
你们知道如何修复/克服它吗?
先谢谢你!
答案 0 :(得分:1)
好吧,解决方案太简单了.... 我添加了像 *.ks8.my-domain.com 这样指向入口 ELB 的 DNS A 记录(别名),并在 AWS Certificate Manager 中创建了一个 SSL 证书,并且我必须在 中进行一项更改ingress.yaml *host: * 参数应更改为 customsmscs.k8s.my-domain.com 而不是 customsmscs.my-domain.com。 然后我删除了部署和所有相关资源(入口、服务等)并重新部署了它,现在该应用可以在 https://customsmscs.k8s.my-domain.com 上使用。
感谢@thomas 的建议,你帮了我很多!