按照GKE上的“Kubernetes in Action”一书的指南创建Ingress,但是该Ingress无效,可以从Ingress的公共(public)IP地址进行访问。
ReplicaSet,Service,Ingress已成功创建,可以从公共(public)IP地址访问nodeport,而ingress则不会。
副本集:
apiVersion: apps/v1beta2
kind: ReplicaSet
metadata:
name: kubia
spec:
replicas: 3
selector:
matchLabels:
app: kubia
template:
metadata:
labels:
app: kubia
spec:
containers:
- name: kubia
image: sonyfaye/kubia
服务:
apiVersion: v1
kind: Service
metadata:
name: kubia-nodeport
spec:
type: NodePort
ports:
- port: 80
targetPort: 8080
nodePort: 30123
selector:
app: kubia
入口:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: kubia
spec:
rules:
- host: kubia.example.com
http:
paths:
- path: /
backend:
serviceName: kubia-nodeport
servicePort: 80
可以从公共(public)IP地址访问节点端口本身。
C:\ kube> kubectl获取svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.59.240.1 <none> 443/TCP 8d
kubia-nodeport NodePort 10.59.253.10 <none> 80:30123/TCP 20h
C:\ kube> kubectl获取节点
NAME STATUS ROLES AGE VERSION
gke-kubia-default-pool-08dd2133-qbz6 Ready <none> 8d v1.12.8-gke.6
gke-kubia-default-pool-183639fa-18vr Ready <none> 8d v1.12.8-gke.6
gke-kubia-default-pool-42725220-43q8 Ready <none> 8d v1.12.8-gke.6
C:\ kube> kubectl获取节点-o宽
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
gke-kubia-default-pool-08dd2133-qbz6 Ready <none> 8d v1.12.8-gke.6 10.140.0.17 35.201.224.238 Container-Optimized OS from Google 4.14.119+ docker://17.3.2
gke-kubia-default-pool-183639fa-18vr Ready <none> 8d v1.12.8-gke.6 10.140.0.18 35.229.152.12 Container-Optimized OS from Google 4.14.119+ docker://17.3.2
gke-kubia-default-pool-42725220-43q8 Ready <none> 8d v1.12.8-gke.6 10.140.0.16 34.80.225.64 Container-Optimized OS from Google 4.14.119+ docker://17.3.2
C:\ kube> curl http://34.80.225.64:30123
You've hit kubia-j2lnr
但是无法从外部访问入口。
主机文件:
34.98.92.110 kubia.example.com
C:\ kube> kubectl描述入口
Name: kubia
Namespace: default
Address: 34.98.92.110
Default backend: default-http-backend:80 (10.56.0.7:8080)
Rules:
Host Path Backends
---- ---- --------
kubia.example.com
/ kubia-nodeport:80 (10.56.0.14:8080,10.56.1.6:8080,10.56.3.4:8080)
Annotations:
ingress.kubernetes.io/backends: {"k8s-be-30123--c4addd497b1e0a6d":"HEALTHY","k8s-be-30594--c4addd497b1e0a6d":"HEALTHY"}
ingress.kubernetes.io/forwarding-rule: k8s-fw-default-kubia--c4addd497b1e0a6d
ingress.kubernetes.io/target-proxy: k8s-tp-default-kubia--c4addd497b1e0a6d
ingress.kubernetes.io/url-map: k8s-um-default-kubia--c4addd497b1e0a6d
Events:
<none>
C:\ kube> curl http://kubia.example.com
curl: (7) Failed to connect to kubia.example.com port 80: Timed out
C:\ kube> telnet kubia.example.com 80
Connecting To kubia.example.com...
C:\ kube> telnet 34.98.92.110 80
Connecting To 34.98.92.110...Could not open connection to the host, on port 80: Connect failed
从Intranet尝试。
curl 34.98.92.110 IP可以获取一些结果,并且可以从Intranet访问34.98.92.110的80个端口。
C:\ kube> kubectl exec -it kubia-lrt9x bash
root@kubia-lrt9x:/# curl http://kubia.example.com
curl: (6) Could not resolve host: kubia.example.com
root @ kubia-lrt9x:/#curl http://34.98.92.110
default backend - 404 root @ kubia-lrt9x:/#curl http://34.98.92.110default backend - 404 root @ kubia-lrt9x:/#root @ kubia-lrt9x:/#curl http://10.56.0.7:8080
default backend - 404 root @ kubia-lrt9x:/#有人知道如何调试吗?
该节点端口已添加到防火墙,否则该节点端口不可访问。似乎不需要将Ingress IP添加到防火墙。
最佳答案
尝试公开副本集以便能够从外部进行连接:
$ kubectl expose rs hello-world --type=NodePort --name=my-service
请记住首先删除服务kubia-nodeport并在Ingress配置文件中删除带有服务的选择器和节,然后使用 kubectl apply 命令应用更改。
您可以在这里找到更多信息:exposing-externalip。
有用的文档:kubectl-expose。
关于kubernetes - Google Kubernetes Engine入口无效,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/56660336/