问题描述
我在GCP上有一个由两个节点组成的kubernetes集群.我有pod-> mycha-deploy,带服务-> mycha-svc,我也有带服务nginx-svc的pod nginx-controller.当我尝试卷入Pod或服务ips时,我不断得到提示:80号端口连接被拒绝.当我浏览到主IP时,我什么也没得到.我的配置中缺少什么吗?谢谢.
I have a kubernetes cluster on GCP made of two nodes. I have pod -> mycha-deploy, with service -> mycha-svc, also I have pod nginx-controller with service nginx-svc. When I try to curl into the pods or services ips I keep getting: port 80 conection refused. When I browse into the master ip I don't get anything. Is there something I am missing in the configuration. Thank you.
# mycha-deploy
apiVersion: apps/v1
kind: Deployment
metadata:
name: mycha-deploy
labels:
app: mycha-app
spec:
replicas: 1
selector:
matchLabels:
app: mycha-app
template:
metadata:
labels:
app: mycha-app
spec:
containers:
- name: mycha-container
image: us.gcr.io/########/mycha-frontend_kubernetes_rrk8s
ports:
- containerPort: 80
#mycha-svc
apiVersion: v1
kind: Service
metadata:
name: mycha-svc
labels:
app: mycha-app
spec:
selector:
app: mycha-app
ports:
- port: 80
targetPort: 80
protocol: TCP
name: http
#nginx-controller
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-controller
spec:
replicas: 1
selector:
matchLabels:
name: nginx-ingress
template:
metadata:
labels:
name: nginx-ingress
spec:
containers:
- name: nginx-ingress-controller
image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.27.0
args:
- /nginx-ingress-controller
- --configmap=$(POD_NAMESPACE)/nginx-configuration
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
ports:
- name: http
containerPort: 80
- name: https
containerPort: 443
#nignx-svc
apiVersion: v1
kind: Service
metadata:
name: nginx-ingress
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
spec:
type: NodePort
ports:
- port: 80
targetPort: 80
protocol: TCP
name: http
- port: 443
targetPort: 443
protocol: TCP
name: https
selector:
name: nginx-ingress
##nginx-resource
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: mycha-ingress
annotations:
kubernetes.io/ingress.class: "nginx"
spec:
rules:
- http:
paths:
- path: /
backend:
serviceName: mycha-svc
servicePort: 80
-----
kubectl describe svc nginx-ingress
Name: nginx-ingress
Namespace: default
Labels: app.kubernetes.io/name=ingress-nginx
app.kubernetes.io/part-of=ingress-nginx
Annotations: <none>
Selector: name=nginx-ingress
Type: NodePort
IP: 10.107.186.83
Port: http 80/TCP
TargetPort: 80/TCP
NodePort: http 32606/TCP
Endpoints: 10.244.1.3:80
Port: https 443/TCP
TargetPort: 443/TCP
NodePort: https 31481/TCP
Endpoints: 10.244.1.3:443
Session Affinity: None
External Traffic Policy: Cluster
Events: <none>
-------
kubectl get pods,svc
NAME READY STATUS RESTARTS AGE
pod/mycha-deploy-5f9b6f5c46-jjdhq 1/1 Running 0 76m
pod/nginx-controller-5c45cf6d5c-dpp44 1/1 Running 0 60m
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 100m
service/mycha-svc ClusterIP 10.103.188.25 <none> 80/TCP 68m
service/nginx-ingress NodePort 10.107.186.83 <none> 80:32606/TCP,443:31481/TCP 51m
------
sudo lsof -i -P -n | grep LISTEN
systemd-r 890 systemd-resolve 13u IPv4 16536 0t0 TCP 127.0.0.53:53 (LISTEN)
splunkd 1111 root 4u IPv4 25377 0t0 TCP *:8089 (LISTEN)
sshd 1842 root 3u IPv4 23916 0t0 TCP *:22 (LISTEN)
sshd 1842 root 4u IPv6 23931 0t0 TCP *:22 (LISTEN)
kube-cont 22737 root 5u IPv6 116157110 0t0 TCP *:10252 (LISTEN)
kube-cont 22737 root 6u IPv4 116157116 0t0 TCP 127.0.0.1:10257 (LISTEN)
kube-prox 23291 root 8u IPv6 116256894 0t0 TCP *:31481 (LISTEN)
kube-prox 23291 root 11u IPv6 116256895 0t0 TCP *:32606 (LISTEN)
kube-prox 23291 root 16u IPv6 116164057 0t0 TCP *:10256 (LISTEN)
kube-prox 23291 root 17u IPv4 116164061 0t0 TCP 127.0.0.1:10249 (LISTEN)
etcd 23380 root 3u IPv4 116158620 0t0 TCP 10.242.6.2:2380 (LISTEN)
etcd 23380 root 5u IPv4 116158624 0t0 TCP 10.242.6.2:2379 (LISTEN)
etcd 23380 root 6u IPv4 116158625 0t0 TCP 127.0.0.1:2379 (LISTEN)
etcd 23380 root 11u IPv4 116157996 0t0 TCP 127.0.0.1:2381 (LISTEN)
kube-sche 23803 root 5u IPv6 116159474 0t0 TCP *:10251 (LISTEN)
kube-sche 23803 root 6u IPv4 116159480 0t0 TCP 127.0.0.1:10259 (LISTEN)
kube-apis 24180 root 5u IPv6 116163385 0t0 TCP *:6443 (LISTEN)
node 27844 robertorios 20u IPv4 116024875 0t0 TCP 127.0.0.1:38509 (LISTEN)
kubelet 30601 root 10u IPv4 116038855 0t0 TCP 127.0.0.1:33119 (LISTEN)
kubelet 30601 root 17u IPv6 116038993 0t0 TCP *:10250 (LISTEN)
kubelet 30601 root 31u IPv4 116038997 0t0 TCP 127.0.0.1:10248 (LISTEN)
谢谢.
推荐答案
在GKE上,您可以使用两种类型的Ingress.一个是Nginx Ingress,您可能想根据注释kubernetes.io/ingress.class: "nginx"使用它.第二个是GKE Ingress.
On GKE you can use two types of Ingress. One is Nginx Ingress which you probably wanted to use based on annotation kubernetes.io/ingress.class: "nginx". Second one is GKE Ingress.
1. GKE入口
要使用GKE Ingress时,需要将服务指定为NodePort并应用Ingress.根据您的YAML,我已将其复制.
When you want to use GKE Ingress you need to specify your service as NodePort and apply Ingress. Based on your YAMLs, I've reproduced it.
当您使用自己的图像时,我已经使用了nginx图像.
As you used your own image, Ive used nginx image.
apiVersion: apps/v1
kind: Deployment
metadata:
name: mycha-deploy
labels:
app: mycha-app
spec:
replicas: 1
selector:
matchLabels:
app: mycha-app
template:
metadata:
labels:
app: mycha-app
spec:
containers:
- name: mycha-container
image: nginx
ports:
- containerPort: 80
---
#added type: Nodeport
apiVersion: v1
kind: Service
metadata:
name: mycha-svc
labels:
app: mycha-app
spec:
type: NodePort
selector:
app: mycha-app
ports:
- port: 80
targetPort: 80
protocol: TCP
name: http
---
#removed annotation, as here we are using GKE Ingress
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: mycha-ingress
spec:
rules:
- http:
paths:
- path: /
backend:
serviceName: mycha-svc
servicePort: 80
deployment.apps/mycha-deploy created
service/mycha-svc created
ingress.extensions/mycha-ingress created
您应该能够看到如下输出:
You should be able to see output like below:
$ kubectl get pods,svc,ing
NAME READY STATUS RESTARTS AGE
pod/mycha-deploy-685f894996-xbbnv 1/1 Running 0 38s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.99.0.1 <none> 443/TCP 33d
service/mycha-svc NodePort 10.99.13.51 <none> 80:30808/TCP 39s
NAME HOSTS ADDRESS PORTS AGE
ingress.extensions/mycha-ingress * 34.107.251.59 80 3m3s
现在您应该可以卷曲svc.
Now you should be able to curl your svc.
$ curl 34.107.251.59
...
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
当您使用GKE Ingress时,您的Ingress将自动收到EXTERNAL-IP.如果将service保留为ClusterIP,则不会收到任何Address.
As you are using GKE Ingress, your Ingress will automatically received EXTERNAL-IP. If you will keep service as ClusterIP it won't receive any Address.
$ kubectl get ing
NAME HOSTS ADDRESS PORTS AGE
mycha-ingress * 80 34m
2. GKE上的Nginx Ingress
使用Nginx Ingress时,可以将服务指定为ClusterIP或NodePort.
When you are using Nginx Ingress you can specify your service as ClusterIP or NodePort.
为此,您需要部署适当的Nginx Ingress.可以在此处找到良好的链轨,但是有点过时了.我正在发布以下更新的步骤:
To do that you need to deploy proper Nginx Ingress.Good tutorail can be found here, however it's bit outdated. I am posting below updated steps:
- Install Helm v3. This version don't require
tiller. - Add proper repository for
Helm 3. Details can be found here.
添加和更新存储库:
$ helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
$ helm repo update
- 应用您的deploymnet和服务(
NodePort或ClusterIP,同时使用Nginx Ingress两种类型都可以). - 使用
$ helm install ingress-nginx ingress-nginx/ingress-nginx部署Nginx Ingress.它将创建2个deployments和2个services.其中一项服务将创建为LoadBalancer. - 部署入口
- Apply your deploymnet and service (
NodePortorClusterIP, usingNginx Ingressboth types will work). - Deploy
Nginx Ingressusing$ helm install ingress-nginx ingress-nginx/ingress-nginx. It will create 2deploymentsand 2services. One of services will be created asLoadBalancer. - Deploy Ingress
使用annotation.kubernetes.io/ingress.class: "nginx"
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: mycha-ingress
annotations:
kubernetes.io/ingress.class: "nginx"
spec:
rules:
- http:
paths:
- path: /
backend:
serviceName: mycha-svc
servicePort: 80
您应该具有以下输出:
$ kk get pods,svc,ing
NAME READY STATUS RESTARTS AGE
pod/mycha-deploy-c469dc58b-mdp6d 1/1 Running 0 2m41s
pod/nginx-ingress-controller-5d47f75dfc-d6xnl 1/1 Running 0 7m18s
pod/nginx-ingress-default-backend-f5b888f7d-rf5cx 1/1 Running 0 7m18s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.99.0.1 <none> 443/TCP 33d
service/mycha-svc ClusterIP 10.99.8.140 <none> 80/TCP 2m12s
service/nginx-ingress-controller LoadBalancer 10.99.11.177 34.90.172.116 80:31593/TCP,443:30104/TCP 7m19s
service/nginx-ingress-default-backend ClusterIP 10.99.7.106 <none> 80/TCP 7m19s
NAME HOSTS ADDRESS PORTS AGE
ingress.extensions/mycha-ingress * 80 17s
您的Ingress将不会收到任何Address,因为service/nginx-ingress-controller将用作LoadBalancer.
Your Ingress will not receive any Address as service/nginx-ingress-controller will work as LoadBalancer.
现在,您可以使用curl检查是否一切正常.
Now you can check if everything works using curl.
$ curl 34.90.172.116
<!DOCTYPE html>
...
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
这篇关于我已经使用其服务部署了Pod,但我得到:无法连接到端口80的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!