问题描述
我在尝试使用类型为ExternalName和入口控制器将流量重定向到外部服务时遇到问题.
I have issues trying to redirect the traffic to an external service using the type as ExternalName and with the ingress controller.
我收到以下错误,我可以从主机访问此主机,但不能从K8S访问该主机.IP 10.96.0.10也与kube-dns服务绑定.
I get the following error and i can access this host from the host machine but not from K8S. Alsothe IP 10.96.0.10 is tied to the kube-dns service.
我想念什么?
进入规则
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: external-ingress
annotations:
kubernetes.io/ingress.class: "nginx"
nginx.ingress.kubernetes.io/ingress.class: "nginx"
nginx.ingress.kubernetes.io/preserve-host: "false"
spec:
rules:
- host:
http:
paths:
- backend:
serviceName: external-service
servicePort: 80
path: /
服务定义
apiVersion: v1
kind: Service
metadata:
name: external-service
spec:
type: ExternalName
externalName: internaldnsname.com
推荐答案
对正在发生的事情的解释:
入口控制器正在尝试解析具有外部服务> CNAME internaldns.com
,当您的kube-dns/coredns(10.96.0.10)尝试进行查找时,它只能找到CNAME记录,而没有一条记录,因此,您的入口无法解析DNS名称.
The ingress controller is trying to resolve the external-service
which has CNAME internaldns.com
and when your kube-dns/coredns (10.96.0.10) tries to do a lookup, it can only find CNAME record but no A record, therefore, your ingress is failing to resolve the DNS name.
此外,网站上有明确警告外部名称:
Moreover there is a clear warning on the website about ExternalNames:
TL; DR:入口正在尝试使用没有任何一条记录,因此无法将DNS与IP关联!
TL;DR: ingress is trying to resolve a DNS using kubernetes DNS(kube-dns/coredns) which doesn't have any A record, hence fails to associate DNS to IP!
如果通过入口查找具有 internaldns.com
的A记录条目的其他DNS服务器(而不是kubernetes DNS),则可能未发生此问题,但我不确定100%是否那是可能的.
If ingress was made to lookup a different DNS server (other than kubernetes DNS) which has A record entry for internaldns.com
then this problem may not have happened but I am not 100% sure if that's possible .
解决方案:-创建无头服务 无选择器,然后使用与服务相同的名称手动创建终结点.遵循示例此处
Solution: - Create a Headless service without selector and then manually create an endpoint using the same name as of the service. Follow the example here
注意:
- 在上述解决方案中,您将需要外部服务的静态IP.
- 仅当我的Pod直接希望通过Internet与第三方服务通话时,我才使用ExternalNames,也就是说,该服务托管在我的本地网络之外.我会采用这种方法,因为如果我可以通过IP在本地访问某些内容,为什么会通过与Nameserver解析DNS名称来降低性能!
这篇关于外部服务的Kubernetes入口规则(具有ExternalName类型)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!