外部服务的Kubernetes入口规则

外部服务的Kubernetes入口规则

本文介绍了外部服务的Kubernetes入口规则(具有ExternalName类型)的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我在尝试使用类型为ExternalName和入口控制器将流量重定向到外部服务时遇到问题.

I have issues trying to redirect the traffic to an external service using the type as ExternalName and with the ingress controller.

我收到以下错误,我可以从主机访问此主机,但不能从K8S访问该主机.IP 10.96.0.10也与kube-dns服务绑定.

I get the following error and i can access this host from the host machine but not from K8S. Alsothe IP 10.96.0.10 is tied to the kube-dns service.

我想念什么?

进入规则

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: external-ingress
  annotations:
    kubernetes.io/ingress.class: "nginx"
    nginx.ingress.kubernetes.io/ingress.class: "nginx"
    nginx.ingress.kubernetes.io/preserve-host: "false"
spec:
  rules:
  - host:
    http:
      paths:
      - backend:
          serviceName: external-service
          servicePort: 80
        path: /

服务定义

apiVersion: v1
kind: Service
metadata:
  name: external-service
spec:
  type: ExternalName
  externalName: internaldnsname.com

推荐答案

对正在发生的事情的解释:

参考

入口控制器正在尝试解析具有外部服务> CNAME internaldns.com ,当您的kube-dns/coredns(10.96.0.10)尝试进行查找时,它只能找到CNAME记录,而没有一条记录,因此,您的入口无法解析DNS名称.

The ingress controller is trying to resolve the external-service which has CNAME internaldns.com and when your kube-dns/coredns (10.96.0.10) tries to do a lookup, it can only find CNAME record but no A record, therefore, your ingress is failing to resolve the DNS name.

参考

此外,网站上有明确警告外部名称:

Moreover there is a clear warning on the website about ExternalNames:

TL; DR:入口正在尝试使用没有任何一条记录,因此无法将DNS与IP关联!

TL;DR: ingress is trying to resolve a DNS using kubernetes DNS(kube-dns/coredns) which doesn't have any A record, hence fails to associate DNS to IP!

如果通过入口查找具有 internaldns.com 的A记录条目的其他DNS服务器(而不是kubernetes DNS),则可能未发生此问题,但我不确定100%是否那是可能的.

If ingress was made to lookup a different DNS server (other than kubernetes DNS) which has A record entry for internaldns.com then this problem may not have happened but I am not 100% sure if that's possible .

解决方案:-创建无头服务 选择器,然后使用与服务相同的名称手动创建终结点.遵循示例此处

Solution: - Create a Headless service without selector and then manually create an endpoint using the same name as of the service. Follow the example here

注意:

  1. 在上述解决方案中,您将需要外部服务的静态IP.
  2. 仅当我的Pod直接希望通过Internet与第三方服务通话时,我才使用ExternalNames,也就是说,该服务托管在我的本地网络之外.我会采用这种方法,因为如果我可以通过IP在本地访问某些内容,为什么会通过与Nameserver解析DNS名称来降低性能!

这篇关于外部服务的Kubernetes入口规则(具有ExternalName类型)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

08-13 13:14