Kubernetes、入口资源配置、路由到相同主机但不同端口
这个问题与另一个问题有关。从这个链接,我可以说使用ingress路由到不同的端口服务是可行的。
我首先列出了我的两个服务:(eureka和config),ingress_nginx_res.yaml如下所示:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: my-ingress
spec:
rules:
- host:
http:
paths:
- backend:
serviceName: gearbox-rack-eureka-server
servicePort: 8761
- host:
http:
paths:
- path:
backend:
serviceName: gearbox-rack-config-server
servicePort: 8888
可以看到,gearbox-rack-eureka-server是侦听端口8761,gearbox-rack-config-server是侦听端口8888。
[root@master3 ingress]# kubectl get ing
NAME HOSTS ADDRESS PORTS AGE
my-ingress * 80 11s
apiVersion: v1
kind: Pod
metadata:
name: gearbox-rack-eureka-server
labels:
app: gearbox-rack-eureka-server
purpose: platform_eureka_demo
spec:
containers:
- name: gearbox-rack-eureka-server
image: 192.168.1.229:5000/gearboxrack/gearbox-rack-eureka-server
ports:
- containerPort: 8761
EUREKA_SVC.YAML:
apiVersion: v1
kind: Service
metadata:
name: gearbox-rack-eureka-server
labels:
name: gearbox_rack_eureka_server
spec:
selector:
app: gearbox-rack-eureka-server
type: NodePort
ports:
- port: 8761
nodePort: 31501
name: tcp
config_pod.yaml
apiVersion: v1
kind: Pod
metadata:
name: gearbox-rack-config-server
labels:
app: gearbox-rack-config-server
purpose: platform-demo
spec:
containers:
- name: gearbox-rack-config-server
image: 192.168.1.229:5000/gearboxrack/gearbox-rack-config-server
ports:
- containerPort: 8888
env:
- name: EUREKA_SERVER
value: http://172.16.100.83:8761
config_svc.yaml:
apiVersion: v1
kind: Service
metadata:
name: gearbox-rack-config-server
labels:
name: gearbox-rack-config-server
spec:
selector:
app: gearbox-rack-config-server
type: NodePort
ports:
- port: 8888
nodePort: 31502
name: tcp
apiVersion: v1
kind: ServiceAccount
metadata:
name: lb
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
name: nginx-ingress-normal
rules:
- apiGroups:
- ""
resources:
- configmaps
- endpoints
- nodes
- pods
- secrets
verbs:
- list
- watch
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- apiGroups:
- ""
resources:
- services
verbs:
- get
- list
- watch
- apiGroups:
- "extensions"
resources:
- ingresses
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
- apiGroups:
- "extensions"
resources:
- ingresses/status
verbs:
- update
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: Role
metadata:
name: nginx-ingress-minimal
namespace: kube-system
rules:
- apiGroups:
- ""
resources:
- configmaps
- pods
- secrets
- namespaces
verbs:
- get
- apiGroups:
- ""
resources:
- configmaps
resourceNames:
- "ingress-controller-leader-dev"
- "ingress-controller-leader-prod"
verbs:
- get
- update
- apiGroups:
- ""
resources:
- configmaps
verbs:
- create
- apiGroups:
- ""
resources:
- endpoints
verbs:
- get
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: RoleBinding
metadata:
name: nginx-ingress-minimal
namespace: kube-system
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: nginx-ingress-minimal
subjects:
- kind: ServiceAccount
name: lb
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: nginx-ingress-normal
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: nginx-ingress-normal
subjects:
- kind: ServiceAccount
name: lb
namespace: kube-system
kind: Service
apiVersion: v1
metadata:
name: nginx-default-backend
namespace: kube-system
spec:
ports:
- port: 80
targetPort: http
selector:
app: nginx-default-backend
---
kind: Deployment
apiVersion: extensions/v1beta1
metadata:
name: nginx-default-backend
namespace: kube-system
spec:
replicas: 1
template:
metadata:
labels:
app: nginx-default-backend
spec:
terminationGracePeriodSeconds: 60
containers:
- name: default-http-backend
image: chenliujin/defaultbackend
livenessProbe:
httpGet:
path: /healthz
port: 8080
scheme: HTTP
initialDelaySeconds: 30
timeoutSeconds: 5
resources:
limits:
cpu: 10m
memory: 20Mi
requests:
cpu: 10m
memory: 20Mi
ports:
- name: http
containerPort: 8080
protocol: TCP
kind: Service
apiVersion: v1
metadata:
name: ingress-nginx
spec:
type: LoadBalancer
selector:
app: ingress-nginx
ports:
- name: http
port: 80
targetPort: http
- name: https
port: 443
targetPort: https
---
kind: Deployment
apiVersion: extensions/v1beta1
metadata:
name: ingress-nginx
namespace: kube-system
spec:
replicas: 1
template:
metadata:
labels:
app: ingress-nginx
spec:
terminationGracePeriodSeconds: 60
serviceAccount: lb
containers:
- image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.15.0
name: ingress-nginx
imagePullPolicy: Always
ports:
- name: http
containerPort: 80
protocol: TCP
- name: https
containerPort: 443
protocol: TCP
livenessProbe:
httpGet:
path: /healthz
port: 10254
scheme: HTTP
initialDelaySeconds: 30
timeoutSeconds: 5
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
args:
- /nginx-ingress-controller
- --default-backend-service=$(POD_NAMESPACE)/nginx-default-backend
172.16.100.83 gearbox-rack-eureka-server.sup.com
172.16.100.83 gearbox-rack-config-server.sup.com
b)我看到k8s集群中有dns服务器,如何将这两个条目添加到dns中?或者dns控制台在哪里,这样我就可以放这两个条目了?
共有1个答案
我不知道你的环境,你确定你有'LoadBalancer'吗?为了简化,您可以只使用'host network:true'来设置nginx-controller-deploy,这样您就可以直接通过主机ip访问控制器。
并且,由于我们通过入口控制器访问各种服务,我们如何区分不同的服务?使用域名。我们可以将gearbox-rack-eureka-server.your.domain指向gearbox-rack-eureka-server:8761,而将gearbox-rack-config-server.your.domain指向gearbox-rack-config-server:8888,如下所示:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: my-ingress
spec:
rules:
- host: gearbox-rack-eureka-server.your.domain
http:
paths:
- backend:
serviceName: gearbox-rack-eureka-server
servicePort: 8761
- host: gearbox-rack-config-server.your.domain
http:
paths:
- backend:
serviceName: gearbox-rack-config-server
servicePort: 8888
并将domainname配置为主机ip,然后使用domainname访问这些服务。
-
我已经在GCP上创建了一个K8s集群,并且部署了一个应用程序。 然后我把它缩放了一下: 如果节点是一样的,那么为什么IP不一样呢?
-
让我们假设一个后端应用程序,它公开了一些Rest API,运行在地址192.168.1.10:8889的Jetty网络服务器上。 我希望有一个前端应用程序(仅限于html/javascript,在apache2 Web服务器上)在相同的IP上运行,但在不同的端口(例如8000)上运行,它应该使用后端应用程序公开的API。 我怎样才能让这个架构工作而不进入“No'Access-Control-All
-
我有以下入口设置: 当我点击时,我被重定向到,并带有NGINX 404未找到。 根据日志,可以看到< code>grafana窗格被查询命中: logger = context traceID = 0000000000000000000000000000 userId = 0 orgId = 0 uname = t = 2022-10-13t 16:19:57.989170173 z level
-
有人能帮我走台阶吗...(我在互联网的帮助下尝试了多种方法...不知道我错过了什么?) 注意:根据讨论论坛,我在ingress YAML的部署部分中添加了“hostnetwork:true”来解决“没有主机参数不能工作”,并注释了“type:nodeport”。 更新信息: kubectl描述了更新后的入口路由:在这里,我有ngnix--它工作得很好(我猜ingress和nginx都在相同的命名空
-
在一条骆驼路线中,我有两个url调用,调用两个不同的应用程序。 两者都能够抛出。因此,如果URL1抛出我必须处理的异常并将交换体设置为“数据源1不可用”,并且如果URL2抛出相同的异常,我想显示不同的消息。 如何使用onException处理此问题
-
我看到了一些示例,其中Kubernetes集群安装了ingress控制器,然后ingress类添加了注释和主机,如下所示。 我不确定安装了哪个服务,哪个IP配置了DNS“k8s.privatecoud.com”,以便路由请求?DNS路由“k8s.privatecoud.com”如何将请求路由到Kubernetes集群?kubernetes桥的入口是如何工作的? 此外,可以使用主机规则配置许多服务,