问题描述
我是一名Kubernetes业余爱好者,试图在GKE上使用NGINX入口控制器.我正在按照此 google云文档为我设置NGINX Ingress服务,但是在访问NGINX位置时遇到了问题.
I'm a Kubernetes amateur trying to use NGINX ingress controller on GKE. I'm following this google cloud documentation to setup NGINX Ingress for my services, but, I'm facing issues in accessing the NGINX locations.
正在做什么?
- 使用Helm的Ingress-Controller部署(已启用RBAC)
- ClusterIP服务部署
什么不起作用?
- 使用唯一路径(扇出路由)显示多个ClusterIP服务的入口资源
K8S服务
[msekar@ebs kube-base]$ kubectl get services -n payment-gateway-7682352
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
nginx-ingress-controller LoadBalancer 10.35.241.255 35.188.161.171 80:31918/TCP,443:31360/TCP 6h
nginx-ingress-default-backend ClusterIP 10.35.251.5 <none> 80/TCP 6h
payment-gateway-dev ClusterIP 10.35.254.167 <none> 5000/TCP 6h
payment-gateway-qa ClusterIP 10.35.253.94 <none> 5000/TCP 6h
K8S入口
[msekar@ebs kube-base]$ kubectl get ing -n payment-gateway-7682352
NAME HOSTS ADDRESS PORTS AGE
pgw-nginx-ingress * 104.198.78.169 80 6h
[msekar@ebs kube-base]$ kubectl describe ing pgw-nginx-ingress -n payment-gateway-7682352
Name: pgw-nginx-ingress
Namespace: payment-gateway-7682352
Address: 104.198.78.169
Default backend: default-http-backend:80 (10.32.1.4:8080)
Rules:
Host Path Backends
---- ---- --------
*
/dev/ payment-gateway-dev:5000 (<none>)
/qa/ payment-gateway-qa:5000 (<none>)
Annotations:
kubectl.kubernetes.io/last-applied-configuration: {"apiVersion":"extensions/v1beta1","kind":"Ingress","metadata":{"annotations":{"kubernetes.io/ingress.class":"nginx","nginx.ingress.kubernetes.io/ssl-redirect":"false"},"name":"pgw-nginx-ingress","namespace":"payment-gateway-7682352"},"spec":{"rules":[{"http":{"paths":[{"backend":{"serviceName":"payment-gateway-dev","servicePort":5000},"path":"/dev/"},{"backend":{"serviceName":"payment-gateway-qa","servicePort":5000},"path":"/qa/"}]}}]}}
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/ssl-redirect: false
Events: <none>
注释(入口描述输出)中最后应用的配置显示了入口资源清单.但是,我将其粘贴在下面以供参考
Last applied configuration in the annotations (ingress description output) shows the ingress resource manifest. But, I'm pasting it below for reference
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: pgw-nginx-ingress
namespace: payment-gateway-7682352
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/ssl-redirect: "false"
spec:
rules:
- http:
paths:
- backend:
serviceName: payment-gateway-dev
servicePort: 5000
path: /dev/
- backend:
serviceName: payment-gateway-qa
servicePort: 5000
path: /qa/
其他信息
我要访问的服务是使用上下文的springboot服务,因此,根位置不是有效的端点.
The services I'm trying to access are springboot services that use contexts, so, the root location isn't a valid end-point.
相应地定义了容器的准备状态和活动度探针.
The container's readiness and liveliness probes are defined accordingly.
例如,"payment-gateway-dev"服务使用上下文/pgw/v1上下文,因此只能通过上下文访问部署.要访问应用程序的规范,您可以使用URL
For example, "payment-gateway-dev" service is using a context /pgw/v1 context, so, the deployment can only be accessed through the context. To access application's swagger spec you would use the URL
http://<>/pgw/v1/swagger-ui.html
http://<>/pgw/v1/swagger-ui.html
我的部署行为
- 访问入口控制器负载均衡器" http://35.188.161.171 "将我带到默认的404后端 >
- 访问入口控制器负载平衡器运行状况" http://35.188.161.171/healthz "返回200 HTTP响应符合预期
- 尝试使用下面的URL访问服务会返回"404:找不到页面"错误
- http://35.188.161.171/dev/pgw/v1/swagger-ui.html
- http://35.188.161.171/qa/pgw/v1/swagger-ui.html
- Accessing ingress controller load balancer "http://35.188.161.171" takes me to default 404 backend
- Accessing ingress controller load balancer health "http://35.188.161.171/healthz" returns 200 HTTP response as expected
- Trying to access the services using the URLs below returns "404: page not found" error
- http://35.188.161.171/dev/pgw/v1/swagger-ui.html
- http://35.188.161.171/qa/pgw/v1/swagger-ui.html
对于我可能做错的任何建议或见解,将不胜感激.
Any suggestions about or insights into what I might be doing wrong will be much appreciated.
推荐答案
+1,用于回答此问题.
+1 for this well asked question.
您的设置对我来说似乎是正确的.在您的解释中,我发现您的服务需要
http://<>/pgw/v1/swagger-ui.html
作为上下文.但是,在您的设置中,如果您的路由为/qa/,则提交给服务的路径将为
http://<>/qa/pgw/v1/swagger-ui.html
.Your setup seemed right to me. In you explanation, I could find that your services would require
http://<>/pgw/v1/swagger-ui.html
as context. However, in your setup the path submitted to the service will behttp://<>/qa/pgw/v1/swagger-ui.html
if your route is/qa/
.要删除前缀,您需要做的是向入口添加
rewrite
规则:To remove the prefix, what you would need to do is to add a
rewrite
rule to your ingress:apiVersion: extensions/v1beta1 kind: Ingress metadata: name: pgw-nginx-ingress namespace: payment-gateway-7682352 annotations: kubernetes.io/ingress.class: nginx nginx.ingress.kubernetes.io/ssl-redirect: "false" nginx.ingress.kubernetes.io/rewrite-target: /$1 spec: rules: - http: paths: - backend: serviceName: payment-gateway-dev servicePort: 5000 path: /dev/(.+) - backend: serviceName: payment-gateway-qa servicePort: 5000 path: /qa/(.+)
此后,您的服务应该会收到正确的上下文.
After this, you service should receive the correct contexts.
参考:
- 重写: https://github.com/kubernetes/ingress-nginx/blob/master/docs/examples/rewrite/README.md
- 入口路由匹配: https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/ingress-path-matching.md
这篇关于无法通过Nginx-ingress-controller访问Kubernetes ClusterIP服务的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!