具有来自群集外部的nginx入口访问的kubernetes

ubof19bj  于 2023-03-12  发布在  Kubernetes
关注(0)|答案(2)|浏览(120)

所以,这是我目前的设置我的经验主要是在openshift,但我试图熟悉kubernetes...我在KS 8有点noob:)
kubernets + calico+外部存储(nfs)+ metallb +入口-nginx

kubectl get nodes -o wide
NAME        STATUS   ROLES           AGE     VERSION   INTERNAL-IP      EXTERNAL-IP   OS-IMAGE             KERNEL-VERSION      CONTAINER-RUNTIME
master01    Ready    control-plane   3d14h   v1.26.2   192.168.50.15    <none>        Ubuntu 22.04.2 LTS   5.15.0-67-generic   cri-o://1.24.4
master02    Ready    control-plane   2d15h   v1.26.2   192.168.50.16    <none>        Ubuntu 22.04.2 LTS   5.15.0-67-generic   cri-o://1.24.4
worker-01   Ready    worker          2d14h   v1.26.2   192.168.50.105   <none>        Ubuntu 22.04.2 LTS   5.15.0-67-generic   cri-o://1.24.4
worker-02   Ready    worker          2d13h   v1.26.2   192.168.50.106   <none>        Ubuntu 22.04.2 LTS   5.15.0-67-generic   cri-o://1.24.4

kubectl get pod-n金属b系统o宽

NAME                         READY   STATUS    RESTARTS   AGE   IP               NODE        NOMINATED NODE   READINESS GATES
controller-79d5899cb-hg4lv   1/1     Running   0          23m   10.30.0.27       worker-02   <none>           <none>
speaker-lvpbn                1/1     Running   0          21m   192.168.50.106   worker-02   <none>           <none>
speaker-rxcvb                1/1     Running   0          21m   192.168.50.105   worker-01   <none>           <none>

metallb已配置有该ippool

apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:
  namespace: metallb-system
  name: lb-pool
spec:
  addresses:
    - 192.168.50.115-192.168.50.118

kubectl获取所有-n个入口-nginx

NAME                                           READY   STATUS    RESTARTS   AGE
pod/ingress-nginx-controller-c69664497-z84b8   1/1     Running   0          12h

NAME                                         TYPE           CLUSTER-IP      EXTERNAL-IP      PORT(S)                                     AGE
service/ingress-nginx-controller             LoadBalancer   10.108.69.42    192.168.50.115   80:32481/TCP,443:32137/TCP,8443:30940/TCP   83m
service/ingress-nginx-controller-admission   ClusterIP      10.97.240.138   <none>           443/TCP                                     12h

NAME                                       READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/ingress-nginx-controller   1/1     1            1           12h

NAME                                                 DESIRED   CURRENT   READY   AGE
replicaset.apps/ingress-nginx-controller-c69664497   1         1         1       12h

kubectl create deployment  httpd24 --image=docker.io/library/httpd:2.4.55
kubectl expose deployment/httpd24 --port 80

创建入口::

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: httpd24-ingress
  namespace: default
spec:
  ingressClassName: nginx
  rules:
  - host: http24-kube.docker-containers.local
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: httpd24
            port:
              number: 80

kubectl get ingress
NAME              CLASS   HOSTS                                 ADDRESS          PORTS   AGE
httpd24-ingress   nginx   http24-kube.docker-containers.local   192.168.50.115   80      58m

因此,我可以从群集内部执行无错误curl -s http://http24-kube.docker-containers.local
但是,从群集外部ping192.158.50.115或ping http 24-kube.docker-containers.local时超时。
我尝试连接到http 24-kube.docker-containers.local的计算机可以访问子网192.168.50.0/25
我认为这可能与nginx入口有关...但没有经验...。

C:\Users\AZ_fjonnas>nslookup http24-kube.docker-containers.local
Name:    http24-kube.docker-containers.local
Address:  192.168.50.115

现在从其中一个主节点

root@master01:~# curl -s 'http://http24-kube.docker-containers.local'
<html><body><h1>It works!</h1></body></html>
root@master01:~#

因此,群集主节点解析名称,而且可以使用入口IP访问httpd 24 pod
但是,Windows机器无法访问所有入口IP(192.168.50.111)端口80
这就是为什么我认为这是与nginx入口如何工作有关的东西...:(
所有节点属于同一子网:192.168.50.0/25

7ivaypg9

7ivaypg91#

妈的
已解决:)

---
apiVersion: metallb.io/v1beta1
kind: L2Advertisement
metadata:
  name: lb-pool
  namespace: metallb-system
spec:
  ipAddressPools:
  - lb-pool

L2Advertisement似乎缺失,根据:https://github.com/kubernetes/ingress-nginx/blob/main/docs/deploy/baremetal.md

t98cgbkg

t98cgbkg2#

在您的计算机中,它不知道如何将http24-kube.docker-containers.local DNS名称解析为IP地址,除非您在/etc/hosts中将其指定为记录(因为它是您选择的名称,在公共DNS服务器中没有记录)。

192.168.50.115  http24-kube.docker-containers.local

然后,您可以执行以下操作:

curl -s http://http24-kube.docker-containers.local


调用入口时需要指定主机头,同时直接给出入口的IP,如下所示:

curl -s http://192.168.50.115 -H "Host: http24-kube.docker-containers.local"

备注

此外,由于CoreDNS(使用默认引导配置- Corefile)不知道要为此http24-kube.docker-containers.local DNS名称解析什么,因此您在pod中尝试的命令应该不起作用。

curl -s http://http24-kube.docker-containers.local

使用服务名称和命名空间组合应该可以:

curl -s http://http24.default

相关问题