クラウドコンピューティングのkubernetesサービス暴露-ingressエラー
13343 ワード
, , 。
1.
1) nginx-ingress-controller
pod nginx-ingress-controller-6d96ccd6f4-g2d6b , master node
kubectl describe pod nginx-ingress-controller-6d96ccd6f4-g2d6b -n ingress-nginx
Name: nginx-ingress-controller-6d96ccd6f4-g2d6b
Namespace: ingress-nginx
Node: 192.168.89.133/192.168.89.133
Start Time: Wed, 08 Jan 2020 09:34:34 +0800
Labels: app.kubernetes.io/name=ingress-nginx
app.kubernetes.io/part-of=ingress-nginx
pod-template-hash=6d96ccd6f4
Annotations: kubernetes.io/limit-ranger: LimitRanger plugin set: cpu, memory request for container nginx-ingress-controller
prometheus.io/port: 10254
prometheus.io/scrape: true
Status: Running
IP: 10.1.20.3 # nginx-ingress-controller pod ip
IPs:
IP: 10.1.20.3
Controlled By: ReplicaSet/nginx-ingress-controller-6d96ccd6f4
Containers:
nginx-ingress-controller:
Container ID: docker://20d0722863e8896d830b43f730c8b233009e0a81c9ab1841f805a761ca5d235e
Image: 192.168.89.132:5000/nginx-ingress-controller:0.26.2
Image ID: docker-pullable://192.168.89.132:5000/nginx-ingress-controller@sha256:417cf5edc00c1581a44f67c1b1713b55db3811834498f45fc5de40fbe5f6a8de
Ports: 80/TCP, 443/TCP
Host Ports: 0/TCP, 0/TCP
Args:
/nginx-ingress-controller
--configmap=$(POD_NAMESPACE)/nginx-configuration
--tcp-services-configmap=$(POD_NAMESPACE)/tcp-services
--udp-services-configmap=$(POD_NAMESPACE)/udp-services
--publish-service=$(POD_NAMESPACE)/ingress-nginx
--annotations-prefix=nginx.ingress.kubernetes.io
State: Running
Started: Wed, 08 Jan 2020 14:27:53 +0800
Last State: Terminated
Reason: Error
Exit Code: 137
Started: Wed, 08 Jan 2020 09:35:24 +0800
Finished: Wed, 08 Jan 2020 14:27:40 +0800
Ready: True
Restart Count: 1
Requests:
cpu: 100m
memory: 90Mi
Liveness: http-get http://:10254/healthz delay=10s timeout=10s period=10s #success=1 #failure=3 , curl http://10.1.20.3:10254/healthz
Readiness: http-get http://:10254/healthz delay=0s timeout=10s period=10s #success=1 #failure=3
Environment:
POD_NAME: nginx-ingress-controller-6d96ccd6f4-g2d6b (v1:metadata.name)
POD_NAMESPACE: ingress-nginx (v1:metadata.namespace)
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from nginx-ingress-serviceaccount-token-mz87t (ro)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
nginx-ingress-serviceaccount-token-mz87t:
Type: Secret (a volume populated by a Secret)
SecretName: nginx-ingress-serviceaccount-token-mz87t
Optional: false
QoS Class: Burstable
Node-Selectors: kubernetes.io/os=linux
Tolerations:
Events:
curl http://10.1.20.3:10254/healthz
ok
89.133 , ! , , , 。
kubectl get svc -n ingress-nginx -o wide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
ingress-nginx NodePort 169.169.178.15 80:30080/TCP,443:30443/TCP 164m app.kubernetes.io/name=ingress-nginx,app.kubernetes.io/part-of=ingress-nginx
service NodePort , service ip : 169.169.178.15 , ip node ping ,master ping , nginx-ingress-controller pod service
kubectl describe svc ingress-nginx -n ingress-nginx
Name: ingress-nginx
Namespace: ingress-nginx
Labels: app.kubernetes.io/name=ingress-nginx
app.kubernetes.io/part-of=ingress-nginx
Annotations: kubectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"labels":{"app.kubernetes.io/name":"ingress-nginx","app.kubernetes.io/par...
Selector: app.kubernetes.io/name=ingress-nginx,app.kubernetes.io/part-of=ingress-nginx
Type: NodePort
IP: 169.169.178.15
Port: http 80/TCP
TargetPort: 80/TCP
NodePort: http 30080/TCP
Endpoints: 10.1.20.3:80
Port: https 443/TCP
TargetPort: 443/TCP
NodePort: https 30443/TCP
Endpoints: 10.1.20.3:443
Session Affinity: None
External Traffic Policy: Cluster
Events:
curl http://169.169.178.15
404 Not Found
404 Not Found
openresty/1.15.8.2
curl http://169.169.178.15/healthz , /healthz , 404
2). ingress.yaml
less ingress.yaml
spec:
#
rules:
# , ,
- host: k8s.aaa.com
http:
paths:
- path:
backend:
# Service Name, Tomcat
serviceName: tomcat-http
# Service Port, Tomcat
servicePort: 8080
, k8s.aaa.com , service tomcat-http, 8080 , : k8s.aaa.com ?
kubectl get Ingress
NAME HOSTS ADDRESS PORTS AGE
nginx-web k8s.aaa.com 169.169.178.15 80 21h
ADDRESS 169.169.178.15 nginx-ingress , ,Ingress.yaml , , : nginx-web
k8s.aaa.com -> 169.169.178.15 -> 10.1.20.3 -> nginx ,upstream -> tomcat-http -> 169.169.70.125(tomcat-http ip) -> tomcat-app[ 10.1.27.4(192.168.89.134)/10.1.20.5(192.168.89.133) ] -> tomcat
, master node /etc/hosts k8s.aaa.com 。
k8snode01: ip a
6: kube-ipvs0: mtu 1500 qdisc noop state DOWN group default
link/ether fe:fb:9b:d5:31:d0 brd ff:ff:ff:ff:ff:ff
inet 169.169.0.1/32 brd 169.169.0.1 scope global kube-ipvs0
valid_lft forever preferred_lft forever
inet 169.169.0.10/32 brd 169.169.0.10 scope global kube-ipvs0
valid_lft forever preferred_lft forever
inet 169.169.70.125/32 brd 169.169.70.125 scope global kube-ipvs0
valid_lft forever preferred_lft forever
inet 169.169.178.15/32 brd 169.169.178.15 scope global kube-ipvs0
valid_lft forever preferred_lft forever
ip 169.169.178.15 192.168.89.133 kube-ipvs0 。
: k8s.aaa.com , 169.169.178.15 , 192.168.89.133 ?
:dnsserver(192.168.89.128):
/etc/hosts:
192.168.89.133 k8s.aaa.com
curl k8s.aaa.com
curl: (7) Failed connect to k8s.aaa.com:80; Connection refused
, , ?
k8snode01:
curl -D- http://169.169.178.15 -H 'Host: k8s.aaa.com'
192.168.89.133 k8s.aaa.com windows hosts ;
30080 ,
http://k8s.aaa.com:30080/
,
3). ,
vim test-ingress-pod.yaml
apiVersion: v1
kind: Service
metadata:
name: myapp-svc
namespace: default
spec:
selector:
app: myapp
env: test
ports:
- name: http
port: 80
targetPort: 80
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: myapp-test
spec:
replicas: 2
selector:
matchLabels:
app: myapp
env: test
template:
metadata:
labels:
app: myapp
env: test
spec:
containers:
- name: myapp
image: nginx:1.15-alpine
ports:
- name: httpd
containerPort: 80
vim test-ingress-myapp.yaml
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: ingress-myapp
namespace: default
annotations:
kubernetes.io/ingress.class: "nginx"
spec:
rules:
- host: www.tchua.top
http:
paths:
- path: /
backend:
serviceName: myapp-svc
servicePort: 80
kubectl create -f test-ingress-pods.yaml
kubectl create -f test-ingress-myapp.yaml
windows 192.168.89.133 www.tchua.top
: http://www.tchua.top:30080 , nginx ,
2.
, , , 。 : svc nodePort ,service-nodeport.yaml
- name: http
port: 80
targetPort: 80
protocol: TCP
nodePort: 30080
- name: https
port: 443
targetPort: 443
protocol: TCP
nodePort: 30443
, , , , , , , , , ingress :
ingress , ingress controller , nginx ingress controller, ,nginx-ingress-controller , , 。 , ,pod,services , ingress.yaml, , nginx controller , ingress controller , , , 。
, , dns , , , nginx , 。
:
a. tchua.top dns
dnsserver:
vim /etc/named.conf
......
zone "tchua.top" IN {
type master;
file "tchua.top.zone";
};
......
cp -a /var/named/web.com.zone /var/named/tchua.top.zone
vim /var/named/tchua.top.zone
$TTL 1D
@ IN SOA @ tchua.top. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS @
A 192.168.89.133
www A 192.168.89.133
systemctl restart named
hosts , http://www.tchua.top:30080
b. 30080
http://:30080 80
vim service-nodeport.yaml
...
- name: http
port: 80
targetPort: 80
protocol: TCP
nodePort: 80
...
kubectl apply -f service-nodeport.yaml
kubectl get svc -n ingress-nginx
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ingress-nginx NodePort 169.169.178.15 80:80/TCP,443:30443/TCP 5h7m
: http://k8s.aaa.com http://www.tchua.top , ,