Ingress 不能暴露服务

【问题标题】:Ingress cannot expose the serviceIngress 不能暴露服务
【发布时间】:2021-07-16 19:10:52
【问题描述】:

我正在使用带有默认入口插件的 microk8s。

$ microk8s enable ingress
Addon ingress is already enabled.
$ microk8s status
microk8s is running
high-availability: no
  datastore master nodes: 127.0.0.1:19001
  datastore standby nodes: none
addons:
  enabled:
    dashboard            # The Kubernetes dashboard
    dns                  # CoreDNS
    ha-cluster           # Configure high availability on the current node
    ingress              # Ingress controller for external access
    metrics-server       # K8s Metrics Server for API access to service metrics
    registry             # Private image registry exposed on localhost:32000
    storage              # Storage class; allocates storage from host directory

我的服务在没有入口路由的情况下访问它时运行平稳。

$ curl 10.152.183.197 #the service binded to 10.152.183.197
<html lang="en">
<head>
  <meta http-equiv="content-type" content="text/html; charset=utf-8">
  <meta name="robots" content="NONE,NOARCHIVE">
  ....
</head>
</html>

但我无法让入口在本地主机和远程主机中正常工作,它总是返回 404。

$ curl 127.0.0.1 -H  "Host: projects.xtech1999.com" #executed in microk8s host node
<html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.19.2</center>
</body>
</html> 

$ curl projects.xtech1999.com #executed in remote machine
<html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.19.2</center>
</body>
</html>

我确认 DNS 记录 (projects.xtech1999.com) 正确指向 IP 地址,我的配置如下:

$ kubectl get svc
NAME           TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)          AGE
kubernetes     ClusterIP   10.152.183.1     <none>        443/TCP          10h
pgsql-srv      NodePort    10.152.183.239   <none>        5432:32157/TCP   9h
projects-srv   NodePort    10.152.183.197   <none>        80:31436/TCP     9h

$ kubectl get ing
NAME      CLASS    HOSTS                    ADDRESS   PORTS   AGE
ingress   <none>   projects.xtech1999.com             80      12m

$ kubectl describe ing ingress
Name:             ingress
Namespace:        default
Address:
Default backend:  default-http-backend:80 (<error: endpoints "default-http-backend" not found>)
Rules:
  Host                    Path  Backends
  ----                    ----  --------
  projects.xtech1999.com
                          /   projects-srv:80 (10.1.166.145:80)
Annotations:              kubernetes.io/ingress.class: nginx
Events:                   <none>

$ cat 9999-ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: ingress
  annotations:
    kubernetes.io/ingress.class: nginx
spec:
  rules:
  - host: projects.xtech1999.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: projects-srv
            port:
               number: 80

$ netstat -lnp | grep 80
(Not all processes could be identified, non-owned process info
 will not be shown, you would have to be root to see it all.)
unix  2      [ ACC ]     STREAM     LISTENING     28036    -                    /var/snap/microk8s/2094/var/kubernetes/backend/kine.sock
unix  2      [ ACC ]     STREAM     LISTENING     48509    -                    @/containerd-shim/86b04e625b27cda8731daf9c4b25b8a301cc659f41bb0957a0124780fd428557.sock@
unix  2      [ ACC ]     STREAM     LISTENING     52619    -                    @/containerd-shim/a53801f4268bd9e9a2bd1f0a2e7076ead63759ba23d1baaa193347f2abff54ea.sock@
unix  2      [ ACC ]     STREAM     LISTENING     36064    -                    @/containerd-shim/d805d091f24793a8452aa1699a67cf733884e51a6b8602290e522e088deb7fec.sock@
unix  2      [ ACC ]     STREAM     LISTENING     34750    -                    @/containerd-shim/849069ea6f0aac1707e1046f6b2ed65ba8d804b19ca157f538c279f323f8ad27.sock@
unix  2      [ ACC ]     STREAM     LISTENING     206657   -                    @/containerd-shim/a26df014b6fc6001235480215ec743c82b83aabe3c1e69442c37106dd097a12d.sock@
unix  2      [ ACC ]     STREAM     LISTENING     39444    -                    @/containerd-shim/97743748a84e4cbbda28e93b4d215b3adf514fa0fb4801790f567b1a63e6d92a.sock@
unix  2      [ ACC ]     STREAM     LISTENING     47838    -                    @/containerd-shim/e142dd0724d17d6da61c580bbd599dc246ef806d7d3b09d5791484c8fb6f6f93.sock@
unix  2      [ ACC ]     STREAM     LISTENING     38340    -                    @/containerd-shim/1fcc48ca77e6d7b138008c2a215ff2845e4e48d63e50be16285ae1daa003ea55.sock@

$ sudo ufw status
Status: active

To                         Action      From
--                         ------      ----
22/tcp                     ALLOW       Anywhere
443/tcp                    ALLOW       Anywhere
80/tcp                     ALLOW       Anywhere
22/tcp (v6)                ALLOW       Anywhere (v6)
443/tcp (v6)               ALLOW       Anywhere (v6)
80/tcp (v6)                ALLOW       Anywhere (v6)

发生了什么事?我猜是入口无法正确路由。

【问题讨论】:

  • 你能用 k get IngressClass 和类似的命令检查你的 IngressClasses 吗?从github.com/ubuntu/microk8s/blob/master/microk8s-resources/… 看来,入口类名称是public,而不是您在注释中指定的nginx。不是 microk8s 的专家,但这可能是问题所在,因为 Nginx 入口控制器可能根本不提供入口
  • bash I got the below answer: `NAME CONTROLLER PARAMETERS AGE public k8s.io/ingress-nginx &lt;none&gt; 2d2h`
  • 那么,我需要重命名 IngressClass 吗?我怎样才能让入口工作?
  • 不,你只需要在 Ingress 定义中重命名它,你发布为 9999-ingress.yaml 的那个,我已经发布了一个答案来更好地解释事情。

标签: nginx kubernetes microk8s


【解决方案1】:

根据您的 Ingress 定义,我看到您设置为 ingress 类 nginx

$ cat 9999-ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: ingress
  annotations:
    kubernetes.io/ingress.class: nginx
spec:
  rules:
  - host: projects.xtech1999.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: projects-srv
            port:
               number: 80

现在,不幸的是,文档的microk8s Ingress 插件页面上没有很好地记录它,但是当您启用 Ingress 插件时,它会创建一个默认类名为 public 的 Ingress 控制器(您可以看到这里默认定义https://github.com/ubuntu/microk8s/blob/master/microk8s-resources/actions/ingress.yaml)

您可以使用k get IngressClass 确认您的入口类名为public

修改你的入口定义以使用默认入口类,你的设置应该工作:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: ingress
  annotations:
    kubernetes.io/ingress.class: public
spec:
  rules:
  - host: projects.xtech1999.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: projects-srv
            port:
               number: 80

如果您对 Ingress 类的用途感到好奇,它主要用于将 Ingress 资源定义与入口控制器相关联。在 Kubernetes 集群上,可能有多个 Ingress Controller,每个 Ingress Controller 都有自己的 Ingress Class,Ingress 资源通过匹配请求的 Ingress Class 与其中一个关联。

如果没有指定入口类,则入口使用默认类,即自动使用注解为集群默认类的IngressClass

有关更多信息,请查看此处的文档 (https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class)

【讨论】:

    猜你喜欢
    • 2021-08-13
    • 2019-06-20
    • 2018-12-05
    • 2020-01-31
    • 2021-08-18
    • 2019-02-24
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    相关资源
    最近更新 更多
    热门标签
    Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode