【发布时间】:2020-12-17 08:20:08
【问题描述】:
我现在在kubernetes cluster v1.18中使用traefik 2.2.1,现在我想将mysql端口暴露在kubernetes cluster之外,并按照官方doc,添加start args:
- '--entryPoints.tcpep.address=:3308'
并添加端口定义:
ports:
- name: tcpep
hostPort: 3308
containerPort: 3308
protocol: TCP
这是 tcp 入口路由:
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRouteTCP
metadata:
name: report-mysql
spec:
entryPoints:
- tcpep
routes:
- match: HostSNI(`*`)
services:
- name: report-mysqlha
port: 3306
然后检查主机中监听的端口:
[dolphiin@K8SSlave3 production]$ sudo lsof -i:3308
[sudo] password for miaoyou:
lsof: no pwd entry for UID 65532
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
lsof: no pwd entry for UID 65532
traefik 28956 65532 8u IPv6 2902156338 0t0 TCP *:tns-server (LISTEN)
扫描端口:
[dolphin@K8SSlave3 production]$ sudo nmap -sS -p 3308 -v 192.168.64.251
Starting Nmap 6.40 ( http://nmap.org ) at 2020-08-28 19:19 CST
Initiating SYN Stealth Scan at 19:19
Scanning MeowK8SSlave3 (192.168.64.251) [1 port]
Discovered open port 3308/tcp on 192.168.64.251
Completed SYN Stealth Scan at 19:19, 0.21s elapsed (1 total ports)
Nmap scan report for MeowK8SSlave3 (192.168.64.251)
Host is up (0.000071s latency).
PORT STATE SERVICE
3308/tcp open unknown
但是当我登录 MySQL 时:
mycli -h 192.168.64.251 -P 3308 -u root -p OgHeee8bfw6jcadewu
卡住没反应,映射端口成功了吗?为什么我无法登录mysql? PS:当我使用kubernetes服务ip登录时,可以登录成功。
我尝试过的:
我发现当我访问 traefik 仪表板时,它给了我提示(名称不同,因为我在我家机器上尝试不同的 kubernetes 集群):
the service "infrastructure-mysql-673acf455cb2dab0b43a@kubernetescrd" does not exist
我发现 traefik 仪表板没有 TCP 服务。我正在尝试像这样创建一个 TraefikService:
[root@k8smaster traefik]# cat mysql-tcp-services.yaml
apiVersion: traefik.containo.us/v1alpha1
kind: TraefikService
metadata:
name: mysql-service
spec:
tcp:
services:
mysql:
loadBalancer:
servers:
- address: "10.20.58.239:3306"
好像不行。仪表板仍然没有找到 TCP 服务,我应该如何解决?
【问题讨论】:
标签: kubernetes