如何解决nginx 入口主机应用程序主 IP 不工作
附上下面的说明。我需要在 192.168.5.91 托管应用程序,这是 kubetnet 集群的主 IP。所有这些都在私人空间中运行。可以通过 localhost:30239 访问。但我需要通过 192.168.5.51 (master.example.com) 访问它 - 在 /etc/hosts 中添加
$kubectl describe service -n ingress-Nginx ingress-Nginx
Name: ingress-Nginx-controller
Namespace: ingress-Nginx
Labels: app.kubernetes.io/component=controller
app.kubernetes.io/instance=ingress-Nginx
app.kubernetes.io/managed-by=Helm
app.kubernetes.io/name=ingress-Nginx
app.kubernetes.io/version=0.46.0
helm.sh/chart=ingress-Nginx-3.30.0
Annotations: service.beta.kubernetes.io/do-loadbalancer-enable-proxy-protocol: true
service.beta.kubernetes.io/do-loadbalancer-hostname: master-kmrl.example.com
Selector: app.kubernetes.io/component=controller,app.kubernetes.io/instance=ingress-Nginx,app.kubernetes.io/name=metrodash-ingress
Type: ClusterIP
IP Family Policy: SingleStack
IP Families: IPv4
IP: 10.98.115.20
IPs: 10.98.115.20
External IPs: 192.168.9.51
Port: http 80/TCP
TargetPort: http/TCP
Endpoints: <none>
Port: https 443/TCP
TargetPort: https/TCP
Endpoints: <none>
Session Affinity: None
Events: <none>
Name: ingress-Nginx-controller-admission
Namespace: ingress-Nginx
Labels: app.kubernetes.io/component=controller
app.kubernetes.io/instance=ingress-Nginx
app.kubernetes.io/managed-by=Helm
app.kubernetes.io/name=ingress-Nginx
app.kubernetes.io/version=0.46.0
helm.sh/chart=ingress-Nginx-3.30.0
Annotations: <none>
Selector: app.kubernetes.io/component=controller,app.kubernetes.io/name=ingress-Nginx
Type: ClusterIP
IP Family Policy: SingleStack
IP Families: IPv4
IP: 10.101.116.78
IPs: 10.101.116.78
Port: https-webhook 443/TCP
TargetPort: webhook/TCP
Endpoints: 192.168.79.191:8443
Session Affinity: None
Events: <none>
此处附上服务文件
$kubectl get service --all-namespaces
NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
cert-manager cert-manager ClusterIP 10.97.7.155 <none> 9402/TCP 2d1h
cert-manager cert-manager-webhook ClusterIP 10.102.27.254 <none> 443/TCP 2d1h
default kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 10d
ingress-Nginx ingress-Nginx-controller LoadBalancer 10.104.163.193 192.168.9.51 80:31152/TCP,443:31291/TCP 7m24s
ingress-Nginx ingress-Nginx-controller-admission ClusterIP 10.101.116.78 <none> 443/TCP 8d
ingress-Nginx metrodash-service NodePort 10.107.176.33 <none> 80:30239/TCP 13m
kube-system calico-etcd ClusterIP 10.96.232.136 <none> 6666/TCP 10d
kube-system kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP,9153/TCP 10d
kubernetes-dashboard dashboard-metrics-scraper ClusterIP 10.109.44.9 <none> 8000/TCP 9d
kubernetes-dashboard kubernetes-dashboard ClusterIP 10.102.146.7 <none> 443/TCP 9d
入口配置
apiVersion: networking.k8s.io/v1
kind: Ingress
Metadata:
name: metrodash-ingress
namespace: ingress-Nginx
annotations:
Nginx.ingress.kubernetes.io/proxy-send-timeout: '200'
Nginx.ingress.kubernetes.io/proxy-read-timeout: '200'
Nginx.ingress.kubernetes.io/proxy-connect-timeout: '200'
# cert-manager.io/cluster-issuer: lets-encrypt-stag
spec:
ingressClassName: Nginx
rules:
- host: master.example.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: metrodash-service
port:
number: 8000
部署配置:
apiVersion: apps/v1
kind: Deployment
Metadata:
name: metrodash-app
namespace: ingress-Nginx
labels:
app: metrodash
spec:
replicas: 2
selector:
matchLabels:
app: metrodash
template:
Metadata:
labels:
app: metrodash
spec:
containers:
- image: metrodash:latest
name: metrodash
imagePullPolicy: IfNotPresent
envFrom:
- secretRef:
name: metrodash-secret
- configMapRef:
name: metrodash-config
ports:
- containerPort: 8000
name: gunicorn
配置映射:
apiVersion: v1
kind: ConfigMap
Metadata:
name: metrodash-config
namespace: ingress-Nginx
data:
DJANGO_ALLOWED_HOSTS: "*"
STATIC_ENDPOINT_URL: "metrodash.com"
STATIC_BUCKET_NAME: "metrodashbucket"
DJANGO_LOGLEVEL: "info"
DEBUG: "True"
DATABASE_ENGINE: "postgresql_psycopg2"
入口描述:
kubectl describe ingress -n ingress-Nginx metrodash-ingress
Name: metrodash-ingress
Namespace: ingress-Nginx
Address: 192.168.9.51
Default backend: default-http-backend:80 (<error: endpoints "default-http-backend" not found>)
Rules:
Host Path Backends
---- ---- --------
master.example.com
/ metrodash-service:8000 (192.168.79.134:8000,192.168.79.135:8000)
Annotations: Nginx.ingress.kubernetes.io/proxy-connect-timeout: 200
Nginx.ingress.kubernetes.io/proxy-read-timeout: 200
Nginx.ingress.kubernetes.io/proxy-send-timeout: 200
Events: <none>
单节点:
kubectl get nodes
NAME STATUS ROLES AGE VERSION
master Ready control-plane,master 10d v1.21.0
解决方法
检查入口 nginx 控制器并按以下格式添加主机端口。 $ kubectl get pod -n kube-system ingress-nginx-controller-789d9c4dc-5wnc2 -oyaml
[...]
ports:
- containerPort: 80
hostPort: 80
name: http
protocol: TCP
- containerPort: 443
hostPort: 443
name: https
protocol: TCP
- containerPort: 8443
name: webhook
protocol: TCP
[...]
要通过主机 ip 获取访问权限,请从入口配置中删除主机 FQDN 名称,留空或将其删除。
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: metrodash-ingress
namespace: ingress-nginx
annotations:
nginx.ingress.kubernetes.io/proxy-send-timeout: '200'
nginx.ingress.kubernetes.io/proxy-read-timeout: '200'
nginx.ingress.kubernetes.io/proxy-connect-timeout: '200'
# cert-manager.io/cluster-issuer: lets-encrypt-stag
spec:
ingressClassName: nginx
rules:
- host:
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: metrodash-service
port:
number: 8000
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。
