Ingress 无法公开服务

如何解决Ingress 无法公开服务

我正在使用带有默认入口插件的 microk8s。

$ microk8s enable ingress
Addon ingress is already enabled.
$ microk8s status
microk8s is running
high-availability: no
  datastore master nodes: 127.0.0.1:19001
  datastore standby nodes: none
addons:
  enabled:
    dashboard            # The Kubernetes dashboard
    dns                  # coredns
    ha-cluster           # Configure high availability on the current node
    ingress              # Ingress controller for external access
    metrics-server       # K8s Metrics Server for API access to service metrics
    registry             # Private image registry exposed on localhost:32000
    storage              # Storage class; allocates storage from host directory

我的服务在没有入口路由的情况下访问时运行流畅。

$ curl 10.152.183.197 #the service binded to 10.152.183.197
<html lang="en">
<head>
  <Meta http-equiv="content-type" content="text/html; charset=utf-8">
  <Meta name="robots" content="NONE,NOARCHIVE">
  ....
</head>
</html>

但是我无法让入口在本地主机和远程主机中都正常工作，它总是返回 404。

$ curl 127.0.0.1 -H  "Host: projects.xtech1999.com" #executed in microk8s host node
<html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>Nginx/1.19.2</center>
</body>
</html> 

$ curl projects.xtech1999.com #executed in remote machine
<html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>Nginx/1.19.2</center>
</body>
</html> 

我确认 DNS 记录 (projects.xtech1999.com) 正确指向 IP 地址，我的配置如下：

$ kubectl get svc
NAME           TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)          AGE
kubernetes     ClusterIP   10.152.183.1     <none>        443/TCP          10h
pgsql-srv      NodePort    10.152.183.239   <none>        5432:32157/TCP   9h
projects-srv   NodePort    10.152.183.197   <none>        80:31436/TCP     9h

$ kubectl get ing
NAME      CLASS    HOSTS                    ADDRESS   PORTS   AGE
ingress   <none>   projects.xtech1999.com             80      12m

$ kubectl describe ing ingress
Name:             ingress
Namespace:        default
Address:
Default backend:  default-http-backend:80 (<error: endpoints "default-http-backend" not found>)
Rules:
  Host                    Path  Backends
  ----                    ----  --------
  projects.xtech1999.com
                          /   projects-srv:80 (10.1.166.145:80)
Annotations:              kubernetes.io/ingress.class: Nginx
Events:                   <none>

$ cat 9999-ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
Metadata:
  name: ingress
  annotations:
    kubernetes.io/ingress.class: Nginx
spec:
  rules:
  - host: projects.xtech1999.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: projects-srv
            port:
               number: 80

$ netstat -lnp | grep 80
(Not all processes Could be identified,non-owned process info
 will not be shown,you would have to be root to see it all.)
unix  2      [ ACC ]     STREAM     LISTENING     28036    -                    /var/snap/microk8s/2094/var/kubernetes/backend/kine.sock
unix  2      [ ACC ]     STREAM     LISTENING     48509    -                    @/containerd-shim/86b04e625b27cda8731daf9c4b25b8a301cc659f41bb0957a0124780fd428557.sock@
unix  2      [ ACC ]     STREAM     LISTENING     52619    -                    @/containerd-shim/a53801f4268bd9e9a2bd1f0a2e7076ead63759ba23d1baaa193347f2abff54ea.sock@
unix  2      [ ACC ]     STREAM     LISTENING     36064    -                    @/containerd-shim/d805d091f24793a8452aa1699a67cf733884e51a6b8602290e522e088deb7fec.sock@
unix  2      [ ACC ]     STREAM     LISTENING     34750    -                    @/containerd-shim/849069ea6f0aac1707e1046f6b2ed65ba8d804b19ca157f538c279f323f8ad27.sock@
unix  2      [ ACC ]     STREAM     LISTENING     206657   -                    @/containerd-shim/a26df014b6fc6001235480215ec743c82b83aabe3c1e69442c37106dd097a12d.sock@
unix  2      [ ACC ]     STREAM     LISTENING     39444    -                    @/containerd-shim/97743748a84e4cbbda28e93b4d215b3adf514fa0fb4801790f567b1a63e6d92a.sock@
unix  2      [ ACC ]     STREAM     LISTENING     47838    -                    @/containerd-shim/e142dd0724d17d6da61c580bbd599dc246ef806d7d3b09d5791484c8fb6f6f93.sock@
unix  2      [ ACC ]     STREAM     LISTENING     38340    -                    @/containerd-shim/1fcc48ca77e6d7b138008c2a215ff2845e4e48d63e50be16285ae1daa003ea55.sock@

$ sudo ufw status
Status: active

To                         Action      From
--                         ------      ----
22/tcp                     ALLOW       Anywhere
443/tcp                    ALLOW       Anywhere
80/tcp                     ALLOW       Anywhere
22/tcp (v6)                ALLOW       Anywhere (v6)
443/tcp (v6)               ALLOW       Anywhere (v6)
80/tcp (v6)                ALLOW       Anywhere (v6)

这是怎么回事？我猜是入口无法正确路由。

解决方法

$ cat 9999-ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: ingress
  annotations:
    kubernetes.io/ingress.class: nginx
spec:
  rules:
  - host: projects.xtech1999.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: projects-srv
            port:
               number: 80

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: ingress
  annotations:
    kubernetes.io/ingress.class: public
spec:
  rules:
  - host: projects.xtech1999.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: projects-srv
            port:
               number: 80

版权声明：本文内容由互联网用户自发贡献，该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务，不拥有所有权，不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容， 请发送邮件至 dio@foxmail.com 举报，一经查实，本站将立刻删除。