Kubernetes 网络:我的前端无法到达后端
Kubernates network: my frontend cannot reach backend
我有以下 docker-compose 文件,运行良好:
version: '3'
services:
myfrontend:
image: myregistry.azurecr.io/im1:latest
container_name: myfrontend
ports:
- 80:80
- 443:443
mybackend:
image: myregistry.azurecr.io/im2:latest
container_name: mybackend
expose:
- 8080
后端仅向内部网络公开 8080,前端具有以下配置的修改后的 nginx 映像(它的工作原理是 docker 使用容器名称解析 ip)
server {
listen 80 default_server;
location / {
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/.htpasswd;
resolver 127.0.0.11 ipv6=off;
set $springboot "http://mybackend:8080";
proxy_pass $springboot;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
我将上面的配置迁移到 kubernates 中,我从 nginx 得到一个 502 bad gateway 错误,我想是因为它无法解决后端地址。
这是 kubernates conf,你能看看它并告诉我我做错了什么吗? :(
apiVersion: apps/v1beta1
kind: Deployment
metadata:
name: mybackend
spec:
replicas: 1
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 1
minReadySeconds: 5
template:
metadata:
labels:
app: mybackend
spec:
nodeSelector:
"beta.kubernetes.io/os": linux
containers:
- name: mybackend
image: myregistry.azurecr.io/sgr-mybackend:latest
ports:
- containerPort: 8080
name: mybackend
resources:
requests:
cpu: 250m
limits:
cpu: 500m
---
apiVersion: v1
kind: Service
metadata:
name: mybackend
spec:
ports:
- port: 8080
selector:
app: mybackend
---
apiVersion: apps/v1beta1
kind: Deployment
metadata:
name: myfrontend
spec:
replicas: 1
template:
metadata:
labels:
app: myfrontend
spec:
nodeSelector:
"beta.kubernetes.io/os": linux
containers:
- name: myfrontend
image: myregistry.azurecr.io/myfrontend:latest
ports:
- containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: myfrontend
spec:
type: LoadBalancer
ports:
- port: 80
selector:
app: myfrontend
您需要将解析器设置为:
kube-dns.kube-system.svc.cluster.local
所以 kube-dns name\address 在你的集群中,因为本地主机上没有任何东西可以将 mybackend 解析为其 ip 地址。我不确定你是否需要这个,因为容器无论如何都会知道来自 kubernetes 的后端地址。我可能会放弃该设置
我有以下 docker-compose 文件,运行良好:
version: '3'
services:
myfrontend:
image: myregistry.azurecr.io/im1:latest
container_name: myfrontend
ports:
- 80:80
- 443:443
mybackend:
image: myregistry.azurecr.io/im2:latest
container_name: mybackend
expose:
- 8080
后端仅向内部网络公开 8080,前端具有以下配置的修改后的 nginx 映像(它的工作原理是 docker 使用容器名称解析 ip)
server {
listen 80 default_server;
location / {
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/.htpasswd;
resolver 127.0.0.11 ipv6=off;
set $springboot "http://mybackend:8080";
proxy_pass $springboot;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
我将上面的配置迁移到 kubernates 中,我从 nginx 得到一个 502 bad gateway 错误,我想是因为它无法解决后端地址。
这是 kubernates conf,你能看看它并告诉我我做错了什么吗? :(
apiVersion: apps/v1beta1
kind: Deployment
metadata:
name: mybackend
spec:
replicas: 1
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 1
minReadySeconds: 5
template:
metadata:
labels:
app: mybackend
spec:
nodeSelector:
"beta.kubernetes.io/os": linux
containers:
- name: mybackend
image: myregistry.azurecr.io/sgr-mybackend:latest
ports:
- containerPort: 8080
name: mybackend
resources:
requests:
cpu: 250m
limits:
cpu: 500m
---
apiVersion: v1
kind: Service
metadata:
name: mybackend
spec:
ports:
- port: 8080
selector:
app: mybackend
---
apiVersion: apps/v1beta1
kind: Deployment
metadata:
name: myfrontend
spec:
replicas: 1
template:
metadata:
labels:
app: myfrontend
spec:
nodeSelector:
"beta.kubernetes.io/os": linux
containers:
- name: myfrontend
image: myregistry.azurecr.io/myfrontend:latest
ports:
- containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: myfrontend
spec:
type: LoadBalancer
ports:
- port: 80
selector:
app: myfrontend
您需要将解析器设置为:
kube-dns.kube-system.svc.cluster.local
所以 kube-dns name\address 在你的集群中,因为本地主机上没有任何东西可以将 mybackend 解析为其 ip 地址。我不确定你是否需要这个,因为容器无论如何都会知道来自 kubernetes 的后端地址。我可能会放弃该设置