如何让我的 AWS EKS Kubernetes 集群公开可见?
How do I get my AWS EKS Kubernetes Cluster to be visible publicly?
我已按照 Udacity 全栈纳米学位课程中的步骤在 AWS EKS 上获得 Kubernetes 集群 运行。
服务是 运行。 运行 命令 kubectl get services simple-jwt-api -o wide returns:
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
simple-jwt-api LoadBalancer 10.100.217.57 a32d4ab0969b149bd9fb47d2065aee80-335944770.us-west-2.elb.amazonaws.com 80:31644/TCP 51m app=simple-jwt-api
节点似乎是 运行:
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
ip-192-168-3-213.us-west-2.compute.internal Ready <none> 80m v1.15.10-eks-bac369 192.168.3.213 54.70.213.28 Amazon Linux 2 4.14.173-137.229.amzn2.x86_64 docker://18.9.9
ip-192-168-46-0.us-west-2.compute.internal Ready <none> 80m v1.15.10-eks-bac369 192.168.46.0 34.220.32.208 Amazon Linux 2 4.14.173-137.229.amzn2.x86_64 docker://18.9.9
Pods 似乎是 运行
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
simple-jwt-api-5dd5b9cf98-46ngm 1/1 Running 0 37m 192.168.22.121 ip-192-168-3-213.us-west-2.compute.internal <none> <none>
simple-jwt-api-5dd5b9cf98-kfgxf 1/1 Running 0 37m 192.168.20.148 ip-192-168-3-213.us-west-2.compute.internal <none> <none>
simple-jwt-api-5dd5b9cf98-xs6rp 1/1 Running 0 37m 192.168.60.136 ip-192-168-46-0.us-west-2.compute.internal <none> <none>
Docker 文件是:
FROM python:stretch
COPY . /app
WORKDIR /app
RUN pip install --upgrade pip
RUN pip install -r requirements.txt
EXPOSE 8080
ENTRYPOINT ["gunicorn", "-b", ":8080", "main:APP"]
部署文件是:
apiVersion: v1
kind: Service
metadata:
name: simple-jwt-api
spec:
type: LoadBalancer
ports:
- port: 80
targetPort: 80
selector:
app: simple-jwt-api
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: simple-jwt-api
spec:
replicas: 3
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 2
maxSurge: 2
selector:
matchLabels:
app: simple-jwt-api
template:
metadata:
labels:
app: simple-jwt-api
spec:
containers:
- name: simple-jwt-api
image: CONTAINER_IMAGE
securityContext:
privileged: false
readOnlyRootFilesystem: false
allowPrivilegeEscalation: false
ports:
- containerPort: 8080
为什么我无法访问位于 a32d4ab0969b149bd9fb47d2065aee80-335944770.us-west-2.elb.amazonaws.com 的应用程序?
看起来服务 targetPort: 80 中的目标端口与 POD 的容器端口不匹配,即:containerPort: 8080。请将service中的targetPort改为8080再试。
apiVersion: v1
kind: Service
metadata:
name: simple-jwt-api
spec:
type: LoadBalancer
ports:
- port: 80
targetPort: 80
selector:
app: simple-jwt-api
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: simple-jwt-api
spec:
replicas: 3
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 2
maxSurge: 2
selector:
matchLabels:
app: simple-jwt-api
template:
metadata:
labels:
app: simple-jwt-api
spec:
containers:
- name: simple-jwt-api
image: CONTAINER_IMAGE
securityContext:
privileged: false
readOnlyRootFilesystem: false
allowPrivilegeEscalation: false
ports:
- containerPort: 8080
我已按照 Udacity 全栈纳米学位课程中的步骤在 AWS EKS 上获得 Kubernetes 集群 运行。
服务是 运行。 运行 命令 kubectl get services simple-jwt-api -o wide returns:
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
simple-jwt-api LoadBalancer 10.100.217.57 a32d4ab0969b149bd9fb47d2065aee80-335944770.us-west-2.elb.amazonaws.com 80:31644/TCP 51m app=simple-jwt-api
节点似乎是 运行:
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
ip-192-168-3-213.us-west-2.compute.internal Ready <none> 80m v1.15.10-eks-bac369 192.168.3.213 54.70.213.28 Amazon Linux 2 4.14.173-137.229.amzn2.x86_64 docker://18.9.9
ip-192-168-46-0.us-west-2.compute.internal Ready <none> 80m v1.15.10-eks-bac369 192.168.46.0 34.220.32.208 Amazon Linux 2 4.14.173-137.229.amzn2.x86_64 docker://18.9.9
Pods 似乎是 运行
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
simple-jwt-api-5dd5b9cf98-46ngm 1/1 Running 0 37m 192.168.22.121 ip-192-168-3-213.us-west-2.compute.internal <none> <none>
simple-jwt-api-5dd5b9cf98-kfgxf 1/1 Running 0 37m 192.168.20.148 ip-192-168-3-213.us-west-2.compute.internal <none> <none>
simple-jwt-api-5dd5b9cf98-xs6rp 1/1 Running 0 37m 192.168.60.136 ip-192-168-46-0.us-west-2.compute.internal <none> <none>
Docker 文件是:
FROM python:stretch
COPY . /app
WORKDIR /app
RUN pip install --upgrade pip
RUN pip install -r requirements.txt
EXPOSE 8080
ENTRYPOINT ["gunicorn", "-b", ":8080", "main:APP"]
部署文件是:
apiVersion: v1
kind: Service
metadata:
name: simple-jwt-api
spec:
type: LoadBalancer
ports:
- port: 80
targetPort: 80
selector:
app: simple-jwt-api
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: simple-jwt-api
spec:
replicas: 3
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 2
maxSurge: 2
selector:
matchLabels:
app: simple-jwt-api
template:
metadata:
labels:
app: simple-jwt-api
spec:
containers:
- name: simple-jwt-api
image: CONTAINER_IMAGE
securityContext:
privileged: false
readOnlyRootFilesystem: false
allowPrivilegeEscalation: false
ports:
- containerPort: 8080
为什么我无法访问位于 a32d4ab0969b149bd9fb47d2065aee80-335944770.us-west-2.elb.amazonaws.com 的应用程序?
看起来服务 targetPort: 80 中的目标端口与 POD 的容器端口不匹配,即:containerPort: 8080。请将service中的targetPort改为8080再试。
apiVersion: v1
kind: Service
metadata:
name: simple-jwt-api
spec:
type: LoadBalancer
ports:
- port: 80
targetPort: 80
selector:
app: simple-jwt-api
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: simple-jwt-api
spec:
replicas: 3
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 2
maxSurge: 2
selector:
matchLabels:
app: simple-jwt-api
template:
metadata:
labels:
app: simple-jwt-api
spec:
containers:
- name: simple-jwt-api
image: CONTAINER_IMAGE
securityContext:
privileged: false
readOnlyRootFilesystem: false
allowPrivilegeEscalation: false
ports:
- containerPort: 8080