Kubernetes - 使用 nginx ingress 拒绝连接
Kubernetes - connection refuse using nginx ingress
我正在学习 Kubernetes,我确实在裸机上创建了一个 LAB,所以我是 Kubernetes 菜鸟!
我确实创建了 deployment,它是 运行 并且可以使用 NodePort 访问,但是当我使用 nginx-ingress 时,nginx 容器是 运行它使用 curl localhost 在其容器内响应,但是当我从外部世界尝试时,我看到这条消息:curl: (7) Failed to connect to app.example.com port 80: Connection refused
这些是我的 app-service.yml 和 app-ingress.yml,它们是 运行。
apiVersion: v1
kind: Service
metadata:
name: my-app-service
spec:
ports:
- port: 80
targetPort: 3010
protocol: TCP
name: http
selector:
app: my-app
kind: Ingress
metadata:
name: my-ingress
labels:
app: my-app
annotations:
# use the shared ingress-nginx
kubernetes.io/ingress.class: "nginx"
spec:
rules:
- host: app.example.com
http:
paths:
- path: /
backend:
serviceName: my-app-service
servicePort: 80
还有我的部署:
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-app-deployment
labels:
app: my-app
spec:
replicas: 2
selector:
matchLabels:
app: my-app
template:
metadata:
labels:
app: my-app
spec:
containers:
- name: my-app
image: my-app:1.0
ports:
- containerPort: 3010
命令:kubectl get all --namespace ingress-nginx 正在显示:
NAME READY STATUS RESTARTS AGE
pod/ingress-nginx-admission-create-tc8t7 0/1 Completed 0 73m
pod/ingress-nginx-admission-patch-lnbcp 0/1 Completed 2 73m
pod/ingress-nginx-controller-7fd7d8df56-bjmrm 1/1 Running 0 74m
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/ingress-nginx-controller NodePort 10.110.64.201 <none> 80:30532/TCP,443:31993/TCP 74m
service/ingress-nginx-controller-admission ClusterIP 10.108.186.241 <none> 443/TCP 74m
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/ingress-nginx-controller 1/1 1 1 74m
NAME DESIRED CURRENT READY AGE
replicaset.apps/ingress-nginx-controller-7fd7d8df56 1 1 1 74m
NAME COMPLETIONS DURATION AGE
job.batch/ingress-nginx-admission-create 1/1 5s 74m
job.batch/ingress-nginx-admission-patch 1/1 19s 74m
命令:kubectl get ing 显示:
NAME CLASS HOSTS ADDRESS PORTS AGE
my-ingress <none> app.example.com X.X.X.X 80 11m
ClusterIP 无法从 kubernetes 集群外部访问。 ClusterIP 提供 L4 层负载均衡。
从文档中here 裸机上的 nginx 入口选项很少
- 使用 MetalLB 作为纯软件负载均衡器实现
- 使用
NodePort服务公开nginx入口控制器。请注意,您没有使用 NodePort 公开常规 pod.You 正在通过 nginx 获得 L7 层负载平衡的好处。
- 运行 nginx 与
hostNetwork:true
如果您选择我认为最简单的选项 3,您可以使用 curl http://<NODEIP> -H "Host: app.example.com"
通过入口访问 kubernetes pod
我正在学习 Kubernetes,我确实在裸机上创建了一个 LAB,所以我是 Kubernetes 菜鸟!
我确实创建了 deployment,它是 运行 并且可以使用 NodePort 访问,但是当我使用 nginx-ingress 时,nginx 容器是 运行它使用 curl localhost 在其容器内响应,但是当我从外部世界尝试时,我看到这条消息:curl: (7) Failed to connect to app.example.com port 80: Connection refused
这些是我的 app-service.yml 和 app-ingress.yml,它们是 运行。
apiVersion: v1
kind: Service
metadata:
name: my-app-service
spec:
ports:
- port: 80
targetPort: 3010
protocol: TCP
name: http
selector:
app: my-app
kind: Ingress
metadata:
name: my-ingress
labels:
app: my-app
annotations:
# use the shared ingress-nginx
kubernetes.io/ingress.class: "nginx"
spec:
rules:
- host: app.example.com
http:
paths:
- path: /
backend:
serviceName: my-app-service
servicePort: 80
还有我的部署:
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-app-deployment
labels:
app: my-app
spec:
replicas: 2
selector:
matchLabels:
app: my-app
template:
metadata:
labels:
app: my-app
spec:
containers:
- name: my-app
image: my-app:1.0
ports:
- containerPort: 3010
命令:kubectl get all --namespace ingress-nginx 正在显示:
NAME READY STATUS RESTARTS AGE
pod/ingress-nginx-admission-create-tc8t7 0/1 Completed 0 73m
pod/ingress-nginx-admission-patch-lnbcp 0/1 Completed 2 73m
pod/ingress-nginx-controller-7fd7d8df56-bjmrm 1/1 Running 0 74m
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/ingress-nginx-controller NodePort 10.110.64.201 <none> 80:30532/TCP,443:31993/TCP 74m
service/ingress-nginx-controller-admission ClusterIP 10.108.186.241 <none> 443/TCP 74m
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/ingress-nginx-controller 1/1 1 1 74m
NAME DESIRED CURRENT READY AGE
replicaset.apps/ingress-nginx-controller-7fd7d8df56 1 1 1 74m
NAME COMPLETIONS DURATION AGE
job.batch/ingress-nginx-admission-create 1/1 5s 74m
job.batch/ingress-nginx-admission-patch 1/1 19s 74m
命令:kubectl get ing 显示:
NAME CLASS HOSTS ADDRESS PORTS AGE
my-ingress <none> app.example.com X.X.X.X 80 11m
ClusterIP 无法从 kubernetes 集群外部访问。 ClusterIP 提供 L4 层负载均衡。
从文档中here 裸机上的 nginx 入口选项很少
- 使用 MetalLB 作为纯软件负载均衡器实现
- 使用
NodePort服务公开nginx入口控制器。请注意,您没有使用NodePort公开常规 pod.You 正在通过 nginx 获得 L7 层负载平衡的好处。 - 运行 nginx 与
hostNetwork:true
如果您选择我认为最简单的选项 3,您可以使用 curl http://<NODEIP> -H "Host: app.example.com"