使用Kind在Docker Desktop for Mac上运行本地Kubernetes集群,我试图从Istio入口网关连接到主机上的服务,但我收到503个错误:
"GET / HTTP/2" 503 NC cluster_not_found - "-" 0 0 0 - "10.244.0.57" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36" "c4ecc27a-2fa0-470f-bd48-2894a381c1af" "app.helloworld.app" "-" - - 127.0.0.1:443 127.0.0.1:46674 app.helloworld.app -
我目前的服务配置是:
apiVersion: networking.istio.io/v1beta1
kind: Gateway
metadata:
name: app-gateway-istio
namespace: istio-ingress
spec:
selector:
istio: ingressgateway
servers:
- port:
number: 80
name: http
protocol: HTTP
hosts:
- app.helloworld.app
- port:
number: 443
name: https
protocol: HTTPS
tls:
mode: SIMPLE
credentialName: app-cert
hosts:
- app.helloworld.app
---
apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
name: app-virtual-service-istio
namespace: istio-ingress
spec:
hosts:
- app.helloworld.app
gateways:
- app-gateway-istio
http:
- route:
- destination:
host: host.docker.internal
port:
number: 19006
---
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: app-gateway-service-disable-mtls
spec:
host: host.docker.internal
trafficPolicy:
tls:
mode: DISABLE
(由于资源限制,我无法在kubernetes集群中运行服务(
我通过添加以下配置修复了这个问题:
apiVersion: networking.istio.io/v1alpha3
kind: ServiceEntry
metadata:
name: docker-ext
spec:
hosts:
- host.docker.internal
ports:
- number: 19006
name: http
protocol: HTTP
resolution: DNS
location: MESH_EXTERNAL