小贝子编程

暴露Kubernetes入口,在Raspberry Pi4上使用Minikube



我在Raspberry Pi4上运行minikube。我启用了$ minikube addons enable ingress的入口,并使用以下yaml文件为kubernetes-dashboard创建了入口:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: dashboard-ingress
namespace: kubernetes-dashboard
annotations:
kubernetes.io/ingress.class: "nginx"
spec:
rules:
- host: dashboard.com
http:
paths:
- path: /
pathType: Exact  
backend:
service:
name: kubernetes-dashboard
port: 
number: 80

它工作正常,创建入口,我得到这个外部IP地址:192.168.49.2。按照本教程的建议,我编辑了/etc/hosts文件,添加了192.168.49.2 dashboard.com。当我curl dashboard.com我得到一个答案,我认为是正确的,但我没有安装在树莓上的浏览器,所以我不能实际看到的页面。这是我得到的结果:

<!--
Copyright 2017 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
--><!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
<title>Kubernetes Dashboard</title>
<link
rel="icon"
type="image/png"
href="assets/images/kubernetes-logo.png"
/>
<meta name="viewport" content="width=device-width" />
<style>
body,
html {
height: 100%;
margin: 0;
}
</style>
<link
rel="stylesheet"
href="styles.f66c655a05a456ae30f8.css"
media="print"
onload="this.media='all'"
/>
<noscript
><link rel="stylesheet" href="styles.f66c655a05a456ae30f8.css"
/></noscript>
</head>
<body>
<kd-root></kd-root>
<script src="runtime.fb7fb9bb628f2208f9e9.js" defer></script>
<script src="polyfills.49b2d5227916caf47237.js" defer></script>
<script src="scripts.72d8a72221658f3278d3.js" defer></script>
<script src="en.main.0bf75cd6c71fc0efa001.js" defer></script>
</body>
</html>

我有一台MacBook物理连接到与Raspberry相同的路由器(由ISP提供的路由器)。如果我尝试从MacBook上切换curl dashboard.com,甚至ping 192.168.49.2,它都会失败。Raspberry和其他设备都在192.168.1.x/24子网掩码上,为了使其他计算机能够进入ingress,似乎应该与iptables做些什么。当我做ip addr show时,我得到这个结果:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host 
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether dc:a6:32:a0:5b:17 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.x/24 brd 192.168.1.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::dea6:32ff:fea0:5b17/64 scope link 
valid_lft forever preferred_lft forever
3: wlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether dc:a6:32:a0:5b:18 brd ff:ff:ff:ff:ff:ff
5: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default 
link/ether 02:42:66:3d:68:77 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:66ff:fe3d:6877/64 scope link 
valid_lft forever preferred_lft forever
6: br-982a6fd0200b: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
link/ether 02:42:dd:e3:e1:66 brd ff:ff:ff:ff:ff:ff
inet 192.168.49.1/24 brd 192.168.49.255 scope global br-982a6fd0200b
valid_lft forever preferred_lft forever
inet6 fe80::42:ddff:fee3:e166/64 scope link 
valid_lft forever preferred_lft forever
54: vetha0ba61f@if53: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-982a6fd0200b state UP group default 
link/ether aa:33:e5:14:69:e3 brd ff:ff:ff:ff:ff:ff link-netnsid 1
inet6 fe80::a833:e5ff:fe14:69e3/64 scope link 
valid_lft forever preferred_lft forever
78: veth8ae0efb@if77: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-982a6fd0200b state UP group default 
link/ether 6e:7b:d8:21:79:21 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::6c7b:d8ff:fe21:7921/64 scope link 
valid_lft forever preferred_lft forever

我有几个问题:

  1. 我该怎么做才能从网络上的另一台计算机访问该页面?
  2. 如何在路由器上暴露ingressIP ?
  3. 是否有一种方法可以在路由器上显示ingress地址,并且(例如)仅在DMZ中暴露该地址?

Minikube使用虚拟机或容器技术创建隔离的集群。被隔离的集群使用外部无法访问的单独IP。

但是您可以将主机(您的树莓派)的特定端口映射到集群节点,使容器(如您的入口)可访问。

例如,要使运行minikube的机器上的节点端口80和443可访问,请使用

minikube start --driver docker ... --ports 80:80 --ports 443:443

您必须确保入口实现,例如nginx或trafik,也正在使用节点的主机端口。

相关内容

  • 没有找到相关文章

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium