我是Kubernetes的新手,我们有一个可以为几个客户定制的应用程序。
部署很好:它们正在正确运行pod。问题是访问集群外部的API。
AWS路由正按照Kubernetes Ingress的预期创建。
现有的工作正常,但当我尝试到达新的(比如client09
)时,总是返回default-backend-404
。
另外,当curl
是url时,它会显示一条Kubernetes Ingress Controller Fake Certificate
消息。
kubectl版本客户1.6服务器1.9
此外,我的用户没有完全访问权限,因此我无法提供有关nginx controller
的任何信息。我们只是为新客户提供相同的粘贴和复制,但不知道可能出了什么问题。
有什么想法吗?
服务
apiVersion: v1
kind: Service
metadata:
name: client09-svc
labels:
run: client09-deploy
spec:
type: ClusterIP
ports:
- port: 8080
targetPort: 8080
protocol: TCP
name: api
selector:
run: client09-deploy
部署
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: client09-deploy
namespace: default
spec:
replicas: 1
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
type: RollingUpdate
template:
metadata:
labels:
run: client09-deploy
spec:
terminationGracePeriodSeconds: 60
containers:
- name: client09
image: myContainer
ports:
- containerPort: 8080
name: api
readinessProbe:
httpGet:
path: /health
port: 8080
initialDelaySeconds: 30
periodSeconds: 10
livenessProbe:
httpGet:
path: /health
port: 8080
initialDelaySeconds: 30
periodSeconds: 10
imagePullPolicy: Always
resources:
limits:
cpu: 1800m
memory: 2000Mi
requests:
cpu: 400m
memory: 1000Mi
volumeMounts:
- mountPath: /secret-volume
name: secretvolume
imagePullSecrets:
- name: dockerhubkey
volumes:
- name: secretvolume
secret:
secretName: client09-secret
入口
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: my-ingress
annotations:
kubernetes.io/ingress.class: nginx
kubernetes.io/tls-acme: "true"
ingress.kubernetes.io/ssl-redirect: "true"
ingress.kubernetes.io/use-port-in-redirects: "true"
namespace: default
spec:
tls:
- hosts:
- client01.domain.com
- client02.domain.com
- client09.domain.com
secretName: my-ingress-tls
rules:
- host: client01.domain.com
http:
paths:
- backend:
serviceName: client01-svc
servicePort: 8080
path: /
- host: client02.domain.com
http:
paths:
- backend:
serviceName: client02-svc
servicePort: 8080
path: /
- host: client09.domain.com
http:
paths:
- backend:
serviceName: client09-svc
servicePort: 8080
path: /
看起来选择器有问题。您能将服务YAML更新为以下内容吗:
apiVersion: v1
kind: Service
metadata:
name: client09-svc
labels:
run: client09-deploy
spec:
type: ClusterIP
ports:
- port: 8080
targetPort: 8080
protocol: TCP
name: api
selector:
name: client09-deploy