我正在学习microk8s以及ingress是如何工作的。
我有一个单节点microk8s(v1.18.4(,带有以下附加组件:DNS、入口、RBAC、存储
我正试图让它与微珠的例子一起工作。我已经通读了(并重读了(本教程,但是,一旦应用了入口清单,地址就会与microbot服务一起被路由到127.0.0.1(而不是内部pod IP(。
我正试图通过运行在其内部的vm外部的web访问应用程序:http://192.168.91.166/microbot(并且在登录vm时尝试了curl(,这将导致返回错误页面。192.168.91.166是vm的ip。
# kubectl get all -A
NAMESPACE NAME READY STATUS RESTARTS AGE
development pod/microbot-7dcc49575f-fqttp 1/1 Running 1 22h
ingress pod/nginx-ingress-microk8s-controller-phjgl 1/1 Running 1 21h
kube-system pod/coredns-588fd544bf-lb8mx 1/1 Running 3 37h
kube-system pod/hostpath-provisioner-75fdc8fccd-4klwh 1/1 Running 5 37h
NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
default service/kubernetes ClusterIP 10.152.183.1 <none> 443/TCP 37h
development service/microbot ClusterIP 10.152.183.19 <none> 80/TCP 22h
kube-system service/kube-dns ClusterIP 10.152.183.10 <none> 53/UDP,53/TCP,9153/TCP 37h
NAMESPACE NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
ingress daemonset.apps/nginx-ingress-microk8s-controller 1 1 1 1 1 <none> 21h
NAMESPACE NAME READY UP-TO-DATE AVAILABLE AGE
development deployment.apps/microbot 1/1 1 1 22h
kube-system deployment.apps/coredns 1/1 1 1 37h
kube-system deployment.apps/hostpath-provisioner 1/1 1 1 37h
NAMESPACE NAME DESIRED CURRENT READY AGE
development replicaset.apps/microbot-7dcc49575f 1 1 1 22h
kube-system replicaset.apps/coredns-588fd544bf 1 1 1 37h
kube-system replicaset.apps/hostpath-provisioner-75fdc8fccd 1 1 1 37h
microbot svc描述
# kubectl describe svc microbot -n development
Name: microbot
Namespace: development
Labels: <none>
Annotations: Selector: name=microbot
Type: ClusterIP
IP: 10.152.183.19
Port: <unset> 80/TCP
TargetPort: 8080/TCP
Endpoints: 10.1.62.21:8080
Session Affinity: None
Events: <none>
入口描述
# kubectl describe ingress microbot -n development
Name: microbot
Namespace: development
Address: 127.0.0.1
Default backend: default-http-backend:80 (<error: endpoints "default-http-backend" not found>)
Rules:
Host Path Backends
---- ---- --------
*
/microbot microbot:80 (10.1.62.21:8080)
Annotations: kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/rewrite-target: /
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal UPDATE 14s nginx-ingress-controller Ingress development/microbot
入口吊舱日志
# kubectl logs -n ingress nginx-ingress-microk8s-controller-phjgl
-------------------------------------------------------------------------------
NGINX Ingress controller
Release: 0.33.0
Build: git-589187c35
Repository: https://github.com/kubernetes/ingress-nginx
nginx version: nginx/1.19.0
-------------------------------------------------------------------------------
W0715 13:52:22.191579 6 flags.go:249] SSL certificate chain completion is disabled (--enable-ssl-chain-completion=false)
W0715 13:52:22.192057 6 client_config.go:552] Neither --kubeconfig nor --master was specified. Using the inClusterConfig. This might not work.
I0715 13:52:22.194678 6 main.go:218] Creating API client for https://10.152.183.1:443
W0715 13:52:53.301344 6 main.go:259] Initial connection to the Kubernetes API server was retried 1 times.
I0715 13:52:53.301361 6 main.go:262] Running in Kubernetes cluster version v1.18+ (v1.18.4-1+6f17be3f1fd54a) - git (clean) commit 6f17be3f1fd54a88681869d1cf8bedd5a2174504 - platform linux/amd64
I0715 13:52:53.538979 6 main.go:103] SSL fake certificate created /etc/ingress-controller/ssl/default-fake-certificate.pem
I0715 13:52:53.539788 6 main.go:111] Enabling new Ingress features available since Kubernetes v1.18
E0715 13:52:53.542526 6 main.go:120] Unexpected error searching IngressClass: ingressclasses.networking.k8s.io "nginx" is forbidden: User "system:serviceaccount:ingress:nginx-ingress-microk8s-serviceaccount" cannot get resource "ingressclasses" in API group "networking.k8s.io" at the cluster scope
W0715 13:52:53.542574 6 main.go:123] No IngressClass resource with name nginx found. Only annotation will be used.
I0715 13:52:53.590982 6 nginx.go:263] Starting NGINX Ingress controller
I0715 13:52:53.604026 6 event.go:278] Event(v1.ObjectReference{Kind:"ConfigMap", Namespace:"ingress", Name:"nginx-ingress-tcp-microk8s-conf", UID:"5f1b23d0-297c-4b2f-ac43-f3dc7256f684", APIVersion:"v1", ResourceVersion:"14859", FieldPath:""}): type: 'Normal' reason: 'CREATE' ConfigMap ingress/nginx-ingress-tcp-microk8s-conf
I0715 13:52:53.604099 6 event.go:278] Event(v1.ObjectReference{Kind:"ConfigMap", Namespace:"ingress", Name:"nginx-ingress-udp-microk8s-conf", UID:"abbfd3c7-c38c-43df-ae0c-7c26abcdb9cc", APIVersion:"v1", ResourceVersion:"14860", FieldPath:""}): type: 'Normal' reason: 'CREATE' ConfigMap ingress/nginx-ingress-udp-microk8s-conf
I0715 13:52:53.604190 6 event.go:278] Event(v1.ObjectReference{Kind:"ConfigMap", Namespace:"ingress", Name:"nginx-load-balancer-microk8s-conf", UID:"bc525770-be0a-4303-b26d-7e1c1d424d39", APIVersion:"v1", ResourceVersion:"14858", FieldPath:""}): type: 'Normal' reason: 'CREATE' ConfigMap ingress/nginx-load-balancer-microk8s-conf
I0715 13:52:54.694319 6 event.go:278] Event(v1.ObjectReference{Kind:"Ingress", Namespace:"development", Name:"microbot", UID:"58d26f3e-d19a-4c53-8a47-1223b3ccc300", APIVersion:"networking.k8s.io/v1beta1", ResourceVersion:"22517", FieldPath:""}): type: 'Normal' reason: 'CREATE' Ingress development/microbot
I0715 13:52:54.791730 6 nginx.go:307] Starting NGINX process
I0715 13:52:54.791929 6 leaderelection.go:242] attempting to acquire leader lease ingress/ingress-controller-leader-nginx...
I0715 13:52:54.793717 6 controller.go:139] Configuration changes detected, backend reload required.
I0715 13:52:54.805276 6 leaderelection.go:252] successfully acquired lease ingress/ingress-controller-leader-nginx
I0715 13:52:54.805481 6 status.go:86] new leader elected: nginx-ingress-microk8s-controller-phjgl
I0715 13:52:55.235056 6 controller.go:155] Backend successfully reloaded.
I0715 13:52:55.235148 6 controller.go:164] Initial sync, sleeping for 1 second.
2020/07/15 15:49:54 [error] 38#38: *57190 connect() failed (111: Connection refused) while connecting to upstream, client: 127.0.0.1, server: _, request: "GET /microbot HTTP/1.1", upstream: "http://10.1.62.21:8080/", host: "127.0.0.1"
2020/07/15 15:49:54 [error] 38#38: *57190 connect() failed (111: Connection refused) while connecting to upstream, client: 127.0.0.1, server: _, request: "GET /microbot HTTP/1.1", upstream: "http://10.1.62.21:8080/", host: "127.0.0.1"
2020/07/15 15:49:54 [error] 38#38: *57190 connect() failed (111: Connection refused) while connecting to upstream, client: 127.0.0.1, server: _, request: "GET /microbot HTTP/1.1", upstream: "http://10.1.62.21:8080/", host: "127.0.0.1"
127.0.0.1 - - [15/Jul/2020:15:49:54 +0000] "GET /microbot HTTP/1.1" 502 157 "-" "curl/7.68.0" 81 0.000 [development-microbot-80] [] 10.1.62.21:8080, 10.1.62.21:8080, 10.1.62.21:8080 0, 0, 0 0.000, 0.000, 0.000 502, 502, 502 f4a04290c54d7562d01c2b2ef7b68d6b
2020/07/15 15:50:03 [error] 36#36: *57305 connect() failed (111: Connection refused) while connecting to upstream, client: 127.0.0.1, server: _, request: "GET /microbot HTTP/1.1", upstream: "http://10.1.62.21:8080/", host: "127.0.0.1"
2020/07/15 15:50:03 [error] 36#36: *57305 connect() failed (111: Connection refused) while connecting to upstream, client: 127.0.0.1, server: _, request: "GET /microbot HTTP/1.1", upstream: "http://10.1.62.21:8080/", host: "127.0.0.1"
2020/07/15 15:50:03 [error] 36#36: *57305 connect() failed (111: Connection refused) while connecting to upstream, client: 127.0.0.1, server: _, request: "GET /microbot HTTP/1.1", upstream: "http://10.1.62.21:8080/", host: "127.0.0.1"
127.0.0.1 - - [15/Jul/2020:15:50:03 +0000] "GET /microbot HTTP/1.1" 502 157 "-" "curl/7.68.0" 81 0.000 [development-microbot-80] [] 10.1.62.21:8080, 10.1.62.21:8080, 10.1.62.21:8080 0, 0, 0 0.000, 0.000, 0.000 502, 502, 502 58813a2861ae850b96d10ab9482aaaae
2020/07/15 15:54:44 [error] 37#37: *60738 connect() failed (111: Connection refused) while connecting to upstream, client: 127.0.0.1, server: _, request: "GET /microbot HTTP/1.1", upstream: "http://10.1.62.21:8080/", host: "127.0.0.1"
2020/07/15 15:54:44 [error] 37#37: *60738 connect() failed (111: Connection refused) while connecting to upstream, client: 127.0.0.1, server: _, request: "GET /microbot HTTP/1.1", upstream: "http://10.1.62.21:8080/", host: "127.0.0.1"
2020/07/15 15:54:44 [error] 37#37: *60738 connect() failed (111: Connection refused) while connecting to upstream, client: 127.0.0.1, server: _, request: "GET /microbot HTTP/1.1", upstream: "http://10.1.62.21:8080/", host: "127.0.0.1"
127.0.0.1 - - [15/Jul/2020:15:54:44 +0000] "GET /microbot HTTP/1.1" 502 157 "-" "curl/7.68.0" 81 0.000 [development-microbot-80] [] 10.1.62.21:8080, 10.1.62.21:8080, 10.1.62.21:8080 0, 0, 0 0.000, 0.000, 0.000 502, 502, 502 b2bc837c1eb56d5e598f8160e4f2e3cb
I0715 16:36:08.010736 6 event.go:278] Event(v1.ObjectReference{Kind:"Ingress", Namespace:"development", Name:"microbot", UID:"58d26f3e-d19a-4c53-8a47-1223b3ccc300", APIVersion:"networking.k8s.io/v1beta1", ResourceVersion:"94444", FieldPath:""}): type: 'Normal' reason: 'UPDATE' Ingress development/microbot
I0715 16:36:08.011329 6 controller.go:139] Configuration changes detected, backend reload required.
I0715 16:36:08.116361 6 controller.go:155] Backend successfully reloaded.
I0715 16:41:19.262503 6 store.go:383] removing ingress microbot based on annotation kubernetes.io/ingress.class
I0715 16:41:19.262648 6 controller.go:139] Configuration changes detected, backend reload required.
I0715 16:41:19.262688 6 event.go:278] Event(v1.ObjectReference{Kind:"Ingress", Namespace:"development", Name:"microbot", UID:"58d26f3e-d19a-4c53-8a47-1223b3ccc300", APIVersion:"networking.k8s.io/v1beta1", ResourceVersion:"94444", FieldPath:""}): type: 'Normal' reason: 'DELETE' Ingress development/microbot
I0715 16:41:19.343023 6 controller.go:155] Backend successfully reloaded.
I0715 16:42:53.063307 6 store.go:324] ignoring delete for ingress microbot based on annotation kubernetes.io/ingress.class
I0715 16:43:26.671104 6 store.go:349] ignoring add for ingress microbot based on annotation kubernetes.io/ingress.class with value
部署清单:
apiVersion: v1
kind: Namespace
metadata:
name: development
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: microbot
namespace: development
spec:
strategy:
type: Recreate
replicas: 1
selector:
matchLabels:
name: microbot
template:
metadata:
labels:
name: microbot
spec:
containers:
- name: microbot
image: dontrebootme/microbot:v1
imagePullPolicy: Always
envFrom:
ports:
- containerPort: 8080
---
apiVersion: v1
kind: Service
metadata:
name: microbot
namespace: development
spec:
ports:
- port: 80
targetPort: 8080
protocol: TCP
selector:
name: microbot
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: microbot
namespace: development
annotations:
kubernetes.io/ingress.class: "nginx"
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- http:
paths:
- path: /microbot
backend:
serviceName: microbot
servicePort: 80
我想知道是不是有什么地方我做得不对。任何帮助都将不胜感激。
在microK8s中,您应该使用http://127.0.0.1/microbot通过集群外部的入口(即浏览器(访问pod。这会在nginx入口控制器日志中给您502错误。检查的几件事
-
使用
kubectl describe svc microbot -n development检查服务是否有反映正确POD IP的Endpoints -
检查吊舱内的容器是否正在侦听端口
8080。也许是80或其他什么。 -
作为pod中的容器运行的应用程序需要侦听
0.0.0.0而不是127.0.0.1