我有一个容器化的应用程序,我正在尝试将标头proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;从我的nginx传递到我的rails应用程序。
但是,当我使用此标头时,就绪和活动探测开始失败,状态为502 and awaiting headers,并且我的部署未成功完成。
这是我们看到502的kubectl describe pod输出
Warning Unhealthy 11m kubelet, gke-cluster-1-upgraded-pool--v82p Liveness probe failed: Get http://10.16.0.1:3000/users/sign_in: dial tcp 10.16.0.221:3000: connect: connection refused
Warning Unhealthy 11m kubelet, gke-cluster-1-upgraded-pool--v82p Readiness probe failed: HTTP probe failed with statuscode: 502
Warning Unhealthy 11m kubelet, gke-cluster-1-upgraded-pool--v82p Liveness probe failed: HTTP probe failed with statuscode: 502
Warning Unhealthy 11m kubelet, gke-cluster-1-upgraded-pool--v82p Readiness probe failed: Get http://10.16.0.1:3000/users/sign_in: dial tcp 10.16.0.221:3000: connect: connection refused
Warning Unhealthy 11m kubelet, gke-cluster-1-upgraded-pool--v82p Liveness probe failed: Get http://10.16.0.1:3000/users/sign_in: net/http: request canceled (Client.Timeout exceeded while awaiting headers)
Warning BackOff 84s (x33 over 8m56s) kubelet, gke-cluster-1-upgraded-pool--v82p Back-off restarting failed container
以前,标头值是proxy_set_header X-Forwarded-For $http_x_forwarded_for;
以下是我nginx.conf的相关部分
http {
set_real_ip_from 1.2.3.4; -- example ip
real_ip_header X-Forwarded-For;
real_ip_recursive on;
server {
listen 80 default_server;
server_name _;
client_max_body_size 16m;
location @app {
proxy_pass http://127.0.0.1:3000;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
}
}
}
下面是我的部署文件,我尝试仅保留相关部分并删除了 Volumne 装载和数据库连接设置
apiVersion: apps/v1beta1
kind: Deployment
metadata:
name: backend
spec:
template:
metadata:
labels:
app: backend
spec:
initContainers:
- name: nginx-config
image: my_nginx
command: ['/bin/sh', '-c']
args: ["sed -i -e 's/gzip_types/gzip_types application\/json/g' /etc/nginx/nginx.conf && mv /etc/nginx/* /etc/nginx-new/"]
volumeMounts:
- name: nginx-config
mountPath: /etc/nginx-new
- name: copy-assets
image: unicorn_image
command: ['sh', '-c', 'cp -a /app/public/* /mnt/']
volumeMounts:
- name: assets
mountPath: /mnt
containers:
- name: unicorn
image: unicorn_image
ports:
- containerPort: 3000
env:
livenessProbe:
httpGet:
path: /users/sign_in
port: 3000
scheme: HTTP
initialDelaySeconds: 10
readinessProbe:
httpGet:
path: /users/sign_in
port: 3000
scheme: HTTP
initialDelaySeconds: 10
- name: nginx
image: my_nginx
ports:
- containerPort: 80
livenessProbe:
httpGet:
path: /users/sign_in
port: 80
scheme: HTTP
initialDelaySeconds: 10
readinessProbe:
httpGet:
path: /users/sign_in
port: 80
scheme: HTTP
initialDelaySeconds: 10
volumeMounts:
- name: assets
mountPath: /var/www
readOnly: true
- name: nginx-config
mountPath: /etc/nginx
更新:我看到nginx容器没有被创建。请看下文
kubectl exec -it backend-6f4974cfd6-jtnqk -c nginx -- /bin/bash
error: unable to upgrade connection: container not found ("nginx")
不确定更新标头如何导致问题。
任何人都可以指出我如何解决它的正确方向,谢谢。
1.根据第二个问题,请在deployment.spec.template.spec section中添加volumes空目录或主机路径
apiVersion: apps/v1
kind: Deployment
metadata:
name: backend
spec:
replicas: 2
selector:
matchLabels:
app: backend
template:
metadata:
labels:
app: backend
spec:
initContainers:
- name: ubuntu
image: ubuntu
command: ["/bin/sh"]
args: ["-c", " echo test > /test1/index.html "]
volumeMounts:
- name: nginx-index
mountPath: /test1
containers:
- name: nginx
image: nginx
ports:
- containerPort: 80
volumeMounts:
- name: nginx-index
mountPath: /usr/share/nginx/html
volumes:
- name: nginx-index
emptyDir: {}
2.如果您使用的是标准nginx图像,请记住,提供args and commands它会改变f。在 Dockerimage 中定义的 e 入口点
3.在我看来,最好使用 configMap 来为 nginx 提供特定的配置
希望这个帮助