首页 文章

拥有2项服务的Kubernetes ingress并不总能找到正确的服务

提问于
浏览
1

我有一个Kubernetes集群,后端服务和安全服务 . 入口定义如下:

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: solidary-life
  annotations:
    kubernetes.io/ingress.global-static-ip-name: sl-ip
    certmanager.k8s.io/acme-http01-edit-in-place: "true"
    ingress.kubernetes.io/force-ssl-redirect: "true"
    ingress.kubernetes.io/ssl-redirect: "true"
  labels:
    app: sl
spec:
  rules:
    - host: app-solidair-vlaanderen.com
      http:
        paths:
        - path: /v0.0.1/*
          backend:
            serviceName: backend-backend
            servicePort: 8080
        - path: /auth/*
          backend:
            serviceName: security-backend
            servicePort: 8080
  tls:
  - secretName: solidary-life-tls
    hosts:
    - app-solidair-vlaanderen.com

后端服务配置如下:

apiVersion: apps/v1beta1
kind: Deployment
metadata:
  name: backend
  labels:
    app: sl
spec:
  template:
    metadata:
      labels:
        app: sl
        tier: web
    spec:
      containers:
      - name: backend-app
        image: gcr.io/solidary-life-218713/sv-backend:0.0.6
        ports:
          - name: http
            containerPort: 8080
        readinessProbe:
          httpGet:
            path: /v0.0.1/api/online
            port: 8080
---
apiVersion: v1
kind: Service
metadata:
  name: backend-backend
  labels:
    app: sl
spec:
  type: NodePort
  selector:
    app: sl
    tier: web
  ports:
  - port: 8080
    targetPort: 8080

和auth服务器服务:

apiVersion: apps/v1beta1
kind: Deployment
metadata:
  name: security
  labels:
    app: sl-security
spec:
  template:
    metadata:
      labels:
        app: sl
        tier: web
    spec:
      containers:
      - name: security-app
        image: gcr.io/solidary-life-218713/sv-security:0.0.1
        ports:
          - name: http
            containerPort: 8080
          - name: management
            containerPort: 9090
          - name: jgroups-tcp
            containerPort: 7600
          - name: jgroups-tcp-fd
            containerPort: 57600
          - name: jgroups-udp
            containerPort: 55200
            protocol: UDP
          - name: jgroups-udp-mc
            containerPort: 45688
            protocol: UDP
          - name: jgroups-udp-fd
            containerPort: 54200
            protocol: UDP
          - name: modcluster
            containerPort: 23364
          - name: modcluster-udp
            containerPort: 23365
            protocol: UDP
          - name: txn-recovery-ev
            containerPort: 4712
          - name: txn-status-mgr
            containerPort: 4713
        readinessProbe:
          httpGet:
            path: /auth/
            port: 8080
---
apiVersion: v1
kind: Service
metadata:
  name: security-backend
  labels:
    app: sl
spec:
  type: NodePort
  selector:
    app: sl
    tier: web
  ports:
  - port: 8080
    targetPort: 8080

现在我可以去网址了:

有时这是有效的,有时我会得到404 . 这很烦人,我对Kubernetes很新 . 我没有找到错误 .

它可以与后端和安全服务定义中的“sl”标签有关吗?

kubernetes google-kubernetes-engine kubernetes-ingress

1 回答

  • 2

    是 . 假设您的所有服务都位于相同的Kubernetes命名空间,那么至少必须是问题的开始 . 你能为每个标签使用不同的标签吗?

    因此,实质上,您有2个服务随机选择属于安全部署和后端部署的pod . 确定服务实际发送请求的方法之一是查看其 endpoints 并运行:

    kubectl -n <your-namespace> <get or describe> ep
    回复于

相关问题