我在kubernetes集群中使用consul并且想要查询其集群外部的DNS端口,但不确定如何在haproxy中代理请求 .
带有外部IP的Google负载均衡器配置
---
kind: Service
apiVersion: v1
metadata:
name: consul-lb
spec:
type: LoadBalancer
ports:
- port: 80
protocol: TCP
name: tcp
selector:
app: haproxy-ingress-lb
haproxy pod可以使用检索dns记录
dns +noall +answer @10.8.1.2 -p 8600 abc.service.cluster.local SRV
abc.service.cluster.local. 0 IN SRV 1 1 8070 2d210by7.addr.dc1.cluster.local.
在集群外我可以卷曲http:// 并通过haproxy检索后端nginx服务器,以便正常工作
tcpdump host {Any consul PodIP} -vv doesn't reveal much that I can tell
00:53:51.609118 IP haproxy-voltest-gvjfx.51486 > consul-2.consul.default.svc.cluster.local.8600: Flags [S], seq 219267660, win 28400, options [mss 1420,sackOK,TS val 1016956519 ecr 0,nop,wscale 7], length 0
00:53:51.609413 IP consul-2.consul.default.svc.cluster.local.8600 > haproxy-voltest-gvjfx.51486: Flags [S.], seq 2564495418, ack 219267661, win 28160, options [mss 1420,sackOK,TS val 1016956773 ecr 1016956519,nop,wscale 7], length 0
00:53:51.609821 IP haproxy-voltest-gvjfx.51486 > consul-2.consul.default.svc.cluster.local.8600: Flags [R.], seq 1, ack 1, win 222, options [nop,nop,TS val 1016956520 ecr 1016956773], length 0
我的haproxy配置是
defaults
mode tcp
option tcplog
option log-health-checks
retries 3
option redispatch
timeout connect 5000
timeout client 10000
timeout server 10000
# make sure log-format is on a single line
log global
frontend http-in
bind *:80
mode tcp
option tcplog
log global
# Default backend to be used
default_backend consuldns
backend consuldns
mode tcp
option tcplog
timeout connect 10s
timeout server 1m
server server1 10.8.2.9:8600 check
提前致谢 ,
编辑:1
这是我在外部尝试的命令
dig @{external load balancer ip} -p 80 abc.service.cluster.local SRV
;; connection timed out; no servers could be reached