Docker
配置 Kubernetes 入口
我正在嘗試將 Google Kubernetes Engine Ingress 正確配置為在埠 3000 上執行的負載平衡 Docker 應用程序。我顯然在某個地方犯了一個明顯的錯誤,但我不知道在哪裡。Ingress 總是說機器不健康,但我能夠驗證 Web 應用程序正在執行並在 0.0.0.0:3000 上偵聽。
除了所述問題之外,我的配置中的任何其他明確的陷阱也值得讚賞。
目前設置如下所示:
部署.yml
apiVersion: apps/v1 kind: Deployment metadata: name: web spec: replicas: 1 selector: matchLabels: app: web strategy: rollingUpdate: maxSurge: 1 maxUnavailable: 1 minReadySeconds: 5 template: metadata: labels: app: web spec: containers: - name: cloud-sql-proxy image: gcr.io/cloudsql-docker/gce-proxy:1.17 command: - "/cloud_sql_proxy" - "-ip_address_types=PRIVATE" - "-instances=project:us-central1:postgres=tcp:5432" securityContext: runAsNonRoot: true - name: web image: gcr.io/PROJECT_ID/IMAGE:TAG ports: - containerPort: 3000 env: - name: MASTER_KEY valueFrom: secretKeyRef: name: masterkey key: MASTER_KEY resources: requests: cpu: 100m limits: cpu: 100m
網路服務.yml
apiVersion: v1 kind: Service metadata: name: web-service spec: selector: app: web type: NodePort ports: - port: 3000 targetPort: 443 protocol: TCP name: https
網路入口.yml
apiVersion: networking.k8s.io/v1beta1 kind: Ingress metadata: name: web-ingress annotations: kubernetes.io/ingress.global-static-ip-name: staging-cluster networking.gke.io/managed-certificates: cloudflare-origin spec: rules: - host: staging.mydomain.com http: paths: - backend: serviceName: web-service servicePort: 443
cloudflare-origin.yml *
apiVersion: networking.gke.io/v1beta2 kind: ManagedCertificate metadata: name: cloudflare-origin spec: domains: - staging.mydomain.com
計算地址.yml
apiVersion: compute.cnrm.cloud.google.com/v1beta1 kind: ComputeAddress metadata: name: staging-cluster spec: location: global
定制化.yml
apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - gke/deployment.yml - gke/config-connector.yml - gke/compute-address.yml - gke/cloudflare-origin.yml - gke/web-service.yml - gke/web-ingress.yml
在您的入口資源中,您使用的是服務埠:443,但在您的服務定義中,您有埠:3000。
您需要按以下方式修復您的服務:
apiVersion: v1 kind: Service metadata: name: web-service spec: selector: app: web type: NodePort ports: - port: 443 targetPort: 3000 protocol: TCP name: https