通過 GKE 負載平衡器到節點的流量被拒絕

我遵循了 GKE ruby​​ bookshelf example 並引用了 kubernetes 範例。雖然我部署了資源，但我無法 ping 我的 railsfrontend節點。我實現了一個簡單的ping路由來測試最基本的連接性。

我已經減少replicas到 1 以簡化事情，並從節點中獲取日誌以確認它已啟動並執行，沒有任何錯誤存在。

> wget http://104.154.128.169/ping
--2017-09-15 14:14:54--  http://104.154.128.169/ping
Connecting to 104.154.128.169:80... failed: Connection refused.

配置

apiVersion: v1
kind: Service
metadata:
 name: foo-frontend
 labels:
   app: foo
   tier: frontend
spec:
 type: LoadBalancer
 ports:
 - port: 80
 selector:
   app: foo
   tier: frontend
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
 name: foo-frontend
 labels:
   app: foo
   tier: frontend
spec:
 replicas: 1
 template:
   metadata:
     labels:
       app: foo
       tier: frontend
   spec:
     containers:
     - name: foo-app
       image: us.gcr.io/foo/api:latest
       imagePullPolicy: Always
       env:
       - name: FORMATION
         value: web=1
       - name: RAILS_ENV
         value: production
       - name: RACK_ENV
         value: production
       - name: RAILS_LOG_TO_STDOUT
         value: enabled
       - name: RAILS_SERVE_STATIC_FILES
         value: "true"
       - name: SECRET_KEY_BASE
         valueFrom:
           secretKeyRef:
             name: production-secrets
             key: SECRET_KEY_BASE
       - name: DB_PASSWORD
         valueFrom:
           secretKeyRef:
             name: production-secrets
             key: DB_PASSWORD
       ports:
       - containerPort: 8080

Dockerfile

片段

EXPOSE 8080/tcp

CMD bundle exec foreman start --formation "$FORMATION"

檔案

web: bundle exec rackup --port 8080
worker: bundle exec rake run_worker

地位

> kubectl get pods; kubectl get services

NAME                                READY     STATUS    RESTARTS   AGE
foo-frontend-284775361-4pzk3   1/1       Running   0          9m
NAME                CLUSTER-IP      EXTERNAL-IP       PORT(S)        AGE
foo-frontend   10.15.246.177   104.154.128.169   80:30917/TCP   9m
kubernetes          10.15.240.1     <none>            443/TCP        22h

和

> kubectl describe service
Name:           foo-frontend
Namespace:      default
Labels:         app=foo
           tier=frontend
Annotations:        <none>
Selector:       app=foo,tier=frontend
Type:           LoadBalancer
IP:         10.15.246.177
LoadBalancer Ingress:   104.154.128.169
Port:           <unset> 80/TCP
NodePort:       <unset> 30917/TCP
Endpoints:      10.12.2.13:80
Session Affinity:   None
Events:
 FirstSeen LastSeen    Count   From            SubObjectPath   Type        Reason          Message
 --------- --------    -----   ----            -------------   --------    ------          -------
 10m       9m      2   service-controller          Normal      CreatingLoadBalancer    Creating load balancer
 9m        9m      2   service-controller          Normal      CreatedLoadBalancer Created load balancer


Name:           kubernetes
Namespace:      default
Labels:         component=apiserver
           provider=kubernetes
Annotations:        <none>
Selector:       <none>
Type:           ClusterIP
IP:         10.15.240.1
Port:           https   443/TCP
Endpoints:      104.154.116.128:443
Session Affinity:   ClientIP
Events:         <none>

TL;博士

1. 你能在我的配置中發現任何錯誤嗎？
2. 調試的最佳下一步是什麼？（或任何其他建議）

我相信關鍵問題是我沒有targetPort在服務中指定 a 。我也設置了一個計算靜態ip gcloud compute addresses create foo-frontend-ip --region=us-central1，所以無論哪種方式，它都是兩者之一。

apiVersion: v1
kind: Service
metadata:
 name: foo-frontend
 labels:
   app: foo
   tier: frontend
spec:
 type: LoadBalancer
 # use your external IP here
 loadBalancerIP: x.x.x.x
 ports:
 - port: 80
   targetPort: 8080
   protocol: TCP
 selector:
   app: foo
   tier: frontend

引用自：https://serverfault.com/questions/873912