无法与使用 kubernetes 在 AWS EC2 实例中本地创建的 Pods 通信
Not able to communicate with Pods locally created in AWS EC2 instance with kubernetes
我在 Ubuntu EC2 实例中创建了简单的 nginx 部署,并通过 kubernetes 集群中的服务暴露给端口,但即使在本地环境中我也无法 ping pods。我的 Pods 是 运行 正常,服务也已成功创建。我在下面分享一些命令的输出
kubectl 获取节点
NAME STATUS ROLES AGE VERSION
ip-172-31-39-226 Ready <none> 2d19h v1.16.1
master-node Ready master 2d20h v1.16.1
kubectl get po -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-deployment-54f57cf6bf-dqt5v 1/1 Running 0 101m 192.168.39.17 ip-172-31-39-226 <none> <none>
nginx-deployment-54f57cf6bf-gh4fz 1/1 Running 0 101m 192.168.39.16 ip-172-31-39-226 <none> <none>
sample-nginx-857ffdb4f4-2rcvt 1/1 Running 0 20m 192.168.39.18 ip-172-31-39-226 <none> <none>
sample-nginx-857ffdb4f4-tjh82 1/1 Running 0 20m 192.168.39.19 ip-172-31-39-226 <none> <none>
kubectl 获取 svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 2d20h
nginx-deployment NodePort 10.101.133.21 <none> 80:31165/TCP 50m
sample-nginx LoadBalancer 10.100.77.31 <pending> 80:31854/TCP 19m
kubectl 描述部署 nginx-deployment
Name: nginx-deployment
Namespace: default
CreationTimestamp: Mon, 14 Oct 2019 06:28:13 +0000
Labels: <none>
Annotations: deployment.kubernetes.io/revision: 1
kubectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"nginx-deployment","namespace":"default"},"spec":{"replica...
Selector: app=nginx
Replicas: 2 desired | 2 updated | 2 total | 2 available | 0 unavailable
StrategyType: RollingUpdate
MinReadySeconds: 0
RollingUpdateStrategy: 25% max unavailable, 25% max surge
Pod Template:
Labels: app=nginx
Containers:
nginx:
Image: nginx:1.7.9
Port: 80/TCP
Host Port: 0/TCP
Environment: <none>
Mounts: <none>
Volumes: <none>
Conditions:
Type Status Reason
---- ------ ------
Available True MinimumReplicasAvailable
Progressing True NewReplicaSetAvailable
OldReplicaSets: <none>
NewReplicaSet: nginx-deployment-54f57cf6bf (2/2 replicas created)
Events: <none>
现在我无法从 master ping 192.168.39.17/16/18/19,也无法从 master 访问 curl 172.31.39.226:31165/31854。任何帮助将不胜感激..
从信息来看,您已经提供了。从讨论中我们了解到工作节点有 Nginx pod 运行。并且您已将 NodePort 服务和负载均衡器服务附加到它。
这里唯一缺少的是您尝试访问它的服务器。
所以,我试图达到这个 URL 52.201.242.84:31165。我认为您需要做的就是将此端口列入白名单以供 public 访问或 IP。这可以通过工作节点 EC2 的安全组来完成。
现在上面的 URL 是从工作节点的 public IP 加上 (+) 附加的 NodePort svc 构建的。因此,这是一个简单的公式,您可以使用它来获取 pod 运行.
的确切地址
Pod Access URL = Public IP of Worker Node + The NodePort
我在 Ubuntu EC2 实例中创建了简单的 nginx 部署,并通过 kubernetes 集群中的服务暴露给端口,但即使在本地环境中我也无法 ping pods。我的 Pods 是 运行 正常,服务也已成功创建。我在下面分享一些命令的输出
kubectl 获取节点
NAME STATUS ROLES AGE VERSION
ip-172-31-39-226 Ready <none> 2d19h v1.16.1
master-node Ready master 2d20h v1.16.1
kubectl get po -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-deployment-54f57cf6bf-dqt5v 1/1 Running 0 101m 192.168.39.17 ip-172-31-39-226 <none> <none>
nginx-deployment-54f57cf6bf-gh4fz 1/1 Running 0 101m 192.168.39.16 ip-172-31-39-226 <none> <none>
sample-nginx-857ffdb4f4-2rcvt 1/1 Running 0 20m 192.168.39.18 ip-172-31-39-226 <none> <none>
sample-nginx-857ffdb4f4-tjh82 1/1 Running 0 20m 192.168.39.19 ip-172-31-39-226 <none> <none>
kubectl 获取 svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 2d20h
nginx-deployment NodePort 10.101.133.21 <none> 80:31165/TCP 50m
sample-nginx LoadBalancer 10.100.77.31 <pending> 80:31854/TCP 19m
kubectl 描述部署 nginx-deployment
Name: nginx-deployment
Namespace: default
CreationTimestamp: Mon, 14 Oct 2019 06:28:13 +0000
Labels: <none>
Annotations: deployment.kubernetes.io/revision: 1
kubectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"nginx-deployment","namespace":"default"},"spec":{"replica...
Selector: app=nginx
Replicas: 2 desired | 2 updated | 2 total | 2 available | 0 unavailable
StrategyType: RollingUpdate
MinReadySeconds: 0
RollingUpdateStrategy: 25% max unavailable, 25% max surge
Pod Template:
Labels: app=nginx
Containers:
nginx:
Image: nginx:1.7.9
Port: 80/TCP
Host Port: 0/TCP
Environment: <none>
Mounts: <none>
Volumes: <none>
Conditions:
Type Status Reason
---- ------ ------
Available True MinimumReplicasAvailable
Progressing True NewReplicaSetAvailable
OldReplicaSets: <none>
NewReplicaSet: nginx-deployment-54f57cf6bf (2/2 replicas created)
Events: <none>
现在我无法从 master ping 192.168.39.17/16/18/19,也无法从 master 访问 curl 172.31.39.226:31165/31854。任何帮助将不胜感激..
从信息来看,您已经提供了。从讨论中我们了解到工作节点有 Nginx pod 运行。并且您已将 NodePort 服务和负载均衡器服务附加到它。
这里唯一缺少的是您尝试访问它的服务器。
所以,我试图达到这个 URL 52.201.242.84:31165。我认为您需要做的就是将此端口列入白名单以供 public 访问或 IP。这可以通过工作节点 EC2 的安全组来完成。
现在上面的 URL 是从工作节点的 public IP 加上 (+) 附加的 NodePort svc 构建的。因此,这是一个简单的公式,您可以使用它来获取 pod 运行.
的确切地址Pod Access URL = Public IP of Worker Node + The NodePort