Kubernetes Ingress 不工作:默认后端 404
Kubernetes Ingress not working: default backend 404
我是 Kubernertes 的新手,我们有一个可以为多个客户定制的应用程序。
部署很好:它们 运行 pods 正确。问题是访问集群外的API
正在按 Kubernetes Ingress 的预期创建 AWS 路由。
现有的工作正常,但当我尝试到达新的(假设 client09)时,总是 return default-backend-404.
此外,当 curl url 时,它会显示一条 Kubernetes Ingress Controller Fake Certificate 消息。
kubectl 版本
客户端 1.6
服务器 1.9
另外,我的用户没有完全访问权限,因此我无法提供有关 nginx controller 的任何信息。我们只是为新客户提供相同的粘贴和复制,但不知道哪里出了问题。
有什么想法吗?
服务
apiVersion: v1
kind: Service
metadata:
name: client09-svc
labels:
run: client09-deploy
spec:
type: ClusterIP
ports:
- port: 8080
targetPort: 8080
protocol: TCP
name: api
selector:
run: client09-deploy
部署
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: client09-deploy
namespace: default
spec:
replicas: 1
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
type: RollingUpdate
template:
metadata:
labels:
run: client09-deploy
spec:
terminationGracePeriodSeconds: 60
containers:
- name: client09
image: myContainer
ports:
- containerPort: 8080
name: api
readinessProbe:
httpGet:
path: /health
port: 8080
initialDelaySeconds: 30
periodSeconds: 10
livenessProbe:
httpGet:
path: /health
port: 8080
initialDelaySeconds: 30
periodSeconds: 10
imagePullPolicy: Always
resources:
limits:
cpu: 1800m
memory: 2000Mi
requests:
cpu: 400m
memory: 1000Mi
volumeMounts:
- mountPath: /secret-volume
name: secretvolume
imagePullSecrets:
- name: dockerhubkey
volumes:
- name: secretvolume
secret:
secretName: client09-secret
入口
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: my-ingress
annotations:
kubernetes.io/ingress.class: nginx
kubernetes.io/tls-acme: "true"
ingress.kubernetes.io/ssl-redirect: "true"
ingress.kubernetes.io/use-port-in-redirects: "true"
namespace: default
spec:
tls:
- hosts:
- client01.domain.com
- client02.domain.com
- client09.domain.com
secretName: my-ingress-tls
rules:
- host: client01.domain.com
http:
paths:
- backend:
serviceName: client01-svc
servicePort: 8080
path: /
- host: client02.domain.com
http:
paths:
- backend:
serviceName: client02-svc
servicePort: 8080
path: /
- host: client09.domain.com
http:
paths:
- backend:
serviceName: client09-svc
servicePort: 8080
path: /
选择器似乎有问题。
您能否将服务 YAML 更新为:
apiVersion: v1
kind: Service
metadata:
name: client09-svc
labels:
run: client09-deploy
spec:
type: ClusterIP
ports:
- port: 8080
targetPort: 8080
protocol: TCP
name: api
selector:
name: client09-deploy
我是 Kubernertes 的新手,我们有一个可以为多个客户定制的应用程序。
部署很好:它们 运行 pods 正确。问题是访问集群外的API
正在按 Kubernetes Ingress 的预期创建 AWS 路由。
现有的工作正常,但当我尝试到达新的(假设 client09)时,总是 return default-backend-404.
此外,当 curl url 时,它会显示一条 Kubernetes Ingress Controller Fake Certificate 消息。
kubectl 版本 客户端 1.6 服务器 1.9
另外,我的用户没有完全访问权限,因此我无法提供有关 nginx controller 的任何信息。我们只是为新客户提供相同的粘贴和复制,但不知道哪里出了问题。
有什么想法吗?
服务
apiVersion: v1
kind: Service
metadata:
name: client09-svc
labels:
run: client09-deploy
spec:
type: ClusterIP
ports:
- port: 8080
targetPort: 8080
protocol: TCP
name: api
selector:
run: client09-deploy
部署
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: client09-deploy
namespace: default
spec:
replicas: 1
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
type: RollingUpdate
template:
metadata:
labels:
run: client09-deploy
spec:
terminationGracePeriodSeconds: 60
containers:
- name: client09
image: myContainer
ports:
- containerPort: 8080
name: api
readinessProbe:
httpGet:
path: /health
port: 8080
initialDelaySeconds: 30
periodSeconds: 10
livenessProbe:
httpGet:
path: /health
port: 8080
initialDelaySeconds: 30
periodSeconds: 10
imagePullPolicy: Always
resources:
limits:
cpu: 1800m
memory: 2000Mi
requests:
cpu: 400m
memory: 1000Mi
volumeMounts:
- mountPath: /secret-volume
name: secretvolume
imagePullSecrets:
- name: dockerhubkey
volumes:
- name: secretvolume
secret:
secretName: client09-secret
入口
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: my-ingress
annotations:
kubernetes.io/ingress.class: nginx
kubernetes.io/tls-acme: "true"
ingress.kubernetes.io/ssl-redirect: "true"
ingress.kubernetes.io/use-port-in-redirects: "true"
namespace: default
spec:
tls:
- hosts:
- client01.domain.com
- client02.domain.com
- client09.domain.com
secretName: my-ingress-tls
rules:
- host: client01.domain.com
http:
paths:
- backend:
serviceName: client01-svc
servicePort: 8080
path: /
- host: client02.domain.com
http:
paths:
- backend:
serviceName: client02-svc
servicePort: 8080
path: /
- host: client09.domain.com
http:
paths:
- backend:
serviceName: client09-svc
servicePort: 8080
path: /
选择器似乎有问题。 您能否将服务 YAML 更新为:
apiVersion: v1
kind: Service
metadata:
name: client09-svc
labels:
run: client09-deploy
spec:
type: ClusterIP
ports:
- port: 8080
targetPort: 8080
protocol: TCP
name: api
selector:
name: client09-deploy