如何在同一个命名空间中部署多个大使守护进程 - kubernetes
How to deploy multiple ambassador daemon-set in the same namespace - kuberntes
我 运行 与大使 (Envoy) 有问题。 Ambassador 不会同时支持 HTTP 和 HTTPS。因此,作为一种解决方法,我必须部署两组大使(一组用于 HTTP,另一组用于 HTTPS)。我部署了两套大使。
NAME READY STATUS RESTARTS AGE
pod/ambassador-k7nlr 2/2 Running 0 55m
pod/ambassador-t2dbm 2/2 Running 0 55m
pod/ambassador-tls-7h6td 2/2 Running 0 107s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/ambassador-admin NodePort 10.233.58.170 <none> 8877:30857/TCP 18d
service/ambassador-admin-tls NodePort 10.233.33.29 <none> 8878:32339/TCP 28m
service/ambassador-monitor ClusterIP None <none> 9102/TCP 18d
NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
daemonset.apps/ambassador 2 2 2 2 2 node-role.kubernetes.io/node= 58m
daemonset.apps/ambassador-tls 1 1 1 1 1 node-role.kubernetes.io/node=tls 107s
下面两组pods我想用于http
pod/ambassador-k7nlr 2/2 Running 0 55m
pod/ambassador-t2dbm 2/2 Running 0 55m
这是 https
pod/ambassador-tls-7h6td 2/2 Running 0 107s
下面是我的服务注释
getambassador.io/config: |
---
apiVersion: ambassador/v0
kind: Module
name: tls
config:
server:
secret: dashboard-certs
---
apiVersion: ambassador/v0
kind: Mapping
name: dashboard_test_mapping
host: dashboard.example.com
service: https://dashboard.test.svc.cluster.local
prefix: /
这里的 apiVersion: ambassador/v0 指的是两个大使集,所以我在服务注释中所做的任何更改都将反映在两个大使集中。
我想为特定大使守护程序集 (HTTPS) 设置此服务注释。
有什么建议吗??
你可以使用 AMBASSADOR_ID,像这样:
getambassador.io/config: |
---
ambassador_id: ambassador-1
apiVersion: ambassador/v0
kind: Module
name: tls
config:
server:
secret: dashboard-certs
---
ambassador_id: ambassador-1
apiVersion: ambassador/v0
kind: Mapping
name: dashboard_test_mapping
host: dashboard.example.com
service: https://dashboard.test.svc.cluster.local
prefix: /
然后在DaemonSet的env变量中指定这个id:
env:
- name: AMBASSADOR_ID
value: ambassador-1
参考文档:
https://www.getambassador.io/reference/running/#ambassador_id
我 运行 与大使 (Envoy) 有问题。 Ambassador 不会同时支持 HTTP 和 HTTPS。因此,作为一种解决方法,我必须部署两组大使(一组用于 HTTP,另一组用于 HTTPS)。我部署了两套大使。
NAME READY STATUS RESTARTS AGE
pod/ambassador-k7nlr 2/2 Running 0 55m
pod/ambassador-t2dbm 2/2 Running 0 55m
pod/ambassador-tls-7h6td 2/2 Running 0 107s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/ambassador-admin NodePort 10.233.58.170 <none> 8877:30857/TCP 18d
service/ambassador-admin-tls NodePort 10.233.33.29 <none> 8878:32339/TCP 28m
service/ambassador-monitor ClusterIP None <none> 9102/TCP 18d
NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
daemonset.apps/ambassador 2 2 2 2 2 node-role.kubernetes.io/node= 58m
daemonset.apps/ambassador-tls 1 1 1 1 1 node-role.kubernetes.io/node=tls 107s
下面两组pods我想用于http
pod/ambassador-k7nlr 2/2 Running 0 55m
pod/ambassador-t2dbm 2/2 Running 0 55m
这是 https
pod/ambassador-tls-7h6td 2/2 Running 0 107s
下面是我的服务注释
getambassador.io/config: |
---
apiVersion: ambassador/v0
kind: Module
name: tls
config:
server:
secret: dashboard-certs
---
apiVersion: ambassador/v0
kind: Mapping
name: dashboard_test_mapping
host: dashboard.example.com
service: https://dashboard.test.svc.cluster.local
prefix: /
这里的 apiVersion: ambassador/v0 指的是两个大使集,所以我在服务注释中所做的任何更改都将反映在两个大使集中。
我想为特定大使守护程序集 (HTTPS) 设置此服务注释。
有什么建议吗??
你可以使用 AMBASSADOR_ID,像这样:
getambassador.io/config: |
---
ambassador_id: ambassador-1
apiVersion: ambassador/v0
kind: Module
name: tls
config:
server:
secret: dashboard-certs
---
ambassador_id: ambassador-1
apiVersion: ambassador/v0
kind: Mapping
name: dashboard_test_mapping
host: dashboard.example.com
service: https://dashboard.test.svc.cluster.local
prefix: /
然后在DaemonSet的env变量中指定这个id:
env:
- name: AMBASSADOR_ID
value: ambassador-1
参考文档: https://www.getambassador.io/reference/running/#ambassador_id