Kubernetes 入口 websockets 连接问题
Kubernetes ingress websockets connection issue
使用 KOPS 在 AWS 上部署了 k8s。
我已经创建了 nginx ingress https://github.com/kubernetes/ingress-nginx
nginx-ingress-controller 图片:码头。io/kubernetes-ingress-controller/nginx-ingress-controller:0.18.0
一切正常,运行 我可以使用由 nginx 服务创建的 aws classic 负载均衡器从外部访问应用程序。
最近我们开始研究 websockets。我在k8s中部署了我的服务并试图从外部访问。
我为我的应用程序创建了服务和入口。 Ingress 现在指向负载均衡器(在 json 文件下方)。
我在 aws 中创建了 route53 条目并尝试连接到它,但是当我尝试通过 chrome 浏览器
从我的客户端应用程序进行连接时,出现以下错误
WebSocket connection to 'wss://blockchain.aro/socket.io/?EIO=3&transport=websocket' failed: Error during WebSocket handshake: Unexpected response code: 400
我尝试创建应用程序负载均衡器,但无法连接到 wss://<host>
错误:
WebSocket connection to
'wss://blockchain.aro/socket.io/?EIO=3&transport=websocket' failed:
Error during WebSocket handshake: Unexpected response code: 400
const config: SocketIoConfig = { url: 'wss://blockchain.aro',
options: { autoConnect: false, transports: ['websocket']} };
Ingress:
"annotations": {
"kubectl.kubernetes.io/last-applied-configuration": "{\"apiVersion\":\"extensions/v1beta1\",\"kind\":\"Ingress\",\"metadata\":{\"annotations\":{},\"name\":\"blockchain\",\"namespace\":\"adapt\"},\"spec\":{\"rules\":[{\"host\":\"blockchain.aro\",\"http\":{\"paths\":[{\"backend\":{\"serviceName\":\"blockchain\",\"servicePort\":8097},\"path\":\"/\"},{\"backend\":{\"serviceName\":\"blockchain\",\"servicePort\":8097},\"path\":\"/socket.io\"},{\"backend\":{\"serviceName\":\"blockchain\",\"servicePort\":8097},\"path\":\"/ws/\"}]}}],\"tls\":[{\"hosts\":[\"blockchain.aro\"],\"secretName\":\"blockchain-tls-secret\"}]}}\n",
"nginx.ingress.kubernetes.io/proxy-read-timeout": "3600",
"nginx.ingress.kubernetes.io/proxy-send-timeout": "3600"
}
在入口文件中包含 tls 和 secretname 以及 rules。我尝试创建 ApplicationLoadbalancer,但我也无法连接。
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
certmanager.k8s.io/cluster-issuer: core-prod
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/proxy-read-timeout: "1800"
nginx.ingress.kubernetes.io/proxy-send-timeout: "1800"
nginx.ingress.kubernetes.io/rewrite-target: /
nginx.ingress.kubernetes.io/secure-backends: "true"
nginx.ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/websocket-services: core-service
nginx.org/websocket-services: core-service
name: core-ingress
spec:
rules:
- host: test.io
http:
paths:
- backend:
serviceName: core-service
servicePort: 80
tls:
- hosts:
- test.io
secretName: core-prod
使用 KOPS 在 AWS 上部署了 k8s。 我已经创建了 nginx ingress https://github.com/kubernetes/ingress-nginx nginx-ingress-controller 图片:码头。io/kubernetes-ingress-controller/nginx-ingress-controller:0.18.0
一切正常,运行 我可以使用由 nginx 服务创建的 aws classic 负载均衡器从外部访问应用程序。
最近我们开始研究 websockets。我在k8s中部署了我的服务并试图从外部访问。
我为我的应用程序创建了服务和入口。 Ingress 现在指向负载均衡器(在 json 文件下方)。
我在 aws 中创建了 route53 条目并尝试连接到它,但是当我尝试通过 chrome 浏览器
从我的客户端应用程序进行连接时,出现以下错误WebSocket connection to 'wss://blockchain.aro/socket.io/?EIO=3&transport=websocket' failed: Error during WebSocket handshake: Unexpected response code: 400
我尝试创建应用程序负载均衡器,但无法连接到 wss://<host>
错误:
WebSocket connection to 'wss://blockchain.aro/socket.io/?EIO=3&transport=websocket' failed: Error during WebSocket handshake: Unexpected response code: 400
const config: SocketIoConfig = { url: 'wss://blockchain.aro',
options: { autoConnect: false, transports: ['websocket']} };
Ingress:
"annotations": {
"kubectl.kubernetes.io/last-applied-configuration": "{\"apiVersion\":\"extensions/v1beta1\",\"kind\":\"Ingress\",\"metadata\":{\"annotations\":{},\"name\":\"blockchain\",\"namespace\":\"adapt\"},\"spec\":{\"rules\":[{\"host\":\"blockchain.aro\",\"http\":{\"paths\":[{\"backend\":{\"serviceName\":\"blockchain\",\"servicePort\":8097},\"path\":\"/\"},{\"backend\":{\"serviceName\":\"blockchain\",\"servicePort\":8097},\"path\":\"/socket.io\"},{\"backend\":{\"serviceName\":\"blockchain\",\"servicePort\":8097},\"path\":\"/ws/\"}]}}],\"tls\":[{\"hosts\":[\"blockchain.aro\"],\"secretName\":\"blockchain-tls-secret\"}]}}\n",
"nginx.ingress.kubernetes.io/proxy-read-timeout": "3600",
"nginx.ingress.kubernetes.io/proxy-send-timeout": "3600"
}
在入口文件中包含 tls 和 secretname 以及 rules。我尝试创建 ApplicationLoadbalancer,但我也无法连接。
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
certmanager.k8s.io/cluster-issuer: core-prod
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/proxy-read-timeout: "1800"
nginx.ingress.kubernetes.io/proxy-send-timeout: "1800"
nginx.ingress.kubernetes.io/rewrite-target: /
nginx.ingress.kubernetes.io/secure-backends: "true"
nginx.ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/websocket-services: core-service
nginx.org/websocket-services: core-service
name: core-ingress
spec:
rules:
- host: test.io
http:
paths:
- backend:
serviceName: core-service
servicePort: 80
tls:
- hosts:
- test.io
secretName: core-prod