Rancher:尽管 L7 Ingress 工作正常,L4 Balancer 仍停留在 Pending 状态
Rancher: L4 Balancer stuck on Pending despite working L7 Ingress
运行 Rancher v 2.4.5,集群有 2 个节点。我尝试使用 Bitnami 的 Helm Chart 安装 Wordpress。
一切顺利,我可以通过入口访问站点,除了图表创建的 L4 Balancer 由于某种原因仍处于 pending 状态。
> kubectl get svc -n wordpress -o wide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
ingress-d5bf098ee05c3bbaa0a93a2ceedd8d1a ClusterIP 10.43.51.5 <none> 80/TCP 15m workloadID_ingress-d5bf098ee05c3bbaa0a93a2ceedd8d1a=true
wordpress LoadBalancer 10.43.137.240 <pending> 80:31672/TCP,443:31400/TCP 5d22h app.kubernetes.io/instance=wordpress,app.kubernetes.io/name=wordpress
wordpress-mariadb ClusterIP 10.43.7.73 <none> 3306/TCP 5d22h app=mariadb,component=master,release=wordpress
没有 LoadBalancer Ingress 分配给 wordpress 服务:
> kubectl describe services wordpress -n wordpress
Name: wordpress
Namespace: wordpress
Labels: app.kubernetes.io/instance=wordpress
app.kubernetes.io/managed-by=Tiller
app.kubernetes.io/name=wordpress
helm.sh/chart=wordpress-9.5.1
io.cattle.field/appId=wordpress
Annotations: <none>
Selector: app.kubernetes.io/instance=wordpress,app.kubernetes.io/name=wordpress
Type: LoadBalancer
IP: 10.43.137.240
Port: http 80/TCP
TargetPort: http/TCP
NodePort: http 31672/TCP
Endpoints: 10.42.1.16:8080
Port: https 443/TCP
TargetPort: https/TCP
NodePort: https 31400/TCP
Endpoints: 10.42.1.16:8443
Session Affinity: None
External Traffic Policy: Cluster
Events
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
field.cattle.io/creatorId: user-6qmpk
field.cattle.io/ingressState: '{"d29yZHByZXNzLWluZ3Jlc3Mvd29yZHByZXNzL3hpcC5pby8vLzgw":""}'
field.cattle.io/publicEndpoints: '[{"addresses":["10.105.1.77"],"port":80,"protocol":"HTTP","serviceName":"wordpress:wordpress","ingressName":"wordpress:my","hostname":"my.wordpress.10.105.1.77.xip.io","path":"/","allNodes":true}]'
creationTimestamp: "2020-09-01T19:32:27Z"
generation: 3
labels:
cattle.io/creator: norman
managedFields:
- apiVersion: networking.k8s.io/v1beta1
fieldsType: FieldsV1
fieldsV1:
f:status:
f:loadBalancer:
f:ingress: {}
manager: nginx-ingress-controller
operation: Update
time: "2020-09-01T19:32:27Z"
- apiVersion: extensions/v1beta1
fieldsType: FieldsV1
fieldsV1:
f:metadata:
f:annotations:
.: {}
f:field.cattle.io/creatorId: {}
f:field.cattle.io/ingressState: {}
f:field.cattle.io/publicEndpoints: {}
f:labels:
.: {}
f:cattle.io/creator: {}
f:spec:
f:rules: {}
manager: Go-http-client
operation: Update
time: "2020-09-01T19:49:08Z"
name: my
namespace: wordpress
resourceVersion: "6073928"
selfLink: /apis/extensions/v1beta1/namespaces/wordpress/ingresses/my
uid: 8a88e16e-cbda-4f1f-bb1c-9d63d0af1b93
spec:
rules:
- host: my.wordpress.10.105.1.77.xip.io
http:
paths:
- backend:
serviceName: wordpress
servicePort: 80
path: /
pathType: ImplementationSpecific
status:
loadBalancer:
ingress:
- ip: 10.105.1.77
- ip: 10.105.1.78
我已经在 Bitnami github 上提出了问题,但根据回复,问题出现在 Rancher/RKE 方面。
有什么想法吗?
PS.
我是否应该让 L7 Ingress 和 L4 Balancer for Rancher 在裸机上运行,或者 L7 Ingress 也可以配置为负载均衡器并从该项目中删除 L4 Balancer?
我通过清除防火墙解决了这个问题,重新启动 docker(因此它获得了新的防火墙)然后安装 metallb(或任何你拥有的负载均衡器)。
如果您还没有 L2 负载均衡器,可以跳过此步骤,因为在我的情况下,问题是由未注册负载均衡器的防火墙引起的。
负载均衡器需要从 metallb、您的 cloudprovider、cloudflare 或类似的任何东西获取 IP。它是外部的,这意味着 kubernetes 本身不会提供它。
您需要使用提供 IP 的 L2 负载均衡器
如果你没有,你可以试试 https://metallb.universe.tf
您也可以保留它,您永远不会获得外部 IP,但 nginx/traefik 仍会路由流量,因为它找不到其他路由..
运行 Rancher v 2.4.5,集群有 2 个节点。我尝试使用 Bitnami 的 Helm Chart 安装 Wordpress。
一切顺利,我可以通过入口访问站点,除了图表创建的 L4 Balancer 由于某种原因仍处于 pending 状态。
> kubectl get svc -n wordpress -o wide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
ingress-d5bf098ee05c3bbaa0a93a2ceedd8d1a ClusterIP 10.43.51.5 <none> 80/TCP 15m workloadID_ingress-d5bf098ee05c3bbaa0a93a2ceedd8d1a=true
wordpress LoadBalancer 10.43.137.240 <pending> 80:31672/TCP,443:31400/TCP 5d22h app.kubernetes.io/instance=wordpress,app.kubernetes.io/name=wordpress
wordpress-mariadb ClusterIP 10.43.7.73 <none> 3306/TCP 5d22h app=mariadb,component=master,release=wordpress
没有 LoadBalancer Ingress 分配给 wordpress 服务:
> kubectl describe services wordpress -n wordpress
Name: wordpress
Namespace: wordpress
Labels: app.kubernetes.io/instance=wordpress
app.kubernetes.io/managed-by=Tiller
app.kubernetes.io/name=wordpress
helm.sh/chart=wordpress-9.5.1
io.cattle.field/appId=wordpress
Annotations: <none>
Selector: app.kubernetes.io/instance=wordpress,app.kubernetes.io/name=wordpress
Type: LoadBalancer
IP: 10.43.137.240
Port: http 80/TCP
TargetPort: http/TCP
NodePort: http 31672/TCP
Endpoints: 10.42.1.16:8080
Port: https 443/TCP
TargetPort: https/TCP
NodePort: https 31400/TCP
Endpoints: 10.42.1.16:8443
Session Affinity: None
External Traffic Policy: Cluster
Events
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
field.cattle.io/creatorId: user-6qmpk
field.cattle.io/ingressState: '{"d29yZHByZXNzLWluZ3Jlc3Mvd29yZHByZXNzL3hpcC5pby8vLzgw":""}'
field.cattle.io/publicEndpoints: '[{"addresses":["10.105.1.77"],"port":80,"protocol":"HTTP","serviceName":"wordpress:wordpress","ingressName":"wordpress:my","hostname":"my.wordpress.10.105.1.77.xip.io","path":"/","allNodes":true}]'
creationTimestamp: "2020-09-01T19:32:27Z"
generation: 3
labels:
cattle.io/creator: norman
managedFields:
- apiVersion: networking.k8s.io/v1beta1
fieldsType: FieldsV1
fieldsV1:
f:status:
f:loadBalancer:
f:ingress: {}
manager: nginx-ingress-controller
operation: Update
time: "2020-09-01T19:32:27Z"
- apiVersion: extensions/v1beta1
fieldsType: FieldsV1
fieldsV1:
f:metadata:
f:annotations:
.: {}
f:field.cattle.io/creatorId: {}
f:field.cattle.io/ingressState: {}
f:field.cattle.io/publicEndpoints: {}
f:labels:
.: {}
f:cattle.io/creator: {}
f:spec:
f:rules: {}
manager: Go-http-client
operation: Update
time: "2020-09-01T19:49:08Z"
name: my
namespace: wordpress
resourceVersion: "6073928"
selfLink: /apis/extensions/v1beta1/namespaces/wordpress/ingresses/my
uid: 8a88e16e-cbda-4f1f-bb1c-9d63d0af1b93
spec:
rules:
- host: my.wordpress.10.105.1.77.xip.io
http:
paths:
- backend:
serviceName: wordpress
servicePort: 80
path: /
pathType: ImplementationSpecific
status:
loadBalancer:
ingress:
- ip: 10.105.1.77
- ip: 10.105.1.78
我已经在 Bitnami github 上提出了问题,但根据回复,问题出现在 Rancher/RKE 方面。
有什么想法吗?
PS.
我是否应该让 L7 Ingress 和 L4 Balancer for Rancher 在裸机上运行,或者 L7 Ingress 也可以配置为负载均衡器并从该项目中删除 L4 Balancer?
我通过清除防火墙解决了这个问题,重新启动 docker(因此它获得了新的防火墙)然后安装 metallb(或任何你拥有的负载均衡器)。 如果您还没有 L2 负载均衡器,可以跳过此步骤,因为在我的情况下,问题是由未注册负载均衡器的防火墙引起的。
负载均衡器需要从 metallb、您的 cloudprovider、cloudflare 或类似的任何东西获取 IP。它是外部的,这意味着 kubernetes 本身不会提供它。
您需要使用提供 IP 的 L2 负载均衡器 如果你没有,你可以试试 https://metallb.universe.tf
您也可以保留它,您永远不会获得外部 IP,但 nginx/traefik 仍会路由流量,因为它找不到其他路由..