Kubernetes 入口控制器

Kubernetes ingress controller

我正在使用 Kubernetes 1.19 使用 microk8s。提供的 ingress.yaml 不起作用。鉴于我在下面进行的故障排除,ngnix 似乎无法连接到 default-http-backend。 Microk8s 使用 snap 安装在 ubuntu 20.04 上。我知道有一个入口插件。但尽管如此,我还是希望它能与此设置一起使用。

microk8s kubectl get pods --all-namespaces

kube-ingress           default-http-backend-7744d88f46-45vp7        1/1     Running            0          53m
kube-ingress           nginx-74dd8dd664-7cn67                       0/1     CrashLoopBackOff   15         53m

microk8s kubectl logs -n kube-ingress nginx-74dd8dd664-7cn67

W1014 08:28:14.903056       6 flags.go:249] SSL certificate chain completion is disabled (--enable-ssl-chain-completion=false)
W1014 08:28:14.903143       6 client_config.go:543] Neither --kubeconfig nor --master was specified.  Using the inClusterConfig.  This might not work.
I1014 08:28:14.903398       6 main.go:220] Creating API client for https://10.152.183.1:443
I1014 08:28:14.910869       6 main.go:264] Running in Kubernetes cluster version v1.19+ (v1.19.2-34+1b3fa60b402c1c) - git (clean) commit 1b3fa60b402c1c4cb0df8a99b733ad41141a2eb7 - platform linux/amd64
F1014 08:28:14.913646       6 main.go:91] No service with name kube-ingress/default-http-backend found: services "default-http-backend" not found

ingress.yml

apiVersion: v1
kind: Namespace
metadata:
  name: kube-ingress
---
kind: ConfigMap
metadata:
  namespace: kube-ingress
  name: nginx
apiVersion: v1
data:
  proxy-connect-timeout: "15"
  proxy-read-timeout: "600"
  proxy-send-timeout: "600"
  hsts-include-subdomains: "false"
  body-size: "200m"
  server-name-hash-bucket-size: "256"
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: default-http-backend
  namespace: kube-ingress
spec:
  replicas: 1
  selector:
    matchLabels:
      app: default-http-backend
  template:
    metadata:
      labels:
        app: default-http-backend
    spec:
      containers:
      - name: default-http-backend
        # Any image is permissable as long as:
        # 1. It serves a 404 page at /
        # 2. It serves 200 on a /healthz endpoint
        image: gcr.io/google_containers/defaultbackend:1.0
        livenessProbe:
          httpGet:
            path: /healthz
            port: 8080
            scheme: HTTP
          initialDelaySeconds: 30
          timeoutSeconds: 5
        ports:
        - containerPort: 8080
        resources:
          limits:
            cpu: 10m
            memory: 20Mi
          requests:
            cpu: 10m
            memory: 20Mi
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx
  namespace: kube-ingress
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      serviceAccountName: nginx
      containers:
      - image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.31.0
        name: nginx
        imagePullPolicy: Always
        env:
          - name: POD_NAME
            valueFrom:
              fieldRef:
                fieldPath: metadata.name
          - name: POD_NAMESPACE
            valueFrom:
              fieldRef:
                fieldPath: metadata.namespace
        livenessProbe:
          httpGet:
            path: /healthz
            port: 10254
            scheme: HTTP
          initialDelaySeconds: 30
          timeoutSeconds: 5
        ports:
        - containerPort: 80
        - containerPort: 443
        args:
        - /nginx-ingress-controller
        - --default-backend-service=kube-ingress/default-http-backend
        - --configmap=kube-ingress/nginx
---
kind: ServiceAccount
apiVersion: v1
metadata:
  name: nginx
  namespace: kube-ingress
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: nginx-ingress-newrole
rules:
  - apiGroups:
      - ""
    resources:
      - services
    verbs:
      - get
      - list
      - watch
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: nginx-ingress-newrole
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: nginx-ingress-newrole
subjects:
- kind: ServiceAccount
  name: nginx
  namespace: kube-ingress
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: nginx-ingress-clusterole
rules:
  - apiGroups:
      - ""
    resources:
      - services
    verbs:
      - get
      - list
      - watch
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: nginx-ingress-clusterole
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: nginx-ingress-clusterole
subjects:
- kind: ServiceAccount
  name: nginx
  namespace: kube-ingress

问题

如日志中所述

No service with name kube-ingress/default-http-backend found: services "default-http-backend" not found

这里的主要问题是 kube-ingress 命名空间中缺少 default-http-backend 服务。

解决方案

这里的解决方案是简单地添加 default-http-backend service.

您可以使用 kubectl expose or yaml 文件创建它。