如何使用 Docker Desktop for Windows Kubernetes 和 ingress-nginx 公开 postgres tcp 端口
How to expose postgres tcp port using Docker Desktop for Windows Kubernetes and ingress-nginx
我将“Docker Desktop for Windows”与 kubernetes 一起使用。到目前为止,它很棒。
我想管理我的 postgress 数据库 (TCP:5432)。我正在使用 kubernetes “ingress-nginx” 入口控制器,它看到它可以是 configured to expose TCP using a configmap.
这是我目前的情况:
apiVersion: v1
kind: ConfigMap
metadata:
name: tcp-services
namespace: ingress-nginx
data:
5432: "ingress-nginx/postgres:5432"
---
# SEE: https://kubernetes.io/docs/concepts/services-networking/ingress/
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ingress-myproject.com
annotations:
kubernetes.io/ingress.class: nginx
cert-manager.io/cluster-issuer: clusterissuer-selfsigned
# See: https://github.com/kubernetes/ingress-nginx/blob/master/docs/examples/rewrite/README.md
nginx.ingress.kubernetes.io/rewrite-target: /
nginx.ingress.kubernetes.io/from-to-www-redirect: "true"
spec:
tls:
- hosts:
- www.myproject.com
secretName: tls-myproject
rules:
# Avoid Quasar build paths: /css, /fonts, /icons, /js
- http:
paths:
# See https://github.com/kubernetes/ingress-nginx/blob/master/docs/examples/rewrite/README.md
- path: /data(/|$)(.*)
pathType: Prefix
backend:
service:
name: backend
port:
number: 80
...
现在我需要:
- 添加“--tcp-services-configmap=”参数
- 如果 1) 没有自动执行此操作,则公开 5432。
我在 kubernetes 仪表板中找到了 ingress-nginx-controller 并进行了如下手动编辑,但它的行为没有改变。
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/component: controller
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/name: ingress-nginx
template:
metadata:
creationTimestamp: null
labels:
app.kubernetes.io/component: controller
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/name: ingress-nginx
spec:
volumes:
- name: webhook-cert
secret:
secretName: ingress-nginx-admission
defaultMode: 420
containers:
- name: controller
image: >-
k8s.gcr.io/ingress-nginx/controller:v0.41.0@sha256:e6019e536cfb921afb99408d5292fa88b017c49dd29d05fc8dbc456aa770d590
args:
- /nginx-ingress-controller
- '--publish-service=$(POD_NAMESPACE)/ingress-nginx-controller'
- '--election-id=ingress-controller-leader'
- '--ingress-class=nginx'
- '--configmap=$(POD_NAMESPACE)/ingress-nginx-controller'
- '--validating-webhook=:8443'
- '--validating-webhook-certificate=/usr/local/certificates/cert'
- '--validating-webhook-key=/usr/local/certificates/key'
- '--tcp-services-configmap=ingress-nginx/tcp-services'
我错过了什么?如何配置此 w/o 必须手动编辑它?谢谢!
我认为有两个问题。
您需要将 nginx 与 postgress 安装分开安装。这意味着您将拥有一些 nginx pods/deployments,以及一个存在于 ingress-nginx 命名空间中的服务。为此,请遵循指南 here. It is recommended that you follow a yaml file from the cloud section for a docker desktop deployment. This 已完成此过程。
在集群上安装 nginx 后,您需要从 postgress deployment/pod -> service -> ingress。这些将与您的 ingress-nginx 位于不同的命名空间中(默认即可)。要配置它,您可以按照位于 here 的指南进行操作。如果你想一路测试东西,你可以使用 kubernetes port-forwarding 命令将你的 postgress pod 转发到你的本地机器。您也可以用同样的方法测试您的服务。
我将“Docker Desktop for Windows”与 kubernetes 一起使用。到目前为止,它很棒。
我想管理我的 postgress 数据库 (TCP:5432)。我正在使用 kubernetes “ingress-nginx” 入口控制器,它看到它可以是 configured to expose TCP using a configmap.
这是我目前的情况:
apiVersion: v1
kind: ConfigMap
metadata:
name: tcp-services
namespace: ingress-nginx
data:
5432: "ingress-nginx/postgres:5432"
---
# SEE: https://kubernetes.io/docs/concepts/services-networking/ingress/
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ingress-myproject.com
annotations:
kubernetes.io/ingress.class: nginx
cert-manager.io/cluster-issuer: clusterissuer-selfsigned
# See: https://github.com/kubernetes/ingress-nginx/blob/master/docs/examples/rewrite/README.md
nginx.ingress.kubernetes.io/rewrite-target: /
nginx.ingress.kubernetes.io/from-to-www-redirect: "true"
spec:
tls:
- hosts:
- www.myproject.com
secretName: tls-myproject
rules:
# Avoid Quasar build paths: /css, /fonts, /icons, /js
- http:
paths:
# See https://github.com/kubernetes/ingress-nginx/blob/master/docs/examples/rewrite/README.md
- path: /data(/|$)(.*)
pathType: Prefix
backend:
service:
name: backend
port:
number: 80
...
现在我需要:
- 添加“--tcp-services-configmap=”参数
- 如果 1) 没有自动执行此操作,则公开 5432。
我在 kubernetes 仪表板中找到了 ingress-nginx-controller 并进行了如下手动编辑,但它的行为没有改变。
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/component: controller
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/name: ingress-nginx
template:
metadata:
creationTimestamp: null
labels:
app.kubernetes.io/component: controller
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/name: ingress-nginx
spec:
volumes:
- name: webhook-cert
secret:
secretName: ingress-nginx-admission
defaultMode: 420
containers:
- name: controller
image: >-
k8s.gcr.io/ingress-nginx/controller:v0.41.0@sha256:e6019e536cfb921afb99408d5292fa88b017c49dd29d05fc8dbc456aa770d590
args:
- /nginx-ingress-controller
- '--publish-service=$(POD_NAMESPACE)/ingress-nginx-controller'
- '--election-id=ingress-controller-leader'
- '--ingress-class=nginx'
- '--configmap=$(POD_NAMESPACE)/ingress-nginx-controller'
- '--validating-webhook=:8443'
- '--validating-webhook-certificate=/usr/local/certificates/cert'
- '--validating-webhook-key=/usr/local/certificates/key'
- '--tcp-services-configmap=ingress-nginx/tcp-services'
我错过了什么?如何配置此 w/o 必须手动编辑它?谢谢!
我认为有两个问题。
您需要将 nginx 与 postgress 安装分开安装。这意味着您将拥有一些 nginx pods/deployments,以及一个存在于 ingress-nginx 命名空间中的服务。为此,请遵循指南 here. It is recommended that you follow a yaml file from the cloud section for a docker desktop deployment. This 已完成此过程。
在集群上安装 nginx 后,您需要从 postgress deployment/pod -> service -> ingress。这些将与您的 ingress-nginx 位于不同的命名空间中(默认即可)。要配置它,您可以按照位于 here 的指南进行操作。如果你想一路测试东西,你可以使用 kubernetes
port-forwarding 命令将你的 postgress pod 转发到你的本地机器。您也可以用同样的方法测试您的服务。