k8s 入口无法路由到服务
k8s ingress can't route to service
我在k8s集群上安装了nginx ingress,在ingress路由上发生了一个无法解决的问题
k8s 集群上有 3 个服务后端:2 个 nginx 服务和 1 个 neo4j 服务。
我的入口描述信息如下:
[root@es3 cafe_ingress]# kubectl describe ingress cafe-ingress
Name: cafe-ingress
Namespace: default
Address: 192.168.59.155
Default backend: default-http-backend:80 (<error: endpoints "default-http-backend" not found>)
TLS:
cafe-secret terminates cafe.example.com
Rules:
Host Path Backends
---- ---- --------
cafe.example.com
/tea tea-svc:80 (10.244.0.25:80,10.244.1.11:80,10.244.2.15:80)
/coffee coffee-svc:80 (10.244.0.24:80,10.244.2.14:80)
/neo4j neo4j-v1-service:7474 (10.244.0.29:7474)
Annotations: Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal CREATE 22m nginx-ingress-controller Ingress default/cafe-ingress
Normal UPDATE 5s (x3 over 22m) nginx-ingress-controller Ingress default/cafe-ingress
并且,我访问 tea 或 coffee 服务,这个入口在路由 coffee 或 tea 上,它工作正常,我可以从服务 tea 或 coffee 在浏览器上:
但是,在访问 neo4j 的地方,我无法得到响应:
从 pod nginx-ingress-controller 日志输出消息,得到 404 代码,遵循 :
2020-12-17T07:28:10.861510393Z 10.244.0.0 - - [17/Dec/2020:07:28:10 +0000] "GET /neo4j HTTP/1.1" 404 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.75 Safari/537.36" 480 0.004 [default-neo4j-v1-service-7474] [] 10.244.0.29:7474 0 0.005 404 17a02ccd8a65d5ff396c78e819f3c4cc
但是,当我访问 neo4j service 时,执行命令行 curl 10.244.0.29:7474 (pod url) 或 curl 10.0.0.100:7474(service url),我可以得到回应:
[root@es3 cafe_ingress]# curl 10.244.0.29:7474
{
"bolt_routing" : "neo4j://10.244.0.29:7687",
"transaction" : "http://10.244.0.29:7474/db/{databaseName}/tx",
"bolt_direct" : "bolt://10.244.0.29:7687",
"neo4j_version" : "4.2.1",
"neo4j_edition" : "community"
}[root@es3 cafe_ingress]# curl 10.0.0.100:7474
{
"bolt_routing" : "neo4j://10.0.0.100:7687",
"transaction" : "http://10.0.0.100:7474/db/{databaseName}/tx",
"bolt_direct" : "bolt://10.0.0.100:7687",
"neo4j_version" : "4.2.1",
"neo4j_edition" : "community"
}
我该如何解决这个问题?
期待您的帮助,谢谢!
问题已解决。
问题原因是 neo4j 的后端服务缺少路径 /neo4j 上的资源。
我的入口配置有问题:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: cafe-ingress
spec:
rules:
- host: cafe.example.com
http:
paths:
- path: /tea
backend:
serviceName: tea-svc
servicePort: 80
- path: /coffee
backend:
serviceName: coffee-svc
servicePort: 80
- path: /neo4j
backend:
serviceName: neo4j-v1-service
servicePort: 7474
然后,重新配置它,使其拥有自己的所有者域,将 / 指向 neo4j 的服务,它可以正常工作。
ingress 的新配置如下:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: cafe-ingress
spec:
# tls:
# - hosts:
# - cafe.example.com
# secretName: cafe-secret
rules:
- host: cafe.example.com
http:
paths:
- path: /tea
backend:
serviceName: tea-svc
servicePort: 80
- path: /coffee
backend:
serviceName: coffee-svc
servicePort: 80
- host: neo4j.xxx.com
http:
paths:
- path: /
backend:
serviceName: neo4j-v1-service
servicePort: 7474
我在k8s集群上安装了nginx ingress,在ingress路由上发生了一个无法解决的问题
k8s 集群上有 3 个服务后端:2 个 nginx 服务和 1 个 neo4j 服务。
我的入口描述信息如下:
[root@es3 cafe_ingress]# kubectl describe ingress cafe-ingress
Name: cafe-ingress
Namespace: default
Address: 192.168.59.155
Default backend: default-http-backend:80 (<error: endpoints "default-http-backend" not found>)
TLS:
cafe-secret terminates cafe.example.com
Rules:
Host Path Backends
---- ---- --------
cafe.example.com
/tea tea-svc:80 (10.244.0.25:80,10.244.1.11:80,10.244.2.15:80)
/coffee coffee-svc:80 (10.244.0.24:80,10.244.2.14:80)
/neo4j neo4j-v1-service:7474 (10.244.0.29:7474)
Annotations: Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal CREATE 22m nginx-ingress-controller Ingress default/cafe-ingress
Normal UPDATE 5s (x3 over 22m) nginx-ingress-controller Ingress default/cafe-ingress
并且,我访问 tea 或 coffee 服务,这个入口在路由 coffee 或 tea 上,它工作正常,我可以从服务 tea 或 coffee 在浏览器上:
但是,在访问 neo4j 的地方,我无法得到响应:
从 pod nginx-ingress-controller 日志输出消息,得到 404 代码,遵循 :
2020-12-17T07:28:10.861510393Z 10.244.0.0 - - [17/Dec/2020:07:28:10 +0000] "GET /neo4j HTTP/1.1" 404 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.75 Safari/537.36" 480 0.004 [default-neo4j-v1-service-7474] [] 10.244.0.29:7474 0 0.005 404 17a02ccd8a65d5ff396c78e819f3c4cc
但是,当我访问 neo4j service 时,执行命令行 curl 10.244.0.29:7474 (pod url) 或 curl 10.0.0.100:7474(service url),我可以得到回应:
[root@es3 cafe_ingress]# curl 10.244.0.29:7474
{
"bolt_routing" : "neo4j://10.244.0.29:7687",
"transaction" : "http://10.244.0.29:7474/db/{databaseName}/tx",
"bolt_direct" : "bolt://10.244.0.29:7687",
"neo4j_version" : "4.2.1",
"neo4j_edition" : "community"
}[root@es3 cafe_ingress]# curl 10.0.0.100:7474
{
"bolt_routing" : "neo4j://10.0.0.100:7687",
"transaction" : "http://10.0.0.100:7474/db/{databaseName}/tx",
"bolt_direct" : "bolt://10.0.0.100:7687",
"neo4j_version" : "4.2.1",
"neo4j_edition" : "community"
}
我该如何解决这个问题? 期待您的帮助,谢谢!
问题已解决。
问题原因是 neo4j 的后端服务缺少路径 /neo4j 上的资源。
我的入口配置有问题:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: cafe-ingress
spec:
rules:
- host: cafe.example.com
http:
paths:
- path: /tea
backend:
serviceName: tea-svc
servicePort: 80
- path: /coffee
backend:
serviceName: coffee-svc
servicePort: 80
- path: /neo4j
backend:
serviceName: neo4j-v1-service
servicePort: 7474
然后,重新配置它,使其拥有自己的所有者域,将 / 指向 neo4j 的服务,它可以正常工作。
ingress 的新配置如下:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: cafe-ingress
spec:
# tls:
# - hosts:
# - cafe.example.com
# secretName: cafe-secret
rules:
- host: cafe.example.com
http:
paths:
- path: /tea
backend:
serviceName: tea-svc
servicePort: 80
- path: /coffee
backend:
serviceName: coffee-svc
servicePort: 80
- host: neo4j.xxx.com
http:
paths:
- path: /
backend:
serviceName: neo4j-v1-service
servicePort: 7474