用于 Headless 服务的 GKE Internal Ingress

GKE Internal Ingress for Headless Service

我正在尝试为与 gke 的集群间通信创建一个内部入口。我试图公开的服务是无头的,并指向集群上的 kafka-broker。

但是当我尝试加载 ingress 时,它说找不到服务?

Warning  Sync    3m22s (x17 over 7m57s)  loadbalancer-controller  Error syncing to GCP: error running load balancer syncing routine: loadbalancer coilwp7v-redpanda-test-abc123-redpanda-japm3lph does not exist: googleapi: Error 400: Invalid value for field 'resource.target': 'https://www.googleapis.com/compute/v1/projects/abc-123/regions/europe-west2/targetHttpProxies/k8s2-tp-coilwp7v-redpanda-test-abc123-redpanda-japm3lph'. A reserved and active subnetwork is required in the same region and VPC as the forwarding rule., invalid

入口:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: abc-redpanda
  namespace: redpanda-test
  annotations:
    kubernetes.io/ingress.class: "gce-internal"
spec:
  defaultBackend:
    service:
      name: redpanda-service
      port:
        number: 9092

服务:

apiVersion: v1
kind: Service
metadata:
  name: redpanda-service
  namespace: redpanda-test
  annotations:
    io.cilium/global-service: "true"
    cloud.google.com/neg: '{"ingress": true}'
  labels:
    app: abc-panda
spec:
  type: ExternalName
  externalName: redpanda-cluster-0.redpanda-cluster.redpanda-test.svc.cluster.local
  ports:
    - port: 9092
      targetPort: 9092

为内部负载平衡设置入口需要您在 GKE 集群使用的同一 VPC 上配置一个仅代理子网。该子网将用于负载均衡器代理。您还需要创建一条转发规则以允许流量。

查看 prereqs for ingress and then look here 了解有关如何为您的 VPC 设置代理专用子网的信息。