Kubernetes 服务无法访问抛出浏览器
Kubernetes service is not reachable throw browser
我部署了一个小型的 K3S 集群,有一个 master 和两个 worker:
虚拟机是用Multipass制作的:
$ multipass ls
Name State IPv4 Image
master-node Running 10.200.68.230 Ubuntu 20.04 LTS
10.42.0.0
10.42.0.1
worker01 Running 10.200.68.67 Ubuntu 20.04 LTS
10.42.1.0
10.42.1.1
worker02 Running 10.200.68.227 Ubuntu 20.04 LTS
10.42.2.0
10.42.2.1
集群创建于 k3sup:
$ kubectl get node
NAME STATUS ROLES AGE VERSION
master-node Ready control-plane,etcd,master 13m v1.21.3+k3s1
worker01 Ready <none> 10m v1.21.3+k3s1
worker02 Ready <none> 9m46s v1.21.3+k3s1
工人都被标记为ols.role=worker。
我想在工作节点上安装 NodeRed 服务。我使用了以下命令:
helm repo add k8s-at-home https://k8s-at-home.com/charts/
helm repo update
helm install node-red k8s-at-home/node-red --set nodeSelector."ols\.role"=worker
export POD_NAME=$(kubectl get pods --namespace default -l "app.kubernetes.io/name=node-red,app.kubernetes.io/instance=node-red" -o jsonpath="{.items[0].metadata.name}")
while [[ $(kubectl get node $POD_NAME -o 'jsonpath={..status.conditions[?(@.type=="Running")].status}') != "True" ]]; do echo "waiting for pod" && sleep 1; done
kubectl port-forward $POD_NAME 8080:1880&
该服务应该 运行 在端口 8080 上。
Pod 的日志看起来没问题:
$ kubectl logs $POD_NAME
> node-red-docker@1.3.5 start /usr/src/node-red
> node $NODE_OPTIONS node_modules/node-red/red.js $FLOWS "--userDir" "/data"
29 Jul 08:20:12 - [info]
Welcome to Node-RED
===================
29 Jul 08:20:12 - [info] Node-RED version: v1.3.5
29 Jul 08:20:12 - [info] Node.js version: v10.24.1
29 Jul 08:20:12 - [info] Linux 5.4.0-80-generic x64 LE
29 Jul 08:20:12 - [info] Loading palette nodes
29 Jul 08:20:12 - [info] Settings file : /data/settings.js
29 Jul 08:20:12 - [info] Context store : 'default' [module=memory]
29 Jul 08:20:12 - [info] User directory : /data
29 Jul 08:20:12 - [warn] Projects disabled : editorTheme.projects.enabled=false
29 Jul 08:20:12 - [info] Flows file : /data/flows.json
29 Jul 08:20:12 - [warn]
---------------------------------------------------------------------
Your flow credentials file is encrypted using a system-generated key.
If the system-generated key is lost for any reason, your credentials
file will not be recoverable, you will have to delete it and re-enter
your credentials.
You should set your own key using the 'credentialSecret' option in
your settings file. Node-RED will then re-encrypt your credentials
file using your chosen key the next time you deploy a change.
---------------------------------------------------------------------
29 Jul 08:20:12 - [info] Server now running at http://127.0.0.1:1880/
29 Jul 08:20:12 - [info] Starting flows
29 Jul 08:20:12 - [info] Started flows
当我尝试访问网页(http://192.168.1.14:8080 甚至 http://127.0.0.1:1880/)时,服务器响应错误:ERR_CONNECTION_REFUSED
服务应该是运行:
$ kubectl get services
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.43.0.1 <none> 443/TCP 32m
node-red ClusterIP 10.43.18.33 <none> 1880/TCP 26m
是否还有其他方法可以让它发挥作用?
因为你的服务是Cluster Ip你不能访问Kubernetes集群外的服务。
您必须将您的服务公开为 节点端口 或 Loadbalancer。
https://kubernetes.io/docs/concepts/services-networking/service/
但是,要在本地进行测试和调试,您可以使用此命令:
kubectl port-forward svc/node-red -n <replace-namespace-name> 1880:1880
一次命令运行打开浏览器并打开URL
HTTP://localhost:1880
我部署了一个小型的 K3S 集群,有一个 master 和两个 worker:
虚拟机是用Multipass制作的:
$ multipass ls
Name State IPv4 Image
master-node Running 10.200.68.230 Ubuntu 20.04 LTS
10.42.0.0
10.42.0.1
worker01 Running 10.200.68.67 Ubuntu 20.04 LTS
10.42.1.0
10.42.1.1
worker02 Running 10.200.68.227 Ubuntu 20.04 LTS
10.42.2.0
10.42.2.1
集群创建于 k3sup:
$ kubectl get node
NAME STATUS ROLES AGE VERSION
master-node Ready control-plane,etcd,master 13m v1.21.3+k3s1
worker01 Ready <none> 10m v1.21.3+k3s1
worker02 Ready <none> 9m46s v1.21.3+k3s1
工人都被标记为ols.role=worker。
我想在工作节点上安装 NodeRed 服务。我使用了以下命令:
helm repo add k8s-at-home https://k8s-at-home.com/charts/
helm repo update
helm install node-red k8s-at-home/node-red --set nodeSelector."ols\.role"=worker
export POD_NAME=$(kubectl get pods --namespace default -l "app.kubernetes.io/name=node-red,app.kubernetes.io/instance=node-red" -o jsonpath="{.items[0].metadata.name}")
while [[ $(kubectl get node $POD_NAME -o 'jsonpath={..status.conditions[?(@.type=="Running")].status}') != "True" ]]; do echo "waiting for pod" && sleep 1; done
kubectl port-forward $POD_NAME 8080:1880&
该服务应该 运行 在端口 8080 上。
Pod 的日志看起来没问题:
$ kubectl logs $POD_NAME
> node-red-docker@1.3.5 start /usr/src/node-red
> node $NODE_OPTIONS node_modules/node-red/red.js $FLOWS "--userDir" "/data"
29 Jul 08:20:12 - [info]
Welcome to Node-RED
===================
29 Jul 08:20:12 - [info] Node-RED version: v1.3.5
29 Jul 08:20:12 - [info] Node.js version: v10.24.1
29 Jul 08:20:12 - [info] Linux 5.4.0-80-generic x64 LE
29 Jul 08:20:12 - [info] Loading palette nodes
29 Jul 08:20:12 - [info] Settings file : /data/settings.js
29 Jul 08:20:12 - [info] Context store : 'default' [module=memory]
29 Jul 08:20:12 - [info] User directory : /data
29 Jul 08:20:12 - [warn] Projects disabled : editorTheme.projects.enabled=false
29 Jul 08:20:12 - [info] Flows file : /data/flows.json
29 Jul 08:20:12 - [warn]
---------------------------------------------------------------------
Your flow credentials file is encrypted using a system-generated key.
If the system-generated key is lost for any reason, your credentials
file will not be recoverable, you will have to delete it and re-enter
your credentials.
You should set your own key using the 'credentialSecret' option in
your settings file. Node-RED will then re-encrypt your credentials
file using your chosen key the next time you deploy a change.
---------------------------------------------------------------------
29 Jul 08:20:12 - [info] Server now running at http://127.0.0.1:1880/
29 Jul 08:20:12 - [info] Starting flows
29 Jul 08:20:12 - [info] Started flows
当我尝试访问网页(http://192.168.1.14:8080 甚至 http://127.0.0.1:1880/)时,服务器响应错误:ERR_CONNECTION_REFUSED
服务应该是运行:
$ kubectl get services
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.43.0.1 <none> 443/TCP 32m
node-red ClusterIP 10.43.18.33 <none> 1880/TCP 26m
是否还有其他方法可以让它发挥作用?
因为你的服务是Cluster Ip你不能访问Kubernetes集群外的服务。
您必须将您的服务公开为 节点端口 或 Loadbalancer。
https://kubernetes.io/docs/concepts/services-networking/service/
但是,要在本地进行测试和调试,您可以使用此命令:
kubectl port-forward svc/node-red -n <replace-namespace-name> 1880:1880
一次命令运行打开浏览器并打开URL
HTTP://localhost:1880