连接8080端口失败:连接超时
Failed to connect to port 8080: Connection timed out
我正在尝试部署 bazel-remote,但是当我尝试:
curl http://bazel-remote.dev.azr.myhost.com:80/status
进入入口主机,我得到:
<html>
<head><title>308 Permanent Redirect</title></head>
<body>
<center><h1>308 Permanent Redirect</h1></center>
<hr><center>nginx</center>
</body>
</html>
回来了。作为参考,我试过:
curl http://bazel-remote.dev.azr.myhost.com:8080/status
但它给出了与我将端口号指定为任意端口并超时时相同的结果。
我检查了每个 pods、服务、镜头入口的状态,它们似乎都 运行 没问题。卷的类似故事。我已经通过 Terraform 部署了它们,它们似乎都运行良好。
我不明白的奇怪事情:
- 当我尝试在 ConfigMap 中指定
BAZEL_REMOTE_HOST 时,pods 输入 CrashLoop。很可能是由于 this.
http://bazel-remote.dev.azr.myhost.com:8080/metrics 可通过我的网络浏览器访问,详细介绍了 bazel 远程缓存功能。- 当我在
.bazelrc 中指定:build --remote_cache=http://bazel-remote.dev.azr.myhost.com:8080 时,它不起作用,但是当我直接获取 pod IP 地址并将其替换时,远程缓存按预期工作。
嫌疑人:
我怀疑我的入口有问题,因为 pods 肯定已经启动,并且如果我直接瞄准它们就可以正常工作。
入口:
---
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
namespace: infra--bazel-remote-cache
name: bazel-remote-cache
annotations:
kubernetes.io/ingress.class: nginx-internal
nginx.ingress.kubernetes.io/rewrite-target: /
nginx.ingress.kubernetes.io/use-regex: "true"
cert-manager.io/cluster-issuer: selfsigned-cluster-issuer
spec:
tls:
- hosts:
- bazel-remote.dev.azr.myhost.com
secretName: tls-secret
rules:
- host: bazel-remote.dev.azr.myhost.com:
http:
paths:
- backend:
serviceName: bazel-remote-service
servicePort: 8080
path: /(.*)
配置图
apiVersion: v1
kind: ConfigMap
metadata:
name: bazel-remote-cache-config
namespace: infra--bazel-remote-cache
data:
BAZEL_REMOTE_DIR: /mnt/bazel_remote_backend
BAZEL_REMOTE_MAX_SIZE: "10"
BAZEL_REMOTE_GRPC_PORT: "9092"
BAZEL_REMOTE_PORT: "8080"
BAZEL_REMOTE_ENABLE_ENDPOINT_METRICS: "true"
BAZEL_REMOTE_EXPERIMENTAL_REMOTE_ASSET_API: "true"
部署与服务
apiVersion: apps/v1
kind: Deployment
metadata:
name: bazel-remote-cache
namespace: infra--bazel-remote-cache
spec:
replicas: 1
selector:
matchLabels:
app: bazel-remote-cache
template:
metadata:
labels:
app: bazel-remote-cache
spec:
containers:
- name: bazel-remote-cache
image: buchgr/bazel-remote-cache:v2.1.1
resources:
limits:
memory: 256Mi
cpu: "200m"
requests:
memory: 256Mi
cpu: "200m"
volumeMounts:
- mountPath: "/mnt/bazel_remote_backend"
name: bazel-remote-cache
ports:
- containerPort: 8080
protocol: TCP
envFrom:
- configMapRef:
name: bazel-remote-cache-config
volumes:
- name: bazel-remote-cache
persistentVolumeClaim:
claimName: pvc-bazel-remote
---
apiVersion: v1
kind: Service
metadata:
name: bazel-remote-service
namespace: infra--bazel-remote-cache
spec:
type: ClusterIP
ports:
- name: http
port: 8080
protocol: TCP
targetPort: 8080
selector:
app: bazel-remote-cache
NGINX 入口控制器只能使用 HTTP or HTTPS:
An Ingress does not expose arbitrary ports or protocols. Exposing services other than HTTP and HTTPS to the internet typically uses a service of type Service.Type=NodePort or Service.Type=LoadBalancer.
所以您不能使用自定义端口 8080 - 它不会工作。
基于NGINX Ingress Controller docs:
By default the controller redirects HTTP clients to the HTTPS port 443 using a 308 Permanent Redirect response if TLS is enabled for that Ingress.
This can be disabled globally using ssl-redirect: "false" in the NGINX config map, or per-Ingress with the nginx.ingress.kubernetes.io/ssl-redirect: "false" annotation in the particular resource.
您已设置 TLS,因此 Ingress Controller 将您重定向到 HTTPS 端口。
将您的 curl 命令更改为:
curl https://bazel-remote.dev.azr.myhost.com/status
应该可以。
我正在尝试部署 bazel-remote,但是当我尝试:
curl http://bazel-remote.dev.azr.myhost.com:80/status
进入入口主机,我得到:
<html>
<head><title>308 Permanent Redirect</title></head>
<body>
<center><h1>308 Permanent Redirect</h1></center>
<hr><center>nginx</center>
</body>
</html>
回来了。作为参考,我试过:
curl http://bazel-remote.dev.azr.myhost.com:8080/status
但它给出了与我将端口号指定为任意端口并超时时相同的结果。
我检查了每个 pods、服务、镜头入口的状态,它们似乎都 运行 没问题。卷的类似故事。我已经通过 Terraform 部署了它们,它们似乎都运行良好。
我不明白的奇怪事情:
- 当我尝试在 ConfigMap 中指定
BAZEL_REMOTE_HOST时,pods 输入CrashLoop。很可能是由于 this. http://bazel-remote.dev.azr.myhost.com:8080/metrics可通过我的网络浏览器访问,详细介绍了 bazel 远程缓存功能。- 当我在
.bazelrc中指定:build --remote_cache=http://bazel-remote.dev.azr.myhost.com:8080时,它不起作用,但是当我直接获取 pod IP 地址并将其替换时,远程缓存按预期工作。
嫌疑人: 我怀疑我的入口有问题,因为 pods 肯定已经启动,并且如果我直接瞄准它们就可以正常工作。
入口:
---
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
namespace: infra--bazel-remote-cache
name: bazel-remote-cache
annotations:
kubernetes.io/ingress.class: nginx-internal
nginx.ingress.kubernetes.io/rewrite-target: /
nginx.ingress.kubernetes.io/use-regex: "true"
cert-manager.io/cluster-issuer: selfsigned-cluster-issuer
spec:
tls:
- hosts:
- bazel-remote.dev.azr.myhost.com
secretName: tls-secret
rules:
- host: bazel-remote.dev.azr.myhost.com:
http:
paths:
- backend:
serviceName: bazel-remote-service
servicePort: 8080
path: /(.*)
配置图
apiVersion: v1
kind: ConfigMap
metadata:
name: bazel-remote-cache-config
namespace: infra--bazel-remote-cache
data:
BAZEL_REMOTE_DIR: /mnt/bazel_remote_backend
BAZEL_REMOTE_MAX_SIZE: "10"
BAZEL_REMOTE_GRPC_PORT: "9092"
BAZEL_REMOTE_PORT: "8080"
BAZEL_REMOTE_ENABLE_ENDPOINT_METRICS: "true"
BAZEL_REMOTE_EXPERIMENTAL_REMOTE_ASSET_API: "true"
部署与服务
apiVersion: apps/v1
kind: Deployment
metadata:
name: bazel-remote-cache
namespace: infra--bazel-remote-cache
spec:
replicas: 1
selector:
matchLabels:
app: bazel-remote-cache
template:
metadata:
labels:
app: bazel-remote-cache
spec:
containers:
- name: bazel-remote-cache
image: buchgr/bazel-remote-cache:v2.1.1
resources:
limits:
memory: 256Mi
cpu: "200m"
requests:
memory: 256Mi
cpu: "200m"
volumeMounts:
- mountPath: "/mnt/bazel_remote_backend"
name: bazel-remote-cache
ports:
- containerPort: 8080
protocol: TCP
envFrom:
- configMapRef:
name: bazel-remote-cache-config
volumes:
- name: bazel-remote-cache
persistentVolumeClaim:
claimName: pvc-bazel-remote
---
apiVersion: v1
kind: Service
metadata:
name: bazel-remote-service
namespace: infra--bazel-remote-cache
spec:
type: ClusterIP
ports:
- name: http
port: 8080
protocol: TCP
targetPort: 8080
selector:
app: bazel-remote-cache
NGINX 入口控制器只能使用 HTTP or HTTPS:
An Ingress does not expose arbitrary ports or protocols. Exposing services other than HTTP and HTTPS to the internet typically uses a service of type Service.Type=NodePort or Service.Type=LoadBalancer.
所以您不能使用自定义端口 8080 - 它不会工作。
基于NGINX Ingress Controller docs:
By default the controller redirects HTTP clients to the HTTPS port 443 using a 308 Permanent Redirect response if TLS is enabled for that Ingress.
This can be disabled globally using ssl-redirect: "false" in the NGINX config map, or per-Ingress with the nginx.ingress.kubernetes.io/ssl-redirect: "false" annotation in the particular resource.
您已设置 TLS,因此 Ingress Controller 将您重定向到 HTTPS 端口。
将您的 curl 命令更改为:
curl https://bazel-remote.dev.azr.myhost.com/status
应该可以。