尝试在 Kubernetes Bare-Metal 上使用 nginx-ingress-controller 公开纯 TCP
Trying to expose plain TCP with nginx-ingress-controller on Kubernetes Bare-Metal
我目前正在学习 kubernetes 基础,我想在我的 cluser 之外公开一个 mongodb。我已经设置了我的 nginx 入口控制器并遵循此 doc 以公开纯 TCP 连接。
这是我的入口服务配置:
apiVersion: v1
kind: Service
metadata:
annotations:
labels:
helm.sh/chart: ingress-nginx-4.0.15
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 1.1.1
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller
name: ingress-nginx-controller
namespace: ingress-nginx
spec:
type: NodePort
ipFamilyPolicy: SingleStack
externalIPs:
- 172.30.63.51
ipFamilies:
- IPv4
ports:
- name: http
port: 80
protocol: TCP
targetPort: http
appProtocol: http
- name: https
port: 443
protocol: TCP
targetPort: https
appProtocol: https
- name: proxied-tcp-27017
port: 27017
protocol: TCP
targetPort: 27017
selector:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/component: controller
代理 TCP 连接的配置映射:
apiVersion: v1
kind: ConfigMap
metadata:
name: tcp-services
namespace: ingress-nginx
data:
27017: "global-stack/global-stack-mongo-svc:27017"
我的入口控制器在端口 80 和 443 上运行良好,可以公开我的服务,但我无法访问端口 27017
kubectl get svc -n ingress-nginx 结果:
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S)
ingress-nginx-controller NodePort 10.97.149.93 172.30.63.51 80:30159/TCP,443:32585/TCP,27017:30098/TCP
ingress-nginx-controller-admission ClusterIP 10.107.33.165 <none> 443/TCP
外部 IP 很好地响应 curl 172.30.63.51:80
<html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx</center>
</body>
</html>
但是无法响应端口 27017 :
curl: (7) Failed to connect to 172.30.63.51 port 27017: Connection refused
我的 mongo 服务:
apiVersion: v1
kind: Service
metadata:
name: global-stack-mongo-svc
namespace: global-stack
labels:
app: global-stack-mongo-app
spec:
type: ClusterIP
ports:
- name: http
port: 27017
protocol: TCP
targetPort: 27017
selector:
app: global-stack-mongo-app
服务集群IP为10.244.1.57,响应良好
>> curl 10.244.1.57:27017
It looks like you are trying to access MongoDB over HTTP on the native driver port.
如果有人能帮助我,我将不胜感激。
谢谢
吉埃梅。
经过一些研究,我解决了我的问题。
在 nginx-ingress 文档中,它没有描述,但您需要使用 ingress-controller 容器将 TCP 配置映射映射到部署文件中:
args:
- /nginx-ingress-controller
- --election-id=ingress-controller-leader
- --controller-class=k8s.io/ingress-nginx
- --configmap=$(POD_NAMESPACE)/ingress-nginx-controller
- --validating-webhook=:8443
- --validating-webhook-certificate=/usr/local/certificates/cert
- --validating-webhook-key=/usr/local/certificates/key
- --tcp-services-configmap=ingress-nginx/tcp-services
我目前正在学习 kubernetes 基础,我想在我的 cluser 之外公开一个 mongodb。我已经设置了我的 nginx 入口控制器并遵循此 doc 以公开纯 TCP 连接。
这是我的入口服务配置:
apiVersion: v1
kind: Service
metadata:
annotations:
labels:
helm.sh/chart: ingress-nginx-4.0.15
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 1.1.1
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller
name: ingress-nginx-controller
namespace: ingress-nginx
spec:
type: NodePort
ipFamilyPolicy: SingleStack
externalIPs:
- 172.30.63.51
ipFamilies:
- IPv4
ports:
- name: http
port: 80
protocol: TCP
targetPort: http
appProtocol: http
- name: https
port: 443
protocol: TCP
targetPort: https
appProtocol: https
- name: proxied-tcp-27017
port: 27017
protocol: TCP
targetPort: 27017
selector:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/component: controller
代理 TCP 连接的配置映射:
apiVersion: v1
kind: ConfigMap
metadata:
name: tcp-services
namespace: ingress-nginx
data:
27017: "global-stack/global-stack-mongo-svc:27017"
我的入口控制器在端口 80 和 443 上运行良好,可以公开我的服务,但我无法访问端口 27017
kubectl get svc -n ingress-nginx 结果:
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S)
ingress-nginx-controller NodePort 10.97.149.93 172.30.63.51 80:30159/TCP,443:32585/TCP,27017:30098/TCP
ingress-nginx-controller-admission ClusterIP 10.107.33.165 <none> 443/TCP
外部 IP 很好地响应 curl 172.30.63.51:80
<html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx</center>
</body>
</html>
但是无法响应端口 27017 :
curl: (7) Failed to connect to 172.30.63.51 port 27017: Connection refused
我的 mongo 服务:
apiVersion: v1
kind: Service
metadata:
name: global-stack-mongo-svc
namespace: global-stack
labels:
app: global-stack-mongo-app
spec:
type: ClusterIP
ports:
- name: http
port: 27017
protocol: TCP
targetPort: 27017
selector:
app: global-stack-mongo-app
服务集群IP为10.244.1.57,响应良好
>> curl 10.244.1.57:27017
It looks like you are trying to access MongoDB over HTTP on the native driver port.
如果有人能帮助我,我将不胜感激。 谢谢
吉埃梅。
经过一些研究,我解决了我的问题。
在 nginx-ingress 文档中,它没有描述,但您需要使用 ingress-controller 容器将 TCP 配置映射映射到部署文件中:
args:
- /nginx-ingress-controller
- --election-id=ingress-controller-leader
- --controller-class=k8s.io/ingress-nginx
- --configmap=$(POD_NAMESPACE)/ingress-nginx-controller
- --validating-webhook=:8443
- --validating-webhook-certificate=/usr/local/certificates/cert
- --validating-webhook-key=/usr/local/certificates/key
- --tcp-services-configmap=ingress-nginx/tcp-services