【发布时间】:2021-06-07 23:44:54
【问题描述】:
我的两个域 one.example.com 和 two.example.com 的连接超时。
我已经使用 kops 在 AWS 上设置了集群。
入口在默认命名空间内,代理的服务也在默认命名空间内。
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ingress-service-api
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/use-regex: "true"
nginx.ingress.kubernetes.io/rewrite-target: /$1
certmanager.k8s.io/cluster-issuer: "letsencrypt-example-prod"
nginx.ingress.kubernetes.io/ssl-redirect: "true"
spec:
tls:
- hosts:
- one.example.in
secretName: api-example-in
rules:
- host: one.example.in
http:
paths:
- path: /customer/?(.*)
pathType: Prefix
backend:
service:
name: customer-srv
port:
number: 3000
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ingress-service-monitor
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/use-regex: "true"
certmanager.k8s.io/cluster-issuer: "letsencrypt-example-prod"
nginx.ingress.kubernetes.io/ssl-redirect: "true"
spec:
tls:
- hosts:
- two.example.in
secretName: api-example-in
rules:
- host: two.example.in
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: kube-prometheus-grafana
port:
number: 80
$ kubectl describe ingress ingress-service-monitor
Warning: extensions/v1beta1 Ingress is deprecated in v1.14+, unavailable in v1.22+; use networking.k8s.io/v1 Ingress
Name: ingress-service-monitor
Namespace: default
Address: dns.elb.ap-south-1.amazonaws.com
Default backend: default-http-backend:80 (<error: endpoints "default-http-backend" not found>)
TLS:
api-example-in terminates two.example.in
Rules:
Host Path Backends
---- ---- --------
monitor.example.in
/ kube-prometheus-grafana:80 (100.96.4.3:3000)
Annotations: certmanager.k8s.io/cluster-issuer: letsencrypt-example-prod
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/ssl-redirect: true
nginx.ingress.kubernetes.io/use-regex: true
为了安装控制器,我关注了this doc。 我只运行了这个命令
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v0.44.0/deploy/static/provider/aws/deploy.yaml
我在这里列出了有关入口部署的其他信息
[ec2-user@ip ~]$ kubectl get all -n ingress-nginx
NAME READY STATUS RESTARTS AGE
pod/ingress-nginx-admission-create-5wpwn 0/1 Completed 0 3h39m
pod/ingress-nginx-admission-patch-6z2wx 0/1 Completed 2 3h39m
pod/ingress-nginx-controller-7fc74cf778-64vk2 1/1 Running 0 91m
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/ingress-nginx-controller LoadBalancer 100.68.82.233 5e06c70e0a8b9d4b.elb.ap-south-1.amazonaws.com 80:31336/TCP,443:30936/TCP 3h39m
service/ingress-nginx-controller-admission ClusterIP 100.64.118.59 <none> 443/TCP 3h39m
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/ingress-nginx-controller 1/1 1 1 91m
NAME DESIRED CURRENT READY AGE
replicaset.apps/ingress-nginx-controller-7fc74cf778 1 1 1 91m
NAME COMPLETIONS DURATION AGE
job.batch/ingress-nginx-admission-create 1/1 10s 3h39m
job.batch/ingress-nginx-admission-patch 1/1 21s 3h39m
[ec2-user@ip ~]$
【问题讨论】:
-
您已将入口应用到存在服务的特定命名空间?
-
安装 cmd 本身创建了命名空间
ingress-nginx,因此为 ingre-controller 部署的 Pod 正在该命名空间上运行。但是两个文件的入口都在默认命名空间中,因为我在入口上列出了描述的输出
标签: amazon-web-services kubernetes kubernetes-ingress nginx-ingress