【发布时间】:2020-05-07 18:16:52
【问题描述】:
我的原始基础架构是围绕本教程构建的。 https://www.digitalocean.com/community/tutorials/how-to-set-up-an-nginx-ingress-with-cert-manager-on-digitalocean-kubernetes.
现在我正在尝试迁移到管理我自己的证书并在负载平衡器处终止 SSL。
随着我的 YAML 更新,DigitalOcean 中的负载均衡器显示所有节点都不健康,我的 URL 响应显示“503 服务不可用 没有可用的服务器来处理这个请求。”但是,端点显示了一个安全的 HTTPS 连接。我做错了什么?
下面是我的新的非功能性 YAML 定义。
负载平衡器
apiVersion: v1
kind: Service
metadata:
name: ingress-nginx
namespace: ingress-nginx
annotations:
service.beta.kubernetes.io/do-loadbalancer-redirect-http-to-https: "true"
service.beta.kubernetes.io/do-loadbalancer-enable-proxy-protocol: "true"
service.beta.kubernetes.io/do-loadbalancer-certificate-id: "**************"
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
spec:
type: LoadBalancer
selector:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
ports:
- name: http
port: 80
targetPort: http
- name: https
port: 443
targetPort: http
入口
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: my-ingress
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/proxy-body-size: "50m"
spec:
tls:
- hosts:
- ******.com
- api.*******.com
rules:
- host: **********.com
http:
paths:
- backend:
serviceName: frontend-angular
servicePort: 80
- host: api.********.com
http:
paths:
- backend:
serviceName: backend-server
servicePort: 80
【问题讨论】:
标签: ssl kubernetes load-balancing digital-ocean nginx-ingress