【发布时间】:2021-12-21 01:31:47
【问题描述】:
我正在尝试公开一个在集群外部公开的简单 grafana 服务。以下是我在此处发布之前在故障排除和研究方面所做的工作,以及我的设置的一些细节。
Grafana 部署 YAML
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: grafana
name: grafana
spec:
selector:
matchLabels:
app: grafana
template:
metadata:
labels:
app: grafana
spec:
replicas: 2
securityContext:
fsGroup: 472
supplementalGroups:
- 0
containers:
- name: grafana
image: 'grafana/grafana:8.0.4'
imagePullPolicy: IfNotPresent
ports:
- containerPort: 3000
name: http-grafana
protocol: TCP
env:
- name: GF_DATABASE_CA_CERT_PATH
value: /etc/grafana/BaltimoreCyberTrustRoot.crt.pem
readinessProbe:
failureThreshold: 3
httpGet:
path: /robots.txt
port: 3000
scheme: HTTP
initialDelaySeconds: 10
periodSeconds: 30
successThreshold: 1
timeoutSeconds: 2
livenessProbe:
failureThreshold: 3
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 1
tcpSocket:
port: 3000
timeoutSeconds: 1
resources:
requests:
cpu: 250m
memory: 750Mi
volumeMounts:
- name: grafana-configmap-pv
mountPath: /etc/grafana/grafana.ini
subPath: grafana.ini
- name: grafana-pv
mountPath: /var/lib/grafana
- name: cacert
mountPath: /etc/grafana/BaltimoreCyberTrustRoot.crt.pem
subPath: BaltimoreCyberTrustRoot.crt.pem
volumes:
- name: grafana-pv
persistentVolumeClaim:
claimName: grafana-pvc
- name: grafana-configmap-pv
configMap:
name: grafana-config
- name: cacert
configMap:
name: mysql-cacert
Grafana 服务 yaml
apiVersion: v1
kind: Service
metadata:
name: grafana
spec:
type: ClusterIP
ports:
- port: 3000
protocol: TCP
targetPort: http-grafana
clusterIP: 10.7.2.57
selector:
app: grafana
sessionAffinity: None
我已将 nginx 安装为 Ingress 控制器。这是 nginx 控制器服务的 YAML
kind: Service
apiVersion: v1
metadata:
name: ingress-nginx-controller
namespace: ingress-nginx
labels:
app.kubernetes.io/component: controller
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/version: 1.0.0
helm.sh/chart: ingress-nginx-4.0.1
spec:
ports:
- name: http
protocol: TCP
appProtocol: http
port: 80
targetPort: http
nodePort: 32665
- name: https
protocol: TCP
appProtocol: https
port: 443
targetPort: https
nodePort: 32057
selector:
app.kubernetes.io/component: controller
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/name: ingress-nginx
clusterIP: 10.7.2.203
clusterIPs:
- 10.7.2.203
type: NodePort
sessionAffinity: None
externalTrafficPolicy: Cluster
status:
loadBalancer: {}
入口资源yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: grafana-ingress
spec:
rules:
- host: test.grafana.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: grafana
port:
number: 3000
入口 ip 10.7.0.5 根本无法访问。我尝试过多次重新部署资源。 grafana POD ips 可通过端口 3000 访问,我可以登录等,但无法通过 nginx 负载均衡器访问 grafana。我错过了什么?
已编辑:
kubectl get services的结果
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
grafana ClusterIP 10.7.2.55 <none> 3000/TCP 2d14h
hello-world ClusterIP 10.7.2.140 <none> 80/TCP 42m
kubernetes ClusterIP 10.7.2.1 <none> 443/TCP 9d
kubectl 获取入口的结果
NAME CLASS HOSTS ADDRESS PORTS AGE
grafana-ingress <none> * 10.7.0.5 80 2d2h
kubectl get pods 的结果
default grafana-85cdb8c656-6zgkg 1/1 Running 0 2d21h
default grafana-85cdb8c656-7n626 1/1 Running 0 2d21h
default hello-world-78796d6bfd-fwb98 1/1 Running 0 2d12h
ingress-nginx ingress-nginx-controller-57ffff5864-rw57w 1/1 Running 0 2d12h
【问题讨论】:
-
您使用的是哪个版本的 Kubernetes,您是如何设置集群的?您是否使用裸机安装或某些云提供商?你能显示使用
kubectl get pod,svc的结果吗? -
@kkopczak 添加了已编辑的部分,其中包含 kubectl get pod,svc.ingress 的结果。我正在使用 Azure Kubernetes 服务和版本 1.20.1。使用 Manifest 或 yaml 创建所有资源。
标签: nginx kubernetes