【发布时间】:2021-05-19 12:48:47
【问题描述】:
我在 GKE 中有一个集群,它正在运行,一切似乎都在运行。如果我转发端口,我可以看到容器正在工作。
我无法从 namecheap 设置我拥有的域。
这些是我遵循的步骤
- 在 Namecheap 中,我为域设置了自定义 dns
ns-cloud-c1.googledomains.com.
ns-cloud-c2.googledomains.com.
ns-cloud-c3.googledomains.com.
ns-cloud-c3.googledomains.com.
我使用了字母c,因为集群位于c 区域中(我不确定这是否正确)
- 因为我试图设置为安全网站,所以我安装了 nginx 入口控制器
kubectl create clusterrolebinding cluster-admin-binding \
--clusterrole cluster-admin \
--user $(gcloud config get-value account)
和
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v0.46.0/deploy/static/provider/cloud/deploy.yaml
- 我申请了
issuer.yml
apiVersion: cert-manager.io/v1alpha2
kind: ClusterIssuer
metadata:
name: letsencrypt-prod
namespace: cert-manager
spec:
acme:
# The ACME server URL
server: https://acme-v02.api.letsencrypt.org/directory
# Email address used for ACME registration
email: example@email.com
# Name of a secret used to store the ACME account private key
privateKeySecretRef:
name: letsencrypt-prod
# Enable the HTTP-01 challenge provider
solvers:
- http01:
ingress:
class: nginx
- 我申请了入口
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
namespace: staging
name: ingress
annotations:
cert-manager.io/cluster-issuer: "letsencrypt-prod"
spec:
tls:
- hosts:
- www.stagingmyappsrl.com
- api.stagingmyappsrl.com
secretName: stagingmyappsrl-tls
rules:
- host: wwwstaging.myappsrl.com
http:
paths:
- backend:
serviceName: myappcatalogo-svc
servicePort: 80
- host: apistaging.stagingmyappsrl.com
http:
paths:
- backend:
serviceName: myappnodeapi-svc
servicePort: 80
如果我登录 GKE 网站,似乎一切都已创建并正常工作,但是当我尝试访问时,我得到 DNS_PROBE_FINISHED_NXDOMAIN
我不确定我是否遗漏了一个步骤,或者我是否设置了错误
【问题讨论】:
标签: kubernetes google-kubernetes-engine kubernetes-ingress nginx-ingress gke-networking