nginx中的动态proxy_pass到Kubernetes中的另一个pod

Question

我试图创建一个将请求转发给Nginx上的代理/<service>来http://<service>.我首先尝试了以下内容:

location ~ ^/(.+)$ {
    set $backend "http://$1:80";
    proxy_pass $backend;
}

但它没有说出(当打电话时/myservice):

[error] 7741#0: *1 no resolver defined to resolve http://myservice

由于myservice无法从外部访问,我尝试将go-dnsmasq作为边车安装在同一个pod中,我尝试将其用于DNS解析(就像我在本例中看到的那样)并将我的nginx配置更改为如下所示:

location ~ ^/(.+)$ {
        resolver 127.0.0.1:53;
        set $backend "http://$1:80";
        proxy_pass $backend;
}

但现在nginx失败了:

[error] 9#9: *734 myservice could not be resolved (2: Server failure), client: 127.0.0.1, server: nginx-proxy, request: "GET /myservice HTTP/1.1", host: "localhost:8080"
127.0.0.1 - xxx [30/May/2016:10:34:23 +0000] "GET /myservice HTTP/1.1" 502 173 "-" "curl/7.38.0" "-"

我的Kubernetes pod看起来像这样:

spec:
  containers:
    - name: nginx
      image: "nginx:1.10.0"
      ports:
        - containerPort: 8080
          name: "external"
          protocol: "TCP"
    - name: dnsmasq
      image: "janeczku/go-dnsmasq:release-1.0.5"
      args:
        - --listen
        - "0.0.0.0:53"

netstat -ntlp在dnsmasq容器中运行给了我:

Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:8080            0.0.0.0:*               LISTEN      -
tcp        0      0 :::53                   :::*                    LISTEN      1/go-dnsmasq

并nmap --min-parallelism 100 -sT -sU localhost在nginx容器中运行:

Starting Nmap 6.47 ( http://nmap.org ) at 2016-05-30 10:33 UTC
Nmap scan report for localhost (127.0.0.1)
Host is up (0.00055s latency).
Other addresses for localhost (not scanned): 127.0.0.1
Not shown: 1997 closed ports
PORT     STATE SERVICE
53/tcp   open  domain
8080/tcp open  http-proxy
53/udp   open  domain

所以看起来dnsmasq和nginx确实正常运行？我能做错什么？

Answer 1

经过大量的研究和反复试验,我设法解决了这个问题.首先,我将pod规范更改为:

spec:
  containers:
    - name: nginx
      image: "nginx:1.10.0"
      ports:
        - containerPort: 8080
          name: "external"
          protocol: "TCP"
    - name: dnsmasq
      image: "janeczku/go-dnsmasq:release-1.0.5"
      args:
        - --listen
        - "127.0.0.1:53"
        - --default-resolver
        - --append-search-domains
        - --hostsfile=/etc/hosts
        - --verbose

然后我还必须在nginx中为解析器禁用ipv6:

location ~ ^/(.+)$ {
        resolver 127.0.0.1:53 ipv6=off;
        set $backend "http://$1:80";
        proxy_pass $backend;
}

然后它按预期工作!