这是我的集群信息
kubectl cluster-info
Kubernetes master is running at https://129.146.10.66:6443
Heapster is running at https://129.146.10.66:6443/api/v1/proxy/namespaces/kube-system/services/heapster
KubeDNS is running at https://129.146.10.66:6443/api/v1/proxy/namespaces/kube-system/services/kube-dns
所以,我有一个服务(mysqlbrokerservice)作为 NodePort 运行,配置如下所示
kubectl describe svc mysqlbrokerservice
Name: mysqlbrokerservice
Namespace: mysqlbroker
Labels: <none>
Annotations: <none>
Selector: app=mysqlbroker
Type: NodePort
IP: 10.99.194.191
Port: mysqlbroker 8080/TCP
NodePort: mysqlbroker 30000/TCP
Endpoints: 10.244.1.198:8080
Session Affinity: None
Events: <none>
我可以通过 pod 运行的节点的公共 IP 访问该服务,如下http://129.146.34.181:30000/v2/catalog。
然后我想看看是否可以通过 https 访问该服务。我按照https://kubernetes.io/docs/tasks/access-application-cluster/access-cluster/#manually-constructing-apiserver-proxy-urls中的指示进行操作
我按照示例并使用curl来获取资源。这是命令。129.146.10.66:6443是我的主IP。
curl -i -H "Accept: application/json" -H "Content-Type: application/json" -X GET https://129.146.10.66:6443/api/v1/namespaces/mysqlbroker/services/mysqlbrokerservice:8080/proxy/v2/catalog --header "Authorization: Bearer $TOKEN" --insecure
HTTP/1.0 200 Connection established
卷曲只是坐在那里没有任何反应。然后我查看了我的 pod 日志,它没有显示收到任何请求。
有人可以解释我在这里做错了什么吗?如果我希望通过 https 公开服务,理想的解决方案是什么?
文档说它需要端口名称而不是端口号。您尝试过以下方法吗?
curl -i -H "Accept: application/json" -H "Content-Type: application/json" -X GET https://129.146.10.66:6443/api/v1/namespaces/mysqlbroker/services/mysqlbrokerservice:mysqlbroker/proxy/v2/catalog --header "Authorization: Bearer $TOKEN" --insecure
| 归档时间: |
|
| 查看次数: |
13027 次 |
| 最近记录: |