pet*_*wri 35 http kubernetes kubernetes-ingress nginx-ingress microk8s
我在 Ubuntu 20.04.3 LTS 上运行 microk8s v1.22.2。
输出来自/etc/hosts:
127.0.0.1 localhost
127.0.1.1 main
摘自microk8s status:
addons:
enabled:
dashboard # The Kubernetes dashboard
ha-cluster # Configure high availability on the current node
ingress # Ingress controller for external access
metrics-server # K8s Metrics Server for API access to service metrics
我检查了正在运行的仪表板 ( kubectl get all --all-namespaces):
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system pod/calico-node-2jltr 1/1 Running 0 23m
kube-system pod/calico-kube-controllers-f744bf684-d77hv 1/1 Running 0 23m
kube-system pod/metrics-server-85df567dd8-jd6gj 1/1 Running 0 22m
kube-system pod/kubernetes-dashboard-59699458b-pb5jb 1/1 Running 0 21m
kube-system pod/dashboard-metrics-scraper-58d4977855-94nsp 1/1 Running 0 21m
ingress pod/nginx-ingress-microk8s-controller-qf5pm 1/1 Running 0 21m
NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
default service/kubernetes ClusterIP 10.152.183.1 <none> 443/TCP 23m
kube-system service/metrics-server ClusterIP 10.152.183.81 <none> 443/TCP 22m
kube-system service/kubernetes-dashboard ClusterIP 10.152.183.103 <none> 443/TCP 22m
kube-system service/dashboard-metrics-scraper ClusterIP 10.152.183.197 <none> 8000/TCP 22m
NAMESPACE NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
kube-system daemonset.apps/calico-node 1 1 1 1 1 kubernetes.io/os=linux 23m
ingress daemonset.apps/nginx-ingress-microk8s-controller 1 1 1 1 1 <none> 22m
NAMESPACE NAME READY UP-TO-DATE AVAILABLE AGE
kube-system deployment.apps/calico-kube-controllers 1/1 1 1 23m
kube-system deployment.apps/metrics-server 1/1 1 1 22m
kube-system deployment.apps/kubernetes-dashboard 1/1 1 1 22m
kube-system deployment.apps/dashboard-metrics-scraper 1/1 1 1 22m
NAMESPACE NAME DESIRED CURRENT READY AGE
kube-system replicaset.apps/calico-kube-controllers-69d7f794d9 0 0 0 23m
kube-system replicaset.apps/calico-kube-controllers-f744bf684 1 1 1 23m
kube-system replicaset.apps/metrics-server-85df567dd8 1 1 1 22m
kube-system replicaset.apps/kubernetes-dashboard-59699458b 1 1 1 21m
kube-system replicaset.apps/dashboard-metrics-scraper-58d4977855 1 1 1 21m
我想在本地网络中公开 microk8s 仪表板以通过以下方式访问它http://main/dashboard/
为此,我执行了以下操作nano ingress.yaml:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
kubernetes.io/ingress.class: public
nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
name: dashboard
namespace: kube-system
spec:
rules:
- host: main
http:
paths:
- backend:
serviceName: kubernetes-dashboard
servicePort: 443
path: /
启用 ingress-config 后kubectl apply -f ingress.yaml出现以下错误:
error: unable to recognize "ingress.yaml": no matches for kind "Ingress" in version "extensions/v1beta1"
非常感谢您的帮助,谢谢!
更新: @harsh-manvar 指出配置版本不匹配。我已将 ingress.yaml 重写为一个非常精简的版本:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: dashboard
namespace: kube-system
spec:
rules:
- http:
paths:
- path: /dashboard
pathType: Prefix
backend:
service:
name: kubernetes-dashboard
port:
number: 443
应用这个有效。此外,还会创建入口规则。
NAMESPACE NAME CLASS HOSTS ADDRESS PORTS AGE
kube-system dashboard public * 127.0.0.1 80 11m
但是,当我通过 访问仪表板时http://<ip-of-kubernetes-master>/dashboard,出现400错误。
来自入口控制器的日志:
192.168.0.123 - - [10/Oct/2021:21:38:47 +0000] "GET /dashboard HTTP/1.1" 400 54 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.71 Safari/537.36" 466 0.002 [kube-system-kubernetes-dashboard-443] [] 10.1.76.3:8443 48 0.000 400 ca0946230759edfbaaf9d94f3d5c959a
仪表板是否也需要使用公开microk8s proxy?我以为入口控制器会处理这个问题,还是我误解了这一点?
Mik*_* S. 40
要修复该错误,error: unable to recognize "ingress.yaml": no matches for kind "Ingress" in version "extensions/v1beta1您需要设置apiVersion为 networking.k8s.io/v1. 来自Kubernetes v1.16 有关已弃用 API 的文章:
- 不再提供 extensions/v1beta1 API 版本中的 NetworkPolicy - 迁移到使用自 v1.8 起可用的networking.k8s.io/v1 API 版本。可以通过新版本检索/更新现有的持久数据。
现在转到第二期。您需要添加一些注释并在 Ingress 定义中进行一些更改,以使仪表板在 microk8s 集群上正确公开:
nginx.ingress.kubernetes.io/rewrite-target: /$2注释nginx.ingress.kubernetes.io/configuration-snippet: | rewrite ^(/dashboard)$ $1/ redirect;注释path: /dashboardpath: /dashboard(/|$)(.*)我们需要它们将请求正确转发到后端 Pod -本文中有很好的解释:
注意: “nginx.ingress.kubernetes.io/rewrite-target”注释会在将请求转发到后端 Pod 之前重写 URL。在路径的/dashboard(/|$)(.*)中,(.*)存储访问 Kubernetes 仪表板时生成的动态 URL。在将请求转发到kubernetes-dashboard服务之前,“nginx.ingress.kubernetes.io/rewrite-target”注释会替换 URL 中捕获的数据。仅当访问ALB-URL/dashboard时,“nginx.ingress.kubernetes.io/configuration-snippet”注释才会重写 URL 以添加尾部斜杠(“/”) 。
我们还需要另外两个更改:
nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"注释以告诉 NGINX Ingress 使用 HTTPs 与 Dashboard 服务进行通信kubernetes.io/ingress.class: public注释以使用 microk8singress插件创建的 NGINX Ingress实现上述所有内容后,最终的 YAML 文件如下所示:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /$2
nginx.ingress.kubernetes.io/configuration-snippet: |
rewrite ^(/dashboard)$ $1/ redirect;
nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
kubernetes.io/ingress.class: public
name: dashboard
namespace: kube-system
spec:
rules:
- http:
paths:
- path: /dashboard(/|$)(.*)
pathType: Prefix
backend:
service:
name: kubernetes-dashboard
port:
number: 443
它应该工作正常。无需运行microk8s proxy命令。
error: unable to recognize "ingress.yaml": no matches for kind "Ingress" in version "extensions/v1beta1"
这是由于入口 API 版本不匹配造成的。
您正在运行v1.22.2,而 YAML 中的 API 版本较旧。
很好的例子:https ://kubernetes.io/docs/tasks/access-application-cluster/ingress-minikube/
您在 YAML 中使用较旧的入口 API 版本,即extensions/v1beta1.
您需要根据您运行的入口版本和 K8s 版本更改此设置。
这适用于K8s 中的1.19版本,也适用于 1.22
例子 :
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: minimal-ingress
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- http:
paths:
- path: /testpath
pathType: Prefix
backend:
service:
name: test
port:
number: 80
参考: https: //kubernetes.io/docs/concepts/services-networking/ingress/
| 归档时间: |
|
| 查看次数: |
52928 次 |
| 最近记录: |