0

我正在尝试公开两个服务(Web API 和聊天机器人),它们通过Service Fabric Mesh Network 的入口控制器在内部打开相同的端口。

运行下面的定义总是会让两个服务之一失败。

我不清楚的是:

  1. 那是因为它们都在内部打开相同的端口(80 和 443)吗?
  2. 这通常是一个坏主意,我应该使用像 NGINX 这样的反向代理吗?
  3. 我可以为这两项服务获得两个不同的 IP 地址吗?

文件:

{
  "$schema": "http://schema.management.azure.com/schemas/2014-04-01-preview/deploymentTemplate.json",
  "contentVersion": "1.0.0.0",
  "resources": [
    {
      "apiVersion": "2018-07-01-preview",
      "name": "contosomaintenance",
      "type": "Microsoft.ServiceFabricMesh/applications",
      "location": "westeurope",
      "dependsOn": [
        "Microsoft.ServiceFabricMesh/networks/contosomaintenance-network"
      ],
      "properties": {
        "services": [
          {
            "name": "contosomaintenance-api",
            "properties": {
              "description": "Contoso Maintenance REST API",
              "osType": "Linux",
              "codePackages": [
                {
                  "name": "contosomaintenance-api",
                  "image": "robinmanuelthiel/contosomaintenance-api:latest",
                  "endpoints": [
                    {
                      "name": "http",
                      "port": 80
                    },
                    {
                      "name": "https",
                      "port": 443
                    }
                  ],
                  "resources": {
                    "requests": {
                      "cpu": "0.5",
                      "memoryInGB": "1"
                    }
                  }
                }
              ],
              "replicaCount": "1",
              "networkRefs": [
                {
                  "name": "[resourceId('Microsoft.ServiceFabricMesh/networks', 'contosomaintenance-network')]"
                }
              ]
            }
          },
          {
            "name": "contosomaintenance-bot",
            "properties": {
              "description": "Contoso Maintenance Chat Bot",
              "osType": "Linux",
              "codePackages": [
                {
                  "name": "contosomaintenance-bot",
                  "image": "robinmanuelthiel/contosomaintenance-bot:latest",
                  "endpoints": [
                    {
                      "name": "http",
                      "port": 80
                    },
                    {
                      "name": "https",
                      "port": 443
                    }
                  ],
                  "resources": {
                    "requests": {
                      "cpu": "0.5",
                      "memoryInGB": "1"
                    }
                  }
                }
              ],
              "replicaCount": "1",
              "networkRefs": [
                {
                  "name": "[resourceId('Microsoft.ServiceFabricMesh/networks', 'contosomaintenance-network')]"
                }
              ]
            }
          }
        ]
      }
    },
    {
      "apiVersion": "2018-07-01-preview",
      "name": "contosomaintenance-network",
      "type": "Microsoft.ServiceFabricMesh/networks",
      "location": "westeurope",
      "dependsOn": [],
      "properties": {
        "description": "Contoso Maintenance Network",
        "addressPrefix": "10.0.0.0/22",
        "ingressConfig": {
          "layer4": [
            {
              "name": "contosomaintenance-api-ingress-http",
              "publicPort": "20001",
              "applicationName": "contosomaintenance",
              "serviceName": "contosomaintenance-api",
              "endpointName": "http"
            },
            {
              "name": "contosomaintenance-api-ingress-bot",
              "publicPort": "20002",
              "applicationName": "contosomaintenance",
              "serviceName": "contosomaintenance-bot",
              "endpointName": "http"
            }
          ]
        }
      }
    }
  ]
}
4

1 回答 1

2

2018-12-10 更新

新的 ApiVersion 已经发布(2018-09-01-preview),公开服务的新方式是使用网关资源。更多信息可以在这个github 线程和这个文档上找到。

这是网关(仅)在同一应用程序中公开两个服务的片段:

{
  "apiVersion": "2018-09-01-preview",
  "name": "helloWorldGateway",
  "type": "Microsoft.ServiceFabricMesh/gateways",
  "location": "[parameters('location')]",
  "dependsOn": [
    "Microsoft.ServiceFabricMesh/networks/helloWorldNetwork"
  ],
  "properties": {
    "description": "Service Fabric Mesh Gateway for HelloWorld sample.",
    "sourceNetwork": {
      "name": "Open"
    },
    "destinationNetwork": {
      "name": "[resourceId('Microsoft.ServiceFabricMesh/networks', 'helloWorldNetwork')]"
    },
    "http": [
      {
        "name": "web",
        "port": 81,
        "hosts": [
          {
            "name": "*",
            "routes": [
              {
                "name":  "helloRoute",
                "match": {
                  "path": {
                    "value": "/",
                    "rewrite": "/",
                    "type": "Prefix"
                  }
                },
                "destination": {
                  "applicationName": "helloWorldApp",
                  "serviceName": "helloWorldService",
                  "endpointName": "helloWorldListener"
                }
              }
            ]
          }
        ]
      },
      {
        "name": "kuard",
        "port": 82,
        "hosts": [
          {
            "name": "*",
            "routes": [
              {
                "name":  "kuardRoute",
                "match": {
                  "path": {
                    "value": "/",
                    "rewrite": "/",
                    "type": "Prefix"
                  }
                },
                "destination": {
                  "applicationName": "helloWorldApp",
                  "serviceName": "kuardService",
                  "endpointName": "kuardListener"
                }
              }
            ]
          }
        ]
      }
    ],
    "tcp": [
      {
        "name": "web",
        "port": 80,
        "destination": {
          "applicationName": "helloWorldApp",
          "serviceName": "helloWorldService",
          "endpointName": "helloWorldListener"
        }
      },
      {
        "name": "kuard",
        "port": 8080,
        "destination": {
          "applicationName": "helloWorldApp",
          "serviceName": "kuardService",
          "endpointName": "kuardListener"
        }
      }
    ]
  }
}

笔记:

  • 该应用程序是具有额外服务的相同helloWorld示例
  • 网关已修改为通过 TCP 和 HTTP 公开不同的端口
  • 无法再通过网络公开服务(如原始答案中所述)

原始答案

目前,网络存在两大限制:

  • 每个应用程序一个网络:您不能在两个网络中拥有一个应用程序。资源
  • 每个服务一个网络入口:当您使用针对多个服务的多个规则定义入口时,即使在大多数情况下部署成功而​​没有警告,也只有其中一个可以正常工作。资源

这些是公共预览版限制,可能在 GA 上已修复。

在这种情况下,如果您需要公开两个服务,您的替代方案是:

  • 创建两个网络和两个应用程序:每个具有单独服务的应用程序都部署在自己的网络上,每个服务将具有不同的 IP。
  • 创建代理服务:使用 NGINX 等解决方案接收所有连接并将请求在内部路由到适当的服务。
  • 使用网关资源:SF Mesh 即将发布基于 envoy 的网关服务,可用时将是该场景的最佳解决方案,它的工作方式与上述 NGINX 方法非常相似,但由 Azure 管理,尚不可用,但将很快就会被释放。
于 2018-12-05T18:17:07.473 回答