我正在使用 haproxy 入口控制器,但是我需要将流量从 / 重定向到某个 url,所以我使用的是我的自定义默认后端,但是当我使用它时,当我尝试在 / 上发送流量时,它不会将流量重定向到指定的url,有时会,有时会。我想知道如何创建和使用我自己的默认后端服务和部署。
Default-backend.yaml 看起来像:
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
labels:
run: ingress-default-backend
name: ingress-default-backend
namespace: test-haproxy
spec:
selector:
matchLabels:
run: ingress-default-backend
template:
metadata:
labels:
run: ingress-default-backend
spec:
containers:
- name: ingress-default-backend
image: nginx:1.14
ports:
- containerPort: 443
volumeMounts:
- name: ngx-config
mountPath: /etc/nginx
resources:
limits:
cpu: 10m
memory: 20Mi
volumes:
- configMap:
name: default-backend-nginx
name: ngx-config
apiVersion: v1
kind: Service
metadata:
name: ingress-default-backend
namespace: test-haproxy
spec:
ports:
- port: 443
selector:
run: ingress-default-backend
apiVersion: v1
kind: ConfigMap
metadata:
name: default-backend-nginx
namespace: test-haproxy
data:
nginx.conf: |-
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
error_log /var/log/nginx/error.log;
proxy_connect_timeout 600;
proxy_send_timeout 600;
proxy_read_timeout 600;
send_timeout 600;
##
# SSL Settings
##
#ssl_session_cache shared:SSL:20m;
#ssl_session_timeout 10m;
#ssl_prefer_server_ciphers on;
ssl_verify_client off;
#ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
#ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
sendfile on;
keepalive_timeout 65;
server {
listen 443;
server_name example.com;
ssl_certificate example.crt;
ssl_certificate_key example.key;
location / {
rewrite ^/.* https://example.com/index/ permanent;
}
charset utf-8;
}
}
Haproxy 入口控制器:
containers:
- name: haproxy-ingress-controller
image: quay.io/jcmoraisjr/haproxy-ingress
args:
- --default-backend-service=$(POD_NAMESPACE)/ingress-default-backend
- --configmap=$(POD_NAMESPACE)/haproxy-ingress-controller
- --sort-backends
- --verify-hostname=false
- --ingress-class=ingress-$(POD_NAMESPACE)
Haproxy 日志:
I0723 11:50:47.481960 8 launch.go:142]
Name: HAProxy
Release: v0.7.2
Build: git-94e0f4e
Repository: https://github.com/jcmoraisjr/haproxy-ingress
I0723 11:50:47.481988 8 launch.go:145] Watching for ingress class: ingress-haproxy
I0723 11:50:47.482097 8 launch.go:345] Creating API client for https://10.3.0.1:443
I0723 11:50:47.495848 8 launch.go:357] Running in Kubernetes Cluster version v1.11 (v1.11.3) - git (clean) commit a4529464e4629c21224b3d52edfe0ea91b072862 - platform linux/amd64
I0723 11:50:47.498583 8 launch.go:169] validated haproxy/ingress-default-backend as the default backend
I0723 11:50:47.504666 8 controller.go:1528] starting Ingress controller
I0723 11:50:47.508767 8 listers.go:79] ignoring add for ingress ******* based on annotation kubernetes.io/ingress.class with value haproxy
I0723 11:50:47.509057 8 event.go:218] Event(v1.ObjectReference{Kind:"Ingress", Namespace:”test-haproxy", Name:”*****-haproxy", UID:"31d7e0fe-ad3e-11e9-84f9-06882a017ecc", APIVersion:"extensions", ResourceVersion:"29802114", FieldPath:""}): type: 'Normal' reason: 'CREATE' Ingress *****-haproxy/*****-haproxy
I0723 11:50:47.509351 8 event.go:218] Event(v1.ObjectReference{Kind:"Ingress", Namespace:”*****-haproxy", Name:”****-haproxy", UID:"38db7894-ad3e-11e9-8201-0210d7f84aea", APIVersion:"extensions", ResourceVersion:"29802147", FieldPath:""}): type: 'Normal' reason: 'CREATE' Ingress *****-haproxy/*****-haproxy
I0723 11:50:52.714077 8 controller.go:1536] running initial sync of secrets
I0723 11:50:52.714299 8 leaderelection.go:174] attempting to acquire leader lease...
I0723 11:50:52.714703 8 controller.go:332] backend reload required
I0723 11:50:52.722815 8 leaderelection.go:184] successfully acquired lease ******-haproxy/ingress-controller-leader-ingress-*****-haproxy
I0723 11:50:52.722845 8 status.go:199] new leader elected: *******-haproxy-6ddd97fbd4-x9h2s
I0723 11:50:52.738325 8 controller.go:341] ingress backend successfully reloaded...