1

我正在使用 haproxy 入口控制器,但是我需要将流量从 / 重定向到某个 url,所以我使用的是我的自定义默认后端,但是当我使用它时,当我尝试在 / 上发送流量时,它不会将流量重定向到指定的url,有时会,有时会。我想知道如何创建和使用我自己的默认后端服务和部署。

Default-backend.yaml 看起来像:


apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  labels:
    run: ingress-default-backend
  name: ingress-default-backend
  namespace: test-haproxy
spec:
  selector:
    matchLabels:
      run: ingress-default-backend
  template:
    metadata:
      labels:
        run: ingress-default-backend
    spec:
      containers:
      - name: ingress-default-backend
        image: nginx:1.14
        ports:
        - containerPort: 443
        volumeMounts:
            - name: ngx-config
              mountPath: /etc/nginx
        resources:
          limits:
            cpu: 10m
            memory: 20Mi
      volumes:
        - configMap:
            name: default-backend-nginx
          name: ngx-config

apiVersion: v1
kind: Service
metadata:
  name: ingress-default-backend
  namespace: test-haproxy
spec:
  ports:
  - port: 443
  selector:
    run: ingress-default-backend

apiVersion: v1
kind: ConfigMap
metadata:
  name: default-backend-nginx
  namespace: test-haproxy
data:
  nginx.conf: |-
    user  nginx;
    worker_processes  1;

    error_log  /var/log/nginx/error.log warn;
    pid        /var/run/nginx.pid;

    events {
        worker_connections  1024;
    }

    http {
        include       /etc/nginx/mime.types;
        default_type  application/octet-stream;

        log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                          '$status $body_bytes_sent "$http_referer" '
                          '"$http_user_agent" "$http_x_forwarded_for"';

        access_log  /var/log/nginx/access.log  main;
        error_log  /var/log/nginx/error.log;
        proxy_connect_timeout       600;
        proxy_send_timeout          600;
        proxy_read_timeout          600;
        send_timeout                600;

       ##
       # SSL Settings
       ##

       #ssl_session_cache shared:SSL:20m;
       #ssl_session_timeout 10m;
       #ssl_prefer_server_ciphers on;
       ssl_verify_client off;
       #ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
       #ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;


        sendfile        on;
        keepalive_timeout  65;

        server {
            listen 443;
            server_name example.com;
            ssl_certificate example.crt;
            ssl_certificate_key example.key;


            location / {
               rewrite ^/.* https://example.com/index/ permanent;
             }
            charset     utf-8;
         }
      }

Haproxy 入口控制器:

containers:
      - name: haproxy-ingress-controller
        image: quay.io/jcmoraisjr/haproxy-ingress
        args:
        - --default-backend-service=$(POD_NAMESPACE)/ingress-default-backend        
        - --configmap=$(POD_NAMESPACE)/haproxy-ingress-controller
        - --sort-backends
        - --verify-hostname=false
        - --ingress-class=ingress-$(POD_NAMESPACE)

Haproxy 日志:

I0723 11:50:47.481960       8 launch.go:142]
Name:       HAProxy
Release:    v0.7.2
Build:      git-94e0f4e
Repository: https://github.com/jcmoraisjr/haproxy-ingress
I0723 11:50:47.481988       8 launch.go:145] Watching for ingress class: ingress-haproxy
I0723 11:50:47.482097       8 launch.go:345] Creating API client for https://10.3.0.1:443
I0723 11:50:47.495848       8 launch.go:357] Running in Kubernetes Cluster version v1.11 (v1.11.3) - git (clean) commit a4529464e4629c21224b3d52edfe0ea91b072862 - platform linux/amd64
I0723 11:50:47.498583       8 launch.go:169] validated haproxy/ingress-default-backend as the default backend
I0723 11:50:47.504666       8 controller.go:1528] starting Ingress controller
I0723 11:50:47.508767       8 listers.go:79] ignoring add for ingress ******* based on annotation kubernetes.io/ingress.class with value haproxy
I0723 11:50:47.509057       8 event.go:218] Event(v1.ObjectReference{Kind:"Ingress", Namespace:”test-haproxy", Name:”*****-haproxy", UID:"31d7e0fe-ad3e-11e9-84f9-06882a017ecc", APIVersion:"extensions", ResourceVersion:"29802114", FieldPath:""}): type: 'Normal' reason: 'CREATE' Ingress *****-haproxy/*****-haproxy
I0723 11:50:47.509351       8 event.go:218] Event(v1.ObjectReference{Kind:"Ingress", Namespace:”*****-haproxy", Name:”****-haproxy", UID:"38db7894-ad3e-11e9-8201-0210d7f84aea", APIVersion:"extensions", ResourceVersion:"29802147", FieldPath:""}): type: 'Normal' reason: 'CREATE' Ingress *****-haproxy/*****-haproxy
I0723 11:50:52.714077       8 controller.go:1536] running initial sync of secrets
I0723 11:50:52.714299       8 leaderelection.go:174] attempting to acquire leader lease...
I0723 11:50:52.714703       8 controller.go:332] backend reload required
I0723 11:50:52.722815       8 leaderelection.go:184] successfully acquired lease ******-haproxy/ingress-controller-leader-ingress-*****-haproxy
I0723 11:50:52.722845       8 status.go:199] new leader elected: *******-haproxy-6ddd97fbd4-x9h2s
I0723 11:50:52.738325       8 controller.go:341] ingress backend successfully reloaded...
4

0 回答 0