0

我在 Ubuntu 20.04 上使用插件运行 microk8s v1.18.5 ingressdns, dashboard, helm3, storage

我正在尝试从外部访问正在运行的服务,例如grafanadashboard。我已经按照文档配置了代理服务和入口:

kind: Service
apiVersion: v1
metadata:
  name: grafana
  namespace: ingress
spec:
  type: ExternalName
  externalName: monitoring-grafana.kube-system.svc.cluster.local
  ports:
    - port: 80
---
kind: Ingress
apiVersion: networking.k8s.io/v1beta1
metadata:
  name: grafana-ingress
  annotations:
    kubernetes.io/ingress.class: "nginx"
    cert-manager.io/cluster-issuer: "letsencrypt-prod"
    kubernetes.io/tls-acme: "true"
spec:
  tls:
    - hosts:
        - "grafana.example.com"
      secretName: grafana-tls
  rules:
    - host: grafana.example.com
      http:
        paths:
          - backend:
              serviceName: grafana
              servicePort: 80
            path: /
---


kind: Service
apiVersion: v1
metadata:
  name: dashboard
  namespace: ingress
spec:
  type: ExternalName
  externalName: kubernetes-dashboard.kube-system.svc.cluster.local
  ports:
    - port: 443
---
kind: Ingress
apiVersion: networking.k8s.io/v1beta1
metadata:
  name: dashboard-ingress
  annotations:
    kubernetes.io/ingress.class: "nginx"
    cert-manager.io/cluster-issuer: "letsencrypt-prod"
    kubernetes.io/tls-acme: "true"
spec:
  tls:
    - hosts:
        - "dashboard.example.com"
      secretName: dashboard-tls
  rules:
    - host: dashboard.example.com
      http:
        paths:
          - backend:
              serviceName: dashboard
              servicePort: 443
            path: /
---

尝试访问仪表板或 grafana 我得到:

503 Service Temporarily Unavailable
openresty/1.15.8.1

我该怎么做才能找到根本原因?

我还从 helm3 运行 cert-manager 和 external-dns,他们的配置可能与问题有关吗?

4

1 回答 1

0

首先,您必须更改仪表板和 grafana服务类型NodePort使入口正常工作。

此外,可以在路径下访问 microk8s 的 Kubernetes 仪表板,<master_node_ip>:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/因此您必须在 URL 或入口清单中提及它。当你curl dashboard.example.com 它给你503 Service Temporarily Unavailable错误。但是,当您输入完整路径时,它将显示网站:

curl http://dashboard.example.com:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy

<!--
Copyright 2017 The Kubernetes Authors.

[...]

这是一个将重写/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy为的入口示例/dashboard/

kind: Ingress
apiVersion: networking.k8s.io/v1beta1
metadata:
  name: grafana-ingress
  namespace: kube-system
  annotations:
    kubernetes.io/ingress.class: nginx
    # Add https backend protocol support for ingress-nginx
    nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
    nginx.ingress.kubernetes.io/configuration-snippet: |
      proxy_set_header Accept-Encoding "";
      sub_filter '<base href="/">' '<base href="/dashboard/">';
      sub_filter_once on;
    nginx.ingress.kubernetes.io/rewrite-target: /$2
spec:
  rules:
    - host: dashboard.example.com
      http:
        paths:
          - path: /dashboard(/|$)(.*)
            backend:
              serviceName: kubernetes-dashboard
              servicePort: 443
于 2020-07-29T15:04:59.320 回答