0

我有一个在 Centos8 上运行的 Docker Enterprise k8 裸机集群,并按照官方文档使用来自 GIT 的清单文件安装 NGINX:https ://docs.nginx.com/nginx-ingress-controller/installation/installation-with-manifests /

吊舱似乎正在运行:

kubectl -n nginx-ingress describe pod nginx-ingress-fzr2j

Name:         nginx-ingress-fzr2j
Namespace:    nginx-ingress
Priority:     0
Node:         server.example.com/172.16.1.180
Start Time:   Sun, 16 Aug 2020 16:48:49 -0400
Labels:       app=nginx-ingress
              controller-revision-hash=85879fb7bc
              pod-template-generation=2
Annotations:  kubernetes.io/psp: privileged
Status:       Running
IP:           192.168.225.27
IPs:
  IP:           192.168.225.27

但我的问题是它选择的 IP 地址是 192.168.225.27。这是此服务器上的第二个网络。如何告诉 nginx 使用 Node: 部分中的 172.16.1.180 地址?Daemset 配置是:

apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: nginx-ingress
  namespace: nginx-ingress
spec:
  selector:
    matchLabels:
      app: nginx-ingress
  template:
    metadata:
      labels:
        app: nginx-ingress
     #annotations:
       #prometheus.io/scrape: "true"
       #prometheus.io/port: "9113"
    spec:
      serviceAccountName: nginx-ingress
      containers:
      - image: nginx/nginx-ingress:edge
        imagePullPolicy: Always
        name: nginx-ingress
        ports:
        - name: http
          containerPort: 80
          hostPort: 80
        - name: https
          containerPort: 443
          hostPort: 443
        - name: readiness-port
          containerPort: 8081
       #- name: prometheus
         #containerPort: 9113
        readinessProbe:
         httpGet:
           path: /nginx-ready
           port: readiness-port
         periodSeconds: 1
        securityContext:
          allowPrivilegeEscalation: true
          runAsUser: 101 #nginx
          capabilities:
            drop:
            - ALL
            add:
            - NET_BIND_SERVICE
        env:
        - name: POD_NAMESPACE
          valueFrom:
            fieldRef:
              fieldPath: metadata.namespace
        - name: POD_NAME
          valueFrom:
            fieldRef:
              fieldPath: metadata.name
        args:
          - -nginx-configmaps=$(POD_NAMESPACE)/nginx-config
          - -default-server-tls-secret=$(POD_NAMESPACE)/default-server-secret

我看不到要绑定到哪个 IP 地址的任何配置选项。

4

1 回答 1

1

您可能正在寻找的东西是hostNetwork: true

使用主机的网络命名空间。如果设置了此选项,则必须指定将使用的端口。默认为假

spec:
  template:
    spec:
      hostNetwork: true
      containers:
      - image: nginx/nginx-ingress:edge
        name: nginx-ingress

只有在将 Ingress 控制器绑定到主机上的所有地址时,您才需要指定绑定地址。如果这仍然是一个要求,您可以通过以下valueFrom:机制注入节点的 IP :

...
  containers:
  - env:
    - name: MY_NODE_IP
      valueFrom:
        fieldRef:
          status.hostIP
于 2020-08-17T16:10:14.163 回答