1

我已经使用 K3S 建立了一个简单的两节点 Kubernetes 集群。我已经部署了一个非常简单的网络应用程序,但是当我尝试访问网络应用程序时,我只是得到一个“网关超时”。我试图让设置尽可能简单,但我看不出哪里出错了。我在下面概述了我的整个设置,从两个全新的 Ubuntu 20.04 实例开始。谁能看到我哪里出错了?

这是我从头到尾的设置:

在主节点上:

sudo ufw allow 80
sudo ufw allow 8080
sudo ufw allow 6443
sudo ufw allow 2379
sudo ufw allow 2380
sudo ufw allow 2379:10252/tcp
sudo ufw allow 30000:32767/tcp
export http_proxy=proxy.example.com:8082
export https_proxy=proxy.example.com:8082
curl -sfL https://get.k3s.io | sh -
cat /var/lib/rancher/k3s/server/node-token
sudo cat /var/lib/rancher/k3s/server/node-token
sudo cat /etc/rancher/k3s/k3s.yaml

代理上:

sudo ufw allow 80
sudo ufw allow 8080
sudo ufw allow 6443
sudo ufw allow 2379
sudo ufw allow 2380
sudo ufw allow 2379:10252/tcp
sudo ufw allow 30000:32767/tcp
export http_proxy=proxy.example.com:8082
export https_proxy=proxy.example.com:8082
curl -sfL https://get.k3s.io | K3S_URL=https://vm1234.example.com:6443 K3S_TOKEN=K1060cf9217115ce1cb67d8450ea809b267ddc332b59c0c8ec6c6a30573f0b75eca::server:0b2be94c380be7bf4e16d94af36cac00 sh -
mkdir /etc/rancher/k3s/
sudo mkdir /etc/rancher/k3s/
sudo vim /etc/rancher/k3s/registries.yaml
sudo systemctl restart k3s-agent

在本地工作站上:

kubectl --kubeconfig k3s.yaml apply -f web-test-deployment.yaml
kubectl --kubeconfig k3s.yaml apply -f web-test-service.yaml 
kubectl --kubeconfig k3s.yaml apply -f web-test-ingress.yaml

列出正在运行的 pod:

$ kubectl --kubeconfig k3s.yaml get po
NAME                                   READY   STATUS    RESTARTS   AGE
web-test-deployment-5594bffd47-2gpd2   1/1     Running   0          4m57s

检查正在运行的 pod:

$ kubectl --kubeconfig k3s.yaml describe pod web-test-deployment-5594bffd47-2gpd2
Name:         web-test-deployment-5594bffd47-2gpd2
Namespace:    default
Priority:     0
Node:         vm9876/10.192.110.200
Start Time:   Fri, 28 Aug 2020 12:07:01 +0100
Labels:       app=web-test
              pod-template-hash=5594bffd47
Annotations:  <none>
Status:       Running
IP:           10.42.1.3
IPs:
  IP:           10.42.1.3
Controlled By:  ReplicaSet/web-test-deployment-5594bffd47
Containers:
  web-test:
    Container ID:   containerd://c32d85da0642d3ccc00c61a5265280f9fcc11e8979d621690117878c89506440
    Image:          docker.example.com//web-test
    Image ID:       docker.example.com//web-test@sha256:cb568f5b6554284684815fc4ee17eb8cceb1aa90838a575fd3755b60bb7e44e7
    Port:           8080/TCP
    Host Port:      0/TCP
    State:          Running
      Started:      Fri, 28 Aug 2020 12:09:03 +0100
    Ready:          True
    Restart Count:  0
    Environment:    <none>
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from default-token-wkzpx (ro)
Conditions:
  Type              Status
  Initialized       True 
  Ready             True 
  ContainersReady   True 
  PodScheduled      True 
Volumes:
  default-token-wkzpx:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  default-token-wkzpx
    Optional:    false
QoS Class:       BestEffort
Node-Selectors:  <none>
Tolerations:     node.kubernetes.io/not-ready:NoExecute for 300s
                 node.kubernetes.io/unreachable:NoExecute for 300s
Events:
  Type     Reason     Age                    From                      Message
  ----     ------     ----                   ----                      -------
  Normal   Scheduled  <unknown>              default-scheduler         Successfully assigned default/web-test-deployment-5594bffd47-2gpd2 to vm9876
  Normal   Pulling    3m58s (x4 over 5m17s)  kubelet, vm9876  Pulling image "docker.example.com/web-test"
  Normal   Pulled     3m16s                  kubelet, vm9876  Successfully pulled image "docker.example.com/web-test"
  Normal   Created    3m16s                  kubelet, vm9876  Created container web-test
  Normal   Started    3m16s                  kubelet, vm9876  Started container web-test

显示堆栈:

$ kubectl --kubeconfig k3s.yaml get all
NAME                                       READY   STATUS    RESTARTS   AGE
pod/web-test-deployment-5594bffd47-2gpd2   1/1     Running   0          5m43s

NAME                       TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)    AGE
service/kubernetes         ClusterIP   10.43.0.1       <none>        443/TCP    16m
service/web-test-service   ClusterIP   10.43.100.212   <none>        8080/TCP   5m39s

NAME                                  READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/web-test-deployment   1/1     1            1           5m44s

NAME                                             DESIRED   CURRENT   READY   AGE
replicaset.apps/web-test-deployment-5594bffd47   1         1         1       5m45s

列出入口:

$ kubectl --kubeconfig k3s.yaml get ing
NAME       CLASS    HOSTS   ADDRESS         PORTS   AGE
web-test   <none>   *       10.94.230.224   80      5m55s

检查入口:

$ kubectl --kubeconfig k3s.yaml describe ing web-test
Name:             web-test
Namespace:        default
Address:          10.94.230.224
Default backend:  default-http-backend:80 (<error: endpoints "default-http-backend" not found>)
Rules:
  Host        Path  Backends
  ----        ----  --------
  *           
              /   web-test-service:8080 (10.42.1.3:8080)
Annotations:  kubernetes.io/ingress.class: traefik
Events:       <none>

检验服务:

kubectl --kubeconfig k3s.yaml describe svc web-test-service
Name:              web-test-service
Namespace:         default
Labels:            app=web-test
Annotations:       Selector:  app=web-test
Type:              ClusterIP
IP:                10.43.100.212
Port:              <unset>  8080/TCP
TargetPort:        8080/TCP
Endpoints:         10.42.1.3:8080
Session Affinity:  None
Events:            <none>

$ curl http://10.94.230.224/web-test-service/

Gateway Timeout

这些是我的部署清单:

网络测试部署.yaml:

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: web-test
  name: web-test-deployment
spec:
  replicas: 1
  selector:
    matchLabels:
      app: web-test
  strategy: {}
  template:
    metadata:
      labels:
        app: web-test
    spec:
      containers:
      - image: docker.example.com/web-test
        imagePullPolicy: Always
        name: web-test
        ports:
        - containerPort: 8080
      restartPolicy: Always
      volumes: null

网络测试服务.yaml:

apiVersion: v1
kind: Service
metadata:
  labels:
    app: web-test
  name: web-test-service
spec:
  ports:
  - port: 8080
    targetPort: 8080
  selector:
    app: web-test

网络测试--ingress.yaml:

apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
  name: web-test
  annotations:
    kubernetes.io/ingress.class: "traefik"
spec:
  rules:
  - http:
      paths:
      - path: /
        backend:
          serviceName: web-test-service
          servicePort: 8080

注意:我也尝试过使用大使进行类似的设置,但我得到了类似的结果 :-(

4

1 回答 1

1

Ingress 上的注释缺少入口点和主机的描述:

apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
    name: web-test
    annotations:
        kubernetes.io/ingress.class: "traefik"
        traefik.ingress.kubernetes.io/router.entrypoints: http
    spec:
      rules:
        - host: webtest.example.com
          http:
            paths:
              - path: /
                pathType: Prefix
                backend:
                  service:
                    name: web-test-service
                    port:
                      number: 80
于 2021-02-08T11:20:56.943 回答