0

使用具有 2 个节点的集群运行 Rancher v 2.4.5。我尝试使用来自 Bitnami 的 Helm Chart 安装 Wordpress。

一切顺利,我可以通过入口访问站点,除了图表创建的 L4 平衡器由于某种原因仍处于待处理状态。

图片

> kubectl get svc -n wordpress -o wide
NAME                                       TYPE           CLUSTER-IP      EXTERNAL-IP   PORT(S)                      AGE     SELECTOR
ingress-d5bf098ee05c3bbaa0a93a2ceedd8d1a   ClusterIP      10.43.51.5      <none>        80/TCP                       15m     workloadID_ingress-d5bf098ee05c3bbaa0a93a2ceedd8d1a=true
wordpress                                  LoadBalancer   10.43.137.240   <pending>     80:31672/TCP,443:31400/TCP   5d22h   app.kubernetes.io/instance=wordpress,app.kubernetes.io/name=wordpress
wordpress-mariadb                          ClusterIP      10.43.7.73      <none>        3306/TCP                     5d22h   app=mariadb,component=master,release=wordpress

没有为 wordpress 服务分配 LoadBalancer Ingress:

> kubectl describe services wordpress -n wordpress
Name:                     wordpress
Namespace:                wordpress
Labels:                   app.kubernetes.io/instance=wordpress
                          app.kubernetes.io/managed-by=Tiller
                          app.kubernetes.io/name=wordpress
                          helm.sh/chart=wordpress-9.5.1
                          io.cattle.field/appId=wordpress
Annotations:              <none>
Selector:                 app.kubernetes.io/instance=wordpress,app.kubernetes.io/name=wordpress
Type:                     LoadBalancer
IP:                       10.43.137.240
Port:                     http  80/TCP
TargetPort:               http/TCP
NodePort:                 http  31672/TCP
Endpoints:                10.42.1.16:8080
Port:                     https  443/TCP
TargetPort:               https/TCP
NodePort:                 https  31400/TCP
Endpoints:                10.42.1.16:8443
Session Affinity:         None
External Traffic Policy:  Cluster
Events

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  annotations:
    field.cattle.io/creatorId: user-6qmpk
    field.cattle.io/ingressState: '{"d29yZHByZXNzLWluZ3Jlc3Mvd29yZHByZXNzL3hpcC5pby8vLzgw":""}'
    field.cattle.io/publicEndpoints: '[{"addresses":["10.105.1.77"],"port":80,"protocol":"HTTP","serviceName":"wordpress:wordpress","ingressName":"wordpress:my","hostname":"my.wordpress.10.105.1.77.xip.io","path":"/","allNodes":true}]'
  creationTimestamp: "2020-09-01T19:32:27Z"
  generation: 3
  labels:
    cattle.io/creator: norman
  managedFields:
  - apiVersion: networking.k8s.io/v1beta1
    fieldsType: FieldsV1
    fieldsV1:
      f:status:
        f:loadBalancer:
          f:ingress: {}
    manager: nginx-ingress-controller
    operation: Update
    time: "2020-09-01T19:32:27Z"
  - apiVersion: extensions/v1beta1
    fieldsType: FieldsV1
    fieldsV1:
      f:metadata:
        f:annotations:
          .: {}
          f:field.cattle.io/creatorId: {}
          f:field.cattle.io/ingressState: {}
          f:field.cattle.io/publicEndpoints: {}
        f:labels:
          .: {}
          f:cattle.io/creator: {}
      f:spec:
        f:rules: {}
    manager: Go-http-client
    operation: Update
    time: "2020-09-01T19:49:08Z"
  name: my
  namespace: wordpress
  resourceVersion: "6073928"
  selfLink: /apis/extensions/v1beta1/namespaces/wordpress/ingresses/my
  uid: 8a88e16e-cbda-4f1f-bb1c-9d63d0af1b93
spec:
  rules:
  - host: my.wordpress.10.105.1.77.xip.io
    http:
      paths:
      - backend:
          serviceName: wordpress
          servicePort: 80
        path: /
        pathType: ImplementationSpecific
status:
  loadBalancer:
    ingress:
    - ip: 10.105.1.77
    - ip: 10.105.1.78

我已经在 Bitnami github 上打开了问题,但是根据回复,问题出现在 Rancher/RKE 方面。

对此有什么想法吗?

PS。

我是否应该同时在裸机上运行 Rancher 的 L7 Ingress 和 L4 Balancer,或者 L7 Ingress 也可以配置为负载均衡器并从该项目中删除 L4 Balancer?

4

1 回答 1

1

我通过清除防火墙、重新启动 docker(因此它得到新的防火墙)然后安装 metallb(或任何你拥有的负载均衡器)解决了这个问题。如果您还没有 L2 负载均衡器,则可以跳过此步骤,因为在我的情况下,问题是由负载均衡器的防火墙未注册引起的。

负载均衡器需要从 metallb、您的 cloudprovider、cloudflare 或类似的东西获取 IP。它是外部的,这意味着 Kubernetes 本身不会提供它。

您需要使用提供 IP 的 L2 负载均衡器 如果没有,您可以尝试https://metallb.universe.tf

你也可以离开它,你永远不会获得外部 IP,但 nginx/traefik 仍然会路由流量,因为它找不到其他路由..

于 2020-09-15T13:13:59.940 回答