1

我有一个 alpine docker 映像可以在 apache 服务器(PHP 7.4) 上运行我的原始 PHP 网站EXPOSE 80
我想使用入口控制器在 Kubernetes(GKE) 上运行映像。
我正在使用 gcloud 命令将图像推送到谷歌容器注册表。
部署和服务都没有错误,并成功创建为 NodePort。
我部署的入口来自谷歌教程(https://cloud.google.com/community/tutorials/nginx-ingress-gke
在我的入口中现在有:

  • 34.68.78.46.xip.io/
  • 34.68.78.46.xip.io/你好
  • 34.68.78.46.xip.io/jb(/|$)(.*)

/hello 与本教程的配置相同,并且运行良好。
/jb 与我在下面提到的配置相同,总是返回 502 错误。
GCP 控制台中的入口详细信息未显示警告或错误

我检查过:
Kubernetes GKE Ingress : 502 Server Error
GKE Ingress: 502 error when download file
502 Server Error Google kubernetes

这是部署文件:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: jomlahbazar-deployment
spec:
  selector:
    matchLabels:
      greeting: jomlah
      department: bazar
  replicas: 1
  template:
    metadata:
      labels:
        greeting: jomlah
        department: bazar
    spec:
      containers:
      - name: jomlah
        image: "us.gcr.io/third-nature-273904/jb-img-1-0:v1"
        ports:
        - containerPort: 80
        env:
        - name: "PORT"
          value: "80"

这是服务文件:

apiVersion: v1
kind: Service
metadata:
  name: jomlahbazar-service
spec:
  type: NodePort
  selector:
    greeting: jomlah
    department: bazar
  ports:
  - protocol: TCP
    port: 80
    targetPort: 80

在入口文件中:

apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
  name: ingress-resource
  annotations:
    kubernetes.io/ingress.class: "nginx"
    nginx.ingress.kubernetes.io/ssl-redirect: "false"
    nginx.ingress.kubernetes.io/rewrite-target: /$2
    nginx.ingress.kubernetes.io/use-regex: "true"
    nginx.ingress.kubernetes.io/add-base-url : "true"
spec:
  rules:
  - host: 34.68.78.46.xip.io
    http:
      paths:
      - path: /
        backend:
          serviceName: jomlahbazar-service
          servicePort: 80
      - path: /hello
        backend:
          serviceName: hello-app
          servicePort: 8080
      - path: /jb(/|$)(.*)
        backend:
          serviceName: jomlahbazar-service
          servicePort: 80

这是入口描述:

Name:             ingress-resource
Namespace:        default
Address:          34.68.78.46
Default backend:  default-http-backend:80 (10.20.1.6:8080)
Rules:
  Host                Path  Backends
  ----                ----  --------
  34.68.78.46.xip.io
                      /              jomlahbazar-service:80 (<none>)
                      /hello         hello-app:8080 (10.20.2.61:8080)
                      /jb(/|$)(.*)   jomlahbazar-service:80 (<none>)
Annotations:
  kubernetes.io/ingress.class:                       nginx
  nginx.ingress.kubernetes.io/add-base-url:          true
  nginx.ingress.kubernetes.io/rewrite-target:        /$2
  nginx.ingress.kubernetes.io/ssl-redirect:          false
  nginx.ingress.kubernetes.io/use-regex:             true
  kubectl.kubernetes.io/last-applied-configuration:  {"apiVersion":"networking.k8s.io/v1beta1","kind":"Ingress","metadata":{"annotations":{"kubernetes.io/ingress.class":"nginx","nginx.ingress.kubernetes.io/add-base-url":"true","nginx.ingress.kubernetes.io/rewrite-target":"/$2","nginx.ingress.kubernetes.io/ssl-redirect":"false","nginx.ingress.kubernetes.io/use-regex":"true"},"name":"ingress-resource","namespace":"default"},"spec":{"rules":[{"host":"34.68.78.46.xip.io","http":{"paths":[{"backend":{"serviceName":"jomlahbazar-service","servicePort":80},"path":"/"},{"backend":{"serviceName":"hello-app","servicePort":8080},"path":"/hello"},{"backend":{"serviceName":"jomlahbazar-service","servicePort":80},"path":"/jb(/|$)(.*)"}]}}]}}

Events:
  Type    Reason          Age                 From                      Message
  ----    ------          ----                ----                      -------
  Normal  AddedOrUpdated  36m (x6 over 132m)  nginx-ingress-controller  Configuration for default/ingress-resource was added or updated

kubectl get ing ingress-resource -o yaml 的输出

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  annotations:
    kubectl.kubernetes.io/last-applied-configuration: |
      {"apiVersion":"networking.k8s.io/v1beta1","kind":"Ingress","metadata":{"annotations":{"kubernetes.io/ingress.class":"nginx","nginx.ingress.kubernetes.io/add-base-url":"true","nginx.ingress.kubernetes.io/rewrite-target":"/$2","nginx.ingress.kubernetes.io/ssl-redirect":"false","nginx.ingress.kubernetes.io/use-regex":"true"},"name":"ingress-resource","namespace":"default"},"spec":{"rules":[{"host":"34.68.78.46.xip.io","http":{"paths":[{"backend":{"serviceName":"jomlahbazar-service","servicePort":80},"path":"/"},{"backend":{"serviceName":"hello-app","servicePort":8080},"path":"/hello"},{"backend":{"serviceName":"jomlahbazar-service","servicePort":80},"path":"/jb(/|$)(.*)"}]}}]}}
    kubernetes.io/ingress.class: nginx
    nginx.ingress.kubernetes.io/add-base-url: "true"
    nginx.ingress.kubernetes.io/rewrite-target: /$2
    nginx.ingress.kubernetes.io/ssl-redirect: "false"
    nginx.ingress.kubernetes.io/use-regex: "true"
  creationTimestamp: "2021-02-11T06:00:07Z"
  generation: 5
  name: ingress-resource
  namespace: default
  resourceVersion: "2195351"
  selfLink: /apis/extensions/v1beta1/namespaces/default/ingresses/ingress-resource
  uid: 74dc822f-91cb-4902-991b-1ad298f44ae6
spec:
  rules:
  - host: 34.68.78.46.xip.io
    http:
      paths:
      - backend:
          serviceName: jomlahbazar-service
          servicePort: 80
        path: /
      - backend:
          serviceName: hello-app
          servicePort: 8080
        path: /hello
      - backend:
          serviceName: jomlahbazar-service
          servicePort: 80
        path: /jb(/|$)(.*)
status:
  loadBalancer:
    ingress:
    - ip: 34.68.78.46
4

1 回答 1

1

我已经在我的 GKE 集群上运行了一些测试。我已经使用 2 hello world 应用程序 v1 和 v2 复制了您的行为。

方案 1

硬件 1

    spec:
      containers:
      - name: hello1
        image: gcr.io/google-samples/hello-app:1.0
        imagePullPolicy: IfNotPresent
        ports:
        - containerPort: 8080

SVC HW1

spec:
  type: NodePort
  selector:
    key: app
  ports:
    - port: 80
      targetPort: 8080

硬件 2

    spec:
      containers:
      - name: hello2
        image: gcr.io/google-samples/hello-app:2.0
        env:
        - name: "PORT"
          value: "80"

SVC HW2

spec:
  type: NodePort
  ports:
  - port: 80
    targetPort: 8080
    protocol: TCP
  selector:
    app: hello2

入口

spec:
  rules:
  -  http:
      paths:
      - path: /hello2
        backend:
          serviceName: h2
          servicePort: 80
      - path: /hello
        backend:
          serviceName: fs
          servicePort: 80

输出:

$ curl 34.117.70.75/hello
Hello, world!
Version: 1.0.0
Hostname: fd-c6d79cdf8-7rmmd

$ curl 34.117.70.75/hello2

<html><head>
<meta http-equiv="content-type" content="text/html;charset=utf-8">
<title>502 Server Error</title>
</head>
<body text=#000000 bgcolor=#ffffff>
<h1>Error: Server Error</h1>
<h2>The server encountered a temporary error and could not complete your request.<p>Please try again in 30 seconds.</h2>
<h2></h2>
</body></html>

在这种情况下,部署被配置为创建将侦听的 pod port: 80。当您跳过containerPort部署中的配置时,Kubernetes 会自动使用containerPortport. 您可以使用netstat命令验证它。

$ kubectl exec -ti h2-deploy-6dbf5b7899-g7rbj -- bin/sh
/ # netstat -plnt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 :::80                   :::*                    LISTEN      1/hello-app
/ #

在您设置的服务中containerPort: 8080,因此服务期望流量进入端口8080。由于 pod 仅在侦听80并且流量进入,8080因此您会遇到502错误。

方案 2

将值从“80”更改为“8080”并应用新配置后。

$ curl 34.117.70.75/hello
Hello, world!
Version: 1.0.0
Hostname: fd-c6d79cdf8-7rmmd

$ curl 34.117.70.75/hello2
Hello, world!
Version: 2.0.0
Hostname: h2-deploy-5f5ccfbf9f-fjhrb

网络统计:

$ kubectl exec -ti f2-deploy-5f5ccfbf9f-fjhrb -- bin/sh
/ # netstat -plnt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 :::8080                 :::*                    LISTEN      1/hello-app

解决方案

解决方案 1

您应该将应用程序部署更改为:

        env:
        - name: "PORT"
          value: "8080"

并应用新配置。

解决方案 2 使用containerPort

    spec:
      containers:
      - name: jb
        image: "us.gcr.io/third-nature-273904/jb-img-1-0:v3"
        ports:
        - containerPort: 8080

笔记

请注意,如果您创建了自己的映像并EXPOSE在您Dockerfile的 .

如果您还有问题,请告诉我。

于 2021-02-10T13:39:14.073 回答