0

我正在使用 GKE 集群。如果有人能帮我弄清楚为什么我的入口没有加载负载均衡器,我将非常感激。我的期望是这个入口应该自动创建一个负载均衡器,我可以使用我根据注释“kubernetes.io/ingress.global-static-ip-name”设置的外部 IP 访问它。在创建此入口之前,我已经创建了此外部 IP。

入口说明:

Namespace:        default
Address:
Default backend:  default-http-backend:80 (10.28.1.4:8080)
TLS:
  SNI routes
  secret-ingress-REDACTED terminates REDACTED.iacustomer-cloud.net
Rules:
  Host                       Path  Backends
  ----                       ----  --------
  REDACTED.iacustomer-cloud.net
                                REDACTED:8080 (10.28.1.9:8080)
Annotations:
  kubernetes.io/ingress.global-static-ip-name:  TEST
  meta.helm.sh/release-name:                    REDACTED
  meta.helm.sh/release-namespace:               default
  kubernetes.io/ingress.allow-http:             false
Events:
  Type     Reason  Age                   From                     Message
  ----     ------  ----                  ----                     -------
  Normal   Sync    5m36s (x3 over 11m)   loadbalancer-controller  Scheduled for sync
  Warning  Sync    5m28s (x17 over 11m)  loadbalancer-controller  Error syncing to GCP: error running load balancer syncing routine: error getting secrets for Ingress: secret "" does not exist

从 GKE 控制台记录

Info 2021-04-17 23:08:22.000 EDT "Scheduled for sync"
Info 2021-04-17 23:08:24.000 EDT "Created NEG "k8s1-c6a787bd-default-iawa-8080-a6810668" for default/iawa-k8s1-c6a787bd-default-iawa-8080-a6810668--iawa/8080-8080-GCE_VM_IP_PORT-L7 in "us-east1-b"."
Info 2021-04-17 23:08:26.000 EDT"Attach 1 network endpoint(s) (NEG "k8s1-c6a787bd-default-iawa-8080-a6810668" in zone "us-east1-b")"
Warning 2021-04-17 23:08:33.000 EDT "Error syncing to GCP: error running load balancer syncing routine: error getting secrets for Ingress: secret "" does not exist"
Warning 2021-04-17 23:08:36.000 EDT "Error syncing to GCP: error running load balancer syncing routine: error getting secrets for Ingress: secret "" does not exist"
Warning 2021-04-17 23:08:39.000 EDT "Error syncing to GCP: error running load balancer syncing routine: error getting secrets for Ingress: secret "" does not exist"

YAML

kind: Ingress
metadata:
  annotations:
    kubernetes.io/ingress.allow-http: "false"
    kubernetes.io/ingress.global-static-ip-name: TEST
    meta.helm.sh/release-name: REDACTED
    meta.helm.sh/release-namespace: default
  creationTimestamp: "2021-04-18T03:08:22Z"
  finalizers:
  - networking.gke.io/ingress-finalizer-V2
  generation: 1
  labels:
    app.kubernetes.io/managed-by: Helm
  managedFields:
  - apiVersion: extensions/v1beta1
    fieldsType: FieldsV1
    fieldsV1:
      f:metadata:
        f:annotations:
          .: {}
          f:kubernetes.io/ingress.allow-http: {}
          f:kubernetes.io/ingress.global-static-ip-name: {}
          f:meta.helm.sh/release-name: {}
          f:meta.helm.sh/release-namespace: {}
        f:labels:
          .: {}
          f:app.kubernetes.io/managed-by: {}
      f:spec:
        f:rules: {}
        f:tls: {}
    manager: Go-http-client
    operation: Update
    time: "2021-04-18T03:08:22Z"
  - apiVersion: networking.k8s.io/v1beta1
    fieldsType: FieldsV1
    fieldsV1:
      f:metadata:
        f:finalizers:
          .: {}
          v:"networking.gke.io/ingress-finalizer-V2": {}
    manager: glbc
    operation: Update
    time: "2021-04-18T03:08:22Z"
  name: ingress-REDACTED
  namespace: default
  resourceVersion: "1760095"
  selfLink: /apis/extensions/v1beta1/namespaces/default/ingresses/ingress-REDACTED
  uid: 67863099-5bdd-4066-ace8-ee9afe6af876
spec:
  rules:
  - host: REDACTED.iacustomer-cloud.net
    http:
      paths:
      - backend:
          serviceName: REDACTED
          servicePort: 8080
        pathType: ImplementationSpecific
  tls:
  - {}
  - hosts:
    - REDACTED.iacustomer-cloud.net
    secretName: secret-ingress-REDACTED
status:
  loadBalancer: {}

提前非常感谢!

4

1 回答 1

1

这是因为我在使用的 helm 图表模板中的 tls 字段下有一个额外的“-hosts”条目,该条目在入口定义 yaml 中转换为“-{}”。

  tls:
  - {}
  - hosts:
    - REDACTED.iacustomer-cloud.net

我修改了模板,现在工作正常。

于 2021-04-19T02:08:00.560 回答