0

我有一个带有 3 个节点(1 个主节点和 2 个工作节点)的 Microk8s 集群。我启用了 dns 和 metallb(使用主节点的单个公共 ip)插件并使用 Helm3 安装了 Emissary Ingress。

一切都已启动并运行,Emissary 服务的类型为 LoadBalancer,并从 MetalLB 获取正确的外部 ip。

在此之后,我正在尝试为 Sonarqube 服务设置映射。这些是yaml:

apiVersion: getambassador.io/v3alpha1
kind: Listener
metadata:
  name: http-listener
  namespace: emissary-system
spec:
  port: 80
  protocol: HTTP
  securityModel: INSECURE
  hostBinding:
    namespace:
      from: ALL
---
apiVersion: getambassador.io/v3alpha1
kind: Listener
metadata:
  name: https-listener
  namespace: emissary-system
spec:
  port: 443
  protocol: HTTPS
  securityModel: SECURE
  hostBinding:
    namespace:
      from: ALL
---
apiVersion: getambassador.io/v3alpha1
kind: Host
metadata:
  name: sonarqube-host
  namespace: emissary-system
spec:
  hostname: "*"

---
apiVersion: getambassador.io/v3alpha1
kind:  Mapping
metadata:
  name: sonarqube-mapping
  namespace: emissary-system
spec:
  hostname: "*"
  prefix: /sonarqube
  service: "http://sonarqube-1645479242-sonarqube.sonarqube-system:9000"

在防火墙方面,我有这个:

Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), allow (routed)
New profiles: skip

To                         Action      From
--                         ------      ----
22                         ALLOW IN    Anywhere                   # SSH
80                         ALLOW IN    Anywhere                   # HTTP
443                        ALLOW IN    Anywhere                   # HTTPS
4789                       ALLOW IN    Anywhere                   # VXLAN
10250                      ALLOW IN    Anywhere                   # KUBELET
16443                      ALLOW IN    Anywhere                   # K8S API-SERVER
19001                      ALLOW IN    Anywhere                   # DQLITE
25000                      ALLOW IN    Anywhere                   # K8S CLUSTER-AGENT
Anywhere on vxlan.calico   ALLOW IN    Anywhere                  
Anywhere on cali+          ALLOW IN    Anywhere                  
22 (v6)                    ALLOW IN    Anywhere (v6)              # SSH
80 (v6)                    ALLOW IN    Anywhere (v6)              # HTTP
443 (v6)                   ALLOW IN    Anywhere (v6)              # HTTPS
4789 (v6)                  ALLOW IN    Anywhere (v6)              # VXLAN
10250 (v6)                 ALLOW IN    Anywhere (v6)              # KUBELET
16443 (v6)                 ALLOW IN    Anywhere (v6)              # K8S API-SERVER
19001 (v6)                 ALLOW IN    Anywhere (v6)              # DQLITE
25000 (v6)                 ALLOW IN    Anywhere (v6)              # K8S CLUSTER-AGENT
Anywhere (v6) on vxlan.calico ALLOW IN    Anywhere (v6)             
Anywhere (v6) on cali+     ALLOW IN    Anywhere (v6)             

Anywhere                   ALLOW OUT   Anywhere on vxlan.calico  
Anywhere                   ALLOW OUT   Anywhere on cali+         
Anywhere (v6)              ALLOW OUT   Anywhere (v6) on vxlan.calico
Anywhere (v6)              ALLOW OUT   Anywhere (v6) on cali+

但是,当我尝试连接时,出现连接被拒绝错误。似乎没有人在听 80 或 443。有人可以帮忙吗?谢谢

4

0 回答 0