Kubernetes部署不可公开访问。

huangapple
go评论89阅读模式
英文:

Kubernetes deployment not publicly accesible

问题

我正在尝试访问我们在Azure上的Kubernetes集群上的部署。这是一个Azure Kubernetes服务(AKS)。以下是部署和应该公开部署的服务的配置文件。

配置

  1. apiVersion: apps/v1
  2. kind: Deployment
  3. metadata:
  4.   name: mira-api-deployment
  5. spec:
  6.   replicas: 1
  7.   selector:
  8.     matchLabels:
  9.       app: mira-api
  10.   template:
  11.     metadata:
  12.       labels:
  13.         app: mira-api
  14.     spec:
  15.       containers:
  16.         - name: backend
  17.           image: registry.gitlab.com/izit/mira-backend
  18.           ports:
  19.             - containerPort: 8080
  20.               name: http
  21.               protocol: TCP
  22.       imagePullSecrets:
  23.         - name: regcred
  1. apiVersion: v1
  2. kind: Service
  3. metadata:
  4.   name: mira-api-service
  5. spec:
  6.   type: LoadBalancer
  7.   ports:
  8.     - port: 80
  9.       targetPort: 8080
  10.       protocol: TCP
  11.       name: http
  12.   selector:
  13.     run: mira-api

当我在应用这些配置后检查集群时,我可以看到Pod正常运行。此外,服务已创建并分配了公共IP。

在此部署之后,我没有看到任何请求被处理。在浏览器中,我收到一个错误消息,表示无法访问该站点。您有什么想法,我可能配置错误了吗?

英文:

im trying to access a deloyment on our Kubernetes cluster on Azure. This is a Azure Kubernetes Service (AKS). Here are the configuration files for the deployment and the service that should expose the deployment.

Configurations

  1. apiVersion: apps/v1
  2. kind: Deployment
  3. metadata:
  4.   name: mira-api-deployment
  5. spec:
  6.   replicas: 1
  7.   selector:
  8.     matchLabels:
  9.       app: mira-api
  10.   template:
  11.     metadata:
  12.       labels:
  13.         app: mira-api
  14.     spec:
  15.       containers:
  16.         - name: backend
  17.           image: registry.gitlab.com/izit/mira-backend
  18.           ports:
  19.             - containerPort: 8080
  20.               name: http
  21.               protocol: TCP
  22.       imagePullSecrets:
  23.         - name: regcred
  1. apiVersion: v1
  2. kind: Service
  3. metadata:
  4.   name: mira-api-service
  5. spec:
  6.   type: LoadBalancer
  7.   ports:
  8.     - port: 80
  9.       targetPort: 8080
  10.       protocol: TCP
  11.       name: http
  12.   selector:
  13.     run: mira-api

When I check the cluster after applying these configurations I, I see the pod running correctly. Also the service is created and has public IP assigned.

Kubernetes部署不可公开访问。

After this deployment I don't see any requests getting handled. I get a error message in my browser saying the site is inaccessible. Any ideas what I could have configured wrong?

答案1

得分: 2

Your service selector labels and pod labels do not match.

You have app: mira-api label in deployment's pod template but have run: mira-api in service's label selector.

Change your service selector label to match the pod label as follows.

  1. apiVersion: v1
  2. kind: Service
  3. metadata:
  4.   name: mira-api-service
  5. spec:
  6.   type: LoadBalancer
  7.   ports:
  8.     - port: 80
  9.       targetPort: 8080
  10.       protocol: TCP
  11.       name: http
  12.   selector:
  13.     app: mira-api

To make sure your service is selecting the backend pods or not, you can run kubectl describe svc <svc name> command and check if it has any Endpoints listed.

  1. # kubectl describe svc postgres
  2. Name:              postgres
  3. Namespace:         default
  4. Labels:            app=postgres
  5. Annotations:       kubectl.kubernetes.io/last-applied-configuration:
  6.                      {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"labels":{"app":"postgres"},"name":"postgres","namespace":"default"},"s...
  7. Selector:          app=postgres
  8. Type:              ClusterIP
  9. IP:                10.106.7.183
  10. Port:              default  5432/TCP
  11. TargetPort:        5432/TCP
  12. Endpoints:         10.244.2.117:5432    <------- This line
  13. Session Affinity:  None
  14. Events:            <none>
英文:

Your service selector labels and pod labels do not match.

You have app: mira-api label in deployment's pod template but have run: mira-api in service's label selector.

Change your service selector label to match the pod label as follows.

  1. apiVersion: v1
  2. kind: Service
  3. metadata:
  4.   name: mira-api-service
  5. spec:
  6.   type: LoadBalancer
  7.   ports:
  8.     - port: 80
  9.       targetPort: 8080
  10.       protocol: TCP
  11.       name: http
  12.   selector:
  13.     app: mira-api

To make sure your service is selecting the backend pods or not, you can run kubectl describe svc &lt;svc name&gt; command and check if it has any Endpoints listed.

  1. # kubectl describe svc postgres
  2. Name:              postgres
  3. Namespace:         default
  4. Labels:            app=postgres
  5. Annotations:       kubectl.kubernetes.io/last-applied-configuration:
  6.                      {&quot;apiVersion&quot;:&quot;v1&quot;,&quot;kind&quot;:&quot;Service&quot;,&quot;metadata&quot;:{&quot;annotations&quot;:{},&quot;labels&quot;:{&quot;app&quot;:&quot;postgres&quot;},&quot;name&quot;:&quot;postgres&quot;,&quot;namespace&quot;:&quot;default&quot;},&quot;s...
  7. Selector:          app=postgres
  8. Type:              ClusterIP
  9. IP:                10.106.7.183
  10. Port:              default  5432/TCP
  11. TargetPort:        5432/TCP
  12. Endpoints:         10.244.2.117:5432    &lt;------- This line
  13. Session Affinity:  None
  14. Events:            &lt;none&gt;

huangapple
  • 本文由 发表于 2020年1月3日 22:50:58
  • 转载请务必保留本文链接:https://go.coder-hub.com/59580634.html
  • azure-aks
  • kubernetes
  • kubernetes-service
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定