Docker k8s nginx ingress kibana
我有一个k8s集群,我在上面部署了ELK,我的kibana部署和服务看起来像Docker k8s nginx ingress kibana,docker,kubernetes,kibana,nginx-ingress,Docker,Kubernetes,Kibana,Nginx Ingress,我有一个k8s集群,我在上面部署了ELK,我的kibana部署和服务看起来像 apiVersion: apps/v1 kind: Deployment metadata: labels: service: kibana name: kibana spec: replicas: 1 selector: matchLabels: service: kibana strategy: type: RollingUpdate template:
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
service: kibana
name: kibana
spec:
replicas: 1
selector:
matchLabels:
service: kibana
strategy:
type: RollingUpdate
template:
metadata:
labels:
service: kibana
spec:
containers:
- image: docker.elastic.co/kibana/kibana:6.6.0
name: kibana
ports:
- containerPort: 5601
resources:
requests:
memory: 1Gi
limits:
memory: 1Gi
restartPolicy: Always
imagePullSecrets:
- name: regcred
---
apiVersion: v1
kind: Service
metadata:
labels:
service: kibana
name: kibana
spec:
ports:
- name: "5601"
port: 5601
targetPort: 5601
selector:
service: kibana
type: NodePort
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: loadbalancer-https
annotations:
nginx.ingress.kubernetes.io/ssl-redirect: true
nginx.ingress.kubernetes.io/force-ssl-redirect: true
nginx.ingress.kubernetes.io/secure-backends: "true"
nginx.ingress.kubernetes.io/rewrite-target: /
nginx.ingress.kubernetes.io/app-root: /
nginx.org/ssl-services: "kibana"
kubernetes.io/ingress.class: nginx
spec:
tls:
- hosts:
- kibana.some.com
secretName: secret
rules:
- host: kibana.some.com
http:
paths:
- path: /
backend:
serviceName: kibana
servicePort: 5601
nginx入口看起来像
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
service: kibana
name: kibana
spec:
replicas: 1
selector:
matchLabels:
service: kibana
strategy:
type: RollingUpdate
template:
metadata:
labels:
service: kibana
spec:
containers:
- image: docker.elastic.co/kibana/kibana:6.6.0
name: kibana
ports:
- containerPort: 5601
resources:
requests:
memory: 1Gi
limits:
memory: 1Gi
restartPolicy: Always
imagePullSecrets:
- name: regcred
---
apiVersion: v1
kind: Service
metadata:
labels:
service: kibana
name: kibana
spec:
ports:
- name: "5601"
port: 5601
targetPort: 5601
selector:
service: kibana
type: NodePort
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: loadbalancer-https
annotations:
nginx.ingress.kubernetes.io/ssl-redirect: true
nginx.ingress.kubernetes.io/force-ssl-redirect: true
nginx.ingress.kubernetes.io/secure-backends: "true"
nginx.ingress.kubernetes.io/rewrite-target: /
nginx.ingress.kubernetes.io/app-root: /
nginx.org/ssl-services: "kibana"
kubernetes.io/ingress.class: nginx
spec:
tls:
- hosts:
- kibana.some.com
secretName: secret
rules:
- host: kibana.some.com
http:
paths:
- path: /
backend:
serviceName: kibana
servicePort: 5601
但是我得到了502坏网关,如果我查看nginx入口日志,我会看到
2019/03/02 01:25:09 [error] 875#875: *470787 upstream prematurely closed connection while reading response header from upstream, client: 10.138.82.98, server: kibana.some.com, request: "GET /favicon.ico HTTP/2.0", upstream: "http://10.244.2.86:5601/favicon.ico", host: "kibana.some.com", referrer: "https://kibana.some.com/"
这似乎很简单,但我不知道我在这里遗漏了什么。我希望能得到一些帮助
谢谢它应该与您的
nginx.ingres.kubernetes.io/secure-backends相关:您的ingres中的“true”
配置。您是否在Pod中为Kibana配置了HTTPS/TLS支持?否则,我建议删除此注释
另外,请注意,不推荐使用nginx.ingres.kubernetes.io/secure-backends:“true”
注释
参考:
nginx.ingres.kubernetes.io/secure-backends相关:您的ingres中的“true”
配置。您是否在Pod中为Kibana配置了HTTPS/TLS支持?否则,我建议删除此注释
另外,请注意,不推荐使用nginx.ingres.kubernetes.io/secure-backends:“true”
注释
参考: