Kubernetes 使rabbitmq群集可公开访问
我正在使用此helm图表在k8s群集上配置rabbitmq: 如何通过公共端点访问群集?目前,我有一个具有以下配置的集群。我能够通过给定的主机名(公共端点,这很好)访问管理门户。但是,当我在管理门户内部进行检查时,可以通过内部IP和/或主机名访问集群,即:Kubernetes 使rabbitmq群集可公开访问,kubernetes,rabbitmq,kubernetes-helm,Kubernetes,Rabbitmq,Kubernetes Helm,我正在使用此helm图表在k8s群集上配置rabbitmq: 如何通过公共端点访问群集?目前,我有一个具有以下配置的集群。我能够通过给定的主机名(公共端点,这很好)访问管理门户。但是,当我在管理门户内部进行检查时,可以通过内部IP和/或主机名访问集群,即:rabbit@rabbitmq-0.rabbitmq headless.default.svc.cluster.local和rabbit@。我想公开集群,以便VNET之外的所有其他服务都可以连接到它 helm install stable/r
rabbit@rabbitmq-0.rabbitmq headless.default.svc.cluster.local
和rabbit@
。我想公开集群,以便VNET之外的所有其他服务都可以连接到它
helm install stable/rabbitmq --name rabbitmq \
--set rabbitmq.username=xxx \
--set rabbitmq.password=xxx \
--set rabbitmq.erlangCookie=secretcookie \
--set rbacEnabled=true \
--set ingress.enabled=true \
--set ingress.hostName=rabbitmq.xxx.com \
--set ingress.annotations."kubernetes\.io/ingress\.class"="nginx" \
--set resources.limits.memory="256Mi" \
--set resources.limits.cpu="100m"
我没有尝试使用Helm,但我是直接从
.yaml
配置文件构建并部署到Kubernetes的。所以我只跟着
用于将RabbitMQ服务发布到集群外
1、您需要有一个外部IP:
如果您使用Google Cloud,请运行以下命令:
gcloud compute addresses create rabbitmq-service-ip --region asia-southeast1
gcloud compute addresses describe rabbitmq-service-ip --region asia-southeast1
>address: 35.240.xxx.xxx
将rabbitmq服务ip
更改为您想要的名称,并将区域更改为您自己的
2、配置Helm
参数
service.type=LoadBalancer
service.loadBalancerSourceRanges=35.240.xxx.xxx/32
#您从gcloud获得的IP地址
service.port=5672
3、部署并尝试telnet到RabbitMQ服务
telnet 35.240.xxx.xxx 5672
Trying 35.240.xxx.xxx...
Connected to 149.185.xxx.xxx.bc.googleusercontent.com.
Escape character is '^]'.
明白了!成功了
供参考:
如果您想创建.yaml
并在没有头盔的情况下部署,这里是基本模板
service.yaml
---
apiVersion: v1
kind: Service
metadata:
name: rabbitmq
labels:
name: rabbitmq
namespace: smart-office
spec:
type: LoadBalancer
loadBalancerIP: 35.xxx.xxx.xx
ports:
# the port that this service should serve on
- port: 5672
name: rabbitmq
targetPort: 5672
nodePort: 32672
selector:
name: rabbitmq
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: rabbitmq
labels:
name: rabbitmq
namespace: smart-office
spec:
replicas: 1
template:
metadata:
labels:
name: rabbitmq
annotations:
prometheus.io/scrape: "false"
spec:
containers:
- name: rabbitmq
image: rabbitmq:3.6.8-management
ports:
- containerPort: 5672
name: rabbitmq
securityContext:
capabilities:
drop:
- all
add:
- CHOWN
- SETGID
- SETUID
- DAC_OVERRIDE
readOnlyRootFilesystem: true
- name: rabbitmq-exporter
image: kbudde/rabbitmq-exporter
ports:
- containerPort: 9090
name: exporter
nodeSelector:
beta.kubernetes.io/os: linux
deployment.yaml
---
apiVersion: v1
kind: Service
metadata:
name: rabbitmq
labels:
name: rabbitmq
namespace: smart-office
spec:
type: LoadBalancer
loadBalancerIP: 35.xxx.xxx.xx
ports:
# the port that this service should serve on
- port: 5672
name: rabbitmq
targetPort: 5672
nodePort: 32672
selector:
name: rabbitmq
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: rabbitmq
labels:
name: rabbitmq
namespace: smart-office
spec:
replicas: 1
template:
metadata:
labels:
name: rabbitmq
annotations:
prometheus.io/scrape: "false"
spec:
containers:
- name: rabbitmq
image: rabbitmq:3.6.8-management
ports:
- containerPort: 5672
name: rabbitmq
securityContext:
capabilities:
drop:
- all
add:
- CHOWN
- SETGID
- SETUID
- DAC_OVERRIDE
readOnlyRootFilesystem: true
- name: rabbitmq-exporter
image: kbudde/rabbitmq-exporter
ports:
- containerPort: 9090
name: exporter
nodeSelector:
beta.kubernetes.io/os: linux
希望这有帮助 从您传递的Helm值中,我看到您已经使用Nginx入口配置了RabbitMQ服务
您应该创建一个DNS记录,将您的ingres.hostName(rabbitmq.xxx.com)定向到nginx入口负载平衡器的入口IP(如果是GCP)或CNAME(如果是AWS)。该DNS主机名(rabbitmq.xx.com)是访问rabbitmq服务的公共端点
确保nginx入口控制器正在集群中运行,以便入口正常工作。如果您不熟悉入口:
-
-
-
希望这有帮助 如果需要部署和服务.yaml
文件来创建rabbitmq服务并发布它。我将在答案中显示它。因为我没有尝试使用HelmRabbitmq管理门户,所以它在通过入口的公共DNS上运行良好。但,如何从公共端点连接到集群?连接集群是指访问队列并和队列交互吗?