Kubernetes 如何将K8s服务同步到K8s和xFF1F之外的Consor群集；_Kubernetes_Kubernetes Helm_Consul

Kubernetes 如何将K8s服务同步到K8s和xFF1F之外的Consor群集；

kubernetes

Kubernetes 如何将K8s服务同步到K8s和xFF1F之外的Consor群集；,kubernetes,kubernetes-helm,consul,Kubernetes,Kubernetes Helm,Consul,从领事-k8s：领事服务器集群可以在Kubernetes集群内运行，也可以在Kubernetes集群外运行。领事服务器群集不需要与同步进程在同一台机器或同一平台上运行。同步过程需要配置领事群集的地址以及任何其他访问信息，如ACL令牌。我尝试同步的领事群集位于k8s群集之外，根据文档，我必须将地址传递给领事群集以进行同步处理。但是，用于安装同步处理的掌舵图不包含任何配置领事群集ip地址的值 syncCatalog: # True if you want to enable the

从领事-k8s：领事服务器集群可以在Kubernetes集群内运行，也可以在Kubernetes集群外运行。领事服务器群集不需要与同步进程在同一台机器或同一平台上运行。同步过程需要配置领事群集的地址以及任何其他访问信息，如ACL令牌。

我尝试同步的领事群集位于k8s群集之外，根据文档，我必须将地址传递给领事群集以进行同步处理。但是，用于安装同步处理的掌舵图不包含任何配置领事群集ip地址的值

syncCatalog: 

  # True if you want to enable the catalog sync. "-" for default. 

  enabled: false 

  image: null 

  default: true # true will sync by default, otherwise requires annotation 



  # toConsul and toK8S control whether syncing is enabled to Consul or K8S 

  # as a destination. If both of these are disabled, the sync will do nothing. 

  toConsul: true 

  toK8S: true 



  # k8sPrefix is the service prefix to prepend to services before registering 

  # with Kubernetes. For example "consul-" will register all services 

  # prepended with "consul-". (Consul -> Kubernetes sync) 

  k8sPrefix: null 



  # consulPrefix is the service prefix which preprends itself 

  # to Kubernetes services registered within Consul 

  # For example, "k8s-" will register all services peprended with "k8s-". 

  # (Kubernetes -> Consul sync) 

  consulPrefix: null 



  # k8sTag is an optional tag that is applied to all of the Kubernetes services 

  # that are synced into Consul. If nothing is set, defaults to "k8s". 

  # (Kubernetes -> Consul sync) 

  k8sTag: null 



  # syncClusterIPServices syncs services of the ClusterIP type, which may 

  # or may not be broadly accessible depending on your Kubernetes cluster. 

  # Set this to false to skip syncing ClusterIP services. 

  syncClusterIPServices: true 



  # nodePortSyncType configures the type of syncing that happens for NodePort 

  # services. The valid options are: ExternalOnly, InternalOnly, ExternalFirst. 

  # - ExternalOnly will only use a node's ExternalIP address for the sync 

  # - InternalOnly use's the node's InternalIP address 

  # - ExternalFirst will preferentially use the node's ExternalIP address, but 

  #   if it doesn't exist, it will use the node's InternalIP address instead. 

  nodePortSyncType: ExternalFirst 



  # aclSyncToken refers to a Kubernetes secret that you have created that contains 

  # an ACL token for your Consul cluster which allows the sync process the correct 

  # permissions. This is only needed if ACLs are enabled on the Consul cluster. 

  aclSyncToken: 

    secretName: null 

    secretKey: null 



  # nodeSelector labels for syncCatalog pod assignment, formatted as a muli-line string. 

  # ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector 

  # Example: 

  # nodeSelector: | 

  #   beta.kubernetes.io/arch: amd64 

  nodeSelector: null

那么如何设置同步进程的领事群集ip地址呢？

它看起来像是k8s主机上的同步服务

          env:
            - name: HOST_IP
              valueFrom:
                fieldRef:
                  fieldPath: status.hostIP

无法直接配置，但helm可以通过（）配置代理/客户端：

如果该值为null（默认值），则客户端将尝试自动加入Kubernetes中运行的服务器集群。这意味着当server.enabled设置为true时，客户端将自动加入该集群。如果server.enabled不是true，则必须指定一个值，以便客户端可以加入有效群集

此值作为选项传递给领事代理

我已经尝试过你的解决方案。安装helm chart后，k8s的服务被同步，领事代理注册到k8s外部的领事群集，但是使用的ip代理在k8s内部，因此领事服务器（k8s外部）和领事客户端（k8s内部）之间的健康检查失败，这一切怎么可能是正常的呢？客户端守护程序正在侦听，但我认为问题在于客户端播发了。我认为，如果要连接到集群外的服务器以公布主机ip，则需要使用一些逻辑更新helm图表。

status.hostIP

针对守护程序公开

          command: 
            - consul-k8s sync-catalog \
                  -http-addr=${HOST_IP}:8500

client:
  enabled: true
  join:
  - consul1
  - consul2
  - consul3
syncCatalog:
  enabled: true