Kubernetes nginx入口控制器不';我不做循环赛
我是Kubernetes群集的新手,正在尝试设置我的第一个Kubernetes群集和第一个负载平衡服务。 我有一个混合环境,它包含两个Windows和两个CentOS节点+1个CentOS主节点 就库伯内特斯而言,一切都很顺利。我将nginx入口控制器部署为只在Linux服务器上运行的守护程序集。我遵循了以下教程: 与deployments/deployment/nginx-ingres.yml只有一个区别,我限制在Linux机器上使用nodeselector运行它 我为部署创建了一个包含2个副本和服务的部署。我还创建了入口资源,但当我创建服务时,它总是进入一个节点上的Pod。这是我的密码: 服务和部署:Kubernetes nginx入口控制器不';我不做循环赛,kubernetes,nginx-ingress,Kubernetes,Nginx Ingress,我是Kubernetes群集的新手,正在尝试设置我的第一个Kubernetes群集和第一个负载平衡服务。 我有一个混合环境,它包含两个Windows和两个CentOS节点+1个CentOS主节点 就库伯内特斯而言,一切都很顺利。我将nginx入口控制器部署为只在Linux服务器上运行的守护程序集。我遵循了以下教程: 与deployments/deployment/nginx-ingres.yml只有一个区别,我限制在Linux机器上使用nodeselector运行它 我为部署创建了一个包含2个副
apiVersion: v1
kind: Service
metadata:
name: myservice-1
labels:
app: myservice-1
spec:
ports:
# the port that this service should serve on
- port: 9034
targetPort: 80
selector:
app: myservice-1
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: myservice-1
name: myservice-1
spec:
selector:
matchLabels:
app: myservice-1
replicas: 2
template:
metadata:
labels:
app: myservice-1
run: with-creds
name: myservice-1
spec:
containers:
- name: myservice-1
securityContext:
windowsOptions:
gmsaCredentialSpecName: gmsa-dev-credspec
image: secure-myprivaterepo:443/docker/library/myservice-1
nodeSelector:
beta.kubernetes.io/os: windows
kind: Ingress
apiVersion: networking.k8s.io/v1beta1
metadata:
name: myservice-1-ingress
spec:
rules:
- host: myservice1
http:
paths:
- backend:
serviceName: myservice-1
servicePort: 9034
apiVersion: v1
kind: Service
metadata:
name: myservice-1
labels:
app: myservice-1
spec:
ports:
# the port that this service should serve on
- port: 9034
targetPort: 80
selector:
app: myservice-1
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: myservice-1
name: myservice-1
spec:
selector:
matchLabels:
app: myservice-1
replicas: 2
template:
metadata:
labels:
app: myservice-1
run: with-creds
name: myservice-1
spec:
containers:
- name: myservice-1
securityContext:
windowsOptions:
gmsaCredentialSpecName: gmsa-dev-credspec
image: secure-myprivaterepo:443/docker/library/myservice-1
nodeSelector:
beta.kubernetes.io/os: windows
kind: Ingress
apiVersion: networking.k8s.io/v1beta1
metadata:
name: myservice-1-ingress
spec:
rules:
- host: myservice1
http:
paths:
- backend:
serviceName: myservice-1
servicePort: 9034
apiVersion: v1
kind: Service
metadata:
name: myservice-1
labels:
app: myservice-1
spec:
ports:
# the port that this service should serve on
- port: 9034
targetPort: 80
selector:
app: myservice-1
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: myservice-1
name: myservice-1
spec:
selector:
matchLabels:
app: myservice-1
replicas: 2
template:
metadata:
labels:
app: myservice-1
run: with-creds
name: myservice-1
spec:
containers:
- name: myservice-1
securityContext:
windowsOptions:
gmsaCredentialSpecName: gmsa-dev-credspec
image: secure-myprivaterepo:443/docker/library/myservice-1
nodeSelector:
beta.kubernetes.io/os: windows
kind: Ingress
apiVersion: networking.k8s.io/v1beta1
metadata:
name: myservice-1-ingress
spec:
rules:
- host: myservice1
http:
paths:
- backend:
serviceName: myservice-1
servicePort: 9034
apiVersion: v1
kind: Service
metadata:
name: myservice-1
labels:
app: myservice-1
spec:
ports:
# the port that this service should serve on
- port: 9034
targetPort: 80
selector:
app: myservice-1
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: myservice-1
name: myservice-1
spec:
selector:
matchLabels:
app: myservice-1
replicas: 2
template:
metadata:
labels:
app: myservice-1
run: with-creds
name: myservice-1
spec:
containers:
- name: myservice-1
securityContext:
windowsOptions:
gmsaCredentialSpecName: gmsa-dev-credspec
image: secure-myprivaterepo:443/docker/library/myservice-1
nodeSelector:
beta.kubernetes.io/os: windows
kind: Ingress
apiVersion: networking.k8s.io/v1beta1
metadata:
name: myservice-1-ingress
spec:
rules:
- host: myservice1
http:
paths:
- backend:
serviceName: myservice-1
servicePort: 9034
- CNI使用:Flannel(我使用Microsoft站点上的文档来配置Flannel:),并使用主机gw配置
- 我使用了Microsoft提供的以下文档 要将我的windows节点加入我的Kubernetes群集,请执行以下操作:
- 我在裸机CentOS机器上使用了kubeadm来创建集群
- 我不能在不同节点上从一个pod ping到另一个pod
- 没有在Linux节点上安排POD,因此我无法卷曲到我的Windows节点。这些是Windows完整框架(mcr.microsoft.com/dotnet/Framework/aspnet)映像,无法安排在Linux服务器上
- 出于好奇,我将部署扩展到4个副本,这样我的两台windows服务器中的每台都可以得到两个POD。现在,当我将一个pod ping到同一节点上的另一个pod上时,ping工作正常。因此,不同节点上的豆荚似乎彼此无法到达
apiVersion: v1
kind: Service
metadata:
name: myservice-1
labels:
app: myservice-1
spec:
ports:
# the port that this service should serve on
- port: 9034
targetPort: 80
selector:
app: myservice-1
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: myservice-1
name: myservice-1
spec:
selector:
matchLabels:
app: myservice-1
replicas: 2
template:
metadata:
labels:
app: myservice-1
run: with-creds
name: myservice-1
spec:
containers:
- name: myservice-1
securityContext:
windowsOptions:
gmsaCredentialSpecName: gmsa-dev-credspec
image: secure-myprivaterepo:443/docker/library/myservice-1
nodeSelector:
beta.kubernetes.io/os: windows
kind: Ingress
apiVersion: networking.k8s.io/v1beta1
metadata:
name: myservice-1-ingress
spec:
rules:
- host: myservice1
http:
paths:
- backend:
serviceName: myservice-1
servicePort: 9034
我是否需要做任何特定的事情,以便入口控制器真正以循环方式转发流量?我试着在博客上搜索,但没有找到任何答案你能提供更多关于你的网络配置的信息吗,你使用的是什么CNI?如何添加这些节点(基于此文档?)?是在Prem还是Kubeadm?你能在内部接触到其他吊舱吗?linux节点中的一个pod是否可以卷曲windows节点中的另一个pod?P我在最初的问题中添加了更多细节部分。如果我遗漏了什么,请告诉我。非常感谢您的帮助。您是否遵循了以下步骤:<代码>运行此操作后,您应该能够:使用kubectl get nodes查看加入的Windows节点请参阅打开的3个powershell窗口,一个用于kubelet,一个用于flanneld,另一个用于kube代理请参阅flanneld、kubelet的host agent进程,在节点上运行的kube代理能否提供
kubectl get nodeskubectl get nodes