Fatal编程技术网
  • node.js/
  • Node.js Kubernetes Ingress 502网关连接被拒绝

Node.js Kubernetes Ingress 502网关连接被拒绝

node.js angular docker nginx kubernetes

Node.js Kubernetes Ingress 502网关连接被拒绝,node.js,angular,docker,nginx,kubernetes,Node.js,Angular,Docker,Nginx,Kubernetes,我正试图通过服务lawyerlyui服务访问部署到AKS集群的角度前端。集群正在使用通过HELM部署的nginx,并带有官方图表() 我部署了其他后端.net核心服务,我可以通过入口访问这些服务 但是,当我尝试访问Angular应用程序时,我得到以下错误(取自nginx pod日志) 以下是nginx、Dockerfile、deployment.yml和ingres.yml NGINX日志 2021/01/29 20:31:59 [error] 1304#1304: *7634340 conne

我正试图通过服务
lawyerlyui服务
访问部署到AKS集群的角度前端。集群正在使用通过HELM部署的nginx,并带有官方图表()
我部署了其他后端.net核心服务,我可以通过入口访问这些服务

但是,当我尝试访问Angular应用程序时,我得到以下错误(取自nginx pod日志)

以下是
nginx
Dockerfile
deployment.yml
ingres.yml

NGINX日志


2021/01/29 20:31:59 [error] 1304#1304: *7634340 connect() failed (111: Connection refused) while connecting to upstream, client: 10.244.0.1,
server: uat.redactedapp.co.za, request: "GET / HTTP/2.0", upstream: "http://10.244.0.88:80/", host: "uat.redactedapp.co.za"



Dockerfile



FROM node:8.12.0-alpine
EXPOSE 80
RUN npm -v

RUN mkdir -p /usr/src

WORKDIR /usr/src

# To handle 'not get uid/gid'
RUN npm config set unsafe-perm true
RUN npm install -g \
    typescript@2.8.3 \
    @angular/compiler-cli \
    @angular-devkit/core

RUN npm install -g @angular/cli@7.0.3

RUN ln -s /usr/src/node_modules/@angular/cli/bin/ng /bin/ng

COPY package.json /usr/src/

RUN npm install

COPY . /usr/src

CMD ["ng", "build", "--configuration", "uat"]



入口


apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: redacted-ingress
  namespace: default
  annotations:
    kubernetes.io/ingress.class: nginx
    nginx.ingress.kubernetes.io/enable-cors: "true"
    nginx.ingress.kubernetes.io/cors-allow-methods: "GET, PUT, POST, DELETE, PATCH, OPTIONS"
    nginx.ingress.kubernetes.io/cors-allow-credentials: "true"
    nginx.ingress.kubernetes.io/proxy-body-size: 50m
    nginx.ingress.kubernetes.io/rewrite-target: /$2
spec:
  tls:
    - hosts:
        - uat.redactedapp.co.za
      secretName: secret-tls
  rules:
    - host: uat.redactedapp.co.za
      http:
        paths:
          - path: /otp-api(/|$)(.*)
            pathType: Prefix
            backend:
              service:
                name: otpapi-service
                port:
                  number: 80
          - path: /search-api(/|$)(.*)
            pathType: Prefix
            backend:
              service:
                name: searchapi-service
                port:
                  number: 80
          - path: /notifications-api(/|$)(.*)
            pathType: Prefix
            backend:
              service:
                name: notificationsapi-service
                port:
                  number: 80
          - path: /user-api(/|$)(.*)
            pathType: Prefix
            backend:
              service:
                name: userapi-service
                port:
                  number: 80
          - path: /insurance-api(/|$)(.*)
            pathType: Prefix
            backend:
              service:
                name: insuranceapi-service
                port:
                  number: 80
          - path: /client-api(/|$)(.*)
            pathType: Prefix
            backend:
              service:
                name: clientsapi-service
                port:
                  number: 80
          - path: /
            pathType: Prefix
            backend:
              service:
                name: lawyerlyui-service
                port:
                  number: 80



部署.yml


apiVersion: apps/v1
kind: Deployment
metadata:
  name: lawyerlyui
spec:
  selector:
    matchLabels:
      app: lawyerlyui
  replicas: 1
  template:
    metadata:
      labels:
        app: lawyerlyui
    spec:
      containers:
        - name: lawyerlyui
          image: redacted.azurecr.io/lawyerly:latest
          ports:
            - containerPort: 80
      imagePullSecrets:
        - name: uat-acr-auth
---
apiVersion: v1
kind: Service
metadata:
  name: lawyerlyui-service
spec:
  type: ClusterIP
  selector:
    app: lawyerlyui
  ports:
    - name: http
      protocol: TCP
      # Port accessible inside cluster
      port: 80
      # Port to forward to inside the pod
      targetPort: 80



因此,在阅读了@mdaniels评论之后,我创建了一个新的Dockerfile.uat。前一个文件只是构建src代码,但从未为其提供服务

据我所知,您需要提供构建的Angular代码,这不再是给我一个502坏网关


# Stage 0, "build-stage", based on Node.js, to build and compile the frontend
FROM node:10.8.0 as build-stage
WORKDIR /app
COPY package*.json /app/
RUN npm install
COPY ./ /app/
ARG configuration=uat
EXPOSE 80
RUN npm run build --configuration $configuration

# Stage 1, based on Nginx, to have only the compiled app, ready for production with Nginx
FROM nginx:1.15
#Copy ci-dashboard-dist
COPY --from=build-stage /app/dist/lfa/ /usr/share/nginx/html
#Copy default nginx configuration
COPY ./nginx/nginx-custom.conf /etc/nginx/conf.d/default.conf



您有
ng build
,但这会启动服务器监听端口80吗?你有没有检查过kubectl logs-l app=lawyerlyui
,看看它是否在做你期望的事情,使用
:latest
而不使用
imagePullPolicy:Always
会导致事情与您期望的不同be@mdaniel我尝试了kubectl日志-l app=lawyerlyui
,但没有从容器日志中获得任何输出。我不太熟悉Angular,我知道在这个项目中有一个单独的dockerfile,它的末尾有这个cmd
CMD[“ng”、“serve”、“--host”、“0.0.0.0”]
docker是否将基本dockerfile与特定于环境的dockerfile.uat相结合?我试图看看是否可以在uat dockerfile中添加另一个CMD,但只能指定一个;或者,除非有一些潜在的细微差别,我相信您可以通过在部署中设置
命令:[ng,service,--host,0.0.0.0]
来测试这一理论,看看它是否开始工作。如果部署在:80上有一个正确的
livenessProbe:
on:80,那么当没有人在监听时,它会正确地轰炸卷展栏:80