拒绝通过 GKE 负载均衡器到节点的流量

tag-icon tag-icon google-kubernetes-engine
拒绝通过 GKE 负载均衡器到节点的流量

我遵循了 GKE ruby​​ bookshelf 示例并参考了 kubernetes 示例。虽然我已部署资源,但我无法 ping 我的 railsfrontend节点。我实现了一条简单的ping路由来测试最基本的连接。

我将其减少replicas到 1 以简化事情,并从节点获取日志以确认它已启动并运行并且没有任何错误。

> wget http://104.154.128.169/ping
--2017-09-15 14:14:54--  http://104.154.128.169/ping
Connecting to 104.154.128.169:80... failed: Connection refused.

配置

apiVersion: v1
kind: Service
metadata:
  name: foo-frontend
  labels:
    app: foo
    tier: frontend
spec:
  type: LoadBalancer
  ports:
  - port: 80
  selector:
    app: foo
    tier: frontend
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: foo-frontend
  labels:
    app: foo
    tier: frontend
spec:
  replicas: 1
  template:
    metadata:
      labels:
        app: foo
        tier: frontend
    spec:
      containers:
      - name: foo-app
        image: us.gcr.io/foo/api:latest
        imagePullPolicy: Always
        env:
        - name: FORMATION
          value: web=1
        - name: RAILS_ENV
          value: production
        - name: RACK_ENV
          value: production
        - name: RAILS_LOG_TO_STDOUT
          value: enabled
        - name: RAILS_SERVE_STATIC_FILES
          value: "true"
        - name: SECRET_KEY_BASE
          valueFrom:
            secretKeyRef:
              name: production-secrets
              key: SECRET_KEY_BASE
        - name: DB_PASSWORD
          valueFrom:
            secretKeyRef:
              name: production-secrets
              key: DB_PASSWORD
        ports:
        - containerPort: 8080

Dockerfile

片段

EXPOSE 8080/tcp

CMD bundle exec foreman start --formation "$FORMATION"

进程文件

web: bundle exec rackup --port 8080
worker: bundle exec rake run_worker

地位

> kubectl get pods; kubectl get services

NAME                                READY     STATUS    RESTARTS   AGE
foo-frontend-284775361-4pzk3   1/1       Running   0          9m
NAME                CLUSTER-IP      EXTERNAL-IP       PORT(S)        AGE
foo-frontend   10.15.246.177   104.154.128.169   80:30917/TCP   9m
kubernetes          10.15.240.1     <none>            443/TCP        22h


> kubectl describe service
Name:           foo-frontend
Namespace:      default
Labels:         app=foo
            tier=frontend
Annotations:        <none>
Selector:       app=foo,tier=frontend
Type:           LoadBalancer
IP:         10.15.246.177
LoadBalancer Ingress:   104.154.128.169
Port:           <unset> 80/TCP
NodePort:       <unset> 30917/TCP
Endpoints:      10.12.2.13:80
Session Affinity:   None
Events:
  FirstSeen LastSeen    Count   From            SubObjectPath   Type        Reason          Message
  --------- --------    -----   ----            -------------   --------    ------          -------
  10m       9m      2   service-controller          Normal      CreatingLoadBalancer    Creating load balancer
  9m        9m      2   service-controller          Normal      CreatedLoadBalancer Created load balancer


Name:           kubernetes
Namespace:      default
Labels:         component=apiserver
            provider=kubernetes
Annotations:        <none>
Selector:       <none>
Type:           ClusterIP
IP:         10.15.240.1
Port:           https   443/TCP
Endpoints:      104.154.116.128:443
Session Affinity:   ClientIP
Events:         <none>

总结

  1. 你能发现我的配置有什么错误吗?
  2. 调试的下一步最佳做法是什么?(或任何其他建议)

答案1

我认为关键问题是我没有targetPort在服务中指定。我还使用设置了计算静态 IP gcloud compute addresses create foo-frontend-ip --region=us-central1,因此无论如何,它是两者之一。

apiVersion: v1
kind: Service
metadata:
  name: foo-frontend
  labels:
    app: foo
    tier: frontend
spec:
  type: LoadBalancer
  # use your external IP here
  loadBalancerIP: x.x.x.x
  ports:
  - port: 80
    targetPort: 8080
    protocol: TCP
  selector:
    app: foo
    tier: frontend

相关内容