谷歌云 - kubectl - ingress - “默认后端 - 404”

谷歌云 - kubectl - ingress - “默认后端 - 404”

我有一个google cloud kubernetes集群,服务定义:

apiVersion: v1
kind: Service
metadata:
  creationTimestamp: 2018-05-14T18:53:57Z
  labels:
    run: sv-security
  name: sv-security
  namespace: default
  resourceVersion: "554"
  selfLink: /api/v1/namespaces/default/services/sv-security
  uid: 27e476db-57a8-11e8-9053-42010a84014c
spec:
  clusterIP: 10.47.245.44
  externalTrafficPolicy: Cluster
  ports:
  - nodePort: 32290
    port: 80
    protocol: TCP
    targetPort: 8080
  selector:
    run: sv-security
  sessionAffinity: None
  type: LoadBalancer
status:
  loadBalancer:
    ingress:
    - ip: 35.205.38.34

并且我希望启用 HTTPS。我按照一些教程操作,得到了以下入口配置:

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: ingress-sv-security
  annotations:
    kubernetes.io/ingress.allow-http: "false"
spec:
  backend:
    serviceName: sv-security
    servicePort: 80

(也尝试了服务端口 32290)。并使用“kubectl apply -f ingress-sv-security.yaml”创建它

当我转到 IP 地址时,我得到“默认后端 - 404”。

当我运行“kubectl describe ing”时,我得到:

Name:             ingress-sv-security
Namespace:        default
Address:          35.201.113.164
Default backend:  sv-security:32290 (<none>)
Rules:
  Host  Path  Backends
  ----  ----  --------
  *     *     sv-security:32290 (<none>)
Annotations:
  url-map:          k8s-um-default-ingress-sv-security--d01e081d01fdd251
  backends:         {"k8s-be-32062--d01e081d01fdd251":"HEALTHY"}
  forwarding-rule:  k8s-fw-default-ingress-sv-security--d01e081d01fdd251
  target-proxy:     k8s-tp-default-ingress-sv-security--d01e081d01fdd251
Events:
  Type     Reason   Age               From                     Message
  ----     ------   ----              ----                     -------
  Normal   ADD      19m               loadbalancer-controller  default/ingress-sv-security
  Normal   CREATE   18m               loadbalancer-controller  ip: 35.201.113.164
  Warning  Service  0s (x8 over 18m)  loadbalancer-controller  failed to identify user specified default backend, couldn't find nodeport for default/sv-security, using system default

我在这里做错了什么?

答案1

没有规则的 Ingress 会将所有流量发送到单个默认后端。请参阅此处了解先决条件

对于客户端与负载均衡器之间的加密通信,您需要指定入口控制器要使用的 TLS 私钥和证书。请参阅这里

相关内容