Kubernetes Ingress 总是将流量导向错误的 Pod

tag-icon tag-icon nginx kubernetes minikube
Kubernetes Ingress 总是将流量导向错误的 Pod

我在 kubernetes 集群中有以下设置minikube(本地)

  1. 命名空间customer-a
  • 1 次部署 -> 打印“来自客户 A 的问候”
  • 1 个 LoadBalancer 类型的服务
  • 1 入口 -> 主机customer-a.example.com
  1. 命名空间customer-b
  • 1 次部署 -> 打印“来自客户 B 的问候”
  • 1 个 LoadBalancer 类型的服务
  • 1 入口 -> 主机customer-b.example.com
  1. 命名空间customer-c
  • 1 次部署 -> 打印“来自客户 C 的问候”
  • 1 个 LoadBalancer 类型的服务
  • 1 入口 -> 主机customer-c.example.com

由于我在集群中运行此设置minikube,因此我必须使用该minikube tunnel命令来访问入口服务

以下是我当前的设置

// kubectl get ing, svc -n customer-a

NAME                                   CLASS   HOSTS                      ADDRESS   PORTS   AGE
ingress.networking.k8s.io/customer-a   nginx   customer-a.example.com             80      11s

NAME                 TYPE           CLUSTER-IP    EXTERNAL-IP   PORT(S)        AGE
service/customer-a   LoadBalancer   10.96.39.62   127.0.0.1     80:30048/TCP   11s


// kubectl get ing, svc -n customer-b
NAME                                   CLASS   HOSTS                      ADDRESS        PORTS   AGE
ingress.networking.k8s.io/customer-b   nginx   customer-b.example.com   192.168.49.2   80      30s

NAME                 TYPE           CLUSTER-IP       EXTERNAL-IP   PORT(S)        AGE
service/customer-b   LoadBalancer   10.110.126.198   127.0.0.1     80:31292/TCP   30s


// kubectl get ing, svc -n customer-c
NAME                                   CLASS   HOSTS                      ADDRESS        PORTS   AGE
ingress.networking.k8s.io/customer-c   nginx   customer-c.example.com   192.168.49.2   80      6m36s

NAME                 TYPE           CLUSTER-IP      EXTERNAL-IP   PORT(S)        AGE
service/customer-c   LoadBalancer   10.104.99.195   127.0.0.1     80:32717/TCP   6m36s

根据上述内容,EXTERNAL-IP所有类型的服务都是相同的,LoadBalancer但为了区分流量,我使用了如上所述的HOSTScustomer-a.example.com,,)customer-b.example.comcustomer-c.example.com

我已经将 IP 映射到主机名,如下/etc/hosts所示:

127.0.0.1 customer-a.example.com customer-b.example.com customer-c.example.com

当我尝试访问每个 URL 时,它只会将我引导到相同的结果,即Hi from Customer C

// curl -kv http://customer-a.example.com

> GET / HTTP/1.1
> Host: customer-a.example.com
> User-Agent: curl/7.85.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< date: Thu, 29 Dec 2022 00:24:49 GMT
< server: uvicorn
< content-length: 20
< content-type: application/json
<
* Connection #0 to host customer-a.example.com left intact
{"response":"Hi from Customer C"}


// curl -kv http://customer-b.example.com

> GET / HTTP/1.1
> Host: customer-b.example.com
> User-Agent: curl/7.85.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< date: Thu, 29 Dec 2022 00:24:49 GMT
< server: uvicorn
< content-length: 20
< content-type: application/json
<
* Connection #0 to host customer-b.example.com left intact
{"response":"Hi from Customer C"}


// curl -kv http://customer-c.example.com

> GET / HTTP/1.1
> Host: customer-c.example.com
> User-Agent: curl/7.85.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< date: Thu, 29 Dec 2022 00:24:49 GMT
< server: uvicorn
< content-length: 20
< content-type: application/json
<
* Connection #0 to host customer-c.example.com left intact
{"response":"Hi from Customer C"}

有人能帮我找到这个问题吗?我认为这与有关minikube tunnel

答案1

这与 minikube 隧道无关。这里的问题是,您的所有服务都使用同一个端口与集群外部进行通信。在 tcp 协议中,在同一台机器上运行的两个应用程序不能具有相同的端口号,因此在这种情况下,您需要为所有三个部署配置自定义端口号,并在负载均衡器或入口或 nginx 配置中相应地映射它们。

相关内容