我正在尝试使用 AWS LB 控制器启动 Rancher,但入口健康检查失败。有人可以看看我的设置并告诉我是否有明显问题吗?
EKS 集群版本:1.28 EndPointAcces:公共和私有节点组:私有子网安全组 ALB-Ingress 允许来自 0.0.0.0/0 的入站和出站流量通过端口 80 和 443。出站规则允许流量流向为 EKS 节点组创建的安全组。我将 Rancher 服务更新为 NodePort。健康检查失败的错误消息“请求超时”
Type: NodePort │
│ IP Family Policy: SingleStack │
│ IP Families: IPv4 │
│ IP: <> │
│ IPs: <> │
│ Port: http 80/TCP │
│ TargetPort: 80/TCP │
│ NodePort: http 30182/TCP │
│ Endpoints: <>:80,<>:80,<>:80 │
│ Port: https-internal 443/TCP │
│ TargetPort: 444/TCP │
│ NodePort: https-internal 32303/TCP │
│ Endpoints: <>:444,<>:444,<>:444 │
│ Session Affinity: None │
│ External Traffic Policy: Cluster
Helm 安装:
helm install rancher rancher-stable/rancher \
--version 2.8.3 \
--namespace cattle-system \
--set hostname=<hostname> \
--set bootstrapPassword=<passwd> \
--set tls=external \
--set ingress.enabled=false
入口文件
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: aws-rancher
namespace: cattle-system
annotations:
alb.ingress.kubernetes.io/scheme: internet-facing
alb.ingress.kubernetes.io/target-type: ip
alb.ingress.kubernetes.io/certificate-arn : "<cert>"
alb.ingress.kubernetes.io/security-groups : "<ALB-Ingress>"
alb.ingress.kubernetes.io/listen-ports : "[{ \"HTTPS\" : 443 }, { \"HTTPS\" : 80 }]"
alb.ingress.kubernetes.io/success-codes : "200,401,301,302"
alb.ingress.kubernetes.io/healthcheck-interval-seconds : "60"
alb.ingress.kubernetes.io/subnets : "subnet-public1,subnet-public2"
alb.ingress.kubernetes.io/healthcheck-path: "/healthz"
spec:
ingressClassName: alb
rules:
- host: <hostname>
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: rancher
port:
number: 80