Rancher 与 AWS LB 控制器运行状况检查失败

Rancher 与 AWS LB 控制器运行状况检查失败

我正在尝试使用 AWS LB 控制器启动 Rancher,但入口健康检查失败。有人可以看看我的设置并告诉我是否有明显问题吗?

EKS 集群版本:1.28 EndPointAcces:公共和私有节点组:私有子网安全组 ALB-Ingress 允许来自 0.0.0.0/0 的入站和出站流量通过端口 80 和 443。出站规则允许流量流向为 EKS 节点组创建的安全组。我将 Rancher 服务更新为 NodePort。健康检查失败的错误消息“请求超时”

Type:                     NodePort                                                                                                                                                                                                         │
│ IP Family Policy:         SingleStack                                                                                                                                                                                                      │
│ IP Families:              IPv4                                                                                                                                                                                                             │
│ IP:                       <>                                                                                                                                                                                                   │
│ IPs:                      <>                                                                                                                                                                                                   │
│ Port:                     http  80/TCP                                                                                                                                                                                                     │
│ TargetPort:               80/TCP                                                                                                                                                                                                           │
│ NodePort:                 http  30182/TCP                                                                                                                                                                                                  │
│ Endpoints:               <>:80,<>:80,<>:80                                                                                                                                                                  │
│ Port:                     https-internal  443/TCP                                                                                                                                                                                          │
│ TargetPort:               444/TCP                                                                                                                                                                                                          │
│ NodePort:                 https-internal  32303/TCP                                                                                                                                                                                        │
│ Endpoints:                <>:444,<>:444,<>:444                                                                                                                                                               │
│ Session Affinity:         None                                                                                                                                                                                                             │
│ External Traffic Policy:  Cluster

Helm 安装:

helm install rancher rancher-stable/rancher \
   --version 2.8.3 \ 
   --namespace cattle-system \ 
   --set hostname=<hostname> \ 
   --set bootstrapPassword=<passwd> \ 
   --set tls=external \ 
   --set ingress.enabled=false

入口文件

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: aws-rancher
  namespace: cattle-system
  annotations:
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/target-type: ip
    alb.ingress.kubernetes.io/certificate-arn : "<cert>"
    alb.ingress.kubernetes.io/security-groups : "<ALB-Ingress>"
    alb.ingress.kubernetes.io/listen-ports : "[{ \"HTTPS\" : 443 }, { \"HTTPS\" : 80 }]"
    alb.ingress.kubernetes.io/success-codes : "200,401,301,302"
    alb.ingress.kubernetes.io/healthcheck-interval-seconds : "60"
    alb.ingress.kubernetes.io/subnets : "subnet-public1,subnet-public2"
    alb.ingress.kubernetes.io/healthcheck-path: "/healthz"

spec:
  ingressClassName: alb
  rules:
    - host: <hostname>
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: rancher
                port:
                  number: 80

相关内容