时间戳

首页 > 解决方案 > 让 nginx-ingress 在 Azure 中使用 UDP

azure - 让 nginx-ingress 在 Azure 中使用 UDP

问题描述

目前此设置适用于 TCP,但一旦切换到 UDP,我就会收到错误

The Service "nginx-ingress-controller" is invalid: spec.ports: Invalid value:
 []core.ServicePort{core.ServicePort{Name:"proxied-udp-30001", Protocol:"UDP",
 Port:30001, TargetPort:intstr.IntOrString{Type:0, IntVal:30001, StrVal:""}, 
NodePort:0}, core.ServicePort{Name:"proxied-udp-30002", Protocol:"UDP", 
Port:30002, TargetPort:intstr.IntOrString{Type:0, IntVal:30002, StrVal:""}, 
NodePort:0}, core.ServicePort{Name:"http", Protocol:"TCP", Port:80, 
TargetPort:intstr.IntOrString{Type:1, IntVal:0, StrVal:"http"}, NodePort:32724},
 core.ServicePort{Name:"https", Protocol:"TCP", Port:443, 
TargetPort:intstr.IntOrString{Type:1, IntVal:0, StrVal:"https"}, 
NodePort:30127}}: cannot create an external load balancer with mix protocols

在我尝试应用补丁之后

kubectl patch deployment nginx-ingress-controller -n ingress-nginx --patch $(Get-Content .\k8s\prod-azure-multi-pod-node\nginx-ingress-controller-deploy-patch.yaml -Raw)

kubectl patch svc nginx-ingress-controller -n ingress-nginx --patch $(Get-Content .\k8s\prod-azure-multi-pod-node\nginx-ingress-controller-svc-patch.yaml -Raw)

这些文件中的每一个在哪里

nginx-ingress-controller-svc-patch.yaml

apiVersion: v1
kind: Service
metadata:
  annotations:
    meta.helm.sh/release-name: nginx-ingress
    meta.helm.sh/release-namespace: ingress-nginx
  name: nginx-ingress-controller
  namespace: ingress-nginx
  selfLink: /api/v1/namespaces/ingress-nginx/services/nginx-ingress-controller
spec:
  ports:
  - name: proxied-udp-30001
    port: 30001
    targetPort: 30001
    protocol: UDP
  - name: proxied-udp-30002
    port: 30002
    targetPort: 30002
    protocol: UDP

和 nginx-ingress-controller-deploy-patch.yaml

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: nginx-ingress-controller
  namespace: ingress-nginx
  selfLink: /apis/extensions/v1beta1/namespaces/ingress-nginx/deployments/nginx-ingress-controller
spec:
  template:
    spec:
      hostNetwork: true # Edit added via tutorial https://skryvets.com/blog/2019/04/09/exposing-tcp-and-udp-services-via-ingress-on-minikube/
      containers:
      - args:
        - /nginx-ingress-controller
        - --default-backend-service=ingress-nginx/nginx-ingress-default-backend
        - --election-id=ingress-controller-leader
        - --ingress-class=nginx
        - --udp-services-configmap=default/udp-services # Needed for udp config map usage
        - --configmap=ingress-nginx/nginx-ingress-controller
        name: nginx-ingress-controller

服务看起来像这样

apiVersion: v1
kind: Service
metadata:
  name: game-svc-1
  namespace: default
spec:
  selector:
    instance: game-1
  # type: NodePort
  type: ClusterIP
  ports:
    - protocol: UDP
      port: 9001 # exposed port
      targetPort: 19132

和 Udp 配置文件

apiVersion: v1
kind: ConfigMap
metadata:
  name: udp-services
  namespace: default
data:
  30001: "default/game-svc-1:9001"
  30002: "default/game-svc-2:9002"

就像我说的,这在使用 tcp 时工作得非常好,但是一旦我切换到 UDP,就会弹出错误,我是否缺少 UDP 步骤?

编辑 > 添加 helm 命令,如 microsoft 所述以使用此命令

helm install nginx-ingress stable/nginx-ingress --namespace ingress-nginx --set controller.replicaCount=2 --set controller.nodeSelector."beta\.kubernetes\.io/os"=linux --set defaultBackend.nodeSelector."beta\.kubernetes\.io/os"=linux --set controller.service.httpPort.enable=false --set controller.service.httpsPort.enable=false

标签: azurekubernetes-ingressnginx-ingressazure-aks

解决方案

基于以下错误:

The Service "nginx-ingress-controller" is invalid: spec.ports: Invalid value:
 []core.ServicePort
{core.ServicePort{Name:"proxied-udp-30001", Protocol:"UDP", Port:30001, TargetPort:intstr.IntOrString {Type:0, IntVal:30001, StrVal:""}, NodePort:0}, 

core.ServicePort{Name:"proxied-udp-30002", Protocol:"UDP", 
Port:30002, TargetPort:intstr.IntOrString{Type:0, IntVal:30002, StrVal:""}, 
NodePort:0}, 

core.ServicePort{Name:"http", Protocol:"TCP", Port:80, 
TargetPort:intstr.IntOrString{Type:1, IntVal:0, StrVal:"http"}, NodePort:32724},

core.ServicePort{Name:"https", Protocol:"TCP", Port:443, 
TargetPort:intstr.IntOrString{Type:1, IntVal:0, StrVal:"https"}, 
NodePort:30127}}:

错误准确地告诉您您正在尝试使用 PORT 类型的混合匹配来更新服务。

cannot create an external load balancer with mix protocols

这是因为 PATCH 命令将使用添加的配置来扩充现有服务。(在您的情况下,2 个新暴露的 UDP 端口)在现有配置(2 个 TCP 端口)之上

从 TCP 转换为 UDP 的最佳方法是重用名称端口名称 (httphttps),这将允许 PATCH 命令将字典条目合并在一起,将 TCP 和 80/443 替换为您的 UDP 端口设置。

如果您实际上正在考虑同时支持 UDP/TCP,则需要将 ServiceType 更改为,ClusterIP因为该LoadBalancer类型不支持单个公共 IP(Azure LoadBalancer 前端 IP)的协议不匹配

推荐阅读