时间戳

首页 > 解决方案 > Kubenetes 访问 api 网络

kubernetes - Kubenetes 访问 api 网络

问题描述

我是 Kub 的新手,我从 docker-compose 转换了我的环境,我有一个包含 python 代码的 pod - 如果我在同一主机上使用我的 docker,我可以访问,但是当它在 pod 上时没有流量进入,

kubectl 配置视图

apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: DATA+OMITTED
    server: https://10.10.10.130:6443
  name: kubernetes
contexts:
- context:
    cluster: kubernetes
    user: kubernetes-admin
  name: kubernetes-admin@kubernetes
current-context: kubernetes-admin@kubernetes
kind: Config
preferences: {}
users:
- name: kubernetes-admin
  user:
    client-certificate-data: REDACTED
    client-key-data: REDACTED

api-service.yaml:

apiVersion: v1
kind: Service
metadata:
  annotations:
    kompose.cmd: /snap/kompose/19/kompose-linux-amd64 convert --volumes hostPath
    kompose.version: 1.21.0 (992df58d8)
  creationTimestamp: null
  labels:
    io.kompose.service: api
  name: api
spec:
  ports:
  - name: "5001"
    port: 5001
    targetPort: 5001
  selector:
    io.kompose.service: api
status:
  loadBalancer: {}

api-deployment.yaml:

apiVersion: apps/v1
kind: Deployment
metadata:
  annotations:
    kompose.cmd: /snap/kompose/19/kompose-linux-amd64 convert --volumes hostPath
    kompose.version: 1.21.0 (992df58d8)
  creationTimestamp: null
  labels:
    io.kompose.service: api
  name: api
spec:
  replicas: 1
  selector:
    matchLabels:
      io.kompose.service: api
  strategy:
    type: Recreate
  template:
    metadata:
      annotations:
        kompose.cmd: /snap/kompose/19/kompose-linux-amd64 convert --volumes hostPath
        kompose.version: 1.21.0 (992df58d8)
      creationTimestamp: null
      labels:
        io.kompose.service: api
    spec:
      containers:
      - image: 127.0.0.1:5000/api:latest
        imagePullPolicy: "Never"
        name: api
        ports:
        - containerPort: 5001
        resources: {}
        volumeMounts:
        - mountPath: /base
          name: api-hostpath0
      restartPolicy: Always
      serviceAccountName: ""
      volumes:
      - hostPath:
          path: /root/ansible/api/base
        name: api-hostpath0
status: {}

豆荚日志:

 * Serving Flask app 'server' (lazy loading)
 * Environment: production
   WARNING: This is a development server. Do not use it in a production deployment.
   Use a production WSGI server instead.
 * Debug mode: on
 * Running on all addresses.
   WARNING: This is a development server. Do not use it in a production deployment.
 * Running on http://10.244.0.17:5001/ (Press CTRL+C to quit)
 * Restarting with stat
 * Debugger is active!
 * Debugger PIN: 553-272-086

我尝试达到配置视图显示的内容,我得到了这个: https ://10.10.10.130:6443/

{
  "kind": "Status",
  "apiVersion": "v1",
  "metadata": {
    
  },
  "status": "Failure",
  "message": "forbidden: User \"system:anonymous\" cannot get path \"/\"",
  "reason": "Forbidden",
  "details": {
    
  },
  "code": 403
}

通过容器到达的路径是: https ://10.10.10.130:5001 / 它没有到达容器并说站点不存在 - 这又适用于 docker 容器所以我错过了什么?

谢谢

- 编辑 -

如果我从我进入的主机 curl http://10.244.0.17:5001/(api pod的地址),为什么我不能从外面进入?

还尝试添加 nginx + api pod 部署

  template:
    spec:
      hostNetwork: true

仍然无法到达请帮助

标签: kuberneteskubectl

解决方案

找到了解决方案!我需要添加 externalIPs到我的 pod service.yaml(api 和 nginx)

spec:
  ports:
  - name: "8443"
    port: 8443
    targetPort: 80
  externalIPs:
      - 10.10.10.130

推荐阅读