kubernetes-ingress - ALB 入口控制器在重定向到正确路径时出现问题

问题描述

我已经使用 Ingress Controller ( version -> docker.io/amazon/aws-alb-ingress-controller:v1.1.8 ) 为使用 Fargate 配置文件运行的AWS EKS 集群 ( v 1.20 ) 设置了 ALB (Application Load Balancer) .

我可以使用负载均衡器链接访问我的服务：-

http://5e07dbe1-default-nginxingr-29e9-1260427999.us-east-1.elb.amazonaws.com/

我在 Ingress 中配置了 2 种不同的服务，如下所示：-

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: "nginx-ingress"
  namespace: "default"
  annotations:
    kubernetes.io/ingress.class: alb
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/security-groups: sg-014b302d73097d083
    # alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}'
    # alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-east-1:195725532069:certificate/b6a9e691-b807-4f10-a0bf-0449730ecdf4
    # alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS":443}]'
    # alb.ingress.kubernetes.io/backend-protocol: HTTPS
    #alb.ingress.kubernetes.io/load-balancer-attributes: "60"
    #alb.ingress.kubernetes.io/rewrite-target: /
  labels:
    app: nginx-ingress
spec:
  rules:
  - http:
      paths:
      # - path: /*
      #   pathType: Prefix
      #   backend:
      #     service:
      #        name: ssl-redirect
      #        port: 
      #          number: use-annotation
      - path: /foo
        pathType: Prefix
        backend:
          service:
            name: "nginx-service"
            port:
              number: 80
      - path: /*
        pathType: Prefix
        backend:
          service:
             name: "mydocker-svc"
             port: 
               number: 8080

现在的问题是，如果我将/foo放在 LB 链接的末尾，那么什么也不会发生，我得到 404 not found 错误：-

我的两个服务都很好，各自的 Pod 在各自的 Kubernetes NodePort 服务后面运行，但它们无法使用 Ingress 访问。如果我将/ * 的路径从/foo换成另一个服务（nginx-service），我就可以访问它，但它会破坏我以前的服务（mydocker-svc）。

请让我知道我的错误在哪里，以便我解决这个问题。谢谢

ALB 控制器：-

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app.kubernetes.io/name: alb-ingress-controller
  name: alb-ingress-controller
  namespace: kube-system
spec:
  selector:
    matchLabels:
      app.kubernetes.io/name: alb-ingress-controller
  template:
    metadata:
      labels:
        app.kubernetes.io/name: alb-ingress-controller
    spec:
      containers:
      - name: alb-ingress-controller
        args:
        - --ingress-class=alb
        - --cluster-name=eks-fargate-alb-demo
        - --aws-vpc-id=vpc-0dc46d370e38de475
        - --aws-region=us-east-1
        image: docker.io/amazon/aws-alb-ingress-controller:v1.1.8
      serviceAccountName: alb-ingress-controller

Nginx 服务：-

apiVersion: v1
kind: Service
metadata:
  annotations:
    alb.ingress.kubernetes.io/target-type: ip
  name: "nginx-service"
  namespace: "default"
spec:
  ports:
  - port: 80
    targetPort: 80
    protocol: TCP
  type: NodePort
  selector:
    app: "nginx"

mydocker-svc:-

apiVersion: v1
kind: Service
metadata:
  creationTimestamp: null
  labels:
    eks.amazonaws.com/fargate-profile: fp-default
    run: mydocker
  name: mydocker-svc
  annotations:
    alb.ingress.kubernetes.io/target-type: ip
spec:
  ports:
  - port: 8080
    protocol: TCP
    targetPort: 8080
  selector:
    eks.amazonaws.com/fargate-profile: fp-default
    run: mydocker
  type: NodePort
status:
  loadBalancer: {}

如果 Kubernetes NodePort 服务中的注释（如 alb.ingress.kubernetes.io/target-type: IP 缺失），TargetGroups 会变得不健康：-

标签： kubernetes-ingressamazon-eksnginx-ingressaws-application-load-balancer