AKS公共IP无法访问

时间:2018-02-19 05:12:52

标签: azure nginx kubernetes

我的入口服务中有以下配置:

apiVersion: v1
kind: Service
metadata:
  name: nginx-ingress
  namespace: nginx-ingress
spec:
  externalTrafficPolicy: Local
  type: LoadBalancer
  loadBalancerIP: **.***.**.***
  ports:
  - port: 80
    targetPort: 80
    protocol: TCP
    name: http
  - port: 443
    targetPort: 443
    protocol: TCP
    name: https
  selector:
    app: nginx-ingress

我们从azure购买了这个公共IP。如果我们从服务yaml中删除此loadBalancerIP并部署然后使用kubectl get services -n nginx-ingress列出的ip,则在访问服务端点时它可以正常工作。但是,通过这种公共IP,似乎没有任何工作。

请在下面找到服务说明(kubectl describe service nginx-ingress -n nginx-ingress-os):

[openapianil@LHGOPENAPIDEV001 github]$ kubectl describe service nginx-ingress -n nginx-ingress-os
Name:                     nginx-ingress
Namespace:                nginx-ingress-os
Labels:                   <none>
Annotations:              kubectl.kubernetes.io/last-applied-configuration={"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"nginx-ingress","namespace":"nginx-ingress-os"},"spec":{"externalTrafficPolicy"...
Selector:                 app=nginx-ingress
Type:                     LoadBalancer
IP:                       10.0.0.44
IP:                       **.**.**.***
LoadBalancer Ingress:     **.**.**.***
Port:                     http  80/TCP
TargetPort:               80/TCP
NodePort:                 http  31247/TCP
Endpoints:                **.**.**.***:80
Port:                     https  443/TCP
TargetPort:               443/TCP
NodePort:                 https  32241/TCP
Endpoints:                **.**.**.***:443
Session Affinity:         None
External Traffic Policy:  Local
HealthCheck NodePort:     30880
Events:
  Type    Reason                Age   From                Message
  ----    ------                ----  ----                -------
  Normal  EnsuringLoadBalancer  1m    service-controller  Ensuring load balancer
  Normal  EnsuredLoadBalancer   43s   service-controller  Ensured load balancer

请帮助!!

2 个答案:

答案 0 :(得分:2)

众所周知,在AKS创建完成后,Azure将创建两个资源组。

如果要使用IP地址创建服务,则应在另一个资源组中创建静态IP地址,名称为MC_myResourceGRoup_myAKSCluster_eastus

您可以使用Azure CLI命令创建公共IP地址:

az network public-ip create --resource-group MC_myResourceGRoup_myAKSCluster_eastus --name myAKSPublicIP --allocation-method static

您也可以使用Azure门户创建它,但无法向其添加DNS。

然后你可以使用这样的静态IP地址:

apiVersion: v1
kind: Service
metadata:
  name: azure-vote-front1
spec:
  type: LoadBalancer
  loadBalancerIP: 52.224.235.119
  ports:
  - port: 80
  selector:
    app: azure-vote-front1

结果如下:

enter image description here

注意:

1.创建Azure公共IP地址,不带 DNS名称 2.在此资源组MC_myResourceGRoup_myAKSCluster_eastus中创建Azure公共IP地址 3.您可以使用kubectl describe service检查状态,如下所示:

[root@jasoncli@jasonye jason]# kubectl describe service azure-vote-front1
Name:                     azure-vote-front1
Namespace:                default
Labels:                   <none>
Annotations:              <none>
Selector:                 app=azure-vote-front1
Type:                     LoadBalancer
IP:                       10.0.76.241
IP:                       52.224.235.119
LoadBalancer Ingress:     52.224.235.119
Port:                     <unset>  80/TCP
TargetPort:               80/TCP
NodePort:                 <unset>  30416/TCP
Endpoints:                10.244.0.11:80
Session Affinity:         None
External Traffic Policy:  Cluster
Events:
  Type    Reason                Age   From                Message
  ----    ------                ----  ----                -------
  Normal  CreatingLoadBalancer  45m   service-controller  Creating load balancer
  Normal  CreatedLoadBalancer   44m   service-controller  Created load balancer

<强>更新

这是我的yaml文件:

apiVersion: apps/v1beta1
kind: Deployment
metadata:
  name: azure-vote-back
spec:
  replicas: 1
  template:
    metadata:
      labels:
        app: azure-vote-back
    spec:
      containers:
      - name: azure-vote-back
        image: redis
        ports:
        - containerPort: 6379
          name: redis
---
apiVersion: v1
kind: Service
metadata:
  name: azure-vote-back
spec:
  ports:
  - port: 6379
  selector:
    app: azure-vote-back
---
apiVersion: apps/v1beta1
kind: Deployment
metadata:
  name: azure-vote-front
spec:
  replicas: 1
  template:
    metadata:
      labels:
        app: azure-vote-front
    spec:
      containers:
      - name: azure-vote-front
image: microsoft/azure-vote-front:v1
        ports:
        - containerPort: 80
        env:
        - name: REDIS
          value: "azure-vote-back"
---
apiVersion: v1
kind: Service
metadata:
  name: azure-vote-front
spec:
  loadBalancerIP: 40.71.3.119
  type: LoadBalancer
  ports:
  - port: 80
  selector:
    app: azure-vote-front

答案 1 :(得分:0)

在通过QuickStart工作时遇到了这个问题,如果在创建AKS时未启用RBAC,则EXTERNAL-IP被列为本地主机。为我启用RBAC后,按预期方式工作。

相关问题
最新问题