通过nodeport导出服务

为了使用kubernetes创建Docker注册表,我将遵循以下示例: https://robertbrem.github.io/Microservices_with_Kubernetes/03_Docker_registry/01_Setup_a_docker_registry/

我用的是Minikube,就是这样开始的

 minikube start --vm-driver=none

它能用,我可以从 minikubeNode:30500 .

现在我重新启动计算机 minikube 已安装,我无法再访问 docker registry 即使 POD 正在运行,服务定义与以前相同。

我的服务:

apiVersion: v1
kind: Service
metadata:
  name: registro
  labels:
    name: registro
spec:
  ports:
  - port: 5001
    targetPort: 5000
    nodePort: 30500
  selector:
    apl: registro
  type: NodePort

我的部署:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: registro
spec:
  replicas: 1
  selector:
    matchLabels:
      apl: registro
  template:
    metadata:
      labels:
        apl: registro
    spec:
      containers:
      - resources:
        name: registry
        image: registry:2
        ports:
        - name: registry-port
          containerPort: 5000
        volumeMounts:
        - mountPath: /var/lib/registry
          name: img
        - mountPath: /certs
          name: certs
        - mountPath: /auth
          name: auth
        env:
        - name: REGISTRY_AUTH
          value: "htpasswd"
        - name: REGISTRY_AUTH_HTPASSWD_REALM
          value: "Registry Realm"
        - name: REGISTRY_AUTH_HTPASSWD_PATH
          value: /auth/htpasswd
        - name: REGISTRY_HTTP_TLS_CERTIFICATE
          value: /certs/fullchain.pem
        - name: REGISTRY_HTTP_TLS_KEY
          value: /certs/privkey.pem
      volumes:
      - name: img
        hostPath:
          path: /home/ema/adm/docker/registro/img
      - name: certs
        hostPath:
          path: /home/ema/adm/docker/registro/certs
      - name: auth
        hostPath:
          path: /home/ema/adm/docker/registro/auth

当前群集IP:

# kubectl cluster-info
Kubernetes master is running at https://10.129.3.44:8443
KubeDNS is running at https://10.129.3.44:8443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy

我的吊舱:

# kubectl describe pods
Name:               registro-6b657796b-fx9jf
Namespace:          default
Priority:           0
PriorityClassName:  <none>
Node:               minikube/10.129.3.44
Start Time:         Fri, 18 Jan 2019 10:17:04 +0100
Labels:             apl=registro
                    pod-template-hash=6b657796b
Annotations:        <none>
Status:             Running
IP:                 172.17.0.4
Controlled By:      ReplicaSet/registro-6b657796b
Containers:
  registry:
    Container ID:   docker://1b8ab87d5fd7602ee671abc1a6ebffdbcdc4c6d8892c174f83dea8cd4ee722a9
    Image:          registry:2
    Image ID:       docker-pullable://registry@sha256:1cd9409a311350c3072fe510b52046f104416376c126a479cef9a4dfe692cf57
    Port:           5000/TCP
    Host Port:      0/TCP
    State:          Running
      Started:      Fri, 18 Jan 2019 13:03:25 +0100
    Last State:     Terminated
      Reason:       Error
      Exit Code:    137
      Started:      Fri, 18 Jan 2019 10:17:06 +0100
      Finished:     Fri, 18 Jan 2019 13:02:55 +0100
    Ready:          True
    Restart Count:  1
    Environment:
      REGISTRY_AUTH:                  htpasswd
      REGISTRY_AUTH_HTPASSWD_REALM:   Registry Realm
      REGISTRY_AUTH_HTPASSWD_PATH:    /auth/htpasswd
      REGISTRY_HTTP_TLS_CERTIFICATE:  /certs/fullchain.pem
      REGISTRY_HTTP_TLS_KEY:          /certs/privkey.pem
    Mounts:
      /auth from auth (rw)
      /certs from certs (rw)
      /var/lib/registry from img (rw)
      /var/run/secrets/kubernetes.io/serviceaccount from default-token-9b46l (ro)
Conditions:
  Type              Status
  Initialized       True 
  Ready             True 
  ContainersReady   True 
  PodScheduled      True 
Volumes:
  img:
    Type:          HostPath (bare host directory volume)
    Path:          /home/ema/adm/docker/registro/img
    HostPathType:  
  certs:
    Type:          HostPath (bare host directory volume)
    Path:          /home/ema/adm/docker/registro/certs
    HostPathType:  
  auth:
    Type:          HostPath (bare host directory volume)
    Path:          /home/ema/adm/docker/registro/auth
    HostPathType:  
  default-token-9b46l:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  default-token-9b46l
    Optional:    false
...

我的服务:

# kubectl describe service registro
Name:                     registro
Namespace:                default
Labels:                   name=registro
Annotations:              <none>
Selector:                 apl=registro
Type:                     NodePort
IP:                       10.101.157.80
Port:                     <unset>  5001/TCP
TargetPort:               5000/TCP
NodePort:                 <unset>  30500/TCP
Endpoints:                172.17.0.4:5000
Session Affinity:         None
External Traffic Policy:  Cluster
Events:                   <none>

POD IP正在工作:

#卷曲172.17.0.4:5000

群集IP没有投诉,但仍然卡住:

#卷曲10.101.157.80:5001

节点端口IP不工作:

#curl 10.129.3.44:30500 curl:(7)连接失败 10.129.3.44:30500

为什么我不能从节点访问我的服务?

如何诊断正在发生的事情?

更新1

启动时 米库库贝 这样:

minikube start --vm-driver none

我收到以下警告:

[WARNING Hostname]: hostname "minikube" could not be reached
[WARNING Hostname]: hostname "minikube" lookup minikube on 10.126.20.16:53: server misbehaving
[WARNING DirAvailable--data-minikube]: /data/minikube is not empty
....    
Error creating PKI assets: failed to write certificate "apiserver-kubelet-client": certificate apiserver-kubelet-client is not signed by corresponding CA
....    
.: exit status 1

我不知道它们是否有意义,但我不喜欢 exit status 1 .