代码之家 › 专栏 › 技术社区 › Neekoy

AWS ALB未解析

kubernetes amazon-web-services

Neekoy · 技术社区 · 6 年前

https://github.com/kubernetes-sigs/aws-alb-ingress-controller

我试图在这里设置Grafana,入口被创建了,但它似乎根本没有解决。

$ kubectl describe ingress grafana
Name:             grafana
Namespace:        orbix-mvp
Address:          4ae1e4ba-orbixmvp-grafana-fd7d-993303634.eu-central-1.elb.amazonaws.com
Default backend:  default-http-backend:80 (<none>)
Rules:
  Host                        Path  Backends
  ----                        ----  --------
  grafana-orbix.orbixpay.com  
                              /   grafana:80 (<none>)
Annotations:
  alb.ingress.kubernetes.io/scheme:         internet-facing
  alb.ingress.kubernetes.io/ssl-policy:     ELBSecurityPolicy-2016-08
  alb.ingress.kubernetes.io/subnets:        subnet-08431d96168e36c30,subnet-0e2a7e2766852bf8a
  alb.ingress.kubernetes.io/success-codes:  302
  kubernetes.io/ingress.class:              alb
Events:
  Type    Reason  Age   From                    Message
  ----    ------  ----  ----                    -------
  Normal  CREATE  45m   alb-ingress-controller  LoadBalancer 4ae1e4ba-orbixmvp-grafana-fd7d created, ARN: arn:aws:elasticloadbalancing:eu-central-1:109153834985:loadbalancer/app/4ae1e4ba-orbixmvp-grafana-fd7d/4b98cb7027b71697
  Normal  CREATE  45m   alb-ingress-controller  rule 1 created with conditions [{    Field: "host-header",    Values: ["grafana-orbix.orbixpay.com"]  },{    Field: "path-pattern",    Values: ["/"]  }]

$ kubectl describe service grafana
Name:                     grafana
Namespace:                orbix-mvp
Labels:                   app=grafana
                          chart=grafana-1.25.1
                          heritage=Tiller
                          release=grafana
Annotations:              <none>
Selector:                 app=grafana,release=grafana
Type:                     NodePort
IP:                       172.20.11.232
Port:                     service  80/TCP
TargetPort:               3000/TCP
NodePort:                 service  30772/TCP
Endpoints:                10.0.0.180:3000
Session Affinity:         None
External Traffic Policy:  Cluster
Events:                   <none>

它确实有一个合适的端点:

$ kubectl get endpoints | grep grafana
grafana                         10.0.0.180:3000                  46m

pod本身已正确标记,并具有正确的IP,即上面的端点:

$ kubectl describe pod grafana-bdc977fd4-ptzhg
Name:               grafana-bdc977fd4-ptzhg
Namespace:          orbix-mvp
Priority:           0
PriorityClassName:  <none>
Node:               ip-10-0-0-230.eu-central-1.compute.internal/10.0.0.230
Start Time:         Mon, 11 Feb 2019 13:24:43 +0200
Labels:             app=grafana
                    pod-template-hash=687533980
                    release=grafana
Annotations:        <none>
Status:             Running
IP:                 10.0.0.180

我的AWS帐户将LoadBalancer列为活动,子网与群集位于同一VPC上,安全组由入口控制器生成。

一切似乎都设置正确,但是当我访问LoadBalancer地址时,它只是超时。

$ kubectl get ingresses
NAME                HOSTS                           ADDRESS                                                                     PORTS   AGE
grafana             grafana-orbix.orbixpay.com      4ae1e4ba-orbixmvp-grafana-fd7d-993303634.eu-central-1.elb.amazonaws.com     80      49m

1 回复 | 直到 6 年前

Neekoy 6 年前

我真的弄明白了-入口配置只允许域的流量。那个排除到负载平衡器地址的通信量(我假设默认情况下是允许的)。

基本上,为了让负载均衡器URL也能工作,它需要被允许使用*。另外,如果应用程序重定向到 /login 就像在我的例子中一样,所有的路径都需要被允许,因为如果指定的路径是为 /