csgeek's questions

所以，我想要一个指向我的 nginx 入口 LB 的静态 IP。

gcloud compute addresses create test-ip --global 
gcloud compute addresses describe test-ip  --global

它为我提供了一个我现在可以使用的静态 IP。

详细输出：

address: 34.120.62.131
addressType: EXTERNAL
creationTimestamp: '2021-02-10T10:27:32.806-08:00'
description: ''
id: '6370409738458995579'
ipVersion: IPV4
kind: compute#address
name: dashboard-ip
networkTier: PREMIUM
status: RESERVED

我正在尝试遵循本指南说明，但“稳定”的 helm repos 已经消失，我尝试使用的 helm 图表如下。我不确定这是否是推荐与 helm 一起使用的，但鉴于它归 K8s 组织所有，这似乎是正确的选择。

帖子中引用的选项不再存在，因此我从图表中获取所有值并覆盖似乎正确的值，尽管我在黑暗中拍摄。

controller:
  service:
    loadBalancerIP: "34.120.62.131"

使用以下方法安装图表：

helm install samir ingress-nginx/ingress-nginx -f override.yml

在这一点上，它陷入了状态。

k logs service/samir-ingress-nginx-controller                                                                                                                                   (gke_esnet-sd-dev_us-central1-c_test-dashboard-ansible/default)
-------------------------------------------------------------------------------
NGINX Ingress controller
  Release:       v0.44.0
  Build:         f802554ccfadf828f7eb6d3f9a9333686706d613
  Repository:    https://github.com/kubernetes/ingress-nginx
  nginx version: nginx/1.19.6

-------------------------------------------------------------------------------

I0211 18:13:45.281578       6 flags.go:208] "Watching for Ingress" class="nginx"
W0211 18:13:45.281650       6 flags.go:213] Ingresses with an empty class will also be processed by this Ingress controller
W0211 18:13:45.282066       6 client_config.go:614] Neither --kubeconfig nor --master was specified.  Using the inClusterConfig.  This might not work.
I0211 18:13:45.282327       6 main.go:241] "Creating API client" host="https://10.11.240.1:443"
I0211 18:13:45.293561       6 main.go:285] "Running in Kubernetes cluster" major="1" minor="17+" git="v1.17.14-gke.1600" state="clean" commit="7c407f5cc8632f9af5a2657f220963aa7f1c46e7" platform="linux/amd64"
I0211 18:13:45.407646       6 main.go:105] "SSL fake certificate created" file="/etc/ingress-controller/ssl/default-fake-certificate.pem"
I0211 18:13:45.434246       6 ssl.go:532] "loading tls certificate" path="/usr/local/certificates/cert" key="/usr/local/certificates/key"
I0211 18:13:45.473930       6 nginx.go:254] "Starting NGINX Ingress controller"
I0211 18:13:45.495884       6 event.go:282] Event(v1.ObjectReference{Kind:"ConfigMap", Namespace:"default", Name:"samir-ingress-nginx-controller", UID:"7eee0403-5f51-4cda-bd76-84d977ac473e", APIVersion:"v1", ResourceVersion:"446265", FieldPath:""}): type: 'Normal' reason: 'CREATE' ConfigMap default/samir-ingress-nginx-controller
I0211 18:13:46.674807       6 nginx.go:296] "Starting NGINX process"
I0211 18:13:46.675212       6 leaderelection.go:243] attempting to acquire leader lease default/ingress-controller-leader-nginx...
I0211 18:13:46.675645       6 nginx.go:316] "Starting validation webhook" address=":8443" certPath="/usr/local/certificates/cert" keyPath="/usr/local/certificates/key"
I0211 18:13:46.675885       6 controller.go:146] "Configuration changes detected, backend reload required"
I0211 18:13:46.678746       6 status.go:84] "New leader elected" identity="samir-ingress-nginx-controller-57f8695bcc-d4pmq"
I0211 18:13:46.772343       6 controller.go:163] "Backend successfully reloaded"
I0211 18:13:46.772435       6 controller.go:174] "Initial sync, sleeping for 1 second"
I0211 18:13:46.772584       6 event.go:282] Event(v1.ObjectReference{Kind:"Pod", Namespace:"default", Name:"samir-ingress-nginx-controller-57f8695bcc-959pw", UID:"fcb5dbc0-7c43-4330-8641-a00514103afd", APIVersion:"v1", ResourceVersion:"446293", FieldPath:""}): type: 'Normal' reason: 'RELOAD' NGINX reload triggered due to a change in configuration
I0211 18:14:18.716021       6 leaderelection.go:253] successfully acquired lease default/ingress-controller-leader-nginx
I0211 18:14:18.716815       6 status.go:84] "New leader elected" identity="samir-ingress-nginx-controller-57f8695bcc-959pw"

有什么我想念的吗？

注意：我确实偶然发现了这个替代图表。这似乎更接近我在上面链接的stackoverflow帖子中引用的内容，尽管即使使用它我也无法让它工作。创建集群时我可能错过了一个选项吗？

服务.yaml

apiVersion: v1
kind: Service
metadata:
  creationTimestamp: null
  labels:
    io.kompose.service: grafana
  name: grafana
spec:
  ports:
    - name: "3000"
      port: 3000
      targetPort: 3000
  selector:
    io.kompose.service: grafana
status:
  loadBalancer: {}

部署：

apiVersion: apps/v1
kind: Deployment
metadata:
  annotations:
    kompose.cmd: kompose convert
    kompose.version: 1.22.0 (HEAD)
  creationTimestamp: null
  labels:
    io.kompose.service: grafana
  name: grafana
spec:
  replicas: 1
  selector:
    matchLabels:
      io.kompose.service: grafana
  strategy: {}
  template:
    metadata:
      annotations:
        kompose.cmd: kompose convert
        kompose.version: 1.22.0 (HEAD)
      creationTimestamp: null
      labels:
        io.kompose.service: grafana
    spec:
      containers:
        - env:
            - name: GF_SERVER_DOMAIN
              #              value: "testing.esamir.com"
              value: "direct.esamir.com"
            - name: GF_SERVER_ROOT_URL
              value: "%(protocol)s://%(domain)s:%(http_port)s/"
            - name: GF_SERVER_SERVE_FROM_SUB_PATH
              value: "true"
            - name: GF_DATABASE_URL
              valueFrom:
                configMapKeyRef:
                  name: grafanaconfig
                  key: url

          image: grafana/grafana:7.4.0-ubuntu
          name: grafana
          ports:
            - containerPort: 3000
          resources: {}
      restartPolicy: Always
status: {}

入口-nginx 配置：

apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
  name: hello-kubernetes-ingress
  annotations:
    kubernetes.io/ingress.class: nginx
spec:
  rules:
    - host: testing1.com
      http:
        paths:
          - backend:
              serviceName: hello-kubernetes-second
              servicePort: 80
    - host: testing2.com
      http:
        paths:
          - backend:
              serviceName: dashboard
              servicePort: 3000

如果我在 testing1.com 上连接到 http 或 https，它正在运行一个简单的 hello-world kubernetes 应用程序。一切都完美无缺。

如果我在 https 或 http 上连接到 testin2.com，我会收到 503 错误。“503服务暂时不可用”

查看日志，我发现了这个错误：“2021-02-09 15:34:25.309 PSTError getting Endpoints for Service "test/dashboard": no object matching key "test/dashboard" in local store"

作为参考，我的所有清单都部署在 K8 的 test 命名空间下。

我在网上找到的大多数参考资料都在谈论确保服务具有有效的端点。

kubectl 获取端点 --namespace 测试

NAME                                       ENDPOINTS                                      AGE
grafana                                    10.68.5.23:3000                                6h4m
hello-kubernetes-second                    10.68.3.9:8080,10.68.5.5:8080,10.68.6.6:8080   6h22m
nginx-ingress-nginx-controller             10.68.5.8:443,10.68.5.8:80                     6h20m
nginx-ingress-nginx-controller-admission   10.68.5.8:8443                                 6h20m

kubectl 描述 svc grafana -n 测试

Namespace:         test
Labels:            io.kompose.service=grafana
Annotations:       <none>
Selector:          io.kompose.service=grafana
Type:              ClusterIP
IP:                10.71.248.111
Port:              3000  3000/TCP
TargetPort:        3000/TCP
Endpoints:         10.68.5.23:3000
Session Affinity:  None
Events:            <none>

据我所知，我的服务确实有一个有效的端点。我错过了什么？