我无法连接到在nginx ingress(Docker Desktop win 10)中运行的应用程序。
nginx-ingress控制器pod正在运行,应用程序是健康的,并且我已创建了一个ingress。但是,当我尝试在本地主机上连接我的应用程序时,我收到“连接被拒绝”的错误消息。
我在日志中看到了这个错误:
[14:13:13.028][VpnKit ][Info ] vpnkit.exe: Connected Ethernet interface f6:16:36:bc:f9:c6
[14:13:13.028][VpnKit ][Info ] vpnkit.exe: UDP interface connected on 10.96.181.150
[14:13:22.320][GoBackendProcess ][Info ] Adding vpnkit-k8s-controller tcp forward from 0.0.0.0:80 to 10.96.47.183:80
[14:13:22.323][ApiProxy ][Error ] time="2019-12-09T14:13:22-05:00" msg="Port 443 for service ingress-nginx is already opened by another service"
我认为端口443被其他应用程序使用,可能是Zscaler安全或Skype。
netstat -a -b
的摘录:
[svchost.exe]
TCP 0.0.0.0:443 0.0.0.0:0 LISTENING 16012
[com.docker.backend.exe]
TCP 0.0.0.0:443 0.0.0.0:0 LISTENING 8220
我不知道如何使Ingress工作,请帮忙!
我的Ingress:
$ kubectl describe ing kbvalues-deployment-dev-ingress
Name: kbvalues-deployment-dev-ingress
Namespace: default
Address: localhost
Default backend: default-http-backend:80 (<none>)
Rules:
Host Path Backends
---- ---- --------
localhost
/ kbvalues-deployment-dev-frontend:28000 (10.1.0.174:8080)
Annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/cors-allow-headers: X-Forwarded-For, X-app123-XPTO
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal CREATE 42m nginx-ingress-controller Ingress default/kbvalues-deployment-dev-ingress
Normal UPDATE 6s (x5 over 42m) nginx-ingress-controller Ingress default/kbvalues-deployment-dev-ingress
我的服务:
$ kubectl describe svc kbvalues-deployment-dev-frontend
Name: kbvalues-deployment-dev-frontend
Namespace: default
Labels: chart=tomcat-sidecar-war-1.0.4
environment=dev
name=kbvalues-frontend-dev
release=kbvalues-test
tier=frontend
Annotations: <none>
Selector: app=kbvalues-dev
Type: ClusterIP
IP: 10.98.89.94
Port: <unset> 28000/TCP
TargetPort: 8080/TCP
Endpoints: 10.1.0.174:8080
Session Affinity: None
Events: <none>
我正在尝试访问应用程序:http://localhost:28000/health
。我确认本地web服务器容器内可以访问/health
的URL。
感谢您提供的任何帮助。
编辑:
我尝试更改ingress-nginx服务以删除HTTPS,如此处所建议:https://dev59.com/_bTma4cB1Zd3GeqP0xju#56303330
这消除了日志中的443错误,但没有修复我的设置(仍然遇到连接被拒绝的问题)。
编辑2:这是Ingress YAML定义(kubectl get -o yaml):
$ kubectl get ing -o yaml
apiVersion: v1
items:
- apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
kubernetes.io/ingress.class: nginx
creationTimestamp: "2019-12-09T18:47:33Z"
generation: 5
name: kbvalues-deployment-dev-ingress
namespace: default
resourceVersion: "20414"
selfLink: /apis/extensions/v1beta1/namespaces/default/ingresses/kbvalues-deployment-dev-ingress
uid: 5c34bf7f-1ab4-11ea-80e4-00155d169409
spec:
rules:
- host: localhost
http:
paths:
- backend:
serviceName: kbvalues-deployment-dev-frontend
servicePort: 28000
path: /
status:
loadBalancer:
ingress:
- hostname: localhost
kind: List
metadata:
resourceVersion: ""
selfLink: ""
编辑3:kubectl get svc -A
命令的输出(只包括Ingress行):
ingress-nginx ingress-nginx LoadBalancer 10.96.47.183 localhost 80:30470/TCP 21h
编辑4:我尝试从Windows HyperV获取虚拟机的IP地址,但似乎该虚拟机没有IP地址?
PS C:\> (Get-VMNetworkAdapter -VMName DockerDesktopVM)
Name IsManagementOs VMName SwitchName MacAddress Status IPAddresses
---- -------------- ------ ---------- ---------- ------ -----------
Network Adapter False DockerDesktopVM DockerNAT 00155D169409 {Ok} {}
编辑5:
端口80的netstat -a -n -o -b
输出:
TCP 0.0.0.0:80 0.0.0.0:0 LISTENING 4
Can not obtain ownership information
kubectl exec -it <your nginx pod> /bin/bash
命令,运行 Shubham 建议的 curl 命令并检查输出结果。 - randominstanceOfLivingThingkubectl get svc -A
的输出是什么(只粘贴 ingress 行)?我怀疑您的 ingress 服务配置不正确。对于云环境,我期望类型为LoadBalancer
,但对于您的情况,我认为您可能需要将其配置为使用NodePort
,在该端口上访问您的 ingress(例如,https://localhost:30252/myapp)。 - leeman24kubectl port-forward svc/kbvalues-deployment-dev-frontend 28000
并访问:http://localhost:28000/health
- RMorrisey