[创建了GKE群集,为互联网连接设置了nat-nat。然后我部署了kubernetes ingress-nginx kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/provider/cloud/deploy.yaml。
到这里一切都很好,但是当我尝试部署ingress resource时,我得到了Error from server (Timeout): error when creating "manifests/backend/service/be-nginx-ingress-serivce.yaml": Timeout: request did not complete within requested timeout 30s。
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: ingress-resource
namespace: sap
annotations:
kubernetes.io/ingress.class: nginx
spec:
tls:
- hosts:
- mywebname.com
secretName: ingress-tls
rules:
- host: mywebname.com
http:
paths:
- path: /
backend:
serviceName: app
servicePort: 5000
- path: /v1
backend:
serviceName: web
servicePort: 8081
我的清单在公共GKE上运行良好,但是今天我将其切换为私人,并且遇到了这个问题,这是我第一次使用VPC,感谢您的帮助或指导,谢谢]
我很确定这是防火墙的东西。您是否遵循文件?
https://kubernetes.github.io/ingress-nginx/deploy/#gce-gke
对于专用群集,您将需要添加一条附加的防火墙规则,该规则允许主节点访问工作节点上的端口8443 / tcp,或者更改现有规则,允许访问端口80 / tcp,443 / tcp和10254 / tcp还允许访问端口8443 / tcp。
https://cloud.google.com/kubernetes-engine/docs/how-to/private-clusters#add_firewall_rules
gcloud compute firewall-rules create firewall-rule-name \
--action ALLOW \
--direction INGRESS \
--source-ranges master-CIDR-block \
--rules protocol:port \
--target-tags target