我在 Ubuntu 20.04.3 LTS 上运行 microk8s v1.22.2。
/etc/hosts
的输出:
127.0.0.1 localhost
127.0.1.1 main
摘自
microk8s status
:
addons:
enabled:
dashboard # The Kubernetes dashboard
ha-cluster # Configure high availability on the current node
ingress # Ingress controller for external access
metrics-server # K8s Metrics Server for API access to service metrics
我检查了正在运行的仪表板(
kubectl get all --all-namespaces
):
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system pod/calico-node-2jltr 1/1 Running 0 23m
kube-system pod/calico-kube-controllers-f744bf684-d77hv 1/1 Running 0 23m
kube-system pod/metrics-server-85df567dd8-jd6gj 1/1 Running 0 22m
kube-system pod/kubernetes-dashboard-59699458b-pb5jb 1/1 Running 0 21m
kube-system pod/dashboard-metrics-scraper-58d4977855-94nsp 1/1 Running 0 21m
ingress pod/nginx-ingress-microk8s-controller-qf5pm 1/1 Running 0 21m
NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
default service/kubernetes ClusterIP 10.152.183.1 <none> 443/TCP 23m
kube-system service/metrics-server ClusterIP 10.152.183.81 <none> 443/TCP 22m
kube-system service/kubernetes-dashboard ClusterIP 10.152.183.103 <none> 443/TCP 22m
kube-system service/dashboard-metrics-scraper ClusterIP 10.152.183.197 <none> 8000/TCP 22m
NAMESPACE NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
kube-system daemonset.apps/calico-node 1 1 1 1 1 kubernetes.io/os=linux 23m
ingress daemonset.apps/nginx-ingress-microk8s-controller 1 1 1 1 1 <none> 22m
NAMESPACE NAME READY UP-TO-DATE AVAILABLE AGE
kube-system deployment.apps/calico-kube-controllers 1/1 1 1 23m
kube-system deployment.apps/metrics-server 1/1 1 1 22m
kube-system deployment.apps/kubernetes-dashboard 1/1 1 1 22m
kube-system deployment.apps/dashboard-metrics-scraper 1/1 1 1 22m
NAMESPACE NAME DESIRED CURRENT READY AGE
kube-system replicaset.apps/calico-kube-controllers-69d7f794d9 0 0 0 23m
kube-system replicaset.apps/calico-kube-controllers-f744bf684 1 1 1 23m
kube-system replicaset.apps/metrics-server-85df567dd8 1 1 1 22m
kube-system replicaset.apps/kubernetes-dashboard-59699458b 1 1 1 21m
kube-system replicaset.apps/dashboard-metrics-scraper-58d4977855 1 1 1 21m
我想在本地网络中公开 microk8s 仪表板,以便通过
http://main/dashboard/
访问它
为此,我执行了以下操作
nano ingress.yaml
:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
kubernetes.io/ingress.class: public
nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
name: dashboard
namespace: kube-system
spec:
rules:
- host: main
http:
paths:
- backend:
serviceName: kubernetes-dashboard
servicePort: 443
path: /
通过
kubectl apply -f ingress.yaml
启用入口配置会出现以下错误:
error: unable to recognize "ingress.yaml": no matches for kind "Ingress" in version "extensions/v1beta1"
非常感谢您的帮助,谢谢!
更新: @harsh-manvar 指出配置版本不匹配。我已将 ingress.yaml 重写为一个非常精简的版本:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: dashboard
namespace: kube-system
spec:
rules:
- http:
paths:
- path: /dashboard
pathType: Prefix
backend:
service:
name: kubernetes-dashboard
port:
number: 443
应用此方法有效。此外,还会创建入口规则。
NAMESPACE NAME CLASS HOSTS ADDRESS PORTS AGE
kube-system dashboard public * 127.0.0.1 80 11m
但是,当我通过
http://<ip-of-kubernetes-master>/dashboard
访问仪表板时,出现 400
错误。
从入口控制器登录:
192.168.0.123 - - [10/Oct/2021:21:38:47 +0000] "GET /dashboard HTTP/1.1" 400 54 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.71 Safari/537.36" 466 0.002 [kube-system-kubernetes-dashboard-443] [] 10.1.76.3:8443 48 0.000 400 ca0946230759edfbaaf9d94f3d5c959a
仪表板也需要使用
microk8s proxy
来暴露吗?我以为入口控制器会处理这个问题,还是我误解了这一点?
要修复错误
error: unable to recognize "ingress.yaml": no matches for kind "Ingress" in version "extensions/v1beta1
,您需要将 apiVersion
设置为 networking.k8s.io/v1
。来自 Kubernetes v1.16 关于已弃用 API 的文章:
不再提供
- extensions/v1beta1 API 版本中的 NetworkPolicy - 迁移到使用 networking.k8s.io/v1 API 版本(自 v1.8 起可用)。现有的持久数据可以通过新版本检索/更新。
现在进入第二期。您需要添加一些注释并在 Ingress 定义中进行一些更改,以使仪表板正确暴露在 microk8s 集群上:
nginx.ingress.kubernetes.io/rewrite-target: /$2
注释nginx.ingress.kubernetes.io/configuration-snippet: | rewrite ^(/dashboard)$ $1/ redirect;
注释path: /dashboard
更改为 path: /dashboard(/|$)(.*)
我们需要他们将请求正确转发到后端 Pod - 本文中有很好的解释:
注意: “nginx.ingress.kubernetes.io/rewrite-target”注释会在将请求转发到后端 Pod 之前重写 URL。在 /dashboard(/|$)(.*) 的 path 中,(.*) 存储访问 Kubernetes 仪表板时生成的动态 URL。在将请求转发到 kubernetes-dashboard 服务之前,“nginx.ingress.kubernetes.io/rewrite-target”注释会替换 URL 中捕获的数据。仅当访问 ALB-URL/dashboard 时,“nginx.ingress.kubernetes.io/configuration-snippet”注释才会重写 URL 以添加尾部斜杠(“/”)。
我们还需要另外两项更改:
nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
注释以告诉NGINX Ingress使用HTTPs与Dashboard服务通信kubernetes.io/ingress.class: public
注释以使用microk8s创建的NGINX Ingressingress
插件实现上述所有内容后,最终的 YAML 文件如下所示:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /$2
nginx.ingress.kubernetes.io/configuration-snippet: |
rewrite ^(/dashboard)$ $1/ redirect;
nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
kubernetes.io/ingress.class: public
name: dashboard
namespace: kube-system
spec:
rules:
- http:
paths:
- path: /dashboard(/|$)(.*)
pathType: Prefix
backend:
service:
name: kubernetes-dashboard
port:
number: 443
应该可以正常工作。无需运行
microk8s proxy
命令。
error: unable to recognize "ingress.yaml": no matches for kind "Ingress" in version "extensions/v1beta1"
这是由于入口 API 版本不匹配造成的。
您正在运行 v1.22.2,而 YAML 中的 API 版本较旧。
很好的例子:https://kubernetes.io/docs/tasks/access-application-cluster/ingress-minikube/
您在 YAML 中使用较旧的入口 API 版本,即
extensions/v1beta1
。
您需要根据您运行的 ingress 版本和 K8s 版本更改此设置。
这适用于 K8s 中的版本 1.19,也适用于 1.22
示例:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: minimal-ingress
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- http:
paths:
- path: /testpath
pathType: Prefix
backend:
service:
name: test
port:
number: 80
参考:https://kubernetes.io/docs/concepts/services-networking/ingress/
如果您在尝试安装 AWS ALB 控制器时遇到此错误<2.0!,会发生以下情况: ALB 控制器 v1.x.x 使用
networking.k8s.io/v1beta1
API,该 API 在新版本的 k8s 上将被删除 (https://kubernetes.io/blog/2021/07/14/upcoming-changes-in-kubernetes-1 -22/#api-更改)
所有 beta Ingress API(extensions/v1beta1 和networking.k8s.io/v1beta1 API 版本)