k8s集群内的Consul客户端无法解析集群外的consul服务器

问题描述 投票:0回答:0

Docker Compose 版本 v2.2.3 Docker版本20.10.21,内部版本20.10.21-0ubuntu1~22.04.3 Helm版本:version.BuildInfo{版本:“v3.12.1”,GitCommit:“f32a527a060157990e2aa86bf45010dfb3cc8b8d”,GitTreeState:“clean”,GoVersion:“go1.20.4”}

我有一个通过 docker-compose 运行的 consul 服务器:

version: "3.9"

services:
  consul:
    image: hashicorp/consul:1.16
    volumes:
      - ./config/server.hcl:/consul/config/server.hcl:ro
      - consul_data:/dummy/consul-data
      - ./certs:/consul/config/certs/
    ports:
      - "8600:8600/tcp"
      - "8600:8600/udp"
      - "8500:8500/tcp"
      - "8500:8500/udp"
      - "8301:8301/tcp"
      - "8301:8301/udp"
      - "8302:8302/tcp"
      - "8302:8302/udp"
      - "8502:8502"
      - "21000-21255:21000-21255"
      - "8300:8300"
      - "8300:8300/udp"
    command: "agent"

volumes:
  consul_data:

服务器配置:

server           = true
bootstrap        = false
bootstrap_expect = 1

node_name  = "dev-consul"
datacenter = "dev-dc"

encrypt                 = "<encrypt-key>"
encrypt_verify_incoming = true
encrypt_verify_outgoing = true

tls {
  defaults {
    ca_file         = "/consul/config/certs/consul-agent-ca.pem"
    cert_file       = "/consul/config/certs/dev-dc-server-consul-0.pem"
    key_file        = "/consul/config/certs/dev-dc-server-consul-0-key.pem"
    verify_incoming = true
    verify_outgoing = true
  }
}

data_dir  = "/consul-data"
log_level = "INFO"

advertise_addr = "127.0.0.1"
bind_addr      = "0.0.0.0"

addresses = {
  "http" = "0.0.0.0"
}

auto_encrypt = {
  "allow_tls" = true
}

connect = {
  "enabled" = true
}

ui_config = {
  "enabled" = true
}

consul 客户端在 minikube 内运行:

global:
  name: consul
  image: hashicorp/consul:1.16
  domain: dev.local
  datacenter: dev-dc
  exposeGossipPorts: true
  gossipEncryption:
    secretName: "gossip-encryption-key-secret"
    secretKey: "key"
  tls:
    enabled: true
    enableAutoEncrypt: true
    verify: true
    caCert:
      secretName: "consul-certs"
      secretKey: "ca.pem"
  externalServers:
    enabled: true
    hosts: [ "<local-ip>" ]
connectInject:
  enabled: true
  default: true
  cni:
    enabled: true
    logLevel: info
    cniBinDir: "/opt/cni/bin"
    cniNetDir: "/etc/cni/net.d"
  namespaceSelector: |
    matchLabels:
      connect-inject : enabled
  failurePolicy: "Ignore"
server:
  enabled: false
client:
  enabled: true
  join: [ "<local-ip>" ]
  grpc: true

我总是收到这样的消息: 

2023-07-25T18:56:31.245Z [INFO]  consul-server-connection-manager: trying to connect to a Consul server 2023-07-25T18:56:31.247Z [ERROR] consul-server-connection-manager: connection error: error="failed to discover Consul server addresses: failed to resolve DNS name: consul-server.consul.svc: lookup consul-server.consul.svc on 10.96.0.10:53: no such host"

我多次尝试修改客户端配置,没有其他结果

kubernetes minikube consul
最新问题
© www.soinside.com 2019 - 2024. All rights reserved.