我正在嘗試在 Azure AKS 中獲取 nginx 入口控制器負載平衡器 ip。我想我會通過以下方式使用 kubernetes 提供程式:
data "kubernetes_service" "nginx_service" {
metadata {
name = "${local.ingress_name}-ingress-nginx-controller"
namespace = local.ingress_ns
}
depends_on = [helm_release.ingress]
}
但是,我沒有看到 IP 地址,這是我得到的:
nginx_service = [
{
cluster_ip = "10.0.165.249"
external_ips = []
external_name = ""
external_traffic_policy = "Local"
health_check_node_port = 31089
load_balancer_ip = ""
load_balancer_source_ranges = []
port = [
{
name = "http"
node_port = 30784
port = 80
protocol = "TCP"
target_port = "http"
},
{
name = "https"
node_port = 32337
port = 443
protocol = "TCP"
target_port = "https"
},
]
publish_not_ready_addresses = false
selector = {
"app.kubernetes.io/component" = "controller"
"app.kubernetes.io/instance" = "nginx-ingress-internal"
"app.kubernetes.io/name" = "ingress-nginx"
}
session_affinity = "None"
type = "LoadBalancer"
},
]
但是,當我通過以下方式拉下服務時,kubectl我可以通過以下方式獲取 IP 地址:
kubectl get svc nginx-ingress-internal-ingress-nginx-controller -n nginx-ingress -o json | jq -r '.status.loadBalancer.ingress[].ip'
10.141.100.158
這是 AKS 的 kubernetes 提供商的限制嗎?如果是這樣,其他人使用的解決方法是什么?我的最終目標是使用 IP 來配置應用程式網關后端。
我想我可以使用local-exec,但這看起來很笨拙。然而,這可能是我目前唯一的選擇。
謝謝,
杰瑞
uj5u.com熱心網友回復:
盡管我強烈建議不要使用 Terraform 在 Kubernetes 內部創建資源,但您可以這樣做:
創建一個公共IP與Terraform - >與Terraform創建內部Kubernetes入口,nginx的,并通過annotations與loadBalancerIP從您的Terraform資源的資料。最終清單應如下所示:
apiVersion: v1
kind: Service
metadata:
annotations:
service.beta.kubernetes.io/azure-load-balancer-resource-group: myResourceGroup
name: ingress-nginx-controller
spec:
loadBalancerIP: <YOUR_STATIC_IP>
type: LoadBalancer
Terraform 可能如下所示:
resource "kubernetes_service" "ingress_nginx" {
metadata {
name = "tingress-nginx-controller"
annotations {
"service.beta.kubernetes.io/azure-load-balancer-resource-group" = "${azurerm_resource_group.YOUR_RG.name}"
}
spec {
selector = {
app = <PLACEHOLDER>
}
port {
port = <PLACEHOLDER>
target_port = <PLACEHOLDER>
}
type = "LoadBalancer"
load_balancer_ip = "${azurerm_public_ip.YOUR_IP.ip_address}"
}
}
uj5u.com熱心網友回復:
不幸的是,這是針對內部入口而不是面向公眾的,并且 IP 是動態分配的。我們目前不想使用靜態 ips
這就是我想出的:
resource "null_resource" "kubectl" {
provisioner "local-exec" {
command = "kubectl get svc nginx-ingress-internal-ingress-nginx-controller -n nginx-ingress -o json | jq -r '.status.loadBalancer.ingress[].ip' --kubeconfig <(echo $KUBECONFIG | base64 --decode)" > ip
interpreter = ["/bin/bash", "-c"]
environment = {
KUBECONFIG = base64encode(var.kubeconfig)
}
}
data "local_file" "nginx-ip" {
filename = "${path.module}/ip"
depends_on = ["null_resource.kubectl"]
}
output nginx_ip {
description = "IP address of the internal nginx controller
value = data.local_file.nginx-ip.content
}
轉載請註明出處,本文鏈接:https://www.uj5u.com/caozuo/368201.html
上一篇:大資料的MLE方法如何防止溢位