Kubernetes cov lus qhia & kev ua kom yuam kev: nplooj ntawv yuam kev hauv NGINX Ingress

Hauv tsab xov xwm no, kuv xav tham txog ob yam ntawm NGINX Ingress ntsig txog kev nthuav tawm cov nplooj ntawv yuam kev ntawm tus kheej, nrog rau cov kev txwv uas muaj nyob hauv lawv thiab txoj hauv kev ua haujlwm nyob ib puag ncig lawv.

1. Hloov lub neej ntawd backend

Los ntawm lub neej ntawd, NGINX Ingress siv lub neej ntawd backend, uas ua haujlwm sib xws. Qhov no txhais tau hais tias thaum thov Ingress qhia tus tswv tsev uas tsis nyob hauv Ingress cov peev txheej, peb tau txais nplooj ntawv hauv qab no nrog 404 cov lus teb:

Txawm li cas los xij, ntau thiab ntau zaus peb cov neeg siv khoom tuaj nrog kev thov kom qhia lawv cov nplooj ntawv nrog lub tuam txhab logo thiab lwm yam khoom siv tsis yog tus qauv 404. Txhawm rau ua qhov no, NGINX Ingress muaj built-in muaj peev xwm rov txhais dua default-backend-service. Peb dhau lub hom ntawv nkag raws li kev sib cav rau qhov kev xaiv ntawm tib lub npe namespace/servicename. Qhov chaw nres nkoj yuav tsum yog 80.

Txhawm rau ua qhov no, koj yuav tsum tsim koj tus kheej pod (kev xa tawm) thiab kev pabcuam nrog koj daim ntawv thov (piv txwv kev siv hauv YAML los ntawm ingress-nginx repository), uas yuav muab es tsis txhob ntawm lub neej ntawd backend.

Nov yog ib daim duab me me:

~$ curl -i -XGET http://sadsdasdas.kube-cloud.my/
HTTP/1.1 404 Not Found
Date: Mon, 11 Mar 2019 05:38:15 GMT
Content-Type: */*
Transfer-Encoding: chunked
Connection: keep-alive

<span>The page you're looking for could not be found.</span>

Yog li tag nrho cov npe uas tsis yog tsim los ntawm YAML nrog kind: Ingress, poob rau hauv default-backend. Nyob rau hauv cov npe saum toj no, qhov no tau los ua sadsdasdas.

2. Tuav HTTP yuam kev hauv daim ntawv thov siv lub neej ntawd backend

Lwm qhov xwm txheej yog thov xaus rau HTTP yuam kev (404, 500, 502 ...) rau ib daim ntawv thov uas tsis ua cov xwm txheej zoo li no (cov nplooj ntawv zoo nkauj tsis raug tsim tawm). Qhov no kuj yog vim qhov kev xav ntawm cov neeg tsim khoom los ua haujlwm rau tib nplooj ntawv yuam kev hauv ntau daim ntawv thov.

Txhawm rau siv cov ntaub ntawv no ntawm server sab peb xav tau:

1. Ua raws li cov lus qhia saum toj no los ntawm kab lus hais txog lub neej ntawd backend;
2. Ntxiv tus yuam sij rau nginx-ingress configuration ConfigMap custom-http-errors, piv txwv li, nrog tus nqi 404,503 (pom tseeb sib raug rau cov lej yuam kev uas tau them los ntawm txoj cai tshiab).

Qhov kev xav tau tau ua tiav: thaum daim ntawv thov tus neeg siv tau khiav thiab tau txais qhov yuam kev nrog cov lus teb 404 lossis 503, qhov kev thov yuav raug xa rov qab mus rau qhov rov qab ua haujlwm tshiab ...

Txawm li cas los xij, thaum tsim ib daim ntawv thov rau lub neej ntawd backend thiab kev cai-http-yuam kev, koj yuav tsum coj mus rau hauv tus account ib qho tseem ceeb feature:

!!! Important The custom backend is expected to return the correct HTTP status code instead of 200. NGINX does not change the response from the custom default backend.

Qhov tseeb yog tias thaum qhov kev thov raug xa rov qab, cov headers yuav muaj cov ntaub ntawv tseem ceeb nrog rau cov lus teb dhau los thiab cov ntaub ntawv ntxiv (lawv cov npe tiav yog muaj. no).

Qhov no txhais tau tias koj tus kheej yuav tsum saib xyuas cov lus teb kom raug. Nov yog piv txwv los ntawm cov ntaub ntawv nws ua haujlwm li cas.

Cov ntawv thov sib txawv muaj qhov sib txawv ntawm lub neej ntawd backends

Txhawm rau kom ntseeg tau tias qhov kev daws teeb meem tsis yog thoob ntiaj teb rau tag nrho pawg, tab sis tsuas yog siv rau cov ntawv thov tshwj xeeb, koj thawj zaug yuav tsum kuaj xyuas Ingress version. Yog nws phim 0.23 los yog siab dua, siv cov lus piav qhia Ingress haiv neeg:

1. Peb tuaj yeem hla dhau default-backend rau ntawm txhua tus Ingress cov siv cov lus piav qhia;
2. Peb tuaj yeem hla dhau custom-http-errors rau ntawm txhua tus Ingress cov siv cov lus piav qhia.

Yog li ntawd, Ingress peev txheej yuav zoo li no:

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: {{ .Chart.Name }}-app2
  annotations:
    kubernetes.io/ingress.class: "nginx"
    nginx.ingress.kubernetes.io/custom-http-errors: "404,502"
    nginx.ingress.kubernetes.io/default-backend: error-pages
spec:
  tls:
  - hosts:
    - app2.example.com
    secretName: wildcard-tls
  rules:
  - host: app2.example.com
    http:
      paths:
      - path: /
        backend:
          serviceName: {{ .Chart.Name }}-app2
          servicePort: 80

Hauv qhov no, qhov yuam kev 404 thiab 502 yuav raug xa rov qab mus rau cov nplooj ntawv yuam kev nrog txhua qhov tsim nyog headers.

В yav dhau los versions ntawm Ingress tsis muaj qhov tshwj xeeb no (txoj hmoo phem 0.23). Thiab yog tias koj muaj 2 daim ntawv thov sib txawv kiag li khiav hauv koj pawg thiab koj xav qhia kom meej qhov sib txawv ntawm lub neej ntawd-backend-kev pabcuam thiab kev ua haujlwm ntawm cov lej sib txawv rau lawv txhua tus, rau qhov no koj yuav tau siv kev ua haujlwm, uas peb muaj ob.

Ingress <0.23: mus rau ib qho

Qhov kev xaiv no yooj yim dua. Raws li ib daim ntawv thov uas ua haujlwm rau nws cov nplooj ntawv, peb muaj HTML li niaj zaus, uas tsis paub yuav ua li cas saib cov headers thiab xa cov lus teb kom raug. Xws li ib daim ntawv thov yog dov tawm nrog Ingress los ntawm url /error-pages, thiab hauv catalog ws yuav yog HTML rov qab.

Daim duab hauv YAML:

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: {{ .Chart.Name }}-app2
  annotations:
    kubernetes.io/ingress.class: "nginx"
    ingress.kubernetes.io/server-snippet: |
      proxy_intercept_errors on;
      error_page 500 501 502 503 504 @error_pages;
      location @error_pages {
        rewrite ^ /error-pages/other/index.html break;
        proxy_pass http://error-pages.prod.svc.cluster.local;
      }
spec:
  tls:
  - hosts:
    - app2.example.com
    secretName: wildcard-tls
  rules:
  - host: app2.example.com
    http:
      paths:
      - path: /
        backend:
          serviceName: {{ .Chart.Name }}-app2
          servicePort: 80

Cov kev pabcuam rau kev xa tawm no yuav tsum yog hom ClusterIP.

Tib lub sijhawm, hauv daim ntawv thov uas peb yuav ua qhov yuam kev, hauv Ingress peb ntxiv cov server-snippet lossis configuration-snippet nrog cov ntsiab lus hauv qab no:

nginx.ingress.kubernetes.io    /server-snippet: |
      proxy_intercept_errors on;
      error_page 500 501 502 503 504 @error_pages;
      location @error_pages {
        rewrite ^ /error-pages/ws/index.html break;
        proxy_pass http://error-pages.prod.svc.cluster.local;
      }

Ingress <0.23: thib ob mus kom ze

Ib qho kev xaiv rau ib daim ntawv thov uas tuaj yeem ua cov headers... Thiab feem ntau qhov no yog txoj hauv kev zoo dua, qiv los ntawm kev cai-http-yuam kev. Siv nws manually (copying) yuav tso cai rau koj tsis txhob hloov lub ntiaj teb no chaw.

Cov kauj ruam yog raws li nram no. Peb tsim tib yam kev xa tawm nrog ib daim ntawv thov uas tuaj yeem mloog cov xov xwm tsim nyog thiab teb kom raug. Ntxiv cov server-snippet rau daim ntawv thov Ingress nrog cov ntsiab lus hauv qab no:

nginx.ingress.kubernetes.io    /server-snippet: |
      proxy_intercept_errors off;
      error_page 404 = @custom_404;
      error_page 503 = @custom_503;
      location @custom_404 {
        internal;
        proxy_intercept_errors off;
        proxy_set_header       X-Code             404;
        proxy_set_header       X-Format           $http_accept;
        proxy_set_header       X-Original-URI     $request_uri;
        proxy_set_header       X-Namespace        $namespace;
        proxy_set_header       X-Ingress-Name     $ingress_name;
        proxy_set_header       X-Service-Name     $service_name;
        proxy_set_header       X-Service-Port     $service_port;
        proxy_set_header       Host               $best_http_host;
        rewrite ^ /error-pages/ws/index.html break;
        proxy_pass http://error-pages.prod.svc.cluster.local;
      }
      location @custom_503 {
        internal;
        proxy_intercept_errors off;
        proxy_set_header       X-Code             503;
        proxy_set_header       X-Format           $http_accept;
        proxy_set_header       X-Original-URI     $request_uri;
        proxy_set_header       X-Namespace        $namespace;
        proxy_set_header       X-Ingress-Name     $ingress_name;
        proxy_set_header       X-Service-Name     $service_name;
        proxy_set_header       X-Service-Port     $service_port;
        proxy_set_header       Host               $best_http_host;
        rewrite ^ /error-pages/ws/index.html break;
        proxy_pass http://error-pages.prod.svc.cluster.local;
      }

Raws li koj tuaj yeem pom, rau txhua qhov kev ua yuam kev uas peb xav ua, peb yuav tsum ua peb tus kheej qhov chaw, qhov twg tag nrho cov ntsiab lus tsim nyog yuav raug muab tso rau, ib yam li hauv "native" ib qho. custom-error-pages. Txoj kev no peb tuaj yeem tsim cov nplooj ntawv yuam kev sib txawv ntawm tus kheej txawm tias rau ib qho chaw thiab servers.

PS

Lwm yam los ntawm K8s lub tswv yim & tricks series:

• «Hloov cov peev txheej khiav hauv pawg raws li kev tswj hwm ntawm Helm 2»;
• «Hais txog kev faib cov nodes thiab cov loads ntawm lub vev xaib thov»;
• «Nkag mus rau dev sites»;
• «Txhim kho bootstrap rau cov ntaub ntawv loj".

Nyeem kuj ntawm peb blog:

• «Rov qab mus rau microservices nrog Istio. Ntu 1»;
• «[Illustrated] Phau ntawv qhia rau kev sib tham hauv Kubernetes. Ntu 3".

Tau qhov twg los: www.hab.com