Kweli nqaku, ndifuna ukuthetha malunga neempawu ezimbini ze-NGINX Ingress ezinxulumene nokubonisa amaphepha eempazamo zomntu, kunye nemida ekhoyo kuzo kunye neendlela zokusebenza ezijikelezayo.
1. Ukutshintsha i-backend engagqibekanga
Ngokungagqibekanga, i-NGINX Ingress isebenzisa i-backend engagqibekanga, eyenza umsebenzi ohambelanayo. Oku kuthetha ukuba xa ucela i-Ingress ichaza umkhosi ongekho kwimithombo ye-Ingress, sifumana eli phepha lilandelayo ngekhowudi yokuphendula ye-404:
Nangona kunjalo, ngakumbi nangakumbi abathengi bethu beza nesicelo sokubonisa iphepha labo kunye nelogo yenkampani kunye nezinye izinto eziluncedo endaweni yomgangatho we-404. Ukwenza oku, i-NGINX Ingress ine chaza kwakhona default-backend-service. Sidlulisa ungeniso lwefomathi njengengxabano kukhetho lwegama elifanayo namespace/servicename. Izibuko lenkonzo kufuneka libe ngama-80.
Ukwenza oku, kufuneka uzenzele eyakho ipod (ukuthunyelwa) kunye nenkonzo ngesicelo sakho ( ukusuka kwindawo yokugcina ye-ingress-nginx), eya kunikwa endaweni yendawo yangasemva engagqibekanga.
Nanku umzekeliso omncinci:
~$ curl -i -XGET http://sadsdasdas.kube-cloud.my/
HTTP/1.1 404 Not Found
Date: Mon, 11 Mar 2019 05:38:15 GMT
Content-Type: */*
Transfer-Encoding: chunked
Connection: keep-alive
<span>The page you're looking for could not be found.</span>
Ke yonke imimandla engenziwanga ngokucacileyo ngeYAML nge kind: Ingress, iwele kwi-default-backend. Kolu luhlu lungentla, le domain yaba sadsdasdas.
2. Ukuphatha iimpazamo ze-HTTP kwisicelo usebenzisa i-backend engagqibekanga
Enye imeko yizicelo eziphela kwiimpazamo ze-HTTP (404, 500, 502...) kwisicelo esingaqhubekiyo kwiimeko ezinjalo (amaphepha ahambelanayo amahle awaveliswanga). Oku kusenokuba kungenxa yomnqweno wabaphuhlisi bokusebenzisa amaphepha eempazamo ezifanayo kwizicelo ezininzi.
Ukuphumeza le meko kwicala lomncedisi sifuna:
- Landela imiyalelo engentla kumhlathi malunga ne-backend engagqibekanga;
- Yongeza isitshixo kwinginx-ingress uqwalaselo ConfigMap
custom-http-errors, umzekelo, ngexabiso404,503(ngokucacileyo ihambelana neekhowudi zempazamo ezigqunywe ngumgaqo omtsha).
Isiphumo esilindelekileyo siphunyeziwe: xa isicelo somthengi sisebenza kwaye sifumana impazamo ngekhowudi yempendulo 404 okanye 503, isicelo siya kuthunyelwa ngokuzenzekelayo kwi-backend entsha engagqibekanga...
Nangona kunjalo, xa uphuhlisa usetyenziso lwe-backend engagqibekanga kunye neempazamo ze-http, kufuneka uthathele ingqalelo into ebalulekileyo:
!!! Important The custom backend is expected to return the correct HTTP status code instead of 200. NGINX does not change the response from the custom default backend.Inyani kukuba xa isicelo sithunyelwa kwakhona, iiheader ziya kuba nolwazi oluluncedo kunye nekhowudi yokuphendula yangaphambili kunye nolwazi olongezelelweyo (uluhlu lwazo olupheleleyo luyafumaneka. ).
Oku kuthetha ukuba wena ngokwakho kufuneka khathalela ikhowudi yokuphendula echanekileyo. ukusuka kuxwebhu ukuba isebenza njani.
Izicelo ezahlukeneyo zineziphelo ezingasemva ezahlukeneyo
Ukuqinisekisa ukuba isisombululo asikho kwihlabathi lonke kwi-cluster yonke, kodwa sisebenza kuphela kwizicelo ezithile, kufuneka uqale ukhangele i-Ingress version. Ukuba iyahambelana 0.23 okanye ngaphezulu, sebenzisa amanqakwana woko weIngress:
- Sinokubhala ngaphezulu
default-backendkuba wonke umntu Ingress's ; - Sinokubhala ngaphezulu
custom-http-errorskuba wonke umntu Ingress's .
Ngenxa yoko, i-Ingress resource iya kujongeka ngolu hlobo:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ .Chart.Name }}-app2
annotations:
kubernetes.io/ingress.class: "nginx"
nginx.ingress.kubernetes.io/custom-http-errors: "404,502"
nginx.ingress.kubernetes.io/default-backend: error-pages
spec:
tls:
- hosts:
- app2.example.com
secretName: wildcard-tls
rules:
- host: app2.example.com
http:
paths:
- path: /
backend:
serviceName: {{ .Chart.Name }}-app2
servicePort: 80Kule meko, iimpazamo 404 kunye ne-502 ziya kuhanjiswa kwinkonzo yamaphepha eempazamo nazo zonke iiheader eziyimfuneko.
В iinguqulelo zangaphambili ze-Ingress bezingenalo olu phawu (). Kwaye ukuba unezicelo ezi-2 ezahluke ngokupheleleyo ezisebenza kwiqela lakho kwaye ufuna ukukhankanya i-default-backend-service eyahlukileyo kunye nokulungiswa kweekhowudi ezahlukeneyo zempazamo nganye kuzo, koku kuya kufuneka usebenzise iindlela zokusebenza, esinazo ezimbini.
Ukungena <0.23: sondela enye
Olu khetho lulula. Njengesicelo esikhonza amaphepha aso, sine-HTML eqhelekileyo, engayazi indlela yokujonga iintloko kunye nokubuyisela iikhowudi zokuphendula ezichanekileyo. Isicelo esinjalo sikhutshwe nge-Ingress evela kwi-url /error-pages, nakwikhathalogu ws izakuba yiHTML ebuyisiweyo.
Umfanekiso kwi-YAML:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ .Chart.Name }}-app2
annotations:
kubernetes.io/ingress.class: "nginx"
ingress.kubernetes.io/server-snippet: |
proxy_intercept_errors on;
error_page 500 501 502 503 504 @error_pages;
location @error_pages {
rewrite ^ /error-pages/other/index.html break;
proxy_pass http://error-pages.prod.svc.cluster.local;
}
spec:
tls:
- hosts:
- app2.example.com
secretName: wildcard-tls
rules:
- host: app2.example.com
http:
paths:
- path: /
backend:
serviceName: {{ .Chart.Name }}-app2
servicePort: 80Inkonzo yolu hlaselo mayibe yohlobo lwe-ClusterIP.
Kwangaxeshanye, kwisicelo apho siya kuqhuba impazamo, kwi-Ingress songeza i-snippet yeseva okanye isiqwengana soqwalaselo esinomxholo olandelayo:
nginx.ingress.kubernetes.io /server-snippet: |
proxy_intercept_errors on;
error_page 500 501 502 503 504 @error_pages;
location @error_pages {
rewrite ^ /error-pages/ws/index.html break;
proxy_pass http://error-pages.prod.svc.cluster.local;
}I-Ingress <0.23: indlela yesibini
Ukhetho lwesicelo esinokuqhuba iiheader... Kwaye ngokubanzi le yindlela echaneke ngakumbi, ebolekwe kwisiko-http-iimpazamo. Ukuyisebenzisa ngesandla (ukukopa) kuya kukuvumela ukuba ungatshintshi useto lwehlabathi.
La manyathelo alandelayo. Siyadala kunye nesicelo esinokuphulaphula izihloko eziyimfuneko kwaye uphendule ngokuchanekileyo. Yongeza i-snippet yeseva kwisicelo sokuNgena ngomxholo olandelayo:
nginx.ingress.kubernetes.io /server-snippet: |
proxy_intercept_errors off;
error_page 404 = @custom_404;
error_page 503 = @custom_503;
location @custom_404 {
internal;
proxy_intercept_errors off;
proxy_set_header X-Code 404;
proxy_set_header X-Format $http_accept;
proxy_set_header X-Original-URI $request_uri;
proxy_set_header X-Namespace $namespace;
proxy_set_header X-Ingress-Name $ingress_name;
proxy_set_header X-Service-Name $service_name;
proxy_set_header X-Service-Port $service_port;
proxy_set_header Host $best_http_host;
rewrite ^ /error-pages/ws/index.html break;
proxy_pass http://error-pages.prod.svc.cluster.local;
}
location @custom_503 {
internal;
proxy_intercept_errors off;
proxy_set_header X-Code 503;
proxy_set_header X-Format $http_accept;
proxy_set_header X-Original-URI $request_uri;
proxy_set_header X-Namespace $namespace;
proxy_set_header X-Ingress-Name $ingress_name;
proxy_set_header X-Service-Name $service_name;
proxy_set_header X-Service-Port $service_port;
proxy_set_header Host $best_http_host;
rewrite ^ /error-pages/ws/index.html break;
proxy_pass http://error-pages.prod.svc.cluster.local;
}Njengoko ubona, ngempazamo nganye esifuna ukuyiqhuba, kufuneka senze indawo yethu, apho zonke iintloko eziyimfuneko ziya kufakwa, njengakwi "native". . Ngale ndlela sinokwenza amaphepha ahlukeneyo eempazamo ezenzelwe wena nakwiindawo ezizimeleyo kunye neeseva.
PS
Okunye kwi K8s iingcebiso & tricks series:
- «";
- «";
- «";
- «».
Funda nakwibhlog yethu:
- «";
- «».
umthombo: www.habr.com