Kulesi sihloko, ngifuna ukukhuluma ngezici ezimbili ze-NGINX Ingress ezihlobene nokubonisa amakhasi amaphutha omuntu siqu, kanye nemikhawulo ekhona kuwo kanye nezindlela zokuzizungeza.
1. Ukushintsha ingemuva elizenzakalelayo
Ngokuzenzakalelayo, i-NGINX Ingress isebenzisa i-backend ezenzakalelayo, eyenza umsebenzi ohambisanayo. Lokhu kusho ukuthi uma ucela i-Ingress icacisa umsingathi ongekho kuzisetshenziswa ze-Ingress, sithola ikhasi elilandelayo elinekhodi yokuphendula engu-404:
Nokho, ngokuvamile amakhasimende ethu eza nesicelo sokubonisa ikhasi lawo elinelogo yenkampani nezinye izinsiza esikhundleni se-404 ejwayelekile. Ukwenza lokhu, i-NGINX Ingress ine default-backend-service
. Sidlulisa ukufakwa kwefomethi njengengxabano kunketho yegama elifanayo namespace/servicename
. Imbobo yesevisi kufanele ibe ngu-80.
Ukuze wenze lokhu, udinga ukwakha i-pod yakho (ukuthunyelwa) kanye nesevisi ngohlelo lwakho lokusebenza (
Nanku umfanekiso omncane:
~$ curl -i -XGET http://sadsdasdas.kube-cloud.my/
HTTP/1.1 404 Not Found
Date: Mon, 11 Mar 2019 05:38:15 GMT
Content-Type: */*
Transfer-Encoding: chunked
Connection: keep-alive
<span>The page you're looking for could not be found.</span>
Ngakho-ke zonke izizinda ezingadalwanga ngokusobala nge-YAML nge kind: Ingress
, iwela ku-default-backend. Kuhlu olungenhla, lesi sizinda sibe sadsdasdas
.
2. Ukuphatha amaphutha e-HTTP kuhlelo lokusebenza usebenzisa i-backend ezenzakalelayo
Esinye isimo izicelo ezigcina ngamaphutha e-HTTP (404, 500, 502...) kuhlelo lokusebenza olungacubunguli izimo ezinjalo (amakhasi ahambisanayo amahle awakhiwe). Lokhu kungenzeka futhi kungenxa yesifiso sabathuthukisi sokusebenzisa amakhasi amaphutha afanayo ezinhlelweni eziningi.
Ukuze sisebenzise leli cala ohlangothini lweseva sidinga:
- Landela imiyalelo engenhla evela endimeni mayelana ne-backend ezenzakalelayo;
- Engeza ukhiye ku-nginx-ingress configuration ConfigMap
custom-http-errors
, ngokwesibonelo, ngevelu404,503
(ngokusobala ihambisana namakhodi amaphutha ambozwe umthetho omusha).
Umphumela olindelekile ufinyelelwe: lapho isicelo seklayenti sisebenza futhi sithola iphutha ngekhodi yempendulo 404 noma 503, isicelo sizoqondiswa kabusha ngokuzenzakalelayo ku-backend entsha ezenzakalelayo...
Kodwa-ke, lapho usungula uhlelo lokusebenza lwe-backend ezenzakalelayo kanye namaphutha-http-angokwezifiso, udinga ukunaka isici esibalulekile:
!!! Important The custom backend is expected to return the correct HTTP status code instead of 200. NGINX does not change the response from the custom default backend.
Iqiniso liwukuthi lapho isicelo siqondiswa kabusha, izihloko zizoqukatha ulwazi oluwusizo nekhodi yokuphendula yangaphambilini nolwazi olwengeziwe (uhlu lwazo oluphelele luyatholakala.
Lokhu kusho ukuthi wena ngokwakho kufanele nakekela ikhodi yempendulo efanele.
Izinhlelo zokusebenza ezihlukene zinezingemuva ezizenzakalelayo ezihlukile
Ukuqinisekisa ukuthi isixazululo asikona okomhlaba wonke kulo lonke iqoqo, kodwa sisebenza kuphela ezinhlelweni ezithile, udinga kuqala ukuhlola inguqulo ye-Ingress. Uma kufana 0.23 noma ngaphezulu, sebenzisa izichasiselo zomdabu ze-Ingress:
- Singabhala ngaphezulu
default-backend
ngoba ngamunye I-Ingress'susebenzisa izichasiselo ; - Singabhala ngaphezulu
custom-http-errors
ngoba ngamunye I-Ingress'susebenzisa izichasiselo .
Ngenxa yalokho, insiza ye-Ingress izobukeka kanjena:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ .Chart.Name }}-app2
annotations:
kubernetes.io/ingress.class: "nginx"
nginx.ingress.kubernetes.io/custom-http-errors: "404,502"
nginx.ingress.kubernetes.io/default-backend: error-pages
spec:
tls:
- hosts:
- app2.example.com
secretName: wildcard-tls
rules:
- host: app2.example.com
http:
paths:
- path: /
backend:
serviceName: {{ .Chart.Name }}-app2
servicePort: 80
Kulokhu, amaphutha 404 kanye 502 azoqondiswa kabusha kusevisi yamakhasi-amaphutha nazo zonke izihloko ezidingekayo.
В izinguqulo zangaphambilini ze-Ingress bezingenaso lesi sici (
I-Ingress <0.23: sondela kokukodwa
Le nketho ilula. Njengohlelo lokusebenza olusebenzisa amakhasi alo, sine-HTML evamile, engakwazi ukubheka izihloko bese ibuyisela amakhodi okuphendula alungile. Uhlelo lokusebenza olunjalo lukhishwa nge-Ingress kusuka ku-url /error-pages
, nakukhathalogi ws
kuzoba yi-HTML ebuyisiwe.
Umfanekiso ku-YAML:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ .Chart.Name }}-app2
annotations:
kubernetes.io/ingress.class: "nginx"
ingress.kubernetes.io/server-snippet: |
proxy_intercept_errors on;
error_page 500 501 502 503 504 @error_pages;
location @error_pages {
rewrite ^ /error-pages/other/index.html break;
proxy_pass http://error-pages.prod.svc.cluster.local;
}
spec:
tls:
- hosts:
- app2.example.com
secretName: wildcard-tls
rules:
- host: app2.example.com
http:
paths:
- path: /
backend:
serviceName: {{ .Chart.Name }}-app2
servicePort: 80
Isevisi yalokhu kusetshenziswa kufanele ibe yohlobo lwe-ClusterIP.
Ngesikhathi esifanayo, kuhlelo lokusebenza lapho sizocubungula khona iphutha, ku-Ingress sengeza amazwibela weseva noma amazwibela okulungiselela ngokuqukethwe okulandelayo:
nginx.ingress.kubernetes.io /server-snippet: |
proxy_intercept_errors on;
error_page 500 501 502 503 504 @error_pages;
location @error_pages {
rewrite ^ /error-pages/ws/index.html break;
proxy_pass http://error-pages.prod.svc.cluster.local;
}
I-Ingress <0.23: indlela yesibili
Inketho yohlelo lokusebenza engacubungula izihloko... Futhi ngokujwayelekile lena indlela elungile, ebolekwe kumaphutha-http-angokwezifiso. Ukuyisebenzisa ngokuzenzela (ukukopisha) kuzokuvumela ukuthi ungashintshi izilungiselelo zomhlaba.
Izinyathelo zimi kanje. Siyadala
nginx.ingress.kubernetes.io /server-snippet: |
proxy_intercept_errors off;
error_page 404 = @custom_404;
error_page 503 = @custom_503;
location @custom_404 {
internal;
proxy_intercept_errors off;
proxy_set_header X-Code 404;
proxy_set_header X-Format $http_accept;
proxy_set_header X-Original-URI $request_uri;
proxy_set_header X-Namespace $namespace;
proxy_set_header X-Ingress-Name $ingress_name;
proxy_set_header X-Service-Name $service_name;
proxy_set_header X-Service-Port $service_port;
proxy_set_header Host $best_http_host;
rewrite ^ /error-pages/ws/index.html break;
proxy_pass http://error-pages.prod.svc.cluster.local;
}
location @custom_503 {
internal;
proxy_intercept_errors off;
proxy_set_header X-Code 503;
proxy_set_header X-Format $http_accept;
proxy_set_header X-Original-URI $request_uri;
proxy_set_header X-Namespace $namespace;
proxy_set_header X-Ingress-Name $ingress_name;
proxy_set_header X-Service-Name $service_name;
proxy_set_header X-Service-Port $service_port;
proxy_set_header Host $best_http_host;
rewrite ^ /error-pages/ws/index.html break;
proxy_pass http://error-pages.prod.svc.cluster.local;
}
Njengoba ungabona, ngephutha ngalinye esifuna ukulicubungula, sidinga ukwenza indawo yethu, lapho zonke izihloko ezidingekayo zizofakwa, njengakulelo "lomdabu".
PS
Okunye okuvela ochungechungeni lwamathiphu namaqhinga we-K8s:
- «
Ukudlulisa izinsiza ezisebenza ngeqoqo kubaphathi be-Helm 2 "; - «
Mayelana nokwabiwa kwamanodi kanye nemithwalo kuhlelo lokusebenza lwewebhu "; - «
Ukufinyelela kumasayithi we-dev "; - «
Ukusheshisa i-bootstrap yedathabheyisi enkulu ".
Funda futhi kubhulogi yethu:
- «
Emuva kuma-microservices nge-Istio. Ingxenye 1 "; - «
[Kunemifanekiso] Umhlahlandlela wokuxhumana ku-Kubernetes. Ingxenye 3 ".
Source: www.habr.com