0
隊友在GCloud通過Kubernetes預定義的端口上暴露容器
在我掙扎到80端口上暴露的WordPress泊塢窗容器可用外部的時刻。
什麼我迄今所做的:
- 部署通過kubectl運行WordPress圖像。
- 將其作爲服務公開。
- 添加防火牆規則以允許入站流量。
的kubernetes資源大致如下:
NAME READY STATUS RESTARTS AGE IP NODE
po/wordpress-3559545868-gz2sl 1/1 Running 0 5h 10.32.0.15 gke-easycoin-default-pool-9f4cab46-69ks
NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
svc/wordpress 10.35.240.122 146.148.17.124 80:30760/TCP 1h run=wordpress
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE CONTAINER(S) IMAGE(S) SELECTOR
deploy/wordpress 1 1 1 1 5h wordpress gcr.io/easy-coin-fund/easycoin-wordpress run=wordpress
NAME DESIRED CURRENT READY AGE CONTAINER(S) IMAGE(S) SELECTOR
rs/wordpress-3559545868 1 1 1 5h wordpress gcr.io/easy-coin-fund/easycoin-wordpress pod-template-hash=3559545868,run=wordpress
到目前爲止,我只能通過外部IP和--type = NodePort,給了我一個隨機訪問我的WordPress的部署,在這種情況下,30760。
問題: 我錯過了哪些部分直接在80端口上公開外部直接部署?
在此先感謝你們。
以下是資源的kubernetes描述。
WordPress的POD
Name: wordpress-3559545868-gz2sl
Namespace: default
Node: gke-easycoin-default-pool-9f4cab46-69ks/10.132.0.2
Start Time: Sat, 15 Jul 2017 15:29:19 +0300
Labels: pod-template-hash=3559545868
run=wordpress
Annotations: kubernetes.io/created-by={"kind":"SerializedReference","apiVersion":"v1","reference":{"kind":"ReplicaSet","namespace":"default","name":"wordpress-3559545868","uid":"397b208f-6959-11e7-89f3-42010a84020...
kubernetes.io/limit-ranger=LimitRanger plugin set: cpu request for container wordpress
Status: Running
IP: 10.32.0.15
Created By: ReplicaSet/wordpress-3559545868
Controlled By: ReplicaSet/wordpress-3559545868
Containers:
wordpress:
Container ID: docker://3cf99561402e8a5e7ff7165764bdd6471a959ccd79b41a5197225b0eecaa696f
Image: gcr.io/easy-coin-fund/easycoin-wordpress
Image ID: docker://sha256:fcb67315d99b058248150d9bac6b25fb24948b45ff1e8c5796174293e19fc6a8
Port: 80/TCP
State: Running
Started: Sat, 15 Jul 2017 15:29:41 +0300
Ready: True
Restart Count: 0
Requests:
cpu: 100m
Environment:
WORDPRESS_DB_HOST: 146.148.17.124:32711
WORDPRESS_DB_PASSWORD: cantcrackitblyat
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-d1gdv (ro)
Conditions:
Type Status
Initialized True
Ready True
PodScheduled True
Volumes:
default-token-d1gdv:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-d1gdv
Optional: false
QoS Class: Burstable
Node-Selectors: <none>
Tolerations: node.alpha.kubernetes.io/notReady:NoExecute for 300s
node.alpha.kubernetes.io/unreachable:NoExecute for 300s
Events: <none>
WordPress的服務
Name: wordpress
Namespace: default
Labels: run=wordpress
Annotations: <none>
Selector: run=wordpress
Type: NodePort
IP: 10.35.240.122
External IPs: 146.148.17.124
Port: <unset> 80/TCP
NodePort: <unset> 30760/TCP
Endpoints: 10.32.0.15:80
Session Affinity: None
Events: <none>
已部署的入口? – danielepolencic
你是什麼意思? Ingress防火牆規則或服務公開類型?或者,如果我在我的機器上本地部署? – OneMoreVladimir
入口資源。交通如何從互聯網路由到您的服務。 – danielepolencic