到目前为止,我已经建立了一个运行NodeJS部署的kubernetes集群。我现在准备将其公开给“世界”,并在阅读了实现此目的的服务之后,我相信所有这些都需要负载均衡器。通常,这些负载均衡器是由托管kubernetes的云提供商创建的。我遇到了这些限制,一些定价很高,有些在连接方面有限制等。
I am now trying to figure out how to avoid these Load Balancers and expose my kubernetes cluster, but in a performant, secure and manageable way. I've looked through documentation and there seem to be mentionings of things like NodePort
and Ingress
. As far as I understood NodePort
only works for a single machine in the cluster? and Ingress
still requires traffic to come from somewhere, usually a Load Balancer.
这是我当前的清单,从公开的角度出发,我应该从哪里去做,最好是采用允许SSL证书,速率限制等的方法...生产中通常需要的东西
development.yaml
---
# ClusterIP
apiVersion: v1
kind: Service
metadata:
name: development-actions-cip
spec:
type: ClusterIP
selector:
app: development-actions
ports:
- protocol: TCP
port: 80
targetPort: 4000
---
# Actions NodeJS server
apiVersion: apps/v1
kind: Deployment
metadata:
name: development-actions
spec:
replicas: 1
selector:
matchLabels:
app: development-actions
template:
metadata:
labels:
app: development-actions
spec:
containers:
- image: my-image/latest
name: development-actions
ports:
- containerPort: 4000
protocol: TCP
You could deploy the nginx ingress controller in a selected and dedicated kubernetes node using
hostNetwork: true
. This would mean nginx will listen on port80
and443
on the host VM network. Assign public IP to the VM. Add the public IP of the VM asA record
into your DNS providers configuration to route traffic for your domain to the VM.然后,对于所有后端Pod,只需创建clusterIP服务和入口资源即可将其公开给外界。
要使其成为HA,您可以将同一设置复制到多个kubernetes节点上。