个人中心
gpt4 book ai didi

kubernetes - istio-入口网关 :Readiness probe failed: HTTP probe failed with statuscode: 503

转载 作者:行者123 更新时间:2023-12-02 11:36:35 28 4
gpt4 key购买 nike

我正在尝试在 minicube kubernetes 集群中设置 istio1.5.1,我正在按照 Knative 的官方文档设置 istio 而无需 sidecar 注入(inject)。我正面临 istio 入口网关服务的问题,该服务将入口网关服务的外部 IP 显示为 .我浏览了此处发布的其他答案以及许多其他论坛,但对我的情况没有任何帮助。

使用带有 driver=none 的 minikube v1.9.1 Helm v2.16.5kubectl v1.18.0

我得到以下输出:kubectl get pods --namespace istio-system

 NAME                                   READY   STATUS    RESTARTS   AGE
 istio-ingressgateway-b599cccd9-qnp5l   1/1     Running   0          60s
 istio-pilot-b67ccb85-mfllc             1/1     Running   0          60s

kubectl get svc --namespace istio-system

NAME                   TYPE           CLUSTER-IP       EXTERNAL-IP   PORT(S)                                                                                                                                      
AGE
istio-ingressgateway   LoadBalancer   10.104.37.189    ***<pending>***   15020:30168/TCP,80:31380/TCP,443:31390/TCP,31400:31400/TCP,15029:32576/TCP,15030:31080/TCP,15031:31767/TCP,15032:31812/TCP,15443:30660/TCP   74s
istio-pilot            ClusterIP      10.100.224.212   <none>     15010/TCP,15011/TCP,8080/TCP,15014/TCP                                                                                                       74s

在描述入口 pod 时,我收到警告 Readiness probe failed: HTTP probe failed with statuscode: 503

谁能帮我解决这个问题。谢谢!

更新尝试答案的输出:

kubectl apply -f metallb.yaml

  podsecuritypolicy.policy/controller created
  podsecuritypolicy.policy/speaker created
  serviceaccount/controller created
  serviceaccount/speaker created
  clusterrole.rbac.authorization.k8s.io/metallb-system:controller created
  clusterrole.rbac.authorization.k8s.io/metallb-system:speaker created
  role.rbac.authorization.k8s.io/config-watcher created
  role.rbac.authorization.k8s.io/pod-lister created
  clusterrolebinding.rbac.authorization.k8s.io/metallb-system:controller created
  clusterrolebinding.rbac.authorization.k8s.io/metallb-system:speaker created
  rolebinding.rbac.authorization.k8s.io/config-watcher created
  rolebinding.rbac.authorization.k8s.io/pod-lister created
  daemonset.apps/speaker created
  deployment.apps/controller created

$ kubectl get pods -n metallb-system

  No resources found in metallb-system namespace.

应用 yaml 文件后,它显示所有内容都已创建,但我没有在 metallb-system 命名空间下部署任何 pod。

最佳答案

Minikube 可能不提供外部 IP 或负载均衡器,您可能必须在 minikube 中使用 metalLB

金属磅:https://metallb.universe.tf/

您也可以引用这个:https://medium.com/@emirmujic/istio-and-metallb-on-minikube-242281b1134b

这也是一个很好的引用:https://gist.github.com/diegopacheco/9ed4fd9b9a0f341e94e0eb791169ecf9

金属 LB YAMl:

apiVersion: v1
kind: Namespace
metadata:
  name: metallb-system
  labels:
    app: metallb
---

apiVersion: v1
kind: ServiceAccount
metadata:
  namespace: metallb-system
  name: controller
  labels:
    app: metallb
---
apiVersion: v1
kind: ServiceAccount
metadata:
  namespace: metallb-system
  name: speaker
  labels:
    app: metallb

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: metallb-system:controller
  labels:
    app: metallb
rules:
- apiGroups: [""]
  resources: ["services"]
  verbs: ["get", "list", "watch", "update"]
- apiGroups: [""]
  resources: ["services/status"]
  verbs: ["update"]
- apiGroups: [""]
  resources: ["events"]
  verbs: ["create", "patch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: metallb-system:speaker
  labels:
    app: metallb
rules:
- apiGroups: [""]
  resources: ["services", "endpoints", "nodes"]
  verbs: ["get", "list", "watch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  namespace: metallb-system
  name: config-watcher
  labels:
    app: metallb
rules:
- apiGroups: [""]
  resources: ["configmaps"]
  verbs: ["get", "list", "watch"]
- apiGroups: [""]
  resources: ["events"]
  verbs: ["create"]
---

## Role bindings
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: metallb-system:controller
  labels:
    app: metallb
subjects:
- kind: ServiceAccount
  name: controller
  namespace: metallb-system
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: metallb-system:controller
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: metallb-system:speaker
  labels:
    app: metallb
subjects:
- kind: ServiceAccount
  name: speaker
  namespace: metallb-system
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: metallb-system:speaker
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  namespace: metallb-system
  name: config-watcher
  labels:
    app: metallb
subjects:
- kind: ServiceAccount
  name: controller
- kind: ServiceAccount
  name: speaker
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: config-watcher
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
  namespace: metallb-system
  name: speaker
  labels:
    app: metallb
    component: speaker
spec:
  selector:
    matchLabels:
      app: metallb
      component: speaker
  template:
    metadata:
      labels:
        app: metallb
        component: speaker
      annotations:
        prometheus.io/scrape: "true"
        prometheus.io/port: "7472"
    spec:
      serviceAccountName: speaker
      terminationGracePeriodSeconds: 0
      hostNetwork: true
      containers:
      - name: speaker
        image: metallb/speaker:v0.7.1
        imagePullPolicy: IfNotPresent
        args:
        - --port=7472
        - --config=config
        env:
        - name: METALLB_NODE_NAME
          valueFrom:
            fieldRef:
              fieldPath: spec.nodeName
        ports:
        - name: monitoring
          containerPort: 7472
        resources:
          limits:
            cpu: 100m
            memory: 100Mi

        securityContext:
          allowPrivilegeEscalation: false
          readOnlyRootFilesystem: true
          capabilities:
            drop:
            - all
            add:
            - net_raw

---
apiVersion: apps/v1
kind: Deployment
metadata:
  namespace: metallb-system
  name: controller
  labels:
    app: metallb
    component: controller
spec:
  revisionHistoryLimit: 3
  selector:
    matchLabels:
      app: metallb
      component: controller
  template:
    metadata:
      labels:
        app: metallb
        component: controller
      annotations:
        prometheus.io/scrape: "true"
        prometheus.io/port: "7472"
    spec:
      serviceAccountName: controller
      terminationGracePeriodSeconds: 0
      securityContext:
        runAsNonRoot: true
        runAsUser: 65534 # nobody
      containers:
      - name: controller
        image: metallb/controller:v0.7.1
        imagePullPolicy: IfNotPresent
        args:
        - --port=7472
        - --config=config
        ports:
        - name: monitoring
          containerPort: 7472
        resources:
          limits:
            cpu: 100m
            memory: 100Mi

        securityContext:
          allowPrivilegeEscalation: false
          capabilities:
            drop:
            - all
          readOnlyRootFilesystem: true

关于kubernetes - istio-入口网关 :Readiness probe failed: HTTP probe failed with statuscode: 503,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/61074277/

28 4 0
文章推荐: kubernetes - 是否需要使用 DaemonSet 部署 Ingress Controller?
文章推荐: mysql - 无法连接到在kubernetes部署中运行的mysql服务器公开为负载均衡器
文章推荐: kubernetes - Nginx-ingress 上的默认证书
文章推荐: kubernetes - GCP上的Kubernetes,更新到v1.15后的Stackdriver日志记录
行者123
个人简介

我是一名优秀的程序员,十分优秀!

滴滴打车优惠券免费领取
滴滴打车优惠券
全站热门文章
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com