gpt4 book ai didi

kubernetes - AKS 不创建 KUBERNETES_SERVICE_HOST 和 KUBERNETES_SERVICE_PORT 环境变量

转载 作者:行者123 更新时间:2023-12-05 06:50:06 24 4
gpt4 key购买 nike

我在 AKS 中有一个 DeploymentService,它还有一个链接的 ServiceAccount,它使 pod 能够获取、监视和列出 服务

在 AKS 部署中,这用于创建带有 pod 的 KUBERNETES_SERVICE_HOSTKUBERNETES_SERVICE_PORT 环境变量。现在看来,事实并非如此。

该特定服务/部署唯一发生变化的是各种集群更新,在某些时候它似乎已停止工作。

我们已尝试重新部署/删除并重新创建该服务,但似乎没有任何效果。

这是部署 yaml:

apiVersion : apps/v1
kind: Deployment
metadata:
name: open-api
labels:
name: open-api
app: test-services
spec:
selector:
matchLabels:
name: open-api
app: test-services
strategy:
rollingUpdate:
maxUnavailable: 1
maxSurge: 1
minReadySeconds: 60
replicas: 1
template:
metadata:
labels:
name: open-api
app: test-services
spec:
serviceAccountName: open-api-account
containers:
- name: open-api
image: open-api
terminationMessagePolicy: FallbackToLogsOnError
ports:
- containerPort: 80
resources:
requests:
memory: "70Mi"
cpu: "50m"
limits:
memory: "150Mi"
cpu: "100m"
readinessProbe:
httpGet:
path: /pingz
port: 80
initialDelaySeconds: 10
periodSeconds: 3
env:
- name: "ASPNETCORE_ENVIRONMENT"
value: "$ENV_VAR"

这是服务yaml:

apiVersion: v1
kind: Service
metadata:
name: open-api
labels:
name: open-api
app: test-services
spec:
type: ClusterIP
ports:
- port: 80
selector:
name: open-api
app: test-services

这是 ServiceAccountyaml:

apiVersion: v1
kind: ServiceAccount
metadata:
name: open-api-account
namespace: test-services
automountServiceAccountToken: false
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
namespace: test-services
name: open-api-service-reader
rules:
- apiGroups: [""] # "" indicates the core API group
resources: ["services"]
verbs: ["get", "watch", "list"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: open-api-service-reader
namespace: test-services
subjects:
- kind: ServiceAccount
# Reference to ServiceAccount kind's `metadata.name`
name: open-api-account
# Reference to ServiceAccount kind's `metadata.namespace`
namespace: test-services
roleRef:
kind: ClusterRole
name: open-api-service-reader
apiGroup: rbac.authorization.k8s.io

最佳答案

这些变量似乎是为 kube-system 中存在的 pod 自动添加的。不确定这是否可以扩展到其他命名空间。

关于kubernetes - AKS 不创建 KUBERNETES_SERVICE_HOST 和 KUBERNETES_SERVICE_PORT 环境变量,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/66470062/

24 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com