无法从kubernetes群集的Angular Pod向Ocelot网关服务提出HTTP请求
我有ASP.NET Core 6.0应用程序,其中Ocelot作为其他微服务的入口点功能。现在所有系统都部署在Kubernetes上。此外,我还有一个带有RESTFUL API调用的Angular应用程序。问题是我无法使用Kubernetes服务名称将请求从前端发送到后端。
我已经通过添加LoadBalancer服务来测试了Kubernetes上的Ocelot网关。到目前为止,一切正常。以下是 ocelot Gateway JSON文件的代码:
{
"Routes": [
{
"DownstreamPathTemplate": "/api/{everything}",
"DownstreamScheme": "http",
"DownstreamHostAndPorts": [
{
"Host": "catalogapi-clusterip-srv",
"Port": 80
}
],
"AuthenticationOptions": {
"AuthenticationProviderKey": "Bearer",
"AllowScopes": []
}
],
"GlobalConfiguration": {
"BaseUrl": "http://homey-gateway-clusterip-srv:80"
}
}
Gateway的Kubernetes yaml文件:
apiVersion: apps/v1
kind: Deployment
metadata:
name: homey-gateway-depl
spec:
replicas: 1
selector:
matchLabels:
app: homey-gateway
template:
metadata:
labels:
app: homey-gateway
spec:
containers:
- name: homey-gateway
image: ******
imagePullPolicy: Always
---
apiVersion: v1
kind: Service
metadata:
name: homey-gateway-clusterip-srv
spec:
type: ClusterIP
selector:
app: homey-gateway
ports:
- name: homey-gateway
protocol: TCP
port: 80
targetPort: 80
我还为网关添加了一个负载增量器,以测试该路线是否正常工作,
apiVersion: v1
kind: Service
metadata:
name: homey-gateway-loadbalancer
spec:
type: LoadBalancer
selector:
app: homey-gateway
ports:
- name: homey-gateway-port
protocol: TCP
port: 9090
targetPort: 80
显然,Loadbalancer按预期运行,我可以看到路线正常工作。
现在,Angular应用程序:
apiVersion: apps/v1
kind: Deployment
metadata:
name: homey-depl
spec:
replicas: 1
selector:
matchLabels:
app: homey
template:
metadata:
labels:
app: homey
spec:
containers:
- name: homey
image: *****
imagePullPolicy: Always
---
apiVersion: v1
kind: Service
metadata:
name: homey-clusterip-srv
spec:
type: ClusterIP
selector:
app: homey
ports:
- name: homey
protocol: TCP
port: 80
targetPort: 80
为了在本地进行测试,我添加了一个nodeport,以确保可以在浏览器上获取应用程序。
apiVersion: v1
kind: Service
metadata:
name: homey-srv
labels:
name: homey
spec:
type: NodePort
selector:
app: homey
ports:
- nodePort: 32391
protocol: TCP
port: 80
targetPort: 80
这也可以。
现在,我想从前端到后端进行API HTTP呼叫。我尝试使用Kubernetes后端群集名称,例如:http://homey-gateway-clusterip-srv:80。但是,这不起作用,并且导致无法加载资源:net :: err_name_not_resolved
它工作的唯一方法是使用我在loadBalancer中导出的端口来测试网关SO:http:// localhost:9090。
我在Stackoverflow中看到了类似的问题:无法从Kubernetes群集上的Angular Pod获得服务请求
因此,我为后端和前端添加了一个入口网络,如下所示: 后端:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ingress-homey-backend-srv
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/use-regex: 'true'
spec:
rules:
- http:
paths:
- path: /backend
pathType: Prefix
backend:
service:
name: homey-gateway-clusterip-srv
port:
number: 80
和frontend:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ingress-homey-frontend-srv
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/use-regex: "true"
spec:
rules:
- http:
paths:
- path: /frontend
pathType: Prefix
backend:
service:
name: homey-clusterip-srv
port:
number: 80
此方法不起作用我正在得到http错误404.0-找不到
我没有确保如何执行此操作或如何配置它。请分享我需要遵循的步骤,或者至少告诉我是否需要修改Ocelot网关文件中的任何内容或Kubernetes配置中的任何内容,请帮助我。我花了很多时间在这方面没有结果。 任何帮助将不胜感激。谢谢!
I have ASP.NET CORE 6.0 application where Ocelot functions as an entry point for other microservices. All system is now deployed on Kubernetes. Besides, I have an Angular Application with RESTFUL API calls. The problem is that I cannot send Requests from the frontend to the backend using the Kubernetes services names.
I have tested the Ocelot Gateway on Kubernetes by adding a LoadBalancer Service. Everything works fine until this point. Below is the code for the Ocelot Gateway JSON file:
{
"Routes": [
{
"DownstreamPathTemplate": "/api/{everything}",
"DownstreamScheme": "http",
"DownstreamHostAndPorts": [
{
"Host": "catalogapi-clusterip-srv",
"Port": 80
}
],
"AuthenticationOptions": {
"AuthenticationProviderKey": "Bearer",
"AllowScopes": []
}
],
"GlobalConfiguration": {
"BaseUrl": "http://homey-gateway-clusterip-srv:80"
}
}
The Kubernetes Yaml file for the Gateway:
apiVersion: apps/v1
kind: Deployment
metadata:
name: homey-gateway-depl
spec:
replicas: 1
selector:
matchLabels:
app: homey-gateway
template:
metadata:
labels:
app: homey-gateway
spec:
containers:
- name: homey-gateway
image: ******
imagePullPolicy: Always
---
apiVersion: v1
kind: Service
metadata:
name: homey-gateway-clusterip-srv
spec:
type: ClusterIP
selector:
app: homey-gateway
ports:
- name: homey-gateway
protocol: TCP
port: 80
targetPort: 80
I have also added a LoadBalancer for the Gateway to test if the routes are working fine
apiVersion: v1
kind: Service
metadata:
name: homey-gateway-loadbalancer
spec:
type: LoadBalancer
selector:
app: homey-gateway
ports:
- name: homey-gateway-port
protocol: TCP
port: 9090
targetPort: 80
Apparently, The LoadBalancer functioned as expected and I can see that routes are working perfectly.
Now, the Angular application:
apiVersion: apps/v1
kind: Deployment
metadata:
name: homey-depl
spec:
replicas: 1
selector:
matchLabels:
app: homey
template:
metadata:
labels:
app: homey
spec:
containers:
- name: homey
image: *****
imagePullPolicy: Always
---
apiVersion: v1
kind: Service
metadata:
name: homey-clusterip-srv
spec:
type: ClusterIP
selector:
app: homey
ports:
- name: homey
protocol: TCP
port: 80
targetPort: 80
To test it locally I have added a NodePort to make sure that I can get the application on the browser.
apiVersion: v1
kind: Service
metadata:
name: homey-srv
labels:
name: homey
spec:
type: NodePort
selector:
app: homey
ports:
- nodePort: 32391
protocol: TCP
port: 80
targetPort: 80
This works also fine.
Now I want to make API HTTP calls from the frontend to the backend. I tried by imminently using the Kubernetes backend clusterip name like: http://homey-gateway-clusterip-srv:80. However, this does not work and resulted in Failed to load resource: net::ERR_NAME_NOT_RESOLVED
The only way it works is by using the port I have exported in the LoadBalancer to test the Gateway so: http://localhost:9090.
I have seen a similar issue here in Stackoverflow: Cannot make GET request to service from angular pod on kubernetes cluster
Therefore, I have added an Ingress networking for the backend and frontend as followed:Backend:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ingress-homey-backend-srv
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/use-regex: 'true'
spec:
rules:
- http:
paths:
- path: /backend
pathType: Prefix
backend:
service:
name: homey-gateway-clusterip-srv
port:
number: 80
and Frontend:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ingress-homey-frontend-srv
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/use-regex: "true"
spec:
rules:
- http:
paths:
- path: /frontend
pathType: Prefix
backend:
service:
name: homey-clusterip-srv
port:
number: 80
This approach does not work I am getting HTTP Error 404.0 - Not Found
I am not sure how to do this or how to configure it. Please help me by sharing the steps I need to follow, or at least tell me if I need to modify anything in the Ocelot Gateway file or in Kubernetes configurations. I have spent a lot of time on this with no results.
Any help would be appreciated. Thanks!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
过去几天,我一直在遇到一个非常相似的问题。我有一台duende Identity Server和Ocelot API网关,它位于我的内部服务前,我不希望外部暴露。
我的具体问题是,我的大风水疗中心(Frontend)无法越过我的Ocelot-gateway,因为网关在连接到身份服务器方面很难。
大酒店温泉---->入口代理在( https://ocelot-gateway.com )---> Ocelot Gateway Pod -x->通过Ingress( https://intestity.com )
我仍然没有找到它,但是也许我的文件可以帮助您在设置中发现一些差异,并且可以帮助您,因为
就可以尝试的事情而言,我们的问题非常相似 :
启用您的kubernetes群集进行入口。对于Minikube,请查看在这里。对您来说,请在这里。
将您在入学清单中指定的主机(如果您本地运行)在您的
/etc/hosts文件中都这样。确保使用127.0.0.1而不是本地主机。我不记得我在哪里阅读,但基本上我认为这与您的本地机器和Docker的定义不同。。
我正在使用类似的K8S群集运行豆荚。
我正在使用Ingress对象展示我的大餐水疗中心,身份服务器和Ocelot API网关。
Ingress.blazor-spa.yaml
Ingress.Identity-server.yaml inml
indress.ocelot-gateway.yaml
这是我的服务清单。
svc.blazor-spa.yaml
svc.Identity-server.yaml
svc.ocelot-gateway.yaml
这是我的
ocelot.json。希望这有所帮助!
I've been having a very similar issue for the last few days. I have a Blazor SPA, a Duende Identity Server, and an Ocelot API gateway, which sits in front of my internal services I don't want exposed externally.
My specific issue is that my Blazor SPA (frontend) can't get past my ocelot-gateway because the gateway has trouble connecting to the identity server.
Blazor SPA ---> Ingress Proxy at (https://ocelot-gateway.com) ---> Ocelot Gateway Pod -x-> Identity Server via Ingress (https://identity.com)
I still haven't figured it out, but maybe my files can help you spot some differences in your setup and help you since our problems are pretty similar
As far as things you can try:
Enabling your kubernetes cluster for ingress. For minikube, look here. For KinD, look here.
Adding the host you specified in your ingress manifest (if you're running locally) to your
/etc/hostsfile like so. Make sure to use127.0.0.1instead of localhost. I can't remember where I read that, but basically I think it has to do with your local machine and docker defining localhost differently..
I'm running my pods in a KinD K8s cluster.
I'm exposing my Blazor SPA, Identity Server, and Ocelot API gateway with Ingress objects.
ingress.blazor-spa.yaml
ingress.identity-server.yaml
ingress.ocelot-gateway.yaml
Here are my Service manifests.
svc.blazor-spa.yaml
svc.identity-server.yaml
svc.ocelot-gateway.yaml
Here's my
ocelot.json.Hope this helps somehow!