我非常精通 Docker,但我还没有使用 Minikube/K8s。我首先尝试在 helm 中设置 artifactory-oss 但未能连接到 LoadBalancer。现在我只是在尝试 basic hello-minikube NodePort setup as a sanity check .
当我执行 minikube start 时,它会在 Docker 中启动 minikube:
> docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ebabea521ffe gcr.io/k8s-minikube/kicbase:v0.0.18 "/usr/local/bin/entr…" 2 weeks ago Up 36 minutes 127.0.0.1:49167->22/tcp, 127.0.0.1:49166->2376/tcp, 127.0.0.1:49165->5000/tcp, 127.0.0.1:49164->8443/tcp, 127.0.0.1:49163->32443/tcp minikube
所以 Minikube 只开放了 4916(3/4/5/6/7) 端口?
所以我安装了 hello-minikube:
> kubectl create deployment hello-minikube --image=k8s.gcr.io/echoserver:1.4
> kubectl expose deployment hello-minikube --type=NodePort --port=8080
> minikube ip
192.168.49.2
> minikube service list
|----------------------|------------------------------------|--------------|---------------------------|
| NAMESPACE | NAME | TARGET PORT | URL |
|----------------------|------------------------------------|--------------|---------------------------|
| default | hello-minikube | 8080 | http://192.168.49.2:30652 |
| default | kubernetes | No node port |
| kube-system | ingress-nginx-controller-admission | No node port |
| kube-system | kube-dns | No node port |
| kubernetes-dashboard | dashboard-metrics-scraper | No node port |
| kubernetes-dashboard | kubernetes-dashboard | No node port |
|----------------------|------------------------------------|--------------|---------------------------|
> minikube service --url hello-minikube
http://192.168.49.2:30652
我检查了防火墙,它有我打开的端口:
> sudo firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: ens192
sources:
services: dhcpv6-client http https ssh
ports: 8000-9000/tcp 30000-35000/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
> kubectl get pods
NAME READY STATUS RESTARTS AGE
hello-minikube-6ddfcc9757-hxxmf 1/1 Running 0 40m
> kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
hello-minikube NodePort 10.97.233.42 <none> 8080:30652/TCP 36m
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 19d
> kubectl describe services hello-minikube
Name: hello-minikube
Namespace: default
Labels: app=hello-minikube
Annotations: <none>
Selector: app=hello-minikube
Type: NodePort
IP Families: <none>
IP: 10.97.233.42
IPs: 10.97.233.42
Port: <unset> 8080/TCP
TargetPort: 8080/TCP
NodePort: <unset> 30652/TCP
Endpoints: 172.17.0.6:8080
Session Affinity: None
External Traffic Policy: Cluster
Events: <none>
我已经尝试了所有 IP 和端口组合、minikube 隧道、kube 代理 和其他一些东西,但我就是找不到任何端口来访问它来自另一台机器的服务。我无法获得“外部 IP”。如果我从机器本身搜索,nmap 会找到一堆端口。
> nmap -p 1-65000 localhost
Starting Nmap 6.40 ( http://nmap.org ) at 2021-04-26 15:16 SAST
Nmap scan report for localhost (127.0.0.1)
Host is up (0.0013s latency).
Other addresses for localhost (not scanned): 127.0.0.1
Not shown: 64971 closed ports
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
80/tcp open http
111/tcp open rpcbind
443/tcp open https
631/tcp open ipp
3000/tcp open ppp
5000/tcp open upnp
5050/tcp open mmcc
8060/tcp open unknown
8080/tcp open http-proxy
8082/tcp open blackice-alerts
9090/tcp open zeus-admin
9093/tcp open unknown
9094/tcp open unknown
9100/tcp open jetdirect
9121/tcp open unknown
9168/tcp open unknown
9187/tcp open unknown
9229/tcp open unknown
9236/tcp open unknown
33757/tcp open unknown
35916/tcp open unknown
41266/tcp open unknown
49163/tcp open unknown
49164/tcp open unknown
49165/tcp open unknown
49166/tcp open unknown
49167/tcp open unknown
但是如果我从网络上的另一台机器扫描那台机器:
> nmap -p 1-65000 10.20.2.26
Starting Nmap 6.40 ( http://nmap.org ) at 2021-04-26 15:23 SAST
Nmap scan report for 10.20.2.26
Host is up (0.00032s latency).
Not shown: 58995 filtered ports, 6001 closed ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
443/tcp open https
8060/tcp open unknown
这些端口似乎无法访问。有什么想法吗?
-- 编辑 1:
系统管理员说只有 10.20.x.x IP 会解析。所以 192.168.x.x 和 10.96.x.x 将不起作用。所以也许这个 --service-cluster-ip-range 字段就是我要找的。接下来我会尝试一下。
最佳答案
我遇到了一个类似的问题,我一直在努力解决这个问题,this documentation很有帮助。就我而言,我在 Mac OS 上通过 minikube 访问在 Kubernetes 集群中运行的 Jenkins 构建服务器。
我按照以下步骤使此端口转发正常工作:
确认你的 pod 的端口:
kubectl get pod <podname-f5d-48kbr> --template='{{(index (index .spec.containers 0).ports 0).containerPort}}{{"\n"}}' -n <namespace-name>
说输出显示
> 27013
- 像这样将本地端口转发到 Pod 上的端口:
kubectl port-forward <podname-deployment-f5db75f7-48kbr> 8080:27013 -n <namespace-name>
这应该开始端口转发,输出如下:
Forwarding from 127.0.0.1:8080 -> 27013
Forwarding from [::1]:8080 -> 27013
现在通过 http://localhost:8080/在浏览器上访问您的应用程序
关于docker - 运行在 Docker 中的 Minikube,以及端口转发,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/67267610/