kubernetes load balancing deployment

(next to the previous article, kubernetes multi node deployment)

k8s deployment planning (load balancing deployment):

load balancing

Nginx1:192.168.35.104/24

Nginx2:192.168.35.105/24

Master node

master1:192.168.35.100/24

master2:192.168.35.103/24

Node node

node1: 192.168.35.101/24

node2: 192.168.35.102/24

nginx installation and deployment

lb01 and lb02 operation

1. Turn off firewall

[root@localhost ~]# systemctl stop firewalld.service 
[root@localhost ~]# setenforce 0

2. Install nginx service, copy nginx.sh and maintained.conf scripts to the home directory

[root@localhost ~]# ls
anaconda-ks.cfg       keepalived.conf  public  video  File  Music
initial-setup-ks.cfg  nginx.sh         Template  picture  download  desktop

3. Build the yum source environment of nginx

(1) Copy profile

[root@localhost ~]# vim nginx.sh

cat > /etc/yum.repos.d/nginx.repo << EOF
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=0                                    #Copy four lines

EOF


stream {

   log_format  main  '$remote_addr $upstream_addr - [$time_local] $status $upstream_bytes_sent';
    access_log  /var/log/nginx/k8s-access.log  main;

    upstream k8s-apiserver {
        server 10.0.0.3:6443;
        server 10.0.0.8:6443;
    }
    server {
                listen 6443;
                proxy_pass k8s-apiserver;
    }
    }

(2) Create yum source, reload yum warehouse, and install nginx

[root@localhost ~]# vim /etc/yum.repos.d/nginx.repo

[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=0

[root@localhost ~]# yum list

[root@localhost ~]# yum install nginx -y

4. Add layer 4 forwarding

(1) Copy profile

[root@localhost ~]# vim nginx.sh

cat > /etc/yum.repos.d/nginx.repo << EOF
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=0                                   

EOF


stream {

   log_format  main  '$remote_addr $upstream_addr - [$time_local] $status $upstream_bytes_sent';
    access_log  /var/log/nginx/k8s-access.log  main;

    upstream k8s-apiserver {
        server 10.0.0.3:6443;
        server 10.0.0.8:6443;
    }
    server {
                listen 6443;
                proxy_pass k8s-apiserver;
    }
    }                          #Copy this paragraph

(2) Add profile and modify

[root@localhost ~]# vim /etc/nginx/nginx.conf

user  nginx;
worker_processes  1;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}

stream {

   log_format  main  '$remote_addr $upstream_addr - [$time_local] $status $upstream_bytes_sent';
    access_log  /var/log/nginx/k8s-access.log  main;

    upstream k8s-apiserver {
        server
192.168.35.100:6443;
        server
192.168.35.103:6443;                  #Just modify IP by master1 and master2 Address      
    }
    server {
                listen 6443;
                proxy_pass k8s-apiserver;
    }
    }

http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    include /etc/nginx/conf.d/*.conf;
}

(3) Verify syntax for errors

[root@localhost ~]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

(4) Modify the home page to distinguish, one master and one backup.

lb01 operation:

[root@localhost ~]# cd /usr/share/nginx/html/
[root@localhost html]# ls
50x.html  index.html
[root@localhost html]# vim index.html 

/14 <h1>Welcome to master ginx!</h1>

lb02 operation:

[root@localhost ~]# cd /usr/share/nginx/html/
[root@localhost html]# ls
50x.html  index.html
[root@localhost html]# vim index.html 

/14 <h1>Welcome to backup ginx!</h1>

(5) Open the service and visit the home page

lb01:

[root@localhost ~]# systemctl start nginx

Visit - http://192.168.35.104/

lb02:

[root@localhost ~]# systemctl start nginx

Visit - http://192.168.35.105/

keepalived installation and deployment

lb01 and lb02 operation

1. Install keepalived

[root@localhost ~]# yum install keepalived -y

2. Modify profile

[root@localhost ~]# ls
anaconda-ks.cfg kept.conf public video document music
Initial setup ks.cfg nginx.sh template picture download desktop
[root@localhost ~]# cp keepalived.conf /etc/keepalived/keepalived.conf
cp: overwrite "/ etc / preserved / preserved.conf"? yes

[root@localhost ~]# vim /etc/keepalived/keepalived.conf 

Note: lb01 is the Master configuration as follows:

! Configuration File for keepalived

global_defs {
   # Receiving email address
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   # Mailing address
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id NGINX_MASTER
}

vrrp_script check_nginx {
    script "/etc/nginx/check_nginx.sh"
}

vrrp_instance VI_1 {
    state MASTER 
    interface ens33
    virtual_router_id 51 # VRRP route ID instance, each instance is unique
    priority 100    # Priority, standby server setting 90
    advert_int 1    # Specifies the notification interval of VRRP heartbeat package, 1 second by default
    authentication {  
        auth_type PASS
        auth_pass 1111
    }   
    virtual_ipaddress {
        192.168.35.200/24
    }
    track_script {
        check_nginx
    }
}

Note: lb02 is the Backup configuration as follows:

! Configuration File for keepalived

global_defs {
   # Receiving email address
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   # Mailing address
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id NGINX_MASTER
}

vrrp_script check_nginx {
    script "/etc/nginx/check_nginx.sh"
}

vrrp_instance VI_1 {
    state BACKUP 
    interface ens33
    virtual_router_id 51 # VRRP route ID instance, each instance is unique
    priority 90    # Priority, standby server setting 90
    advert_int 1    # Specifies the notification interval of VRRP heartbeat package, 1 second by default
    authentication {  
        auth_type PASS
        auth_pass 1111
    }   
    virtual_ipaddress {
        192.168.35.200/24
    }
    track_script {
        check_nginx
    }
}

3. Make management script

[root@localhost ~]# vim /etc/nginx/check_nginx.sh

count=$(ps -ef |grep nginx |egrep -cv "grep|$$")

if [ "$count" -eq 0 ];then
        systemctl stop keepalived
fi

4. Give execution permission and open service

[root@localhost ~]# chmod +x /etc/nginx/check_nginx.sh
[root@localhost ~]# systemctl start keepalived

5. View address information

(1) View lb01 address information

[root@localhost ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:ba:e6:18 brd ff:ff:ff:ff:ff:ff
    inet 192.168.35.104/24 brd 192.168.35.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet 192.168.35.200/24 scope global secondary ens33             #Drift address in lb01 in 
       valid_lft forever preferred_lft forever
    inet6 fe80::6ec5:6d7:1b18:466e/64 scope link tentative dadfailed 
       valid_lft forever preferred_lft forever
    inet6 fe80::2a3:b621:ca01:463e/64 scope link tentative dadfailed 
       valid_lft forever preferred_lft forever
    inet6 fe80::d4e2:ef9e:6820:145a/64 scope link tentative dadfailed 
       valid_lft forever preferred_lft forever
3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN qlen 1000
    link/ether 52:54:00:14:39:99 brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
       valid_lft forever preferred_lft forever
4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN qlen 1000
    link/ether 52:54:00:14:39:99 brd ff:ff:ff:ff:ff:ff

(2) View lb02 address information

[root@localhost ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:1d:ec:b0 brd ff:ff:ff:ff:ff:ff
    inet 192.168.35.105/24 brd 192.168.35.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::6ec5:6d7:1b18:466e/64 scope link tentative dadfailed 
       valid_lft forever preferred_lft forever
    inet6 fe80::2a3:b621:ca01:463e/64 scope link tentative dadfailed 
       valid_lft forever preferred_lft forever
    inet6 fe80::d4e2:ef9e:6820:145a/64 scope link tentative dadfailed 
       valid_lft forever preferred_lft forever
3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN qlen 1000
    link/ether 52:54:00:14:39:99 brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
       valid_lft forever preferred_lft forever
4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN qlen 1000
    link/ether 52:54:00:14:39:99 brd ff:ff:ff:ff:ff:ff

6. Test failover

(1) Verify address drift (use pkill nginx in lb01, then use ip a in lb02 to view)

[root@localhost ~]# pkill nginx
[root@localhost ~]# systemctl status nginx
nginx.service - nginx - high performance web server
   Loaded: loaded (/usr/lib/systemd/system/nginx.service; disabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since Six 2020-02-08 16:54:45 CST; 11s ago
     Docs: http://nginx.org/en/docs/
  Process: 13156 ExecStop=/bin/kill -s TERM $MAINPID (code=exited, status=1/FAILURE)
 Main PID: 6930 (code=exited, status=0/SUCCESS)

2 Month 0816:54:45 localhost.localdomain kill[13156]: -q, --queue <signal>   ...2)
2 Month 0816:54:45 localhost.localdomain kill[13156]: -p, --pid            ...Number
2 Month 0816:54:45 localhost.localdomain kill[13156]: -l, --list [=<signal>] ...call
2 Month 0816:54:45 localhost.localdomain kill[13156]: -L, --table          ...value
2 Month 0816:54:45 localhost.localdomain kill[13156]: -h, --help     Show this... Out
2 Month 0816:54:45 localhost.localdomain kill[13156]: -V, --version  Output version... Out
2 Month 0816:54:45 localhost.localdomain kill[13156]: For more information, see kill(1).
2 Month 0816:54:45 localhost.localdomain systemd[1]: nginx.service: control...
2 Month 0816:54:45 localhost.localdomain systemd[1]: Unit nginx.service ent...
2 Month 0816:54:45 localhost.localdomain systemd[1]: nginx.service failed.
Hint: Some lines were ellipsized, use -l to show in full.

[root@localhost ~]# systemctl status keepalived.service             #The keepalived service is also closed, indicating that the check ﹣ nginx.sh in nginx takes effect
● keepalived.service - LVS and VRRP High Availability Monitor
   Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)
   Active: inactive (dead)

2 Month 0816:39:26 localhost.localdomain Keepalived_vrrp[7319]: VRRP_Instan...
2 Month 0816:39:26 localhost.localdomain Keepalived_vrrp[7319]: Sending gra...
2 Month 0816:39:26 localhost.localdomain Keepalived_vrrp[7319]: Sending gra...
2 Month 0816:39:26 localhost.localdomain Keepalived_vrrp[7319]: Sending gra...
2 Month 0816:39:26 localhost.localdomain Keepalived_vrrp[7319]: Sending gra...
2 Month 0816:54:46 localhost.localdomain Keepalived[7317]: Stopping
2 Month 0816:54:46 localhost.localdomain systemd[1]: Stopping LVS and VRRP ...
2 Month 0816:54:46 localhost.localdomain Keepalived_vrrp[7319]: VRRP_Instan...
2 Month 0816:54:46 localhost.localdomain Keepalived_vrrp[7319]: VRRP_Instan...
2 Month 0816:54:47 localhost.localdomain systemd[1]: Stopped LVS and VRRP H...
Hint: Some lines were ellipsized, use -l to show in full.

Check the address at lb01:

[root@localhost ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:ba:e6:18 brd ff:ff:ff:ff:ff:ff
    inet 192.168.35.104/24 brd 192.168.35.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::6ec5:6d7:1b18:466e/64 scope link tentative dadfailed 
       valid_lft forever preferred_lft forever
    inet6 fe80::2a3:b621:ca01:463e/64 scope link tentative dadfailed 
       valid_lft forever preferred_lft forever
    inet6 fe80::d4e2:ef9e:6820:145a/64 scope link tentative dadfailed 
       valid_lft forever preferred_lft forever
3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN qlen 1000
    link/ether 52:54:00:14:39:99 brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
       valid_lft forever preferred_lft forever
4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN qlen 1000
    link/ether 52:54:00:14:39:99 brd ff:ff:ff:ff:ff:ff

Check the address at lb02:

[root@localhost ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:1d:ec:b0 brd ff:ff:ff:ff:ff:ff
    inet 192.168.35.105/24 brd 192.168.35.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet 192.168.35.200/24 scope global secondary ens33                #Shift address to lb02
       valid_lft forever preferred_lft forever
    inet6 fe80::6ec5:6d7:1b18:466e/64 scope link tentative dadfailed 
       valid_lft forever preferred_lft forever
    inet6 fe80::2a3:b621:ca01:463e/64 scope link tentative dadfailed 
       valid_lft forever preferred_lft forever
    inet6 fe80::d4e2:ef9e:6820:145a/64 scope link tentative dadfailed 
       valid_lft forever preferred_lft forever
3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN qlen 1000
    link/ether 52:54:00:14:39:99 brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
       valid_lft forever preferred_lft forever
4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN qlen 1000
    link/ether 52:54:00:14:39:99 brd ff:ff:ff:ff:ff:ff

(2) Recovery operation (start nginx service before keepalived service in lb01)

[root@localhost ~]# systemctl start nginx
[root@localhost ~]# systemctl start keepalived.service 
[root@localhost ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:ba:e6:18 brd ff:ff:ff:ff:ff:ff
    inet 192.168.35.104/24 brd 192.168.35.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet 192.168.35.200/24 scope global secondary ens33               #The drift address is transferred back to lb01
       valid_lft forever preferred_lft forever
    inet6 fe80::6ec5:6d7:1b18:466e/64 scope link tentative dadfailed 
       valid_lft forever preferred_lft forever
    inet6 fe80::2a3:b621:ca01:463e/64 scope link tentative dadfailed 
       valid_lft forever preferred_lft forever
    inet6 fe80::d4e2:ef9e:6820:145a/64 scope link tentative dadfailed 
       valid_lft forever preferred_lft forever
3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN qlen 1000
    link/ether 52:54:00:14:39:99 brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
       valid_lft forever preferred_lft forever
4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN qlen 1000
    link/ether 52:54:00:14:39:99 brd ff:ff:ff:ff:ff:ff

(3) Nginx site / usr/share/nginx/html

ping the virtual IP on the host to ensure that it can be pinged, indicating that it can be accessed

View index.html in lb01

[root@localhost ~]# cat /usr/share/nginx/html/index.html 
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to master ginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

View index.html in lb01

[root@localhost ~]# cat /usr/share/nginx/html/index.html 
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to backup nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

I think the drift address is on lb01, so when I visit the drift address, the real nginx homepage should contain the master page

Node node binding VIP address

1. Modify the node configuration file unified VIP (bootstrap.kubeconfig,kubelet.kubeconfig)

[root@localhost ~]# vim /opt/kubernetes/cfg/bootstrap.kubeconfig
[root@localhost ~]# vim /opt/kubernetes/cfg/kubelet.kubeconfig
[root@localhost ~]# vim /opt/kubernetes/cfg/kube-proxy.kubeconfig

#All changed to VIP address

server: https://192.168.35.200:6443

2. Replace to complete direct self test

[root@localhost ~]# cd /opt/kubernetes/cfg/

[root@localhost cfg]# grep 200 *
bootstrap.kubeconfig:    server: https://192.168.35.200:6443
kubelet.kubeconfig:    server: https://192.168.35.200:6443
kube-proxy.kubeconfig:    server: https://192.168.35.200:6443

3. Restart service

[root@localhost cfg]# systemctl restart kubelet.service 
[root@localhost cfg]# systemctl restart kube-proxy.service 

4. View the k8s log of nginx on lb01

[root@localhost ~]# tail /var/log/nginx/k8s-access.log
192.168.35.102 192.168.35.100:6443 - [08/Feb/2020:17:42:00 +0800] 200 1119
192.168.35.102 192.168.35.103:6443 - [08/Feb/2020:17:42:00 +0800] 200 1121
192.168.35.101 192.168.35.100:6443 - [08/Feb/2020:17:42:14 +0800] 200 1121
192.168.35.101 192.168.35.100:6443 - [08/Feb/2020:17:42:14 +0800] 200 1121

Operate on master01

1. Test create pod

[root@localhost k8s]# kubectl run nginx --image=nginx
kubectl run --generator=deployment/apps.v1beta1 is DEPRECATED and will be removed in a future version. Use kubectl create instead.
deployment.apps/nginx created

2. View status

[root@localhost k8s]# kubectl get pods
NAME                    READY   STATUS    RESTARTS   AGE
nginx-dbddb74b8-cfggf   1/1        0     ContainerCreating     64s                #BeingCreate medium
[root@localhost k8s]# kubectl get pods
NAME                    READY   STATUS    RESTARTS   AGE
nginx-dbddb74b8-cfggf   1/1     Running   0          74s                   #EstablishDone, running

3. Attention to log problems (unable to view, error will be reported)

[root@localhost k8s]# kubectl logs nginx-dbddb74b8-cfggf
Error from server (Forbidden): Forbidden (user=system:anonymous, verb=get, resource=nodes, subresource=proxy) ( pods/log nginx-dbddb74b8-cfggf)

terms of settlement:

(1) Authority promotion

[root@localhost k8s]# kubectl create clusterrolebinding cluster-system-anonymous --clusterrole=cluster-admin --user=system:anonymous
clusterrolebinding.rbac.authorization.k8s.io/cluster-system-anonymous created

(2) Checking the log

[root@localhost k8s]# kubectl logs nginx-dbddb74b8-cfggf

//No error will be reported, but no log will be generated due to no access

4. View pod network

[root@localhost k8s]# kubectl get pods -o wide
NAME                    READY   STATUS    RESTARTS   AGE   IP            NODE             NOMINATED NODE
nginx-dbddb74b8-cfggf   1/1     Running   0          14m   172.17.45.2   192.168.35.101   <none>

5. Operation on the node node of the corresponding network segment can be directly accessed

[root@localhost cfg]# curl 172.17.45.2
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

6. Access will generate logs, and return to the master01 operation

[root@localhost k8s]# kubectl logs nginx-dbddb74b8-cfggf
172.17.45.1 - - [08/Feb/2020:10:10:29 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.29.0" "-"

195 original articles published, 64 praised, 7880 visited
Private letter follow

Tags: Nginx vim firewall yum

Posted on Sat, 08 Feb 2020 07:12:35 -0500 by oneday