在Kubernetes环境中有关Nginx Ingress与API Gateway的连接问题
文章目录
- 小结
- 问题
- 解决
- 参考
小结
在Kubernetes环境中是通过Nginx Ingress来从外部访问Kubernetes内部的环境,并用API Gateway来分发请求,碰到了 502 Bad gateway.的问题,并尝试解决。
问题
从外部通过Nginx Ingress访问Kubernetes内部的环境API Gateway,返回错误: 502 Bad gateway. 这里API Gateway也起到了Load Balancer的作用。
[john@Node1 ~]$ curl -H 'Host:apigw.com' http://192.168.18.16:80/Test Application/process
<html>
<head><title>502 Bad Gateway</title></head>
<body>
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx/1.25.1</center>
</body>
</html>
查看Nginx运行的实例:
[john@Master ~]$ kubectl get pods -o wide -A | tail -n 2
nginx-ingress nginx-ingress-c46vc 1/1 Running 0 31d 10.244.3.163 Node1 <none> <none>
nginx-ingress nginx-ingress-hvqjg 1/1 Running 0 31d 10.244.4.164 Node2 <none> <none>查看错误日志,
[john@Master ~]$ kubectl logs -f nginx-ingress-hvqjg -n nginx-ingress
可以看到类似以下错误:connect() failed (111: Connection refused) while connecting to upstream。
查看Nginx的配置文件:
[john@Master ~]$ kubectl exec -it nginx-ingress-c46vc -n nginx-ingress -- /bin/bash
nginx@nginx-ingress-hvqjg:/$ cat /etc/nginx/nginx.conf
nginx@nginx-ingress-hvqjg:/$ cat /etc/nginx/conf.d/default-apigw-ingress.conf
解决
通常情况下需要去查找后台服务的问题,有可能是后台服务没有正常启动所导致的连接问题。
确认了后台服务没有问题后,那么需要去看Nginx Ingress的配置问题。
以下是正确Ngnix Ingress配置示例 (在Nginx Ingress的pod中):
nginx@nginx-ingress-hvqjg:/$ cat /etc/nginx/conf.d/default-apigw-ingress.conf
# configuration for default/apigw-ingressupstream default-apigw-ingress-apigw.com-apigw-service-80 {zone default-apigw-ingress-apigw.com-apigw-service-80 256k;random two least_conn;server 10.244.3.169:8090 max_fails=1 fail_timeout=10s max_conns=0;server 10.244.4.171:8090 max_fails=1 fail_timeout=10s max_conns=0;}
server {listen 80;server_tokens on;server_name apigw.com;set $resource_type "ingress";set $resource_name "apigw-ingress";set $resource_namespace "default";location / {set $service "apigw-service";proxy_http_version 1.1;proxy_connect_timeout 60s;proxy_read_timeout 60s;proxy_send_timeout 60s;client_max_body_size 1m;proxy_set_header Host $host;proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;proxy_set_header X-Forwarded-Host $host;proxy_set_header X-Forwarded-Port $server_port;proxy_set_header X-Forwarded-Proto $scheme;proxy_buffering on;proxy_pass http://default-apigw-ingress-apigw.com-apigw-service-80/;}location /eureka {set $service "eureka-lb";proxy_http_version 1.1;proxy_connect_timeout 60s;proxy_read_timeout 60s;proxy_send_timeout 60s;client_max_body_size 1m;proxy_set_header Host $host;proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;proxy_set_header X-Forwarded-Host $host;proxy_set_header X-Forwarded-Port $server_port;proxy_set_header X-Forwarded-Proto $scheme;proxy_buffering on;proxy_pass http://default-apigw-ingress-apigw.com-eureka-lb-80/;}}参考
Stackoverflow: 502 Bad gateway when trying to connect to backend
Nginx Ingress Installation with Manifests
server fault: connect() failed (111: Connection refused) while connecting to upstream
stackoverflow: Why does attempting to connect to my ingress show connection refused?
CSDN: nginx报错:connect() failed (111: Connection refused) while connecting to upstream
CSDN: Nginx报502错误,日志connect() failed (111: Connection refused) while connecting to upstream的个人有效解决方案
Kubernetes Ingress