kubernetes alb入口控制器的基于路径的路由不能正常工作

rfbsl7qr  于 2023-10-17  发布在  Kubernetes
关注(0)|答案(2)|浏览(124)

我正在ALB入口控制器上尝试基于路径的路由。但是,尽管“/”路径可以工作,但“/test”路径会给出403错误。当我将应用服务从“/test”路径移动到“/”路径时,它在这里工作。因此,只有一个路由到“/”路径,而不是其他路径。

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: test-ui
  namespace: dev
  annotations:
    # Ingress core settings
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/load-balancer-name: test-dev
    alb.ingress.kubernetes.io/tags: project=test, env=dev
    alb.ingress.kubernetes.io/ssl-redirect: '443'
    alb.ingress.kubernetes.io/group.name: dev
    kubernetes.io/ingress.class: alb
    alb.ingress.kubernetes.io/group.order: 1000
    alb.ingress.kubernetes.io/listen-ports: '[{"HTTP":80,"HTTPS": 443}]'
    alb.ingress.kubernetes.io/certificate-arn: xxx
    alb.ingress.kubernetes.io/actions.response-403: >
      {"type":"fixed-response","fixedResponseConfig":{"contentType":"text/plain","statusCode":"403","messageBody":"403 External access to endpoint not allowed"}}
spec:
  rules:
  - host: "xxx.test.com"
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: test-ui
            port:
              number: 80
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: test
  namespace: dev
  annotations:
    # Ingress core settings
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/load-balancer-name: test-dev
    alb.ingress.kubernetes.io/tags: project=test, env=dev
    alb.ingress.kubernetes.io/ssl-redirect: '443'
    alb.ingress.kubernetes.io/group.name: dev
    kubernetes.io/ingress.class: alb
    alb.ingress.kubernetes.io/listen-ports: '[{"HTTP":80,"HTTPS": 443}]'
    alb.ingress.kubernetes.io/certificate-arn: xxx
    alb.ingress.kubernetes.io/actions.response-403: >
      {"type":"fixed-response","fixedResponseConfig":{"contentType":"text/plain","statusCode":"403","messageBody":"403 External access to endpoint not allowed"}}
spec:
  rules:
  - host: "xxx.test.com"
    http:
      paths:
      - path: /test
        pathType: Prefix
        backend:
          service:
            name: test
            port:
              number: 8080

我希望路由到除了“/"之外的路径。

  • AWS负载均衡控制器由Helm安装,版本为v2.6.1
  • Kubernetes版本:1.27
  • EKS版本:1.27
n7taea2i

n7taea2i1#

你可以请粘贴错误,我试过了,但它给我404,因为没有运行服务:/test和它的路径是不重定向,如果你认为该服务应该只与/test,如果路径是存在的

mm9b1k5b

mm9b1k5b2#

因为您在同一个入口组中有2个入口。一个入口可以覆盖另一个。所以,你必须添加你的入口资源的订单号.

alb.ingress.kubernetes.io/group.order: '10'

数字可以是1-1000。首先评估同一入口组中所有入口的最小数量。所有没有此注解的入口都将被评估为零值。具有较高编号的重复规则可以覆盖具有较低编号的规则。
重要提示:

`Ensure that each ingress in the same ingress group has a unique priority number. You can't have duplicate order numbers across ingresses.`

更多信息:https://docs.aws.amazon.com/eks/latest/userguide/alb-ingress.html

相关问题