kubernetes 通过K8S Ingress的SignalR连接

hiz5n14c  于 2023-10-17  发布在  Kubernetes
关注(0)|答案(2)|浏览(185)

我正在尝试公开托管在Kubernetes(Azure)pod中的SignalR中心。基本上,身份验证和握手步骤工作正常,但是当我触发一些操作时,通过k8s Ingress连接的所有客户端都不会收到消息。有没有人遇到过这个问题,或者只是通过Kubernetes - Ingress共享了SignalR集线器?

ingress.yml

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: endpoints
  annotations:
    kubernetes.io/ingress.class: addon-http-application-routing
    ingress.kubernetes.io/ssl-redirect: "false"  
    nginx.ingress.kubernetes.io/ssl-redirect: "false"  
    nginx.org/websocket-services: "myservice"
spec:
  rules:
  - host: api.[MY-DOMAIN].com
    http:
      paths:
      - backend:
          serviceName: myservice
          servicePort: 80
        path: /myservice
aydmsdu9

aydmsdu91#

试试看:

annotations:
    kubernetes.io/ingress.class: nginx
    nginx.ingress.kubernetes.io/ssl-redirect: "false"
    nginx.ingress.kubernetes.io/affinity: cookie
    nginx.ingress.kubernetes.io/session-cookie-hash: sha1
    nginx.ingress.kubernetes.io/session-cookie-name: REALTIMESERVERID

我写了一个示例项目,如果你想要一个工作示例:DenisBiondic/RealTimeMicroservices
顺便说一下,考虑使用Azure SignalR服务,它应该可以消除许多令人头痛的问题(也在上面的示例中)。

w6mmgewl

w6mmgewl2#

不熟悉SignalR,但可能有几件事。

  1. nginx Ingress可能会剥离SignalR需要的一些http头。你熟悉SignalR应该接收的http头吗?
    1.验证后,SignalR hub是否可能尝试使用TLS?我看到你在端口80上运行这个,而不是TLS。你必须配置这样的东西:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: endpoints
  annotations:
    kubernetes.io/ingress.class: addon-http-application-routing
    ingress.kubernetes.io/ssl-redirect: "false"  <== you may need to remove
    nginx.ingress.kubernetes.io/ssl-redirect: "false"   <== you may need to remove
    nginx.org/websocket-services: "myservice"
spec:
  rules:
  - host: api.[MY-DOMAIN].com
    http:
      paths:
      - backend:
          serviceName: myservice
          servicePort: 80
        path: /myservice
  tls:
    - secretName: <your-tls-certs>

希望能帮上忙!

相关问题