我正在将入口部署到我的 eks 集群中,一切部署都没有问题,但是,Route 53 中的 DNS 记录似乎不断删除和重新创建,这导致请求在成功完成或收到 DNS 相关错误之间交替。我正在寻找一种调试方法; cloudwatch 日志虽然丰富到几乎压倒性的程度,但并没有真正的帮助,或者,我还没有从与我的集群相关的众多日志组中找到一个实际上表明有用的日志组。我正在使用 terraform,下面是入口的代码:
# Kubernetes Service Manifest (Type: Network Load Balancer Service)
resource "kubernetes_ingress_v1" "ca_alb_service" {
metadata {
name = "ca-alb"
annotations = {
# Traffic Routing
"alb.ingress.kubernetes.io/load-balancer-name" = "ca-alb-${var.environment}"
# Ingress Core Settings
"alb.ingress.kubernetes.io/scheme" = "internet-facing"
# Health Check Settings
"alb.ingress.kubernetes.io/healthcheck-protocol" = "HTTP"
"alb.ingress.kubernetes.io/healthcheck-port" = "traffic-port"
#Important Note: Need to add health check path annotations in service level if we are planning to use multiple targets in a load balancer
"alb.ingress.kubernetes.io/healthcheck-interval-seconds" = 15
"alb.ingress.kubernetes.io/healthcheck-timeout-seconds" = 5
"alb.ingress.kubernetes.io/success-codes" = 200
"alb.ingress.kubernetes.io/healthy-threshold-count" = 2
"alb.ingress.kubernetes.io/unhealthy-threshold-count" = 2
"alb.ingress.kubernetes.io/healthcheck-path" = "/health"
"alb.ingress.kubernetes.io/listen-ports" = jsonencode([{ "HTTPS" = 443 }, { "HTTP" = 80 }])
"alb.ingress.kubernetes.io/certificate-arn" = "${data.terraform_remote_state.hub.outputs.domain_certificate_arn}"
# SSL Redirect Setting
"alb.ingress.kubernetes.io/ssl-redirect" = 443
# AWS Resource Tags
"service.beta.kubernetes.io/aws-load-balancer-additional-resource-tags" = "Environment=${var.environment},Team=dev,Name=caalb-${var.environment}"
"external-dns.alpha.kubernetes.io/hostname" : "${lookup(var.subdomain_for_environment, var.environment)}.mydomain.io"
}
}
spec {
ingress_class_name = "ingress-controller-class" # Ingress Class, this is the default for all clusters, so we could exclude this argument
default_backend {
service {
name = kubernetes_service_v1.ca-as-np.metadata[0].name
port {
number = 3000
}
}
}
}
}
您可以通过键入
kubectl edit deployment external-dns -n defaultlog-leveldebugkubectl logs deployment/external-dns -f为了解决您的问题,external-dns 可能会向您的路由 53 添加额外的 txt 记录。您不需要这些记录,当 external-dns 进行检查时,它将删除并重新创建它们。如果是这种情况,请尝试删除 TXT 记录。