因此,我们尝试在我们的 preprod AWS EKS 集群上使用 helm 和 bitnami helm 图表安装 2 个 RabbitMQ 版本。
第一个 RabbitMQ 部署 (
rabbitmq-qa但是,如果我们尝试使用不同的名称 (
rabbitmq-stgFailed build model due to conflicting load balancer name: map[rmq-alb-qa:{} rmq-alb-stg:{}]
即使 Helm Chart 安装退出且没有错误代码,入口也未正确配置,并且未创建 ALB 和 DNS 记录。这是
kubectlrabbitmq-qa$ kubectl describe ingress rabbitmq-qa --namespace rabbitmq ─╯
### Output
Name: rabbitmq-qa
Labels: app.kubernetes.io/instance=rabbitmq-qa
app.kubernetes.io/managed-by=Helm
app.kubernetes.io/name=rabbitmq
app.kubernetes.io/version=3.13.2
helm.sh/chart=rabbitmq-14.1.2
Namespace: rabbitmq
Address: internal-rmq-alb-qa-********.us-east-1.elb.amazonaws.com
Ingress Class: <none>
Default backend: <default>
Rules:
Host Path Backends
---- ---- --------
rabbitmqui.preprod-qa.us-east-1.prd.example.com
/* rabbitmq-qa:http-stats (private_ip_list_goes_here)
Annotations: alb.ingress.kubernetes.io/actions.response-404:
{"Type":"fixed-response","FixedResponseConfig":{"ContentType":"text/plain","StatusCode":"404","MessageBody":" - 404 Page not found"}}
alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-east-1:certificate_arn_goes_here
alb.ingress.kubernetes.io/group.name: public
alb.ingress.kubernetes.io/listen-ports: [{"HTTP": 15672}, {"HTTP": 80}, {"HTTPS": 443}]
alb.ingress.kubernetes.io/load-balancer-name: rmq-alb-qa
alb.ingress.kubernetes.io/scheme: internal
alb.ingress.kubernetes.io/ssl-policy: ELBSecurityPolicy-TLS-1-2-2017-01
alb.ingress.kubernetes.io/target-type: ip
external-dns.alpha.kubernetes.io/hostname: rabbitmqui.preprod-qa.us-east-1.prd.example.com
external-dns.alpha.kubernetes.io/ingress-hostname-source: annotation-only
kubernetes.io/ingress.class: alb
meta.helm.sh/release-name: rabbitmq-qa
meta.helm.sh/release-namespace: rabbitmq
policies.kyverno.io/last-applied-patches:
add-annotation.add-alb-security-policy.yaml.kyverno.io: added /metadata/annotations/alb.ingress.kubernetes.io~1ssl-policy
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal SuccessfullyReconciled 2m51s (x6 over 2d18h) ingress Successfully reconciled
rabbitmq-stg$ kubectl describe ingress rabbitmq-stg --namespace rabbitmq-stg
### Output:
Name: rabbitmq-stg
Labels: app.kubernetes.io/instance=rabbitmq-stg
app.kubernetes.io/managed-by=Helm
app.kubernetes.io/name=rabbitmq
app.kubernetes.io/version=3.13.2
helm.sh/chart=rabbitmq-14.1.2
Namespace: rabbitmq-stg
Address:
Ingress Class: <none>
Default backend: <default>
Rules:
Host Path Backends
---- ---- --------
rabbitmqui.preprod-stg.us-east-1.example.com
/* rabbitmq-stg:http-stats (private_ip_list_goes_here)
Annotations: alb.ingress.kubernetes.io/actions.response-404:
{"Type":"fixed-response","FixedResponseConfig":{"ContentType":"text/plain","StatusCode":"404","MessageBody":" - 404 Page not found"}}
alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-east-1:certificate_arn_goes_here
alb.ingress.kubernetes.io/group.name: public
alb.ingress.kubernetes.io/listen-ports: [{"HTTP": 15672}, {"HTTP": 80}, {"HTTPS": 443}]
alb.ingress.kubernetes.io/load-balancer-name: rmq-alb-stg
alb.ingress.kubernetes.io/scheme: internal
alb.ingress.kubernetes.io/ssl-policy: ELBSecurityPolicy-TLS-1-2-2017-01
alb.ingress.kubernetes.io/target-type: ip
external-dns.alpha.kubernetes.io/hostname: rabbitmqui.preprod-stg.us-east-1.example.com
external-dns.alpha.kubernetes.io/ingress-hostname-source: annotation-only
kubernetes.io/ingress.class: alb
meta.helm.sh/release-name: rabbitmq-stg
meta.helm.sh/release-namespace: rabbitmq-stg
policies.kyverno.io/last-applied-patches:
add-annotation.add-alb-security-policy.yaml.kyverno.io: added /metadata/annotations/alb.ingress.kubernetes.io~1ssl-policy
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal PolicyApplied 4m15s kyverno-mutate resource mutated
Warning FailedBuildModel 89s (x16 over 4m15s) ingress Failed build model due to conflicting load balancer name: map[rmq-alb-qa:{} rmq-alb-stg:{}]
以下是用于配置 AWS ALB 终端节点和 DNS 记录的注释。 请注意,这些是在
values.yamlrabbitmq-qavalues:
## Ingress + ALB
ingress:
enabled: true
path: /*
hostname: "rabbitmqui.preprod-qa.us-east-1.example.com"
annotations:
# ALB ...
kubernetes.io/ingress.class: alb
alb.ingress.kubernetes.io/scheme: internal
alb.ingress.kubernetes.io/group.name: public
alb.ingress.kubernetes.io/load-balancer-name: "rmq-qa-alb"
alb.ingress.kubernetes.io/target-type: ip
alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 15672}, {"HTTP": 80}, {"HTTPS": 443}]'
alb.ingress.kubernetes.io/actions.response-404: |
{"Type":"fixed-response","FixedResponseConfig":{"ContentType":"text/plain","StatusCode":"404","MessageBody":" - 404 Page not found"}}
## & then the DNS
external-dns.alpha.kubernetes.io/hostname: "rabbitmqui.preprod-qa.us-east-1.us-east-1.example.com"
external-dns.alpha.kubernetes.io/ingress-hostname-source: annotation-only
rabbitmq-stgvalues:
## Ingress + ALB
ingress:
enabled: true
path: /*
hostname: "rabbitmqui.preprod-stg.us-east-1.us-east-1.example.com"
annotations:
# ALB ...
kubernetes.io/ingress.class: alb
alb.ingress.kubernetes.io/scheme: internal
alb.ingress.kubernetes.io/group.name: public
alb.ingress.kubernetes.io/load-balancer-name: "rmq-stg-alb"
alb.ingress.kubernetes.io/target-type: ip
alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 15672}, {"HTTP": 80}, {"HTTPS": 443}]'
alb.ingress.kubernetes.io/actions.response-404: |
{"Type":"fixed-response","FixedResponseConfig":{"ContentType":"text/plain","StatusCode":"404","MessageBody":" - 404 Page not found"}}
## & then the DNS
external-dns.alpha.kubernetes.io/hostname: "rabbitmqui.preprod-stg.us-east-1.example.com"
external-dns.alpha.kubernetes.io/ingress-hostname-source: annotation-only
安装 Helm 版本的第二个实例后,它也会破坏第一个实例的入口。有趣的是,AWS NLB 服务控制器却正确配置了 2 个独立的负载均衡器。 我该如何纠正这个问题?这里可能有什么问题?
参考资料:
提前致谢!
这个注释是罪魁祸首:
alb.ingress.kubernetes.io/group.name: public
由于入口的 LB 组名称相同,因此控制器为它们构建配置时发生冲突,因此出现错误。