如何将kubernetes LoadBalancer Ingress URL发布到aws route53

问题描述 投票:5回答:2

今天,当我使用kubernetes在aws上启动应用程序时,它会公开一个公开可见的LoadBalancer Ingress URL,但是为了将其链接到我的域以使公众可以访问该应用程序,我需要在每个浏览器中手动进入aws route53控制台。发射。我是否可以更新aws route53资源类型A以匹配命令行中的最新Kubernetes LoadBalancer Ingress URL?

Krubnetes over gcloud分享了这样的挑战,即必须预定义在启动配置中使用的静态IP,或者在启动后手动执行基于浏览器的域链接。在aws上我希望我可以从命令行使用类似的东西

aws route53domains update-domain-nameservers   ???

__ OR __我可以预定义一个aws kubernetes LoadBalancer Ingress类似于在gcloud时执行预定义的静态IP吗?

显示已部署的应用程序的LoadBalancer Ingress URL问题

kubectl describe svc

......输出

Name:           aaa-deployment-407
Namespace:      ruptureofthemundaneplane
Labels:         app=bbb
            pod-template-hash=4076262206
Selector:       app=bbb,pod-template-hash=4076262206
Type:           LoadBalancer
IP:         10.0.51.82
LoadBalancer Ingress:   a244bodhisattva79c17cf7-61619.us-east-1.elb.amazonaws.com
Port:           port-1  80/TCP
NodePort:       port-1  32547/TCP
Endpoints:      10.201.0.3:80
Port:           port-2  443/TCP
NodePort:       port-2  31248/TCP
Endpoints:      10.201.0.3:443
Session Affinity:   None
No events.

更新:

尝试新的命令行技术时遇到错误(给@ error2007s评论提示)...发出这个问题

aws route53 list-hosted-zones

......产出

{
    "HostedZones": [
        {
            "ResourceRecordSetCount": 6, 
            "CallerReference": "2D58A764-1FAC-DEB4-8AC7-AD37E74B94E6", 
            "Config": {
                "PrivateZone": false
            }, 
            "Id": "/hostedzone/Z3II3949ZDMDXV", 
            "Name": "chainsawhaircut.com."
        }
    ]
}

下面使用的重要位:hostedzone Z3II3949ZDMDXV

现在我将using this Doc (and this Doc as well)作为文件/change-resource-record-sets.json制作(注意我可以使用类似的cli调用成功更改类型A ...但是我需要使用别名目标LoadBalancer Ingress URL更改类型A)

{
    "Comment": "Update record to reflect new IP address of fresh deploy",
    "Changes": [{
        "Action": "UPSERT",
        "ResourceRecordSet": {
            "Name": "chainsawhaircut.com.",
            "Type": "A",
            "TTL": 60,
            "AliasTarget": {
                "HostedZoneId": "Z3II3949ZDMDXV",
                "DNSName": "a244bodhisattva79c17cf7-61619.us-east-1.elb.amazonaws.com",
                "EvaluateTargetHealth": false
            }
        }
    }]
}

然后在命令行上发出

aws route53 change-resource-record-sets --hosted-zone-id Z3II3949ZDMDXV --change-batch file:///change-resource-record-sets.json

给出此错误消息

An error occurred (InvalidInput) when calling the ChangeResourceRecordSets operation: Invalid request

任何见解?

amazon-web-services kubernetes amazon-route53
2个回答
2
投票

以下是更新aws route53资源记录类型A所需的逻辑,其中包含来自刚刚创建的kubernetes的值LoadBalancer Ingress URL

第1步 - 通过发布来识别您的hostedzone Id

aws route53 list-hosted-zones

...来自这里的输出是我的域的剪辑

"Id": "/hostedzone/Z3II3949ZDMDXV",

...重要的是,永远不会将json与hostingzone Z3II3949ZDMDXV一起用作cli parm ...还有第二个类似命名的令牌HostedZoneId,它完全不同

第2步 - 查看您的route53域记录的当前值...问题:

aws route53 list-resource-record-sets --hosted-zone-id Z3II3949ZDMDXV --query "ResourceRecordSets[?Name == 'scottstensland.com.']"

......输出

[
    {
        "AliasTarget": {
            "HostedZoneId": "Z35SXDOTRQ7X7K", 
            "EvaluateTargetHealth": false, 
            "DNSName": "dualstack.asomepriorvalue39e7db-1867261689.us-east-1.elb.amazonaws.com."
        }, 
        "Type": "A", 
        "Name": "scottstensland.com."
    }, 
    {
        "ResourceRecords": [
            {
                "Value": "ns-1238.awsdns-26.org."
            }, 
            {
                "Value": "ns-201.awsdns-25.com."
            }, 
            {
                "Value": "ns-969.awsdns-57.net."
            }, 
            {
                "Value": "ns-1823.awsdns-35.co.uk."
            }
        ], 
        "Type": "NS", 
        "Name": "scottstensland.com.", 
        "TTL": 172800
    }, 
    {
        "ResourceRecords": [
            {
                "Value": "ns-1238.awsdns-26.org. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400"
            }
        ], 
        "Type": "SOA", 
        "Name": "scottstensland.com.", 
        "TTL": 900
    }
]

......在上述通知价值中

"HostedZoneId": "Z35SXDOTRQ7X7K",

这是第二个类似的名称令牌不要使用错误的托管区域ID

第3步 - 将下面放入您的更改文件aws_route53_type_A.json (for syntax Doc see link mentioned in comment above)

{
  "Comment": "Update record to reflect new DNSName of fresh deploy",
  "Changes": [
    {
      "Action": "UPSERT",
      "ResourceRecordSet": {
        "AliasTarget": {
            "HostedZoneId": "Z35SXDOTRQ7X7K", 
            "EvaluateTargetHealth": false, 
            "DNSName": "dualstack.a0b82c81f47d011e6b98a0a28439e7db-1867261689.us-east-1.elb.amazonaws.com."
        }, 
        "Type": "A", 
        "Name": "scottstensland.com."
      }
    }
  ]
}

要识别上述字段“DNSName”的值...在aws上部署kubernetes应用程序之后,它会响应一个LoadBalancer Ingress,如cli命令的输出所示:

kubectl describe svc --namespace=ruptureofthemundaneplane

......如...

LoadBalancer Ingress:   a0b82c81f47d011e6b98a0a28439e7db-1867261689.us-east-1.elb.amazonaws.com

...即使我的目标是执行命令行调用,我也可以通过进入aws控制台浏览器手动执行此操作...在route53上拉出我的域名...

Notice the green circle where the correct value of my LoadBalancer Ingress URL will auto appear in a self populating picklist (thanks aws)

...在这个浏览器选项列表中可编辑的文本框(以绿色圈出)我注意到URL被神奇地预先添加:dualstack。以前我错过了那个神奇的字符串...所以json键“DNSName”想要这个

dualstack.a0b82c81f47d011e6b98a0a28439e7db-1867261689.us-east-1.elb.amazonaws.com.

最后执行更改请求

aws route53 change-resource-record-sets --hosted-zone-id Z3II3949ZDMDXV --change-batch file://./aws_route53_type_A.json

......输出

{
    "ChangeInfo": {
        "Status": "PENDING", 
        "Comment": "Update record to reflect new DNSName of fresh deploy", 
        "SubmittedAt": "2016-07-13T14:53:02.789Z", 
        "Id": "/change/CFUX5R9XKGE1C"
    }
}

....现在确认改变是现场运行此显示记录

aws route53  list-resource-record-sets  --hosted-zone-id Z3II3949ZDMDXV
0
投票

您也可以使用external-dns项目。

AWS特定设置can be found here

安装后,它可以与注释一起使用,例如:external-dns.alpha.kubernetes.io/hostname: nginx.external-dns-test.my-org.com.

请注意,需要正确设置IAM权限。

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.