Unable to reach services via Azure Traffic Manager and Nginx Ingress on AKS

扶醉桌前 提交于 2020-06-01 05:08:15

问题


I have two AKS clusters as primary and secondary in two different regions. I want to use Azure traffic manager for the the Priority based endpoint monitoring and fail-over mechanism on the primary and secondary clusters. I got two services: A and B that routes at the relative path /service-a and /service-b respectively. I have nginx ingress controller on each cluster with PIP mapped to the custom host aks-primary.xyz.com and aks-secondary.xyz.com respectively.

The services are reachable on the below paths:

On Primary Custer:

https://aks-primary.xyz.com/service-a

https://aks-primary.xyz.com/service-b

On secondary cluster:

https://aks-secondary.xyz.com/service-a

https://aks-secondary.xyz.com/service-b

I added the primary and secondary host aks-primary.xyz.com and aks-secondary.xyz.com as the endpoint in the Azure Traffic Manager for priority based routing. I added the probe path /healthz and port 443. My endpoints are online.

I added the custom domain for the ATM FQDN my-atm.trafficmanager.net to aks.xyz.com I am unable to reach to my services on below paths

https://aks.xyz.com/service-a

https://aks.xyz.com/service-b

Please suggest.


回答1:


I got this resolved.

I added the ingress with two hosts on each cluster.

hosts: aks-primary.xyz.com and aks.xyz.com on cluster aks primary.

hosts: aks-secondary.xyz.com and aks.xyz.com on cluster aks secondary.

A sample ingress on cluster aks primary:

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: ingress-with-atm
  annotations:
    kubernetes.io/ingress.class: nginx
spec:
  rules:
  - host: aks-primary.xyz.com
    http:
      paths:
      - backend:
          serviceName: service-a
          servicePort: 80
        path: /service-a
      - backend:
          serviceName: service-b
          servicePort: 80
        path: /service-b
  - host: aks.xyz.com
    http:
      paths:
      - backend:
          serviceName: service-a
          servicePort: 80
        path: /service-a
      - backend:
          serviceName: service-b
          servicePort: 80
        path: /service-b
  tls:
  - hosts:
    - aks-primary.xyz.com
    secretName: tls-secret-wildcard-for-xyz-com
  - hosts:
    - aks.xyz.com
    secretName: tls-secret-wildcard-for-xyz-com`

Cheers!



来源:https://stackoverflow.com/questions/62113650/unable-to-reach-services-via-azure-traffic-manager-and-nginx-ingress-on-aks

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!