Я пытаюсь представить некоторые сервисы, используя WebSockets, в DigitalOcean Kubernetes, используя Ambassador и DO LoadBalancer.
При отображении сервиса WebSocket напрямую с помощью LoadBalancer он работает (я могу подключиться к нему).
Но когда пытаешься пройти через Посла, это не так. На данный момент я не знаю, что я что-то не так сконфигурировал или есть ошибка в Ambassador.
При тестировании образцов Ambassdor для маршрутизации HTTP это работало, но документации об использовании WebSockets нет.
Вот конфигурация для всех соответствующих частей:
Посол RBAC:
---
apiVersion: v1
kind: Service
metadata:
labels:
service: ambassador-admin
name: ambassador-admin
spec:
type: NodePort
ports:
- name: ambassador-admin
port: 8877
targetPort: 8877
selector:
service: ambassador
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
name: ambassador
rules:
- apiGroups: [""]
resources:
- services
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources:
- configmaps
verbs: ["create", "update", "patch", "get", "list", "watch"]
- apiGroups: [""]
resources:
- secrets
verbs: ["get", "list", "watch"]
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: ambassador
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: ambassador
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: ambassador
subjects:
- kind: ServiceAccount
name: ambassador
namespace: default
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: ambassador
spec:
replicas: 3
template:
metadata:
annotations:
sidecar.istio.io/inject: "false"
labels:
service: ambassador
spec:
serviceAccountName: ambassador
containers:
- name: ambassador
image: quay.io/datawire/ambassador:0.40.0
resources:
limits:
cpu: 1
memory: 400Mi
requests:
cpu: 200m
memory: 100Mi
env:
- name: AMBASSADOR_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
ports:
- name: http
containerPort: 80
- name: https
containerPort: 443
- name: admin
containerPort: 8877
- name: websocket1
containerPort: 8010
- name: websocket2
containerPort: 8011
livenessProbe:
httpGet:
path: /ambassador/v0/check_alive
port: 8877
initialDelaySeconds: 30
periodSeconds: 3
readinessProbe:
httpGet:
path: /ambassador/v0/check_ready
port: 8877
initialDelaySeconds: 30
periodSeconds: 3
restartPolicy: Always
Посол службы:
---
apiVersion: v1
kind: Service
metadata:
name: ambassador
spec:
type: LoadBalancer
ports:
- port: 80
name: http
- port: 8010
name: websocket1
- port: 8011
name: websocket2
selector:
service: ambassador
Модуль Websocket:
---
apiVersion: v1
kind: Pod
metadata:
name: web-socket-test
labels:
app: web-socket-test
spec:
containers:
- name: web-socket-test
image: ksdn117/web-socket-test
ports:
- containerPort: 8010
- containerPort: 31448
- containerPort: 8011
- containerPort: 31057
служба веб-сокетов:
---
apiVersion: v1
kind: Service
metadata:
name: web-socket-test
annotations:
getambassador.io/config: |
---
apiVersion: ambassador/v0
kind: Mapping
name: web-socket-test_mapping
prefix: /web-socket-test/
service: web-socket-test
use_websocket: True
spec:
selector:
app: web-socket-test
ports:
- protocol: TCP
port: 8011
targetPort: 31057
name: websocket1
- protocol: TCP
port: 31057
targetPort: 8010
name: websocket2