小结

在Kubernetes环境中是通过Nginx Ingress来从外部访问Kubernetes内部的环境，并用API Gateway来分发请求，碰到了 502 Bad gateway.的问题，并尝试解决。

问题

从外部通过Nginx Ingress访问Kubernetes内部的环境API Gateway，返回错误： 502 Bad gateway. 这里API Gateway也起到了Load Balancer的作用。


[john@Node1 ~]$ curl -H 'Host:apigw.com' http://192.168.18.16:80/Test Application/process
<html>
<head><title>502 Bad Gateway</title></head>
<body>
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx/1.25.1</center>
</body>
</html>

查看Nginx运行的实例：

[john@Master ~]$ kubectl get pods -o wide -A | tail -n 2
nginx-ingress    nginx-ingress-c46vc                      1/1     Running   0          31d     10.244.3.163     Node1   <none>           <none>
nginx-ingress    nginx-ingress-hvqjg                      1/1     Running   0          31d     10.244.4.164     Node2   <none>           <none>

查看错误日志，

[john@Master ~]$ kubectl logs -f nginx-ingress-hvqjg -n nginx-ingress

可以看到类似以下错误：connect() failed (111: Connection refused) while connecting to upstream。

查看Nginx的配置文件：

[john@Master ~]$ kubectl exec -it nginx-ingress-c46vc -n nginx-ingress -- /bin/bash
nginx@nginx-ingress-hvqjg:/$ cat /etc/nginx/nginx.conf
nginx@nginx-ingress-hvqjg:/$ cat /etc/nginx/conf.d/default-apigw-ingress.conf

解决

通常情况下需要去查找后台服务的问题，有可能是后台服务没有正常启动所导致的连接问题。

确认了后台服务没有问题后，那么需要去看Nginx Ingress的配置问题。
以下是正确Ngnix Ingress配置示例（在Nginx Ingress的pod中）：

nginx@nginx-ingress-hvqjg:/$ cat /etc/nginx/conf.d/default-apigw-ingress.conf
# configuration for default/apigw-ingressupstream default-apigw-ingress-apigw.com-apigw-service-80 {zone default-apigw-ingress-apigw.com-apigw-service-80 256k;random two least_conn;server 10.244.3.169:8090 max_fails=1 fail_timeout=10s max_conns=0;server 10.244.4.171:8090 max_fails=1 fail_timeout=10s max_conns=0;}
server {listen 80;server_tokens on;server_name apigw.com;set $resource_type "ingress";set $resource_name "apigw-ingress";set $resource_namespace "default";location / {set $service "apigw-service";proxy_http_version 1.1;proxy_connect_timeout 60s;proxy_read_timeout 60s;proxy_send_timeout 60s;client_max_body_size 1m;proxy_set_header Host $host;proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;proxy_set_header X-Forwarded-Host $host;proxy_set_header X-Forwarded-Port $server_port;proxy_set_header X-Forwarded-Proto $scheme;proxy_buffering on;proxy_pass http://default-apigw-ingress-apigw.com-apigw-service-80/;}location /eureka {set $service "eureka-lb";proxy_http_version 1.1;proxy_connect_timeout 60s;proxy_read_timeout 60s;proxy_send_timeout 60s;client_max_body_size 1m;proxy_set_header Host $host;proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;proxy_set_header X-Forwarded-Host $host;proxy_set_header X-Forwarded-Port $server_port;proxy_set_header X-Forwarded-Proto $scheme;proxy_buffering on;proxy_pass http://default-apigw-ingress-apigw.com-eureka-lb-80/;}}

参考

Stackoverflow: 502 Bad gateway when trying to connect to backend
Nginx Ingress Installation with Manifests
server fault: connect() failed (111: Connection refused) while connecting to upstream
stackoverflow: Why does attempting to connect to my ingress show connection refused?
CSDN: nginx报错：connect() failed (111: Connection refused) while connecting to upstream
CSDN: Nginx报502错误，日志connect() failed (111: Connection refused) while connecting to upstream的个人有效解决方案
Kubernetes Ingress

本文来自互联网用户投稿，该文观点仅代表作者本人，不代表本站立场。本站仅提供信息存储空间服务，不拥有所有权，不承担相关法律责任。如若转载，请注明出处：http://www.mzph.cn/news/74586.shtml

如若内容造成侵权/违法违规/事实不符，请联系多彩编程网进行投诉反馈email:809451989@qq.com，一经查实，立即删除！