Udemy Labs - Certified Kubernetes Application Developer - Ingress Networking - 1 오답노트
Kubernetes
목록 보기
19/53
11
If the requirement does not match any of the configured paths in the Ingress, to which service are the requests forwarded?
풀이
kubectl describe ingress --namespace app-space를 실행하고 'Default backend' 확인- 만약 가 표시되면,
kubectl get deploy ingress-nginx-controller -n ingress-nginx -o yaml명령어 실행 --default-backend-service인수를 찾기
controlplane ~ ➜ kubectl get deploy ingress-nginx-controller -n ingress-nginx -o yaml
apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
deployment.kubernetes.io/revision: "1"
creationTimestamp: "2025-01-27T06:47:55Z"
generation: 1
labels:
app.kubernetes.io/component: controller
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
app.kubernetes.io/version: 1.1.2
helm.sh/chart: ingress-nginx-4.0.18
name: ingress-nginx-controller
namespace: ingress-nginx
resourceVersion: "805"
uid: fb94f6d3-bd21-43c7-8d63-36cb7763b1d0
spec:
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/component: controller
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/name: ingress-nginx
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
creationTimestamp: null
labels:
app.kubernetes.io/component: controller
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/name: ingress-nginx
spec:
containers:
- args:
- /nginx-ingress-controller
- --publish-service=$(POD_NAMESPACE)/ingress-nginx-controller
- --election-id=ingress-controller-leader
- --watch-ingress-without-class=true
- --default-backend-service=app-space/default-backend-service
- --controller-class=k8s.io/ingress-nginx
- --ingress-class=nginx
- --configmap=$(POD_NAMESPACE)/ingress-nginx-controller
- --validating-webhook=:8443
- --validating-webhook-certificate=/usr/local/certificates/cert
- --validating-webhook-key=/usr/local/certificates/key
env:
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- name: LD_PRELOAD
value: /usr/local/lib/libmimalloc.so
image: registry.k8s.io/ingress-nginx/controller:v1.1.2@sha256:28b11ce69e57843de44e3db6413e98d09de0f6688e33d4bd384002a44f78405c
imagePullPolicy: IfNotPresent
lifecycle:
preStop:
exec:
command:
- /wait-shutdown
livenessProbe:
failureThreshold: 5
httpGet:
path: /healthz
port: 10254
scheme: HTTP
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
name: controller
ports:
- containerPort: 80
name: http
protocol: TCP
- containerPort: 443
name: https
protocol: TCP
- containerPort: 8443
name: webhook
protocol: TCP
readinessProbe:
failureThreshold: 3
httpGet:
path: /healthz
port: 10254
scheme: HTTP
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
resources:
requests:
cpu: 100m
memory: 90Mi
securityContext:
allowPrivilegeEscalation: true
capabilities:
add:
- NET_BIND_SERVICE
drop:
- ALL
runAsUser: 101
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /usr/local/certificates/
name: webhook-cert
readOnly: true
dnsPolicy: ClusterFirst
nodeSelector:
kubernetes.io/os: linux
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: ingress-nginx
serviceAccountName: ingress-nginx
terminationGracePeriodSeconds: 300
volumes:
- name: webhook-cert
secret:
defaultMode: 420
secretName: ingress-nginx-admission
status:
availableReplicas: 1
conditions:
- lastTransitionTime: "2025-01-27T06:48:23Z"
lastUpdateTime: "2025-01-27T06:48:23Z"
message: Deployment has minimum availability.
reason: MinimumReplicasAvailable
status: "True"
type: Available
- lastTransitionTime: "2025-01-27T06:47:55Z"
lastUpdateTime: "2025-01-27T06:48:23Z"
message: ReplicaSet "ingress-nginx-controller-7f45764b55" has successfully progressed.
reason: NewReplicaSetAvailable
status: "True"
type: Progressing
observedGeneration: 1
readyReplicas: 1
replicas: 1
updatedReplicas: 1
controlplane ~ ➜ kubectl get deploy ingress-nginx-controller -n ingress-nginx -o yaml | grep default
- --default-backend-service=app-space/default-backend-service
schedulerName: default-scheduler
defaultMode: 420정답
default-backend-service22
You are requested to make the new application available at /pay.
Identify and implement the best approach to making this application available on the ingress controller and test to make sure its working. Look into annotations: rewrite-target as well.
Ingress Created
Path: /pay
Configure correct backend service
Configure correct backend port
풀이
- 새로운 어플리케이션 찾기
controlplane ~ ➜ k get all --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
app-space pod/default-backend-5cd488d85c-k6wfp 1/1 Running 0 19m
app-space pod/webapp-food-57d799b775-csjgn 1/1 Running 0 2m20s
app-space pod/webapp-video-cb475db9c-htpxm 1/1 Running 0 19m
app-space pod/webapp-wear-6886df6554-sn2bn 1/1 Running 0 19m
critical-space pod/webapp-pay-6888bbb889-jbdtd 1/1 Running 0 24s
ingress-nginx pod/ingress-nginx-admission-create-g9z2w 0/1 Completed 0 19m
ingress-nginx pod/ingress-nginx-admission-patch-vxvz5 0/1 Completed 1 19m
ingress-nginx pod/ingress-nginx-controller-7f45764b55-jhr75 1/1 Running 0 19m
kube-flannel pod/kube-flannel-ds-tx79g 1/1 Running 0 21m
kube-system pod/coredns-77d6fd4654-8w6lt 1/1 Running 0 21m
kube-system pod/coredns-77d6fd4654-wp4b4 1/1 Running 0 21m
kube-system pod/etcd-controlplane 1/1 Running 0 21m
kube-system pod/kube-apiserver-controlplane 1/1 Running 0 21m
kube-system pod/kube-controller-manager-controlplane 1/1 Running 0 21m
kube-system pod/kube-proxy-nkzn5 1/1 Running 0 21m
kube-system pod/kube-scheduler-controlplane 1/1 Running 0 21m
NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
app-space service/default-backend-service ClusterIP 172.20.193.249 <none> 80/TCP 19m
app-space service/food-service ClusterIP 172.20.227.186 <none> 8080/TCP 2m20s
app-space service/video-service ClusterIP 172.20.170.38 <none> 8080/TCP 19m
app-space service/wear-service ClusterIP 172.20.198.132 <none> 8080/TCP 19m
critical-space service/pay-service ClusterIP 172.20.188.139 <none> 8282/TCP 24s
default service/kubernetes ClusterIP 172.20.0.1 <none> 443/TCP 21m
ingress-nginx service/ingress-nginx-controller NodePort 172.20.87.186 <none> 80:30080/TCP,443:32103/TCP 19m
ingress-nginx service/ingress-nginx-controller-admission ClusterIP 172.20.41.189 <none> 443/TCP 19m
kube-system service/kube-dns ClusterIP 172.20.0.10 <none> 53/UDP,53/TCP,9153/TCP 21m
NAMESPACE NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
kube-flannel daemonset.apps/kube-flannel-ds 1 1 1 1 1 <none> 21m
kube-system daemonset.apps/kube-proxy 1 1 1 1 1 kubernetes.io/os=linux 21m
NAMESPACE NAME READY UP-TO-DATE AVAILABLE AGE
app-space deployment.apps/default-backend 1/1 1 1 19m
app-space deployment.apps/webapp-food 1/1 1 1 2m20s
app-space deployment.apps/webapp-video 1/1 1 1 19m
app-space deployment.apps/webapp-wear 1/1 1 1 19m
critical-space deployment.apps/webapp-pay 1/1 1 1 24s
ingress-nginx deployment.apps/ingress-nginx-controller 1/1 1 1 19m
kube-system deployment.apps/coredns 2/2 2 2 21m
NAMESPACE NAME DESIRED CURRENT READY AGE
app-space replicaset.apps/default-backend-5cd488d85c 1 1 1 19m
app-space replicaset.apps/webapp-food-57d799b775 1 1 1 2m20s
app-space replicaset.apps/webapp-video-cb475db9c 1 1 1 19m
app-space replicaset.apps/webapp-wear-6886df6554 1 1 1 19m
critical-space replicaset.apps/webapp-pay-6888bbb889 1 1 1 24s
ingress-nginx replicaset.apps/ingress-nginx-controller-7f45764b55 1 1 1 19m
kube-system replicaset.apps/coredns-77d6fd4654 2 2 2 21m
NAMESPACE NAME STATUS COMPLETIONS DURATION AGE
ingress-nginx job.batch/ingress-nginx-admission-create Complete 1/1 8s 19m
ingress-nginx job.batch/ingress-nginx-admission-patch Complete 1/1 8s 19m- 서비스 이름/포트 번호 확인
controlplane ~ ➜ kubectl get svc -n critical-space
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
pay-service ClusterIP 172.20.188.139 <none> 8282/TCP 6m54s- ingress yaml 파일 생성
controlplane ~ ✖ cat 22.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: pay-ingress
namespace: critical-space
spec:
rules:
- http:
paths:
- path: /pay
pathType: Prefix
backend:
service:
name: pay-service
port:
number: 8282