first sorry for my english.
I need connect my frontend VueJs to my Laravel Websocket, both environment on Kubernetes, my backend deployment have two service, one service is tha API serve (it's work ok), another service to serve the websocket.
The frontend is serve on enginx and the backend is serve on apache, the frontend on kubernetes use Upstream to connect to API backend, my idea is use another Upstream to connect to websocket but not work.
My configure VueJS:
.ENV:
VUE_APP_WEBSOCKET='IP-websocket'
var pusher = new Pusher('ASDASD2121', {
cluster: 'mt1',
wsHost: process.env.VUE_APP_WEBSOCKET,
wssPort: 6001,
disableStats: true,
enabledTransports: ['ws', 'wss'],
})
Kubernetes service:
apiVersion: v1
kind: Service
metadata:
name: websocket-sitio
namespace: sitio
spec:
selector:
app: backend-sitio
tier: backend
type: LoadBalancer
ports:
- name: websocket
protocol: TCP
port: 6001
targetPort: 6001
My question is, ¿how configure the frontend to connecto to Laravel websocket using kubernetes service without using IP?
Help on my connection from frontend Vue JS to Laravel websocket
Related
I am trying to integrate traefik ingress route with middleware (forward-auth) for wss (secure websocket protocol).
For https requests ingressRoute works fine with forward-auth,
but for wss its not reaching to forward-auth, it's bypassing the middleware.
Tried many ingressRoutes with different pathprefix so that it can route to specific middleware which will forward to helidon app for authentication.
I am trying to setup ForwardAuth for wss incoming requests in traefik Ingress, but it's forwarding/bypassing to actual server without reaching to middleware, same thing works fine for usual https calls.
My websocket url: wss://ip:443/ws/guest
How to fix wss traffic for ingressRoute?
IngressRoute.yaml
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
annotations:
kubernetes.io/ingress.class: traefik
name: traefik-tls
namespace: sample-domain1-ns
spec:
entryPoints:
- websecure
routes:
- kind: Rule
match: PathPrefix(`/ws`)
middlewares:
- name: test-auth-tls
namespace: sample-domain1-ns
services:
- kind: Service
name: sample-domain1-cluster
port: 8001
tls:
certResolver: default
forward-auth.yaml
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: test-auth-tls
namespace: sample-domain1-ns
spec:
headers:
customRequestHeaders:
X-Forwarded-Proto: https
forwardAuth:
address: https://sample-domain1-lb.sample-domain1-ns.svc.cluster.local:8080/auth
tls:
insecureSkipVerify: true
It seem's like, some forward-auth configuration parameter's are require for websocket.
Please try with authRequestHeaders, authResponseHeaders (https://doc.traefik.io/traefik/middlewares/http/forwardauth/).
You tagged this question with helidon, and while it's great if you're using Helidon I'm not seeing how your issue relates to Helidon specifically, rather than (as you described) ingress set-up, etc. Please correct me if I've missed a Helidon aspect here. And apart from that, I'm sorry, I don't have any suggestions for you.
I don't have eureka, load balancer and so on. I want to load balance the request to list of URIs on which instances of backend run.
spring:
cloud:
gateway:
routes:
- id: myService-endpoints
uri: myServiceIp1, myServiceIp2
predicates:
- Path=/myservice/**
myServiceIp1 and myServiceIp2 are my backend service IPs. How can I achieve load balancing in this scenario?
If you are not using service registry, you can still use load-balancing in your app. You will just need to use the SimpleDiscoveryClient that allows you to set your service instance URIs via a property file, like so:
spring.cloud.discovery.client.simple.instances.service1[0].uri=http://s11:8080
Then you can just follow the guides for setting up load-balanced routes in Gateway, like so:
spring:
cloud:
gateway:
routes:
- id: myRoute
uri: lb://service
predicates:
- Path=/service/**
Locally I am able to run the application but when I deploy it on GCP I get an error saying
com.netflix.client.ClientException: Load balancer does not have available server for client: custom-index.rhines-dev.svc.cluster.local
which is the host url I want to forward traffic to via zuul.
My service and routes have been registered.
zuul:
ignoredPatterns:
- /custom/**
host:
connect-timeout-millis: 4000
socket-timeout-millis: 4000
sensitiveHeaders:
routes:
serviceId: rhines
path: /**
url: ${GATEWAY_RHINES_ROUTE:http://localhost:8090}
gradle
// netflix-zuul
implementation group: 'org.springframework.cloud', name: 'spring- cloud-starter-netflix-zuul', version: '2.2.9.RELEASE'
I keep reading suggestions about eureka but I do not need a eureka server. I am building a gateway and I just want zuul to route my traffic.
For me the answer was pretty simple, add http:// to the URL. I am ashamed.
I have developed a spring boot app (User Registration app) that has one rest API. The rest API inserts the data in a MySQL.
The application and database have been deployed in GCP Kubernetes and everything was working fine as I was using network load balancer.
Now I am trying to use NGINX Ingress Controller and Path-based Ingress routing. A network load balancer is pointing to NGINX Ingress Controller and Load Balancer IP is tagged to a wild card host name in Cloud DNS.
From PostMan application whenever I am trying to hit the "User Registration App" using the DNS url it's throwing an error:
<html>
<head>
<title>405 Not Allowed</title>
</head>
<body>
<center>
<h1>405 Not Allowed</h1>
</center>
<hr>
<center>openresty</center>
</body>
</html>
I am trying to provide all the details I have right. Can provide more details if required. I am not able to understand why NGINX server is throwing "405 Not allowed error".
User Registration Spring Boot App
Spring Boot App Controller - POST method receive the input data
NGINX Controller
Followed the steps mentioned here: https://kubernetes.github.io/ingress-nginx/deploy/#detect-installed-version
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/mandatory.yaml
Ingress Controller Service
Kubernetes Services:
Services Running in Kubernetes Cluster - Refer Yellow marked
Kubernetes Pods:
Pods running in Kubernetes Cluster - Refer Yellow marked
Ingress YML:
`
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: fanout-ingress
namespace: xyz-product
labels: # Labels that will be applied to this resource
app: prod-user-reg-app
annotations:
kubernetes.io/ingress.class: "nginx"
ingress.kubernetes.io/ssl-redirect: "false"
nginx.ingress.kubernetes.io/enable-cors: "true"
nginx.ingress.kubernetes.io/cors-allow-methods: "PUT, GET, POST, OPTIONS"
spec:
rules:
- host: test.apps.myproduct.com
http:
paths:
- path: /user-reg/create/*
backend:
serviceName: prod-user-reg-create-app
servicePort: 8081`
Kubctl Describe Ingress
GCP Cloud DNS
How do solve the issue? And where is the problem? In NGINX Controller service?
Please help.
The resolution is here. Changed the URL path and used a registered domain to access via the internet.
https://github.com/kubernetes/ingress-nginx/issues/4772 and
https://github.com/kubernetes/ingress-nginx/issues/4776
I have a kubernetes cluster on amazon ews on which I intend to run multiple applications.
I have multiple services which make up one such application and I want to expose them to the internet using an amazon load balancer (elb). I want to use the ELB because I don't want to use port 80 directly as many applications share this port and I want each one of them to define their ingress resource independent of others.
I read about kubernetes ingress resources and thought that is exactly what I'm looking for. However I didn't manage to expose it through a service with load balancer. Now when I read the documentation Services are meant to expose pods but an ingress is:
An API object that manages external access to the services in a cluster, typically HTTP.
Is what I'm trying to do possible or did I not grasp some concept and trying to do something impossible or wrong?
My code:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: ingress
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
labels:
id: ingress
spec:
rules:
- http:
paths:
- path: /api/devices
backend:
serviceName: device-management
servicePort: 3001
- path: /api/datasources
backend:
serviceName: data-acquisition
servicePort: 3001
- path: /auth,/account,/api/tenants,/api/users
backend:
serviceName: device-management
servicePort: 3001
## TODO: Find out how to add subdomain entry for auth.domain and s3.domain
---
apiVersion: v1
kind: Service
metadata:
name: ingress
labels:
id: ingress
spec:
type: LoadBalancer
ports:
- name: http
port: 80
targetPort: 80
- name: https
port: 443
targetPort: 443
selector:
id: ingress
Output from kubectl describe service ingress contains
Endpoints: none
The problem is that I didn't install an ingress controller. The documentation states:
You need an Ingress controller to satisfy an Ingress, simply creating the resource will have no effect.
The ingress controller creates an nginx pod and a service (load balancer) which will then implement the rules described in all ingress resources. The installation guide gives further information on how to install it on different platforms.
The ingress controller replaces the service which I desribed above and implements all ingress resources desribed in the cluster.