为Google容器引擎配置端口范围映射到container.yaml

本文介绍了为Google容器引擎配置端口范围映射到container.yaml的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述

我遵循了所有的Google文档，将Docker映像部署到goole运算中(此)，但我找不到有关google-container-manifest选项的更多信息.

I followed all the google documentation to deploy a docker image into goole compute (this one) but I can't find more informations about google-container-manifest options.

例如，我无法添加端口范围. 我尝试过但没有成功:

For example I can't add a port range. I tried that without success :

ports: - containerPort: 80 hostPort: 80 - containerPort: 443 hostPort: 443 - containerPort: "10000-20000" hostPort: "10000-20000"

在哪里可以找到可用于Google容器清单的所有参数? 是否可以添加端口范围映射?

Where can we find all parameters we can use for google container manifest ? And is it possible to add a port range mapping ?

Thx

[使用@alex解决方案进行编辑]

apiVersion: v1 kind: Pod metadata: name: test spec: hostNetwork: true containers: - name: test1 image: eu.gcr.io/app-1234/image imagePullPolicy: Always

现在docker容器上的所有端口都在Google VM上公开了.

And now all port on docker container are expose on google VM.

别忘了配置网络以暴露所需的所有端口:

Do not forget to configure a network to expose all port you need like that :

gcloud compute networks create test-network gcloud compute firewall-rules create test-allow-http --allow tcp:80 --network test-network gcloud compute firewall-rules create test-allow-ssh --allow tcp:22 --network test-network gcloud compute firewall-rules create test-allow-https --allow tcp:443 --network test-network gcloud compute firewall-rules create test-allow-video --allow udp:10000-20000,icmp --network test-network

并运行这样的实例:

gcloud compute instances create test-example \ --image container-vm \ --metadata-from-file google-container-manifest=containers.yaml \ --zone europe-west1-b \ --machine-type n1-standard-2 \ --network test-network

推荐答案

在该文档页面的下方稍稍提到:

As mentioned a little lower down on that docs page:

可以在以下位置找到容器清单的文档: Kubernetes API Pod规范.容器VM正在运行 简单的Kubelet而不是整个Kubernetes控制平面，因此 容器VM遵循的v1.PodSpec限制为containers， volumes和restartPolicy.

Documentation for the container manifest can be found in the Kubernetes API Pod Specification. The container VM is running a simple Kubelet and not the entire Kubernetes control plane, so the v1.PodSpec honored by the container VM is limited to containers, volumes, and restartPolicy.

不过，关于添加如此广泛的端口，您介意解释您的用例吗?当前，API不支持任意端口范围，仅支持显式端口列表.如果您真正想要的是容器可以使用机器上的所有端口，则可以考虑使用v1.PodSpec中的hostNetwork选项，该选项将直接在主机的网络上运行容器，而无需端口映射.

Regarding adding such a large range of ports, though, would you mind explaining your use case? Currently the API does not support arbitrary port ranges, only lists of explicit ports. If what you really want is for all the ports on the machine to be usable by your container, you might want to consider the hostNetwork option in the v1.PodSpec, which will run your container directly on the host's network with no need for port mapping.