站点下线

本文介绍如何将站点下线,使其不再处理客户端请求

何时使用此程序

在部署生命周期中,可能需要临时将站点下线以进行维护或软件升级。为了确保没有用户请求被路由到需要维护的站点,必须将该站点从您的负载均衡器配置中移除。

步骤

请按照以下步骤从负载均衡器中移除站点,以便没有流量可以路由到该站点。

Global Accelerator

  1. 确定要保持在线的站点关联的网络负载均衡器 (NLB) 的 ARN

    命令
    NAMESPACE= (1)
    REGION= (2)
    HOSTNAME=$(kubectl -n $NAMESPACE get svc accelerator-loadbalancer --template="{{range .status.loadBalancer.ingress}}{{.hostname}}{{end}}")
    aws elbv2 describe-load-balancers \
      --query "LoadBalancers[?DNSName=='${HOSTNAME}'].LoadBalancerArn" \
      --region ${REGION} \
      --output text
    1 包含 Keycloak 部署的 Kubernetes 命名空间
    2 托管 Kubernetes 集群的 AWS 区域
    输出
    arn:aws:elasticloadbalancing:eu-west-1:606671647913:loadbalancer/net/a49e56e51e16843b9a3bc686327c907b/9b786f80ed4eba3d
  2. 更新 Accelerator EndpointGroup 以仅包含单个站点

    1. 列出 Global Accelerator 的 EndpointGroup 中的当前端点

      命令
      ACCELERATOR_NAME= (1)
      ACCELERATOR_ARN=$(aws globalaccelerator list-accelerators \
        --query "Accelerators[?Name=='${ACCELERATOR_NAME}'].AcceleratorArn" \
        --region us-west-2 \ (2)
        --output text
      )
      LISTENER_ARN=$(aws globalaccelerator list-listeners \
        --accelerator-arn ${ACCELERATOR_ARN} \
        --query "Listeners[*].ListenerArn" \
        --region us-west-2 \
        --output text
      )
      aws globalaccelerator list-endpoint-groups \
        --listener-arn ${LISTENER_ARN} \
        --region us-west-2
      1 要更新的 Accelerator 的名称
      2 查询 AWS Global Accelerators 时,区域必须始终设置为 us-west-2
      输出
      {
          "EndpointGroups": [
              {
                  "EndpointGroupArn": "arn:aws:globalaccelerator::606671647913:accelerator/d280fc09-3057-4ab6-9330-6cbf1f450748/listener/8769072f/endpoint-group/a30b64ec1700",
                  "EndpointGroupRegion": "eu-west-1",
                  "EndpointDescriptions": [
                      {
                          "EndpointId": "arn:aws:elasticloadbalancing:eu-west-1:606671647913:loadbalancer/net/a49e56e51e16843b9a3bc686327c907b/9b786f80ed4eba3d",
                          "Weight": 128,
                          "HealthState": "HEALTHY",
                          "ClientIPPreservationEnabled": false
                      },
                      {
                          "EndpointId": "arn:aws:elasticloadbalancing:eu-west-1:606671647913:loadbalancer/net/a3c75f239541c4a6e9c48cf8d48d602f/5ba333e87019ccf0",
                          "Weight": 128,
                          "HealthState": "HEALTHY",
                          "ClientIPPreservationEnabled": false
                      }
                  ],
                  "TrafficDialPercentage": 100.0,
                  "HealthCheckPort": 443,
                  "HealthCheckProtocol": "TCP",
                  "HealthCheckIntervalSeconds": 30,
                  "ThresholdCount": 3
              }
          ]
      }
    2. 更新 EndpointGroup 以仅包含步骤 1 中检索到的 NLB。

      命令
      aws globalaccelerator update-endpoint-group \
        --endpoint-group-arn arn:aws:globalaccelerator::606671647913:accelerator/d280fc09-3057-4ab6-9330-6cbf1f450748/listener/8769072f/endpoint-group/a30b64ec1700 \
        --region us-west-2 \
        --endpoint-configurations '
        [
          {
              "EndpointId": "arn:aws:elasticloadbalancing:eu-west-1:606671647913:loadbalancer/net/a49e56e51e16843b9a3bc686327c907b/9b786f80ed4eba3d",
              "Weight": 128,
              "ClientIPPreservationEnabled": false
          }
        ]
      '
在此页上