Kubernetes ingress基础
Nginx ingress 使用ConfigMap来管理Nginx配置,nginx是大家熟知的代理和负载均衡软件,比起Traefik来说功能更加强大.
ngress是Kubernetes集群对外暴露服务的一种推荐方法,Ingress封装了nginx,背后还是nginx在发挥作用,Ingress的作用是不断检测pod的IP变化,然后将变化更新到nginx的配置中。从而当集群中有pod重启时,可以做到不用重启nginx
目录
with Helm
#use helm 正常情况下如次 要FQ helm upgrade --install ingress-nginx ingress-nginx \ --repo https://kubernetes.github.io/ingress-nginx \ --namespace ingress-nginx --create-namespace Release "ingress-nginx" does not exist. Installing it now. Error: failed to download "https://github.com/kubernetes/ingress-nginx/releases/download/helm-chart-4.1.4/ingress-nginx-4.1.4.tgz"
install(现在用kuboard 2022)
部署Ingress 控制器
https://kubernetes.github.io/ingress-nginx/deploy/
#2022 root@k8s-master:~# kubectl apply -f deploy.yaml namespace/ingress-nginx created serviceaccount/ingress-nginx created serviceaccount/ingress-nginx-admission created role.rbac.authorization.k8s.io/ingress-nginx created role.rbac.authorization.k8s.io/ingress-nginx-admission created clusterrole.rbac.authorization.k8s.io/ingress-nginx created clusterrole.rbac.authorization.k8s.io/ingress-nginx-admission created rolebinding.rbac.authorization.k8s.io/ingress-nginx created rolebinding.rbac.authorization.k8s.io/ingress-nginx-admission created clusterrolebinding.rbac.authorization.k8s.io/ingress-nginx created clusterrolebinding.rbac.authorization.k8s.io/ingress-nginx-admission created configmap/ingress-nginx-controller created service/ingress-nginx-controller created service/ingress-nginx-controller-admission created deployment.apps/ingress-nginx-controller created job.batch/ingress-nginx-admission-create created job.batch/ingress-nginx-admission-patch created ingressclass.networking.k8s.io/nginx created validatingwebhookconfiguration.admissionregistration.k8s.io/ingress-nginx-admission created root@k8s-master:~# kubectl create deployment demo --image=httpd --port=80 deployment.apps/demo created root@k8s-master:~# kubectl expose deployment demo service/demo exposed root@k8s-master:~# kubectl get pods --all-namespaces -l app.kubernetes.io/name=ingress-nginx --watch NAMESPACE NAME READY STATUS RESTARTS AGE ingress-nginx ingress-nginx-admission-create-5jc9p 0/1 ImagePullBackOff 0 2m47s ingress-nginx ingress-nginx-admission-patch-2mb45 0/1 ImagePullBackOff 0 2m47s ingress-nginx ingress-nginx-controller-55dcf56b68-gpckf 0/1 ContainerCreating 0 2m47s ingress-nginx ingress-nginx-admission-create-5jc9p 0/1 ErrImagePull 0 2m47s ingress-nginx ingress-nginx-admission-create-5jc9p 0/1 ImagePullBackOff 0 3m #FQ吧 少年 以前的 2019年的 wget -c https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/mandatory.yaml kubectl apply -f mandatory.yaml namespace/ingress-nginx configured configmap/nginx-configuration unchanged configmap/tcp-services created configmap/udp-services created serviceaccount/nginx-ingress-serviceaccount unchanged clusterrole.rbac.authorization.k8s.io/nginx-ingress-clusterrole configured role.rbac.authorization.k8s.io/nginx-ingress-role unchanged rolebinding.rbac.authorization.k8s.io/nginx-ingress-role-nisa-binding unchanged clusterrolebinding.rbac.authorization.k8s.io/nginx-ingress-clusterrole-nisa-binding unchanged deployment.apps/nginx-ingress-controller configured Verify installation To check if the ingress controller pods have started, kubectl get pods --all-namespaces -l app.kubernetes.io/name=ingress-nginx --watch NAMESPACE NAME READY STATUS RESTARTS AGE ingress-nginx nginx-ingress-controller-86449c74bb-rthhw 0/1 ImagePullBackOff 0 2m5s kubectl get pods -n ingress-nginx -o wide --watch #也是查看 Once the operator pods are running, you can cancel the above command by typing Ctrl+C. 可见上面还不是runing 过一阵才好 kubectl get pods -n ingress-nginx NAME READY STATUS RESTARTS AGE nginx-ingress-controller-86449c74bb-rthhw 1/1 Running 0 19h
部署svc
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/provider/cloud-generic.yaml service/ingress-nginx created [root@master ingress]# kubectl get svc -n ingress-nginx NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE ingress-nginx LoadBalancer 10.99.141.156 <pending> 80:31279/TCP,443:30847/TCP 2m43s
trouble
kubectl get ing #ADDRESS 为空 NAME HOSTS ADDRESS PORTS AGE simple * 80 4s
usage
最简单的使用例子
** 创建一个空间
cat testing-namespace.yaml kind: Namespace apiVersion: v1 metadata: name: testing labels: env: testing
** 创建 tomcat-deploy
cat tomcat-deploy.yaml apiVersion: apps/v1 kind: Deployment metadata: name: tomcat-deploy namespace: testing spec: replicas: 2 selector: matchLabels: app: tomcat template: metadata: labels: app: tomcat spec: containers: - name: tomcat image: tomcat:8.0.50-jre8-alpine ports: - containerPort: 8080 name: httpport - containerPort: 8009 name: ajpport
** 创建 tomcat svc
cat tomcat-svc.yaml apiVersion: v1 kind: Service metadata: name: tomcat-svc namespace: testing labels: app: tomcat-svc spec: selector: app: tomcat ports: - name: httpport port: 80 targetPort: 8080 protocol: TCP
** 创建 tomcat-ingress
#前提 先在 kuboard 先创建个ingress 叫 tt cat tomcat-ingress.yaml apiVersion: extensions/v1beta1 kind: Ingress metadata: name: tomcat namespace: testing annotations: kubernetes.io/ingress.class: "tt" #kubernetes.io/ingress.class: "nginx" spec: rules: - host: tt.com #- host: tomcat.ikubernetes.io http: paths: - path: backend: serviceName: tomcat-svc servicePort: 80
** visa
host master ip http://tt.com:32136/
ingress https
see also
k8s集群中部署tomcat,访问方式使用Ingress,高可用 和NodePort方式
k8s ingress及ingress controller
K8S 部署 ingress-nginx (一) 原理及搭建
解决kubernetes中ingress-nginx配置问题
Kubernetes - nginx-ingress 配置跳坑指南