目录
1.背景
继续在kubernetes集群环境上学习并安装主要组件
2.版本
- k8s:v1.19.2
- ingress:v0.35.0
3.步骤
1)下载镜像及版本
- pollyduan/ingress-nginx-controller:v0.35.0
- jettech/kube-webhook-certgen:v1.2.2
注:这里因为网速问题,能下载到的镜像
2)上传到自己的本地仓库Registry
### 10.0.12.234:5000本地仓库IP地址和端口号
### 为镜像打个tag
# docker tag pollyduan/ingress-nginx-controller:v0.35.0 10.0.12.234:5000/pollyduan/ingress-nginx-controller:v0.35.0
# docker tag jettech/kube-webhook-certgen:v1.2.2 10.0.12.234:5000/jettech/kube-webhook-certgen:v1.2.2
### 推送到本地仓库
# docker push 10.0.12.234:5000/pollyduan/ingress-nginx-controller:v0.35.0
# docker push 10.0.12.234:5000/jettech/kube-webhook-certgen:v1.2.2
### 查看镜像
# docker images | grep ingress
3)下载并修改官方yaml文件
当前工作节点地址:10.0.12.233
修改所有的image:
-
image: k8s.gcr.io/ingress-nginx/controller:v0.35.0@sha256:fc4979d8b8443a831c9789b5155cded454cb7de737a8b727bc2ba0106d2eae8b
---> image: 10.0.12.234:5000/pollyduan/ingress-nginx-controller:v0.35.0
-
image: docker.io/jettech/kube-webhook-certgen:v1.2.2
---> image: 10.0.12.234:5000/jettech/kube-webhook-certgen:v1.2.2
4)执行文件
# kubectl apply -f ingress-controller.yml
5)检查执行结果
# kubectl get pods -n ingress-nginx
6)创建ingress规则
编写ingress-app.yml:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: example-ingress
spec:
rules:
- host: example.ingressdemo.com
http:
paths:
- path: /
backend:
serviceName: web
servicePort: 8088
7)执行文件和查看结果
# kubectl apply -f ingress-app.yml
# kubectl get ingress -A
8)修改主机域名解析
这里以Windows为例,在C:\Windows\System32\drivers\etc目录下,打开hosts文件进行编辑,在最末一行添加:
# 省略前面的配置
10.0.12.233 example.ingressdemo.com
9)验证结果
打开浏览器,输入上述地址:example.ingressdemo.com,可以正常出现“Welcom to nginx”,则表示Ingress的安装和使用正确。
4.遇到的问题
1)ingress-controller起不来
通过kubectl describe查看pod,有这样一句报错:port 80 is already in use. Please check the flag --http-port
解决方法:
通过# netstat -antp | grep 80,找到了占用端口的应用,然后停掉就可以了。
2)ingress-controller起不来
查看官方文档有这么一句提示
所以,在执行ingress-controller.yml后,执行以下如下命令:
kubectl wait --namespace ingress-nginx \
--for=condition=ready pod \
--selector=app.kubernetes.io/component=controller \
--timeout=120s
3)浏览器直接输入域名无法访问,后台curl时报错:[root@node1 ~]# curl http://example.ingressdemo.com
curl: (6) Could not resolve host: ingress-nginx-controller-admission.ingress-nginx.svc; Unknown error
解决方法:
[root@node1]# kubectl get ValidatingWebhookConfiguration/ingress-nginx-admission -n ingress-nginx
NAME WEBHOOKS AGE
ingress-nginx-admission 1 7d1h
[root@test ~]# kubectl edit ValidatingWebhookConfiguration/ingress-nginx-admission -n ingress-nginx
validatingwebhookconfiguration.admissionregistration.k8s.io/ingress-nginx-admission edited
######下面是edit界面中的某一段
webhooks:
- admissionReviewVersions:
- v1beta1
clientConfig:
caBundle: BDRVJUSUZJQ0FURS0tLS0LS0tLS1CRUdJTitCk1JSURUNBaEJOUUROWnBJcXR3JPRENCM3FBREFnTTJzaDg3YVVrSlpNQW9HQ0NxR1NNNDlCQU1DWUjBUQVFIL0TUFBd0lCNxR1NNNDRTVNVEl3TlRJMVdoZ1BNakV5TURBME1qVXhNakExTWpWYU1BQXdXVEZ3dOakFPQmdOVkFUQmdjcWhrak9QUUlCQmdncQpoa2pPUFFNY04KTWpBd05UQkJ3TkNBQVRDcWRWOWdVTm5yelYSs3NlBUQVBRSm9KS30Umg5NlIxYkl6R3lzQjE3UHJzc21CNDBGQjRPYU5jJHYVpaTHNtN1MR28yMGwzCdzblJva2FRcWpMOBrYW96hROEJBZjhFQkFNQ0FnUXcKRXdZRFZSMGxCQXd3Q2dZSUt3WUJCUVVIQXdFCL3pBS0JnZ3Foa2pPUFFRRApBZ05KQURCR0FpRUE4K1A1WGlyOFgzREJEK1IvN2lIVWxzNXg3TW1UdjVMN1VzQzBd0R3WURJBVXdBd0VQ0lRQ2JS1FTkQgQ0VSVSMUNpCWG50RmdDblJLRkxjUVkxeWJ6bDVwTnlyZkZnPkVOdGSUNBVEUtLS0tLQoEJ6N21CNU9KT0KLS0tLEl=
service:
name: ingress-nginx-controller-admission
namespace: ingress-nginx
path: /extensions/v1beta1/ingresses
port: 443
failurePolicy: Fail ################## 改成:Ignore
matchPolicy: Exact
name: validate.nginx.ingress.kubernetes.io
5.参考文档
https://github.com/kubernetes/ingress-nginx/blob/master/docs/deploy/index.md -- 官方文档
https://blog.csdn.net/cds992/article/details/106246616 -- 报错的处理方法