Ingress 核心概念
Ingress:Service的统一网关入口 (是一个代理,可以根据配置转发请求到指定的服务上)
Ingress Controller安装
wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.6.4/deploy/static/provider/baremetal/deploy.yaml
wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.8.1/deploy/static/provider/baremetal/deploy.yaml
# 查看 image
mv deploy.yaml ingress.yaml
cat ingress.yaml | grep image:
# 替换镜像
sed -i 's#registry.k8s.io/ingress-nginx/controller:v1.8.1@sha256:e5c4824e7375fcf2a393e1c03c293b69759af37a9ca6abdb91b13d78a93da8bd#registry.cn-hangzhou.aliyuncs.com/image-storage/controller:v1.6.4#' ingress.yaml
sed -i 's#registry.k8s.io/ingress-nginx/kube-webhook-certgen:v20230407@sha256:543c40fd093964bc9ab509d3e791f9989963021f1e9e4c9c7b6700b02bfb227b#registry.cn-hangzhou.aliyuncs.com/image-storage/kube-webhook-certgen:v20220916-gd32f8c343#' ingress.yaml
# 安装
kubectl apply -f ingress.yaml
kubectl get svc -A
kubectl get pods -A
ingress-nginx ingress-nginx-controller NodePort 10.103.177.22 <none> 80:30792/TCP,443:30523/TCP 3m42s
http://192.168.0.11:30792
https://192.168.0.11:30523
创建 Ingress对象
创建Deployment Service测试
vim test.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: hello-server
spec:
replicas: 2
selector:
matchLabels:
app: hello-server
template:
metadata:
labels:
app: hello-server
spec:
containers:
- image: registry.cn-hangzhou.aliyuncs.com/lfy_k8s_images/hello-server
name: hello-server
ports:
- containerPort: 8080
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-demo
labels:
app: nginx-demo
spec:
replicas: 2
selector:
matchLabels:
app: nginx-demo
template:
metadata:
labels:
app: nginx-demo
spec:
containers:
- image: nginx
name: nginx
---
apiVersion: apps/v1
kind: Service
metadata:
labels:
app: nginx-demo
name: nginx-demo
spec:
selector:
app: nginx-demo
ports:
- port: 8000
protocol: TCP
targetPort: 80
---
apiVersion: apps/v1
kind: Service
metadata:
labels:
app: hello-server
name: hello-server
spec:
selector:
app: hello-server
ports:
- port: 8000
protocol: TCP
targetPort: 9000
通过访问 Service IP : Service Port 进而访问 Pod应用
创建 ingress
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ingress-host-test
spec:
ingressClassName: nginx
rules:
- host: "hello.yy.com"
http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: hello-server
port:
number: 8000
- host: "nginx.yy.com"
http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: nginx-demo
port:
number: 8000
通过配置域名访问
192.168.0.200 nginx.yy.com
192.168.0.200 hello.yy.com
192.168.0.11 nginx.yy.com
192.168.0.11 hello.yy.com
支持域名IP访问
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ingress-host-test
spec:
ingressClassName: nginx
rules:
- host: "hello.yy.com"
http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: hello-server
port:
number: 8000
- host: "nginx.yy.com"
http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: nginx-demo
port:
number: 8000
- http:
paths:
- pathType: Prefix
path: /nginx
backend:
service:
name: nginx-demo
port:
number: 8000
- pathType: Prefix
path: /hello
backend:
service:
name: hello-server
port:
number: 8000
Ingress对Service负载均衡,Service对Pod负载均衡
Ingress路径重写
# 路径重写
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /$2
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ingress-host-test
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /$2
spec:
ingressClassName: nginx
rules:
- host: "hello.yy.com"
http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: hello-server
port:
number: 8000
- host: "nginx.yy.com"
http:
paths:
- pathType: Prefix
path: "/nginx(/|$)(.*)"
backend:
service:
name: nginx-demo
port:
number: 8000
Ingress 流量限制
annotations:
nginx.ingress.kubernetes.io/limit-rps: "1"
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ingress-limit-rate
annotations:
nginx.ingress.kubernetes.io/limit-rps: "1"
spec:
ingressClassName: nginx
rules:
- host: "haha.yy.com"
http:
paths:
- pathType: Exact
path: "/"
backend:
service:
name: nginx-demo
port:
number: 8000
扫一扫
1228
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
