官网仓库:ingress-nginx仓库
从以上仓库点击 Getting Started 就到了安装上文档
NGINX Ingress Controller 安装文档
官网下载下来的 deploy 文件中 ,ingress 都是 LoadBalance
所以,学习环境和测试环境最好先去配置为支持 LoadBalance 的
前车之鉴:
本人之前着急进行下去没改成 NodePort 方式,(否则 controller 会一直 Pending )然后,各种端口转来转去的,非常混乱,所以,回头配置了 MetalLB 之后,重新走了一遍!
k8s学习: 使用 MetalLB 给测试环境配置LoadBalancer 服务
1、下载 deploy 文件,并替换被墙的 image
-
按照 kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.1.0/deploy/static/provider/cloud/deploy.yaml
这里最新版本时 v1.1.0 ,所以,先下载 deploy 文件
wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.0.5/deploy/static/provider/cloud/deploy.yaml --no-check-certificate
里面镜像被墙,所以,通过 docker search 之后,只好降级到 v1.0.5
wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.0.5/deploy/static/provider/cloud/deploy.yaml --no-check-certificate
-
替换 image
vim deploy.yaml
查找可以替换的 images,有以下 3 处,共 2 个 image 需要替换
docker search controller:v1.0.5
NAME DESCRIPTION STARS OFFICIAL AUTOMATED xyz349925756/ingress-nginx-controller k8s.gcr.io/ingress-nginx/controller:v1.0.5 0 v5cn/controller sync k8s.gcr.io/ingress-nginx/controller:v1.… 0docker search kube-webhook-certgen
... lianyuxue1020/kube-webhook-certgen new pull lianyuxue1020/kube-webhook-certgen:… 0 ...分别替换以上找到的 image
332 行
image: v5cn/controller:v1.0.5 # xyz349925756/ingress-nginx-controller:v1.0.5 # registry.aliyuncs.com/google_containers/ingress-nginx/controller:v1.0.5@sha256:55a1fcda5b7657c372515 fe402c3e39ad93aa59f6e4378e82acd99912fe6028d614 行
image: lianyuxue1020/kube-webhook-certgen:v1.1.1 # registry.aliyuncs.com/google_containers/ingress-nginx/kube-webhook-certgen:v1.1.1@sha256:64d8c73dca984af206adf9d6d7e46aa550362b1 d7a01f3a0a91b20cc6786866664 行
image: lianyuxue1020/kube-webhook-certgen:v1.1.1 # registry.aliyuncs.com/google_containers/ingress-nginx/kube-webhook-certgen:v1.1.1@sha256:64d8c73dca984af206adf9d6d7e46aa550362b1 d7a01f3a0a91b20cc67868660另外 增加了 node 节点地址作为 externalIPs
这个不是必须的!只是之前使用 NodePort 方式时留下的这个在文档 Bare-metal considerations 的 one could edit the ingress-nginx Service and add the following field to the object spec 这里的 Example
暂时没有太明白用途externalIPs: # - 192.168.1.188 - 192.168.1.185 - 192.168.1.186 - -
kubectl apply -f deploy.yaml
-
确认 ingress-nginx-controller
kubectl get pods --namespace=ingress-nginxNAME READY STATUS RESTARTS AGE ingress-nginx-admission-create--1-cb45t 0/1 Completed 0 4h13m ingress-nginx-admission-patch--1-dbnm8 0/1 Completed 1 4h13m ingress-nginx-controller-557c5d96d6-lrj85 1/1 Running 1 (4h12m ago) 4h13m
2、 local 测试
按照文档中 Local testing
-
创建一个简单的 httpd 网站和服务
kubectl create deployment demo --image=httpd --port=80
kubectl expose deployment demo
-
创建一个 ingress 资源
kubectl create ingress demo-localhost --class=nginx
–rule=demo.localdev.me/*=demo:80 -
端口转发:转发 ingress controller 的 80 端口,到localhost 的 8080 端口
kubectl port-forward --namespace=ingress-nginx service/ingress-nginx-controller 8080:80
-
查询 ingress
kubectl get ingressNAME CLASS HOSTS ADDRESS PORTS AGE
demo-localhost nginx demo.localdev.me 192.168.1.185,192.168.1.186,192.168.1.241 80 4h14m
-
curl 验证
无需 localhost 模拟DNS 域名 demo.localdev.me,因为 kubectl port-forward 中按照 sevice 名称就可以找到 demo.localdev.me 对应的 Cluster 地址,并转发到 local 地址
curl http://demo.localdev.me:8080/ 和 curl 127.0.0.1:8080 是一样的
curl http://demo.localdev.me:8080/
<html><body><h1>It works!</h1></body></html>
3、在线测试
按照文档中 Online testing
注意这里写着
It will be the EXTERNAL-IP field. If that field shows , this means that your Kubernetes cluster wasn’t able to provision the load balancer (generally, this is because it doesn’t support services of type LoadBalancer).
意思是如果环境不支持 LoadBalancer ,这个服务会一直 Pending
-
创建一个 ingress , host 设置为 www.demo.io
kubectl create ingress demo --class=nginx
–rule=“www.demo.io/*=demo:80” -
查询 ingress 资源,现在有 2 个 ingress 了
kubectl get ingress
NAME CLASS HOSTS ADDRESS PORTS AGE demo nginx www.demo.io 192.168.1.185,192.168.1.186,192.168.1.241 80 4h11m demo-localhost nginx demo.localdev.me 192.168.1.185,192.168.1.186,192.168.1.241 80 4h14m -
local 模拟 DNS
模拟域名 www.demo.io 指向 ingress 的 ADDRESS (192.168.1.241),demo 服务地址是 ClusterIP ,不能给 Cluster 之外使用vim /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 # 127.0.0.1 centos7-188 192.168.1.189 centos7-189 192.168.1.188 centos7-188 192.168.1.186 centos7-186 192.168.1.185 centos7-185 # ingress 192.168.1.185 www.demo.io 192.168.1.186 www.demo.io 192.168.1.241 www.demo.io 192.168.1.186 www.demo1.io 192.168.1.186 www.demo1.io 192.168.1.241 www.demo1.io 192.168.1.240 www.demo1.io -
查询服务 IP
查询 ingress-nginx-controller 服务的 IPkubectl get service ingress-nginx-controller --namespace=ingress-nginx
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE ingress-nginx-controller LoadBalancer 10.106.206.189 192.168.1.241,192.168.1.185,192.168.1.186 80:32423/TCP,443:30832/TCP 4h23m查询 demo 服务的 IP
kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE demo ClusterIP 10.109.183.133 <none> 80/TCP 4h33m ... -
curl 验证
因为 demo 服务 的 IP 是 ClusterIP ,他没有EXTERNAL-IP , 所以
curl http://www.demo1.io/. 可以,但是 curl 192.168.1.241 不可以curl http://www.demo.io/.
<html><body><h1>It works!</h1></body></html>
4、测试之前 LoadBalancer 的 nginx 服务
前面 k8s学习: k8s学习: 使用 MetalLB 给测试环境配置LoadBalancer 服务 的时候,创建过一个 nginx 例子,现在拿来测试一下
-
创建一个 ingress 资源: demo1,域名 :www.demo1.io
kubectl create ingress demo1 --class=nginx --rule=“www.demo1.io/*=demo1:80”
现在有 3 个 ingress 资源了!
kubectl get ingress
NAME CLASS HOSTS ADDRESS PORTS AGE demo nginx www.demo.io 192.168.1.185,192.168.1.186,192.168.1.241 80 4h11m demo-localhost nginx demo.localdev.me 192.168.1.185,192.168.1.186,192.168.1.241 80 4h14m demo1 nginx www.demo1.io 192.168.1.185,192.168.1.186,192.168.1.241 80 3h50m -
查询服务的 IP
kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE demo ClusterIP 10.109.183.133 <none> 80/TCP 4h33m demo1 LoadBalancer 10.103.89.77 192.168.1.240 80:31590/TCP 4h51m kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 5h29m -
修改 /etc/hosts ,加上 www.demo1.io 解析
-
curl 验证
因为 demo1 的 IP 是 LoadBalancer ,他拥有一个 EXTERNAL-IP
所以,curl http://www.demo1.io/. 和 curl 192.168.1.240 是一样的curl 192.168.1.240
curl http://www.demo1.io/.<!DOCTYPE html> <html> <head> <title>Welcome to nginx!</title> <style> html { color-scheme: light dark; } body { width: 35em; margin: 0 auto; font-family: Tahoma, Verdana, Arial, sans-serif; } </style> </head> <body> <h1>Welcome to nginx!</h1> <p>If you see this page, the nginx web server is successfully installed and working. Further configuration is required.</p> <p>For online documentation and support please refer to <a href="http://nginx.org/">nginx.org</a>.<br/> Commercial support is available at <a href="http://nginx.com/">nginx.com</a>.</p> <p><em>Thank you for using nginx.</em></p> </body> </html>
5、删除 deploy 中增加的 node 节点地址作为 externalIPs ,对比一下
kubectl get service ingress-nginx-controller --namespace=ingress-nginx
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ingress-nginx-controller LoadBalancer 10.105.20.144 192.168.1.241 80:31782/TCP,443:30630/TCP 11s
kubectl get ingress
NAME CLASS HOSTS ADDRESS PORTS AGE
demo nginx www.demo.io 192.168.1.241 80 5h11m
demo-localhost nginx demo.localdev.me 192.168.1.241 80 5h14m
demo1 nginx www.demo1.io 192.168.1.241 80 4h50m
kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
demo ClusterIP 10.109.183.133 <none> 80/TCP 5h16m
demo1 LoadBalancer 10.103.89.77 192.168.1.240 80:31590/TCP 5h34m
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 6h12m
这样子比较纯粹!不会再 redirest 到 node 地址,只有 LoadBalancer 的虚拟 IP !
扫一扫
4899
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
