1、ingress介绍
-
Ingress 提供从集群外部到集群内服务的 HTTP 和 HTTPS 路由。 流量路由由 Ingress 资源所定义的规则来控制。
-
Ingress 是对集群中服务的外部访问进行管理的 API 对象,典型的访问方式是 HTTP。
-
Ingress 可以提供负载均衡、SSL 终结和基于名称的虚拟托管。
2、ingress 的依赖
-
你必须拥有一个 Ingress 控制器 才能满足 Ingress 的要求。仅创建 Ingress 资源本身没有任何效果。
-
你可能需要部署一个 Ingress 控制器,例如 ingress-nginx。 你可以从许多 (Ingress 控制器)中进行选择。
-
理想情况下,所有 Ingress 控制器都应遵从参考规范。 但实际上,各个 Ingress 控制器操作略有不同。
3、ingress-nginx 安装流程
参考链接:https://kubernetes.github.io/ingress-nginx/deploy/
3.1 k8s的包管理器 Helm 安装
- Helm官网:https://helm.sh/zh/docs/intro/quickstart/
- 注:安装Helm的时候需要注意k8s的版本
# 下载helm
[root@k8s-master ~]# wget https://get.helm.sh/helm-v3.10.0-linux-amd64.tar.gz -O helm-v3.10.0-linux-amd64.tar.gz
[root@k8s-master ~]# tar -zxvf helm-v3.10.0-linux-amd64.tar.gz
[root@k8s-master ~]# mv linux-amd64/helm /usr/local/bin/
[root@k8s-master ~]# helm version
version.BuildInfo{Version:"v3.10.0", GitCommit:"ce66412a723e4d89555dc67217607c6579ffcb21", GitTreeState:"clean", GoVersion:"go1.18.6"}
3.2 添加helm仓库
[root@k8s-master ~]# helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
"ingress-nginx" has been added to your repositories
[root@k8s-master ~]# helm repo list
NAME URL
ingress-nginx https://kubernetes.github.io/ingress-nginx
[root@k8s-master ~]# helm search repo ingress-nginx
NAME CHART VERSION APP VERSION DESCRIPTION
ingress-nginx/ingress-nginx 4.9.1 1.9.6 Ingress controller for Kubernetes using NGINX a...
3.3 通过helm下载ingress-nginx
下载ingress-nginx的时候需要查看版本是否匹配k8s的版本:地址链接查看新版本是否支持,由于我的k8s版本是1.25,所以最新的v1.9.6可以使用。
[root@k8s-master ~]# helm pull ingress-nginx/ingress-nginx
[root@k8s-master ~]# ll ingress-nginx-4.9.1.tgz
-rw-r--r--. 1 root root 53966 2月 25 14:38 ingress-nginx-4.9.1.tgz
[root@k8s-master ~]# mv ingress-nginx-4.9.1.tgz /opt/helm/
[root@k8s-master ~]# cd !$
cd /opt/helm
[root@k8s-master helm]# ll
总用量 4088
-rw-r--r--. 1 root root 2293749 2月 25 14:40 helm-v3.10.0-linux-amd64.tar.gz
-rw-r--r--. 1 root root 53966 2月 25 14:38 ingress-nginx-4.9.1.tgz
[root@k8s-master helm]# tar -xf ingress-nginx-4.9.1.tgz
[root@k8s-master helm]# cd ingress-nginx
[root@k8s-master ingress-nginx]# ll
总用量 128
drwxr-xr-x. 2 root root 4096 2月 25 14:40 changelog
-rw-r--r--. 1 root root 702 1月 27 15:46 Chart.yaml
drwxr-xr-x. 2 root root 4096 2月 25 14:40 ci
-rw-r--r--. 1 root root 213 1月 27 15:46 OWNERS
-rw-r--r--. 1 root root 48217 1月 27 15:46 README.md
-rw-r--r--. 1 root root 11358 1月 27 15:46 README.md.gotmpl
drwxr-xr-x. 3 root root 4096 2月 25 14:40 templates
drwxr-xr-x. 2 root root 4096 2月 25 14:40 tests
-rw-r--r--. 1 root root 44163 1月 27 15:46 values.yaml
3.4 修改values.yaml参数配置
3.4.1 修改ingress的控制器的镜像地址为国内地址
registry: registry.cn-hangzhou.aliyuncs.com
image: google_containers/nginx-ingress-controller
3.4.2 注释ingress的控制器中的哈希校验
3.4.3 修改dnsPolicy的值为 ClusterFirstWithHostNet
3.4.4 修改hostNetwork的值为true
3.4.5 修改kind的值为DaemonSET
3.4.6 在nodeSelector下添加 ingress: “true”
3.4.7 修改这里的type的值为ClusterIP
3.4.8 修改enabled的值为false
3.4.9 修改kube-webhook处的镜像地址和type
registry: registry.cn-hangzhou.aliyuncs.com
image: google_containers/kube-webhook-certgen
3.5 创建这个ingress资源
3.5.1 专门为ingress-nginx创建一个namespace
[root@k8s-master ingress-nginx]# kubectl create ns ingress-nginx
namespace/ingress-nginx created
3.5.2 为需要部署的ingress节点上添加标签
[root@k8s-master ingress-nginx]# kubectl label node k8s-master ingress=true
node/k8s-master labeled
[root@k8s-master ingress-nginx]# kubectl get nodes --show-labels
NAME STATUS ROLES AGE VERSION LABELS
k8s-master Ready control-plane 5d21h v1.25.0 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,ingress=true,kubernetes.io/arch=amd64,kubernetes.io/hostname=k8s-master,kubernetes.io/os=linux,node-role.kubernetes.io/control-plane=,node.kubernetes.io/exclude-from-external-load-balancers=
k8s-node-01 Ready <none> 5d20h v1.25.0 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=k8s-node-01,kubernetes.io/os=linux,type=microsvc
k8s-node-02 Ready <none> 3d21h v1.25.0 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=k8s-node-02,kubernetes.io/os=linux,type=microsvc
3.5.3 安装ingress-nginx
[root@k8s-master ingress-nginx]# ll
总用量 128
drwxr-xr-x. 2 root root 4096 2月 25 14:40 changelog
-rw-r--r--. 1 root root 702 1月 27 15:46 Chart.yaml
drwxr-xr-x. 2 root root 4096 2月 25 14:40 ci
-rw-r--r--. 1 root root 213 1月 27 15:46 OWNERS
-rw-r--r--. 1 root root 48217 1月 27 15:46 README.md
-rw-r--r--. 1 root root 11358 1月 27 15:46 README.md.gotmpl
drwxr-xr-x. 3 root root 4096 2月 25 14:40 templates
drwxr-xr-x. 2 root root 4096 2月 25 14:40 tests
-rw-r--r--. 1 root root 44366 2月 25 16:55 values.yaml
[root@k8s-master ingress-nginx]# helm install ingress-nginx -n ingress-nginx .
NAME: ingress-nginx
LAST DEPLOYED: Sun Feb 25 19:35:55 2024
NAMESPACE: ingress-nginx
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
The ingress-nginx controller has been installed.
Get the application URL by running these commands:
export POD_NAME="$(kubectl get pods --namespace ingress-nginx --selector app.kubernetes.io/name=ingress-nginx,app.kubernetes.io/instance=ingress-nginx,app.kubernetes.io/component=controller --output jsonpath="{.items[0].metadata.name}")"
kubectl port-forward --namespace ingress-nginx "${POD_NAME}" 8080:80
echo "Visit http://127.0.0.1:8080 to access your application."
An example Ingress that makes use of the controller:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: example
namespace: foo
spec:
ingressClassName: nginx
rules:
- host: www.example.com
http:
paths:
- pathType: Prefix
backend:
service:
name: exampleService
port:
number: 80
path: /
# This section is only required if TLS is to be enabled for the Ingress
tls:
- hosts:
- www.example.com
secretName: example-tls
If TLS is enabled for the Ingress, a Secret containing the certificate and key must also be provided:
apiVersion: v1
kind: Secret
metadata:
name: example-tls
namespace: foo
data:
tls.crt: <base64 encoded cert>
tls.key: <base64 encoded key>
type: kubernetes.io/tls
3.5.4 在node1上添加一个标签
由于master有个污点的问题,所以ingress-nginx暂时无法创建上,这个问题后续在写,现在在node1上添加一个ingress=true的标签。在来查看下。
root@k8s-master ingress-nginx]# kubectl label nodes k8s-node-01 ingress=true
node/k8s-node-01 labeled
[root@k8s-master ingress-nginx]# kubectl get -n ingress-nginx po
NAME READY STATUS RESTARTS AGE
ingress-nginx-controller-jn65t 0/1 ContainerCreating 0 12s
[root@k8s-master ingress-nginx]# kubectl describe -n ingress-nginx po ingress-nginx-controller-jn65t
Name: ingress-nginx-controller-jn65t
Namespace: ingress-nginx
Priority: 0
Service Account: ingress-nginx
Node: k8s-node-01/10.10.10.177
Start Time: Sun, 25 Feb 2024 19:42:49 +0800
Labels: app.kubernetes.io/component=controller
app.kubernetes.io/instance=ingress-nginx
app.kubernetes.io/managed-by=Helm
app.kubernetes.io/name=ingress-nginx
app.kubernetes.io/part-of=ingress-nginx
app.kubernetes.io/version=1.9.6
controller-revision-hash=78d8f9c87c
helm.sh/chart=ingress-nginx-4.9.1
pod-template-generation=1
Annotations: <none>
Status: Running
IP: 10.10.10.177
IPs:
IP: 10.10.10.177
Controlled By: DaemonSet/ingress-nginx-controller
Containers:
controller:
Container ID: docker://5a25f4de88555d15c0a335afda6dcbe02fed2bcf992c30a06c02b05397c50649
Image: registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-ingress-controller:v1.9.6
Image ID: docker-pullable://registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-ingress-controller@sha256:195a471f4765b6c752919003bf5b9a029b250531f9f48caf0beae64495daa4c2
Ports: 80/TCP, 443/TCP
Host Ports: 80/TCP, 443/TCP
Args:
/nginx-ingress-controller
--publish-service=$(POD_NAMESPACE)/ingress-nginx-controller
--election-id=ingress-nginx-leader
--controller-class=k8s.io/ingress-nginx
--ingress-class=nginx
--configmap=$(POD_NAMESPACE)/ingress-nginx-controller
State: Running
Started: Sun, 25 Feb 2024 19:43:12 +0800
Ready: True
Restart Count: 0
Requests:
cpu: 100m
memory: 90Mi
Liveness: http-get http://:10254/healthz delay=10s timeout=1s period=10s #success=1 #failure=5
Readiness: http-get http://:10254/healthz delay=10s timeout=1s period=10s #success=1 #failure=3
Environment:
POD_NAME: ingress-nginx-controller-jn65t (v1:metadata.name)
POD_NAMESPACE: ingress-nginx (v1:metadata.namespace)
LD_PRELOAD: /usr/local/lib/libmimalloc.so
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-dklj9 (ro)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
kube-api-access-dklj9:
Type: Projected (a volume that contains injected data from multiple sources)
TokenExpirationSeconds: 3607
ConfigMapName: kube-root-ca.crt
ConfigMapOptional: <nil>
DownwardAPI: true
QoS Class: Burstable
Node-Selectors: ingress=true
kubernetes.io/os=linux
Tolerations: node.kubernetes.io/disk-pressure:NoSchedule op=Exists
node.kubernetes.io/memory-pressure:NoSchedule op=Exists
node.kubernetes.io/network-unavailable:NoSchedule op=Exists
node.kubernetes.io/not-ready:NoExecute op=Exists
node.kubernetes.io/pid-pressure:NoSchedule op=Exists
node.kubernetes.io/unreachable:NoExecute op=Exists
node.kubernetes.io/unschedulable:NoSchedule op=Exists
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 45s default-scheduler Successfully assigned ingress-nginx/ingress-nginx-controller-jn65t to k8s-node-01
Normal Pulling 44s kubelet Pulling image "registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-ingress-controller:v1.9.6"
Normal Pulled 23s kubelet Successfully pulled image "registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-ingress-controller:v1.9.6" in 20.899701523s
Normal Created 23s kubelet Created container controller
Normal Started 22s kubelet Started container controller
Normal RELOAD 20s nginx-ingress-controller NGINX reload triggered due to a change in configuration
[root@k8s-master ingress-nginx]# kubectl get -n ingress-nginx po -owide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
ingress-nginx-controller-jn65t 1/1 Running 0 2m 10.10.10.177 k8s-node-01 <none> <none>
3.5.5 配置文件
[root@k8s-master ingress-nginx]# grep -Ev '^#|^ #|^ #|^ #|^ #|^$' values.yaml
namespaceOverride: ""
commonLabels: {}
controller:
name: controller
enableAnnotationValidations: false
image:
chroot: false
registry: registry.cn-hangzhou.aliyuncs.com
image: google_containers/nginx-ingress-controller
tag: "v1.9.6"
pullPolicy: IfNotPresent
runAsNonRoot: true
runAsUser: 101
allowPrivilegeEscalation: false
seccompProfile:
type: RuntimeDefault
readOnlyRootFilesystem: false
existingPsp: ""
containerName: controller
containerPort:
http: 80
https: 443
config: {}
configAnnotations: {}
proxySetHeaders: {}
addHeaders: {}
dnsConfig: {}
hostAliases: []
hostname: {}
dnsPolicy: ClusterFirstWithHostNet
reportNodeInternalIp: false
watchIngressWithoutClass: false
ingressClassByName: false
enableTopologyAwareRouting: false
allowSnippetAnnotations: false
hostNetwork: true
hostPort:
enabled: false
ports:
http: 80
https: 443
networkPolicy:
enabled: false
electionID: ""
ingressClassResource:
name: nginx
enabled: true
default: false
controllerValue: "k8s.io/ingress-nginx"
parameters: {}
ingressClass: nginx
podLabels: {}
podSecurityContext: {}
sysctls: {}
containerSecurityContext: {}
publishService:
enabled: true
pathOverride: ""
scope:
enabled: false
namespace: ""
namespaceSelector: ""
configMapNamespace: ""
tcp:
configMapNamespace: ""
annotations: {}
udp:
configMapNamespace: ""
annotations: {}
maxmindLicenseKey: ""
extraArgs: {}
extraEnvs: []
kind: DaemonSet
annotations: {}
labels: {}
updateStrategy: {}
minReadySeconds: 0
tolerations: []
affinity: {}
topologySpreadConstraints: []
terminationGracePeriodSeconds: 300
nodeSelector:
kubernetes.io/os: linux
ingress: "true"
livenessProbe:
httpGet:
path: "/healthz"
port: 10254
scheme: HTTP
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 5
readinessProbe:
httpGet:
path: "/healthz"
port: 10254
scheme: HTTP
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 3
healthCheckPath: "/healthz"
healthCheckHost: ""
podAnnotations: {}
replicaCount: 1
minAvailable: 1
resources:
requests:
cpu: 100m
memory: 90Mi
autoscaling:
enabled: false
annotations: {}
minReplicas: 1
maxReplicas: 11
targetCPUUtilizationPercentage: 50
targetMemoryUtilizationPercentage: 50
behavior: {}
autoscalingTemplate: []
keda:
apiVersion: "keda.sh/v1alpha1"
enabled: false
minReplicas: 1
maxReplicas: 11
pollingInterval: 30
cooldownPeriod: 300
restoreToOriginalReplicaCount: false
scaledObject:
annotations: {}
triggers: []
behavior: {}
enableMimalloc: true
customTemplate:
configMapName: ""
configMapKey: ""
service:
enabled: true
external:
enabled: true
annotations: {}
labels: {}
type: ClusterIP
clusterIP: ""
externalIPs: []
loadBalancerIP: ""
loadBalancerSourceRanges: []
loadBalancerClass: ""
externalTrafficPolicy: ""
sessionAffinity: ""
ipFamilyPolicy: SingleStack
ipFamilies:
- IPv4
enableHttp: true
enableHttps: true
ports:
http: 80
https: 443
targetPorts:
http: http
https: https
appProtocol: true
nodePorts:
http: ""
https: ""
tcp: {}
udp: {}
internal:
enabled: false
annotations: {}
type: ""
clusterIP: ""
externalIPs: []
loadBalancerIP: ""
loadBalancerSourceRanges: []
loadBalancerClass: ""
externalTrafficPolicy: ""
sessionAffinity: ""
ipFamilyPolicy: SingleStack
ipFamilies:
- IPv4
ports: {}
targetPorts: {}
appProtocol: true
nodePorts:
http: ""
https: ""
tcp: {}
udp: {}
shareProcessNamespace: false
extraContainers: []
extraVolumeMounts: []
extraVolumes: []
extraInitContainers: []
extraModules: []
opentelemetry:
enabled: false
name: opentelemetry
image:
registry: registry.k8s.io
image: ingress-nginx/opentelemetry
tag: "v20230721-3e2062ee5"
digest: sha256:13bee3f5223883d3ca62fee7309ad02d22ec00ff0d7033e3e9aca7a9f60fd472
distroless: true
containerSecurityContext:
runAsNonRoot: true
runAsUser: 65532
allowPrivilegeEscalation: false
seccompProfile:
type: RuntimeDefault
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
resources: {}
admissionWebhooks:
name: admission
annotations: {}
enabled: false
extraEnvs: []
failurePolicy: Fail
port: 8443
certificate: "/usr/local/certificates/cert"
key: "/usr/local/certificates/key"
namespaceSelector: {}
objectSelector: {}
labels: {}
existingPsp: ""
service:
annotations: {}
externalIPs: []
loadBalancerSourceRanges: []
servicePort: 443
type: ClusterIP
createSecretJob:
name: create
securityContext:
runAsNonRoot: true
runAsUser: 65532
allowPrivilegeEscalation: false
seccompProfile:
type: RuntimeDefault
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
resources: {}
patchWebhookJob:
name: patch
securityContext:
runAsNonRoot: true
runAsUser: 65532
allowPrivilegeEscalation: false
seccompProfile:
type: RuntimeDefault
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
resources: {}
patch:
enabled: true
image:
registry: registry.cn-hangzhou.aliyuncs.com
image: google_containers/kube-webhook-certgen
tag: v20231226-1a7112e06
priorityClassName: ""
podAnnotations: {}
networkPolicy:
enabled: false
nodeSelector:
kubernetes.io/os: linux
tolerations: []
labels: {}
securityContext: {}
certManager:
enabled: false
rootCert:
duration: ""
admissionCert:
duration: ""
metrics:
port: 10254
portName: metrics
enabled: false
service:
annotations: {}
labels: {}
externalIPs: []
loadBalancerSourceRanges: []
servicePort: 10254
type: ClusterIP
serviceMonitor:
enabled: false
additionalLabels: {}
annotations: {}
namespace: ""
namespaceSelector: {}
scrapeInterval: 30s
targetLabels: []
relabelings: []
metricRelabelings: []
prometheusRule:
enabled: false
additionalLabels: {}
rules: []
lifecycle:
preStop:
exec:
command:
- /wait-shutdown
priorityClassName: ""
revisionHistoryLimit: 10
defaultBackend:
enabled: false
name: defaultbackend
image:
registry: registry.k8s.io
image: defaultbackend-amd64
tag: "1.5"
pullPolicy: IfNotPresent
runAsNonRoot: true
runAsUser: 65534
allowPrivilegeEscalation: false
seccompProfile:
type: RuntimeDefault
readOnlyRootFilesystem: true
existingPsp: ""
extraArgs: {}
serviceAccount:
create: true
name: ""
automountServiceAccountToken: true
extraEnvs: []
port: 8080
livenessProbe:
failureThreshold: 3
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 5
readinessProbe:
failureThreshold: 6
initialDelaySeconds: 0
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 5
updateStrategy: {}
minReadySeconds: 0
tolerations: []
affinity: {}
podSecurityContext: {}
containerSecurityContext: {}
podLabels: {}
nodeSelector:
kubernetes.io/os: linux
podAnnotations: {}
replicaCount: 1
minAvailable: 1
resources: {}
extraVolumeMounts: []
extraVolumes: []
extraConfigMaps: []
autoscaling:
annotations: {}
enabled: false
minReplicas: 1
maxReplicas: 2
targetCPUUtilizationPercentage: 50
targetMemoryUtilizationPercentage: 50
networkPolicy:
enabled: false
service:
annotations: {}
externalIPs: []
loadBalancerSourceRanges: []
servicePort: 80
type: ClusterIP
priorityClassName: ""
labels: {}
rbac:
create: true
scope: false
podSecurityPolicy:
enabled: false
serviceAccount:
create: true
name: ""
automountServiceAccountToken: true
annotations: {}
imagePullSecrets: []
tcp: {}
udp: {}
portNamePrefix: ""
dhParam: ""
3.6 ingress的使用
3.6.1 编写 ingress 服务的配置
apiVersion: networking.k8s.io/v1
kind: Ingress # ingress类型
metadata:
name: ingress-nginx-example # ingress的名字
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
ingressClassName: nginx
rules:
- host: k8s.test.cn # 访问域名,可是使用通配符
http:
paths: # 相当于nginx的location配置,可以配置多个
- path: / # 等价与nginx中的location 路径匹配
# 路径类型,按照路径类型进行匹配 ImplementationSpecific 需要指定IngressClass,具体匹配规则以IngressClass中的规则为准。
# Exact 精确匹配,URL需要与path完全匹配上,且区分大小写
# Prefix 前缀匹配,以/作为分隔符,来进行前缀匹配
pathType: Prefix # 匹配模式
backend:
service:
name: nginx-svc # ingress转发给service,service的名字
port:
number: 80 # service的端口
# 如果有TLS配置,可以添加tls字段
#tls:
#- hosts:
# - example.com
# secretName: my-tls-secret
3.6.2 创建这个ingress资源
[root@k8s-master ~]# kubectl create -f ingress-nginx-example.yaml
ingress.networking.k8s.io/ingress-nginx-example created
3.6.3 查看这个ingress资源信息
[root@k8s-master ~]# kubectl get ingress ingress-nginx-example -o wide
NAME CLASS HOSTS ADDRESS PORTS AGE
ingress-nginx-example nginx k8s.test.cn 10.1.119.138 80 50s
[root@k8s-master ~]# kubectl get -n ingress-nginx pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
ingress-nginx-controller-jn65t 1/1 Running 0 62m 10.10.10.177 k8s-node-01 <none> <none>
3.6.4 测试使用域名访问
[root@k8s-master ~]# echo "10.10.10.177 k8s.test.cn " >> /etc/hosts
[root@k8s-master ~]# curl k8s.test.cn
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
3.6.5 查询访问日志
[root@k8s-master ~]# kubectl logs -f -n ingress-nginx ingress-nginx-controller-jn65t
-------------------------------------------------------------------------------
NGINX Ingress controller
Release: v1.9.6
Build: 6a73aa3b05040a97ef8213675a16142a9c95952a
Repository: https://github.com/kubernetes/ingress-nginx
nginx version: nginx/1.21.6
-------------------------------------------------------------------------------
W0225 11:43:12.164749 7 client_config.go:618] Neither --kubeconfig nor --master was specified. Using the inClusterConfig. This might not work.
I0225 11:43:12.165295 7 main.go:205] "Creating API client" host="https://10.1.0.1:443"
I0225 11:43:12.177840 7 main.go:249] "Running in Kubernetes cluster" major="1" minor="25" git="v1.25.0" state="clean" commit="a866cbe2e5bbaa01cfd5e969aa3e033f3282a8a2" platform="linux/amd64"
I0225 11:43:12.436449 7 main.go:101] "SSL fake certificate created" file="/etc/ingress-controller/ssl/default-fake-certificate.pem"
I0225 11:43:12.565821 7 nginx.go:260] "Starting NGINX Ingress controller"
I0225 11:43:12.627098 7 event.go:298] Event(v1.ObjectReference{Kind:"ConfigMap", Namespace:"ingress-nginx", Name:"ingress-nginx-controller", UID:"ffe00f65-b957-4108-ac62-9f88e3b3887f", APIVersion:"v1", ResourceVersion:"482046", FieldPath:""}): type: 'Normal' reason: 'CREATE' ConfigMap ingress-nginx/ingress-nginx-controller
I0225 11:43:13.773928 7 nginx.go:303] "Starting NGINX process"
I0225 11:43:13.774090 7 leaderelection.go:245] attempting to acquire leader lease ingress-nginx/ingress-nginx-leader...
I0225 11:43:13.777086 7 controller.go:190] "Configuration changes detected, backend reload required"
I0225 11:43:13.793435 7 leaderelection.go:255] successfully acquired lease ingress-nginx/ingress-nginx-leader
I0225 11:43:13.795060 7 status.go:84] "New leader elected" identity="ingress-nginx-controller-jn65t"
I0225 11:43:14.211765 7 controller.go:210] "Backend successfully reloaded"
I0225 11:43:14.211878 7 controller.go:221] "Initial sync, sleeping for 1 second"
I0225 11:43:14.211918 7 event.go:298] Event(v1.ObjectReference{Kind:"Pod", Namespace:"ingress-nginx", Name:"ingress-nginx-controller-jn65t", UID:"aa348af4-9773-4ca2-b2fc-45eb2c842c83", APIVersion:"v1", ResourceVersion:"482645", FieldPath:""}): type: 'Normal' reason: 'RELOAD' NGINX reload triggered due to a change in configuration
I0225 12:43:04.755446 7 store.go:440] "Found valid IngressClass" ingress="default/ingress-nginx-example" ingressclass="nginx"
I0225 12:43:04.756941 7 event.go:298] Event(v1.ObjectReference{Kind:"Ingress", Namespace:"default", Name:"ingress-nginx-example", UID:"cf861f68-6f06-4279-acda-9884e7fd3557", APIVersion:"networking.k8s.io/v1", ResourceVersion:"488205", FieldPath:""}): type: 'Normal' reason: 'Sync' Scheduled for sync
I0225 12:43:04.757794 7 controller.go:190] "Configuration changes detected, backend reload required"
I0225 12:43:04.989965 7 controller.go:210] "Backend successfully reloaded"
I0225 12:43:04.990671 7 event.go:298] Event(v1.ObjectReference{Kind:"Pod", Namespace:"ingress-nginx", Name:"ingress-nginx-controller-jn65t", UID:"aa348af4-9773-4ca2-b2fc-45eb2c842c83", APIVersion:"v1", ResourceVersion:"482645", FieldPath:""}): type: 'Normal' reason: 'RELOAD' NGINX reload triggered due to a change in configuration
I0225 12:43:13.804201 7 status.go:304] "updating Ingress status" namespace="default" ingress="ingress-nginx-example" currentValue=null newValue=[{"ip":"10.1.119.138"}]
I0225 12:43:13.813972 7 event.go:298] Event(v1.ObjectReference{Kind:"Ingress", Namespace:"default", Name:"ingress-nginx-example", UID:"cf861f68-6f06-4279-acda-9884e7fd3557", APIVersion:"networking.k8s.io/v1", ResourceVersion:"488223", FieldPath:""}): type: 'Normal' reason: 'Sync' Scheduled for sync
10.10.10.100 - - [25/Feb/2024:12:46:25 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.29.0" 75 0.008 [default-nginx-svc-80] [] 10.2.1.55:80 612 0.008 200 e2b058939e017bdfa86c953e312ea057
3.6.6 ingress配置多域名
配置多域名和单域名很相通,如下一个例子
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ingress-nginx-example
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
ingressClassName: nginx
rules:
# 配置第一个域名
- host: k8s.test.cn
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: nginx-svc
port:
number: 80
# 配置第二个域名
- host: k8s.test.com
http:
paths:
# 配置第一个路径
- path: /
pathType: Prefix
backend:
service:
name: nginx-svc
port:
number: 80
# 配置第二个路径
- path: /html
pathType: Prefix
backend:
service:
name: nginx-svc
port:
number: 80
1013
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
