在K8S集群中使用NGINX Ingress V1.7
NGINX Ingress控制器有两个项目一个K8S官网维护(官方项目github地址),另一个是NGINX, Inc.维护的项目(NGINX项目github地址),因为差异很多两个项目不要弄混,以下示例是用NGINX维护的项目(部署说明资料),我们采用Manifests文件部署方式Installation with Manifests。
K8S的环境已经部署完成,详情请看安装Kubernetes V1.18.2
希望可以达到的效果示意图
如果增加Node节点需要手工修改宿主机的Nginx设置,URL路由使用NGINX Ingress控制,路由信息使用Ingress类型编写,K8S集群自己管理Ingress、Service和Pod之间的负载均衡。
安装NGINX, Inc.的NGINX Ingress控制器
mkdir ~/nginx-ingress
cd ~/nginx-ingress
#创建Ingress控制器的命名空间和服务账号
wget https://raw.githubusercontent.com/nginxinc/kubernetes-ingress/release-1.7/deployments/common/ns-and-sa.yaml
kubectl apply -f ns-and-sa.yaml
#创建给服务账号绑定集群角色
wget https://raw.githubusercontent.com/nginxinc/kubernetes-ingress/release-1.7/deployments/rbac/rbac.yaml
kubectl apply -f rbac.yaml
#TLS证书(仅用于测试)
wget https://raw.githubusercontent.com/nginxinc/kubernetes-ingress/release-1.7/deployments/common/default-server-secret.yaml
#改上述文件的命名空间和名字可以用于其他命名空间,但也只是用于测试
kubectl apply -f default-server-secret.yaml
#MapConfig
wget https://raw.githubusercontent.com/nginxinc/kubernetes-ingress/release-1.7/deployments/common/nginx-config.yaml
kubectl apply -f nginx-config.yaml
#VirtualServer and VirtualServerRoute and TransportServer资源
wget https://raw.githubusercontent.com/nginxinc/kubernetes-ingress/release-1.7/deployments/common/ts-definition.yaml
kubectl apply -f ts-definition.yaml
wget https://raw.githubusercontent.com/nginxinc/kubernetes-ingress/release-1.7/deployments/common/vs-definition.yaml
kubectl apply -f vs-definition.yaml
wget https://raw.githubusercontent.com/nginxinc/kubernetes-ingress/release-1.7/deployments/common/vsr-definition.yaml
kubectl apply -f vsr-definition.yaml
#GlobalConfiguration
wget https://raw.githubusercontent.com/nginxinc/kubernetes-ingress/release-1.7/deployments/common/gc-definition.yaml
kubectl apply -f gc-definition.yaml
wget https://raw.githubusercontent.com/nginxinc/kubernetes-ingress/release-1.7/deployments/common/global-configuration.yaml
kubectl apply -f global-configuration.yaml
#使用DaemonSet方式部署到集群
wget https://raw.githubusercontent.com/nginxinc/kubernetes-ingress/release-1.7/deployments/daemon-set/nginx-ingress.yaml
kubectl apply -f nginx-ingress.yaml
#创建服务(NodePort)
wget https://raw.githubusercontent.com/nginxinc/kubernetes-ingress/release-1.7/deployments/service/nodeport.yaml
kubectl apply -f nodeport.yaml
#查看结果
kubectl get pods --namespace=nginx-ingress
创建示例Pod、Service、Secret、ingress
示例说明详情,命名空间我设置为nginx-ingress,虽然NGINX Ingress控制器是全命名空间监控的,但路由(Ingress)、服务(Service)、凭证(Secret)都要在一个命名空间下比较安全。
vi cafe-ingress.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: coffee
namespace