kubernetes-ingress
ingress
Ingress 公开了从集群外部到集群内服务的 HTTP 和 HTTPS 路由。 流量路由由 Ingress 资源上定义的规则控制。
可以将 Ingress 配置为服务提供外部可访问的 URL、负载均衡流量、终止 SSL/TLS,以及提供基于名称的虚拟主机等能力。 Ingress 控制器 通常负责通过负载均衡器来实现 Ingress,尽管它也可以配置边缘路由器或其他前端来帮助处理流量。
Ingress 不会公开任意端口或协议。 将 HTTP 和 HTTPS 以外的服务公开到 Internet 时,通常使用 Service.Type=NodePort 或 Service.Type=LoadBalancer 类型的服务。
部署
上传镜像
从网上找到deploy.yaml 修改镜像路径
[root@server2 ~]# cd ingress-nginx/
[root@server2 ingress-nginx]# ls
deploy.yaml
[root@server2 ingress-nginx]# vim deploy.yaml
323 image: ingress-nginx/controller:v0.48.1
635 image: ingress-nginx/kube-webhook-certgen:v1.5.1
587 image: ingress-nginx/kube-webhook-certgen:v1.5.1
创建 deploy.yanl
[root@server2 ingress-nginx]# kubectl apply -f deploy.yaml
namespace/ingress-nginx created
serviceaccount/ingress-nginx created
configmap/ingress-nginx-controller created
clusterrole.rbac.authorization.k8s.io/ingress-nginx created
clusterrolebinding.rbac.authorization.k8s.io/ingress-nginx created
role.rbac.authorization.k8s.io/ingress-nginx created
rolebinding.rbac.authorization.k8s.io/ingress-nginx created
service/ingress-nginx-controller-admission created
service/ingress-nginx-controller created
deployment.apps/ingress-nginx-controller created
validatingwebhookconfiguration.admissionregistration.k8s.io/ingress-nginx-admission created
serviceaccount/ingress-nginx-admission created
clusterrole.rbac.authorization.k8s.io/ingress-nginx-admission created
clusterrolebinding.rbac.authorization.k8s.io/ingress-nginx-admission created
role.rbac.authorization.k8s.io/ingress-nginx-admission created
rolebinding.rbac.authorization.k8s.io/ingress-nginx-admission created
job.batch/ingress-nginx-admission-create created
job.batch/ingress-nginx-admission-patch created
查看namespace
[root@server2 ingress-nginx]# kubectl get ns
NAME STATUS AGE
...
ingress-nginx Active 14s
...
查看ingress-nginx信息
[root@server2 ingress-nginx]# kubectl -n ingress-nginx get all
NAME READY STATUS RESTARTS AGE
pod/ingress-nginx-admission-create-pvk6x 0/1 Completed 0 31s
pod/ingress-nginx-admission-patch-9287p 0/1 Completed 0 31s
pod/ingress-nginx-controller-5f476b6d87-6m48g 0/1 Running 0 32s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/ingress-nginx-controller NodePort 10.106.107.226 <none> 80:31250/TCP,443:31419/TCP 32s
service/ingress-nginx-controller-admission ClusterIP 10.110.102.252 <none> 443/TCP 33s
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/ingress-nginx-controller 0/1 1 0 32s
NAME DESIRED CURRENT READY AGE
replicaset.apps/ingress-nginx-controller-5f476b6d87 1 1 0 32s
NAME COMPLETIONS DURATION AGE
job.batch/ingress-nginx-admission-create 1/1 9s 31s
job.batch/ingress-nginx-admission-patch 1/1 8s 31s
查看svc暴露端口
[root@server2 ingress-nginx]# kubectl -n ingress-nginx get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ingress-nginx-controller NodePort 10.106.107.226 <none> 80:31250/TCP,443:31419/TCP 59s
ingress-nginx-controller-admission ClusterIP 10.110.102.252 <none> 443/TCP 60s
测试
[root@server2 ingress-nginx]# curl 172.25.12.2:31250
<html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx</center>
</body>
</html>
ingress-nginx七层负载均衡
创建pod
[root@server2 pod]# vim deployment.yaml
[root@server2 pod]# cat deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
labels:
app: nginx
spec:
replicas: 3
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: myapp:v1
---
apiVersion: apps/v1
kind: Deployment
metadata:
na