ingress controller安装

官方文档:

https://kubernetes.github.io/ingress-nginx/

创建基础配置

kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/mandatory.yaml

 Using NodePort:

kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/provider/baremetal/service-nodeport.yaml

以上执行完成后,查看ingress-controller已经运行起来了

[root@k8s-master ~]# kubectl get pods -n ingress-nginx
NAME                                        READY   STATUS    RESTARTS   AGE
nginx-ingress-controller-689498bc7c-tvhv5   1/1     Running   3          16d
[root@k8s-master ~]#

查看service信息,nodeport端口31380,31390

[root@k8s-master ~]# kubectl get svc -n ingress-nginx
NAME            TYPE       CLUSTER-IP      EXTERNAL-IP   PORT(S)                      AGE
ingress-nginx   NodePort   10.108.101.78   <none>        80:31380/TCP,443:31390/TCP   14d
[root@k8s-master ~]#

 至此ingress-controller安装完成

What is Ingress?

  internet|[ Ingress ]--|-----|--[ Services ]

  

ingress使用

本次通过安装kubernetes的dashboard来演示ingress的使用

dashboard的安装

[root@k8s-master jtdeploy]# cat kubernetes-dashboard.yaml
# Copyright 2017 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.# ------------------- Dashboard Secret ------------------- #apiVersion: v1
kind: Secret
metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboard-certsnamespace: kube-system
type: Opaque---
# ------------------- Dashboard Service Account ------------------- #apiVersion: v1
kind: ServiceAccount
metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboardnamespace: kube-system---
# ------------------- Dashboard Role & Role Binding ------------------- #kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:name: kubernetes-dashboard-minimalnamespace: kube-system
rules:# Allow Dashboard to create 'kubernetes-dashboard-key-holder' secret.
- apiGroups: [""]resources: ["secrets"]verbs: ["create"]# Allow Dashboard to create 'kubernetes-dashboard-settings' config map.
- apiGroups: [""]resources: ["configmaps"]verbs: ["create"]# Allow Dashboard to get, update and delete Dashboard exclusive secrets.
- apiGroups: [""]resources: ["secrets"]resourceNames: ["kubernetes-dashboard-key-holder", "kubernetes-dashboard-certs"]verbs: ["get", "update", "delete"]# Allow Dashboard to get and update 'kubernetes-dashboard-settings' config map.
- apiGroups: [""]resources: ["configmaps"]resourceNames: ["kubernetes-dashboard-settings"]verbs: ["get", "update"]# Allow Dashboard to get metrics from heapster.
- apiGroups: [""]resources: ["services"]resourceNames: ["heapster"]verbs: ["proxy"]
- apiGroups: [""]resources: ["services/proxy"]resourceNames: ["heapster", "http:heapster:", "https:heapster:"]verbs: ["get"]---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:name: kubernetes-dashboard-minimalnamespace: kube-system
roleRef:apiGroup: rbac.authorization.k8s.iokind: Rolename: kubernetes-dashboard-minimal
subjects:
- kind: ServiceAccountname: kubernetes-dashboardnamespace: kube-system---
# ------------------- Dashboard Deployment ------------------- #kind: Deployment
apiVersion: apps/v1
metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboardnamespace: kube-system
spec:replicas: 1revisionHistoryLimit: 10selector:matchLabels:k8s-app: kubernetes-dashboardtemplate:metadata:labels:k8s-app: kubernetes-dashboardspec:containers:- name: kubernetes-dashboardimage: k8s.gcr.io/kubernetes-dashboard-amd64:v1.10.1ports:- containerPort: 9090protocol: TCPargs:- --enable-skip-login# Uncomment the following line to manually specify Kubernetes API server Host# If not specified, Dashboard will attempt to auto discover the API server and connect# to it. Uncomment only if the default does not work.# - --apiserver-host=http://my-address:portvolumeMounts:- name: kubernetes-dashboard-certsmountPath: /certs# Create on-disk volume to store exec logs- mountPath: /tmpname: tmp-volumelivenessProbe:httpGet:scheme: HTTPpath: /port: 9090initialDelaySeconds: 30timeoutSeconds: 30volumes:- name: kubernetes-dashboard-certssecret:secretName: kubernetes-dashboard-certs- name: tmp-volumeemptyDir: {}serviceAccountName: kubernetes-dashboard# Comment the following tolerations if Dashboard must not be deployed on mastertolerations:- key: node-role.kubernetes.io/mastereffect: NoSchedule
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:name: kubernetes-dashboardlabels:k8s-app: kubernetes-dashboard
roleRef:apiGroup: rbac.authorization.k8s.iokind: ClusterRolename: cluster-admin
subjects:
- kind: ServiceAccountname: kubernetes-dashboardnamespace: kube-system---
# ------------------- Dashboard Service ------------------- #kind: Service
apiVersion: v1
metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboardnamespace: kube-system
spec:type: NodePortports:- port: 9090targetPort: 9090selector:k8s-app: kubernetes-dashboard
[root@k8s-master jtdeploy]#

使用以上配置文件即可创建

查看pods

[root@k8s-master jtdeploy]# kubectl get pods -n kube-system
NAME                                    READY   STATUS    RESTARTS   AGE
calico-node-2srnw                       2/2     Running   8          20d
calico-node-ppnjh                       2/2     Running   8          20d
coredns-86c58d9df4-ptth2                1/1     Running   4          20d
coredns-86c58d9df4-wxldx                1/1     Running   4          20d
etcd-k8s-master                         1/1     Running   4          20d
kube-apiserver-k8s-master               1/1     Running   4          20d
kube-controller-manager-k8s-master      1/1     Running   4          20d
kube-proxy-4kwj6                        1/1     Running   4          20d
kube-proxy-hfmqn                        1/1     Running   4          20d
kube-scheduler-k8s-master               1/1     Running   4          20d
kubernetes-dashboard-784b868d9d-hc77v   1/1     Running   3          16d
tiller-deploy-dbb85cb99-srbch           1/1     Running   4          20d
[root@k8s-master jtdeploy]#

查看svc

[root@k8s-master jtdeploy]# kubectl get svc -n kube-system
NAME                   TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)         AGE
calico-typha           ClusterIP   10.105.54.12   <none>        5473/TCP        20d
kube-dns               ClusterIP   10.96.0.10     <none>        53/UDP,53/TCP   20d
kubernetes-dashboard   ClusterIP   10.106.65.78   <none>        9090/TCP        16d
tiller-deploy          ClusterIP   10.97.33.192   <none>        44134/TCP       20d
[root@k8s-master jtdeploy]#

显然没有使用nodeport ,所有使用ingress来配置外网访问.

  

haproxy安装

root@xuliang-PC:~/haproxy# cat docker-compose.yml
version: "2"
services:haproxy:image: haproxy:1.8ports:- 80:31380- 443:31390- 8181:8181restart: alwaysvolumes:- /root/haproxy/haproxy.cfg:/usr/local/etc/haproxy/haproxy.cfgnetwork_mode: host
#    networks:
#    #      - haproxy_lb
#
#    #networks:
#    #  haproxy_lb:
#    #    driver: bridgeroot@xuliang-PC:~/haproxy#

 haproxy配置文件

root@xuliang-PC:~/haproxy# cat haproxy.cfg
globalstats timeout 30smaxconn 1000defaultsmode tcpoption dontlognullretries 3timeout http-request    30stimeout queue           1mtimeout connect         30stimeout client          1mtimeout server          1mtimeout http-keep-alive 30stimeout check           30soption redispatchoption srvtcpkaoption clitcpka## HTTP
frontend http_frontbind *:80default_backend http_backendbackend http_backendserver k8s-master 192.168.100.101:31380 checkserver k8s-node1 192.168.1.102:31380 check#server k8s-node3 192.168.1.103:31380 check## HTTPS
frontend https_frontbind *:443default_backend https_backendbackend https_backendserver k8s-master 192.168.100.101:31390 checkserver k8s-node1 192.168.100.102:31390 check#server k8s-node4 192.168.1.103:31390 check# HAProxy stats
listen statsbind *:8181mode httpstats enablestats uri /stats realm Haproxy\ Statisticsstats auth haproxy:haproxy
root@xuliang-PC:~/haproxy#

 

在本机添加hosts,有域名的可以配置域名解析

root@xuliang-PC:~/haproxy# cat /etc/hosts
192.168.100.29 myapp.test.com
root@xuliang-PC:~/haproxy#

测试解析

root@xuliang-PC:~/haproxy# ping myapp.test.com
PING myapp.test.com (192.168.100.29) 56(84) bytes of data.
64 bytes from myapp.test.com (192.168.100.29): icmp_seq=1 ttl=64 time=0.024 ms
64 bytes from myapp.test.com (192.168.100.29): icmp_seq=2 ttl=64 time=0.024 ms
64 bytes from myapp.test.com (192.168.100.29): icmp_seq=3 ttl=64 time=0.028 ms
^C
--- myapp.test.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2032ms
rtt min/avg/max/mdev = 0.024/0.025/0.028/0.004 ms
root@xuliang-PC:~/haproxy#

配置ingress

[root@k8s-master ~]# cat ingress-dashboard.yaml
apiVersion: extensions/v1beta1
kind: Ingress
metadata:name: ingress-dashboardnamespace: kube-systemannotations:kubernetes.io/ingress.class: "nginx"
spec:rules:- host: myapp.test.comhttp:paths:- path: /backend:serviceName: kubernetes-dashboardservicePort: 9090---
apiVersion: v1
kind: Service
metadata:name: ingress-nginxnamespace: ingress-nginxlabels:app.kubernetes.io/name: ingress-nginxapp.kubernetes.io/part-of: ingress-nginx
spec:type: NodePortports:- name: httpport: 80targetPort: 80protocol: TCPnodePort: 31380- name: httpsport: 443targetPort: 443protocol: TCPnodePort: 31390selector:app.kubernetes.io/name: ingress-nginxapp.kubernetes.io/part-of: ingress-nginx---[root@k8s-master ~]#

此处注意一定要配置:

annotations:kubernetes.io/ingress.class: "nginx"

查看ingress
[root@k8s-master ~]# kubectl get ingress
NAME                HOSTS                ADDRESS   PORTS   AGE
ingress-dashboard   dashboard.test.com             80      14d
[root@k8s-master ~]#

 

至此可以通过域名访问

 

转载于:https://www.cnblogs.com/xuliang666/p/11136829.html

ingress controller 和ingress使用实例相关推荐

  1. BFE Ingress Controller正式发布!

    大家期待已久的BFE IngressController终于在近日正式发布! BFE Ingress Controller是基于 BFE 实现的Kubernetes Ingress Controlle ...

  2. aws eks 配置nginx tls 和 nginx ingress controller

    参考资料 nginx快速入门 NGINX Ingress Controller 版本区别 社区版 Nginx ingress controller NGINX版 Nginx Ingress Contr ...

  3. kubernetes的ingress:Ingress controller,traefik

    文章目录 Ingress介绍 nginx ingress controller ingress URL Rewrite Basic Auth 灰度发布等各种发布方式 HTTPS CertManager ...

  4. 玩转阿里云之ack 部署高可靠ingress Controller

    1.前言 部署高可靠性ingress controller,使用多副本部署的方式解决单点故障问题,同时,采用一个Ingress服务独占一个Ingress节点的方式,由多个独占Ingress实例组成统一 ...

  5. ingress controller安装总结

    本文主要介绍kubernetes官方推荐的ingress控制器ingress-Nginx controller在bare-metal环境中搭建的经验总结,因为我是在私有的服务器上搭建的kubernet ...

  6. Kubernetes Service、Ingress、Ingress Controller

    Kubernetes 网络模型 K8S 是一种容器编排系统,可以方便地管理和部署容器应用程序.它支持通过四层负载和七层负载向容器集群中的应用程序提供负载均衡. 四层负载是一种基于传输层协议(例如TCP ...

  7. Nginx Ingress Controller 部署

    概述 本次实践的主要目的就是将入口统一,不再通过 LoadBalancer 等方式将端口暴露出来,而是使用 Ingress 提供的反向代理负载均衡功能作为我们的唯一入口.通过以下步骤操作仔细体会. 注 ...

  8. 通过阿里云容器服务K8S Ingress Controller实现应用服务的灰度发布

    简介 日常工作中我们经常需要对服务进行版本更新升级,为此我们经常使用到的发布方式有滚动升级.分批暂停发布.蓝绿发布以及灰度发布,今天主要跟大家分享下在阿里云容器服务Kubernetes集群中如何通过I ...

  9. k8s插件说明:CoreDNS、Ingress Controller、Federation、Prometheus、ELK

    CoreDNS:core公司提供的dns服务器.用于为集群中的svc创建一个域名IP的对应关系解析.有了它,就可以不通过pod的IP地址来实现pod间的互相访问,而是通过CoreDNS为pod生成的域 ...

最新文章

  1. Entity Framework Extended Library (EF扩展类库,支持批量更新、删除、合并多个查询等)...
  2. Flask-RESTful 安装
  3. mac下安装配置mongodb
  4. NET下,你采用的是哪种方式进行数据操作?
  5. 最大传输单元(MTU)
  6. HTML5浪漫生日祝福电子贺卡网页模板(HTML5+CSS3+JS)_520表白/七夕情人节表白/告白网页制作/生日快乐html模板...
  7. Doris0.13.15升级至0.14.12.4故障[Bug] NPE when replaying CheckConsistencyJob
  8. 了解Java8中的parallelStream
  9. 【模电】0001 实用运放电路分析
  10. CTFshow 击剑杯 部分WP
  11. wincc服务器不可用项目打不开,wincc客户端与服务器同步
  12. 如何通过热点打造爆款笔记?6个好写易爆的热点类型
  13. 网站排名优化快排SEO网站源码
  14. HorizontalScrollView和ViewPager联动效果
  15. markdown列表中的缩进
  16. Mockito 如何编写实现代码覆盖率,模拟接口返回的数据
  17. Automated 3-D Retinal Layer Segmentation From SD-OCT Images With Neurosensory Retinal Detachment
  18. TCP/IP网络编程复习(上)
  19. tomcatServlet
  20. 51nod-1631-小鲨鱼在51nod小学

热门文章

  1. 在android studio中创建Hello-JNI工程
  2. SQL优化技巧--远程连接对象引起的CTE性能问题
  3. ASP.NET MVC学习之控制器篇
  4. 学习Python编程的最好的几本书
  5. vue的钩子函数created以及mounted的示意(转载)
  6. 核密度估计Kernel Density Estimation(KDE)-代码详细解释
  7. Python修饰器的函数式编程
  8. 计算机专业都学什么科,大学本科计算机专业都有什么科目?
  9. python随机生成10个整数列表_python_随机产生10个整数后找出最小值,最大值。
  10. html中文乱码_Nginx目录浏览的中文显示问题订正