ingress控制器(2)
时间:2020-06-07 16:02 来源:潇湘夜雨 作者:华嵩阳 点击:次
|
0 +0000 UTC,DeletionTimestamp:<nil>,DeletionGracePeriodSeconds:nil,Labels:map[string]string{},Annotations:map[string]string{},OwnerReferences:[]OwnerReference{},Finalizers:[],ClusterName:,ManagedFields:[]ManagedFieldsEntry{},}, err services "ingress-nginx" not found
部署service用于对外提供服务
在线的 置清单 采用了基于 Deployment 控制器部署 Ingress Nginx 的方式,因 接入
外部流量之前还需要手动为其创建相关的nodePort LoadBalancer 类型的 Service 资源对象
,下面的配置清单示例中对类型定义了 NodePort 明确指定了易记的端口和 IP 地址,
以方便用户使用:
wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/nginx-0.30.0/deploy/baremetal/service-nodeport.yaml
注意:默认services节点的端口是The range of valid ports is 30000-32767,也可以修改为指定端口(https://blog.csdn.net/fuck487/article/details/102519225)
[root@master ingress]# vim service-nodeport.yaml
apiVersion: v1
kind: Service
metadata:
name: ingress-nginx
namespace: ingress-nginx
labels:
#app: ingress-nginx
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
spec:
type: NodePort
ports:
- name: http
port: 80
targetPort: 80
protocol: TCP
nodePort: 30080 # http请求对外映射80端口
- name: https
port: 443
targetPort: 443
protocol: TCP
nodePort: 30443 # https请求对外映射443端口
selector:
#app: ingress-nginx
app.kubernetes.io/name: ingress-nginx #要与ingress控制器标签保持一致,否则会绑定失败
app.kubernetes.io/part-of: ingress-nginx
说明:如果服务需要将外部流量路由到 本地节点或者集群级别的端点,即service type 为LoadBalancer或NodePort,那么需要指明该参数。
存在两种选项:”Cluster”(默认)和 “Local”。 “Cluster” 隐藏源 IP 地址,可能会导致第二跳(second hop)到其他节点,但是全局负载效果较好。
”Local” 保留客户端源 IP 地址,避免 LoadBalancer 和 NodePort 类型服务的第二跳,但是可能会导致负载不平衡。
控制器标签: nginx-ingress-controller-5d49b4fbc7-j6gxr 1/1 Running 0 6h29m app.kubernetes.io/name=ingress-nginx,app.kubernetes.io/part-of=ingress-nginx,pod-template-hash=5d49b4fbc7
[root@master ingress]# kubectl apply -f service-nodeport.yaml
service/ingress-nginx created
[root@master ingress]# kubectl get svc -n ingress-nginx
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ingress-nginx NodePort 10.104.20.163 <none> 80:30080/TCP,443:30443/TCP 14s
#测试ingress控制器已经和service-nodepor绑定成功,只是没有后端服务
[root@node1 ~]# curl -I node1.k8s:30080
HTTP/1.1 404 Not Found
Server: nginx/1.17.8
Date: Sun, 05 Jul 2020 17:37:28 GMT
Content-Type: text/html
Content-Length: 153
Connection: keep-alive
[root@node1 ~]# curl -I node2.k8s:30080
HTTP/1.1 404 Not Found
Server: nginx/1.17.8
Date: Sun, 05 Jul 2020 17:37:37 GMT
Content-Type: text/html
Content-Length: 153
Connection: keep-alive
[root@node1 ~]# curl -I node2.k8s:30443
HTTP/1.1 400 Bad Request
Server: nginx/1.17.8
Date: Sun, 05 Jul 2020 17:37:44 GMT
Content-Type: text/html
Content-Length: 255
Connection: close
创建pod测试
[root@master ingress]# vim ingress-test.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: mywebtest-ingress
namespace: ingress-nginx
spec:
replicas: 2
selector:
matchLabels:
app: ingress-nginx
release: canary
template:
metadata:
labels:
app: ingress-nginx
release: canary
spec:
containers:
- name: mywebtest-ingress
image: ikubernetes/myapp:v2
ports:
- name: http
containerPort: 80
[root@master ingress]# kubectl apply -f ingress-test.yaml
deployment.apps/mywebtest-ingress created
[root@master ingress]# kubectl get pod -n ingress-nginx
NAME READY STATUS RESTARTS AGE
mywebtest-ingress-7dd8d4c966-ggc88 1/1 Running 0 17s
mywebtest-ingress-7dd8d4c966-xf9wm 1/1 Running 0 17s
nginx-ingress-controller-5d49b4fbc7-j6gxr 1/1 Running 0 110m
创建svc
[root@master ingress]# vim test-svc.yaml
apiVersion: v1
kind: Service
metadata:
name: test-svc
namespace: ingress-nginx
spec:
selector:
app: ingress-nginx
release: canary
ports:
- name: http
targetPort: 80
port: 80
kubectl apply -f test-svc.yaml
配置ingress策略
[root@master ingress]# vim ingress-web.yaml
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: ingress-web
namespace: ingress-nginx
annotations:
kubernets.io/ingress.class: "nginx"
spec:
rules:
- host: myapp.lzh.com
http:
paths:
- path:
backend:
serviceName: test-svc
servicePort: 80
kubectl apply -f ingress-web.yaml
#查看ingres控制器配置
kubectl exec -it nginx-ingress-controller-5d49b4fbc7-j6gxr -n ingress-nginx /bin/sh (责任编辑:liangzh) |