ingress-nginx

Posted ccbky

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了ingress-nginx相关的知识,希望对你有一定的参考价值。



.下载 ingress-
nginx: wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/nginx-0.24.0/deploy/mandatory.yaml [root@master yaml]# ll 总用量 583304 drwxr-xr-x 2 root root 58 11月 14 16:58 ingress -rw-r--r-- 1 root root 347 11月 13 15:08 ingress-nodeport.yaml -rw-r--r-- 1 root root 642 11月 13 15:10 jenkins.yaml -rw-r--r-- 1 root root 5976 11月 12 22:35 mandatory.yaml -rw-r--r-- 1 root root 517 11月 13 21:33 myapp-demo.yaml -rw-r--r-- 1 root root 479 11月 14 09:38 nginx-deploy.yaml -rw-r--r-- 1 root root 597274112 11月 13 00:37 nginx.tar -rw-r--r-- 1 root root 543 11月 14 01:13 tomcat-deploy.yaml 2.部署ingress-nginx-controller: [root@master test]#kubectl apply -f mandatory.yaml [root@master yaml]# kubectl get pod -n ingress-nginx NAME READY STATUS RESTARTS AGE nginx-ingress-controller-8f4cc97c9-ft7pk 1/1 Running 2 20h


3.暴露Ingress-nginx-controller端口:

[root@master yaml]# vim ingress-nodeport.yaml 

apiVersion: v1

kind: Service

metadata:

 name: ingress-nginx

 namespace: ingress-nginx

 labels:

  app.kubernetes.io/name: ingress-nginx

  app.kubernetes.io/part-of: ingress-nginx

spec:

 type: NodePort

 selector:

  app.kubernetes.io/name: ingress-nginx

  app.kubernetes.io/part-of: ingress-nginx

 ports:

 - name: http

   port: 80

   targetPort: 80

 

 

 

4.查看暴露端口:

[root@master yaml]# kubectl get svc -n ingress-nginx

NAME            TYPE       CLUSTER-IP      EXTERNAL-IP   PORT(S)        AGE

ingress-nginx   NodePort   10.96.117.119   <none>        80:32446/TCP   43h

##此时,ingress-nginx-controller的80端口映射为宿主机的端口32446.

 

 

此时,可以访问inrgess-nginx-controller的pod:

[root@master yaml]# curl 192.168.100.200:32446

<html>

<head><title>404 Not Found</title></head>

<body>

<center><h1>404 Not Found</h1></center>

<hr><center>nginx/1.15.9</center>

</body>

</html>

##此时ingress-nginx-controller部署完成。



5.部署一个后端的pod:


[root@master yaml]# vim myapp-demo.yaml --- apiVersion: apps/v1 kind: Deployment metadata: name: myapp labels: app: myapp spec: replicas: 2 selector: matchLabels: app: myapp template: metadata: name: myapp labels: app: myapp spec: containers: - name: myapp image: ikubernetes/myapp:v1 imagePullPolicy: IfNotPresent ports: - name: http containerPort: 80 --- apiVersion: v1 kind: Service metadata: name: myapp-svc spec: selector: app: myapp ports: - name: myapp port: 80 targetPort: 80

 

4.查看pod:

[root@master yaml]# kubectl get pod -o wide 

NAME                             READY   STATUS    RESTARTS   AGE   IP            NODE    NOMINATED NODE   READINESS GATES

myapp-599d47757d-gfz8d           1/1     Running   1          20h   10.244.2.41   node2   <none>           <none>

myapp-599d47757d-qdf8g           1/1     Running   2          20h   10.244.1.34   node1   <none>           <none>

 

[root@master yaml]# kubectl get svc 

NAME          TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)          AGE

kubernetes    ClusterIP   10.96.0.1       <none>        443/TCP          11d

myapp-svc     ClusterIP   10.100.182.96   <none>        80/TCP           9d

 

7.编写ingress规则:

[root@master ingress]# vim  myapp-ingress.yaml 

apiVersion: extensions/v1beta1

kind: Ingress

metadata:

 name: myapp-ingress

 annotations:

  ikubernetes.io/ingress.class: nginx

spec:

 rules:

 - host: www.test-myapp.com

   http:

    paths:

    - path:

      backend:

        serviceName: myapp-svc

        servicePort: 80

 

  

[root@master ingress]# kubectl apply -f myapp-ingress.yaml

 

[root@master ingress]# kubectl get ingress

NAME            HOSTS                ADDRESS   PORTS   AGE

myapp-ingress   www.test-myapp.com             80      26s

 

 

[root@master ingress]# kubectl describe ingress myapp-ingress

Name:             myapp-ingress

Namespace:        default

Address:          

Default backend:  default-http-backend:80 (<none>)

Rules:

  Host                Path  Backends

  ----                ----  --------

  www.test-myapp.com  

                         myapp-svc:80 (10.244.1.34:80,10.244.2.41:80)

Annotations:

  kubectl.kubernetes.io/last-applied-configuration:  {"apiVersion":"extensions/v1beta1","kind":"Ingress","metadata":{"annotations":{"ikubernetes.io/ingress.class":"nginx"},"name":"myapp-ingress","namespace":"default"},"spec":{"rules":[{"host":"www.test-myapp.com","http":{"paths":[{"backend":{"serviceName":"myapp-svc","servicePort":80},"path":null}]}}]}}

 

  ikubernetes.io/ingress.class:  nginx

Events:

  Type    Reason  Age   From                      Message

  ----    ------  ----  ----                      -------

  Normal  CREATE  43s   nginx-ingress-controller  Ingress default/myapp-ingress

 

 

 

8.测试此时可以访问www.test.myapp.com: 

[root@master ingress]# curl www.test-myapp.com:32446

Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>

##注意: www.test-myapp.com 需要添加本地解析。



 

9. 基于url访问:

[root@master ingress]# vim nginx-ingress.yaml 

---

apiVersion: extensions/v1beta1

kind: Ingress

metadata:

 name: deployment-nginx-ingress

 annotations:

  kubernetes.io/ingress.class: nginx

  nginx.ingress.kubernetes.io/rewrite-target: /

spec:

 rules:

 - host: www.test-nginx.com

   http:

    paths:

    - path:

      backend:

        serviceName: nginx-svc

        servicePort: 80

    - path: /app1

      backend:

        serviceName: myapp-svc

        servicePort: 80


 

[root@master ingress]# kubectl apply -f nginx-ingress.yaml

 

[root@master ingress]# kubectl get ingress

NAME                       HOSTS                ADDRESS   PORTS   AGE

deployment-nginx-ingress   www.test-nginx.com             80      2m51s

 

 

 

10.测试访问:

[root@master ingress]# curl www.test-nginx.com:32446

<!DOCTYPE html>

<html>

<head>

<title>Welcome to nginx!</title>

<style>

    body {

        width: 35em;

        margin: 0 auto;

        font-family: Tahoma, Verdana, Arial, sans-serif;

    }

</style>

</head>

<body>

<h1>Welcome to nginx!</h1>

........

 

[root@master ingress]# curl www.test-nginx.com:32446/app1

Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>

 



 

基于https访问:

 

1.创建自签证书:
[root@master cert]# openssl genrsa -out tls.key 2048
[root@master cert]# openssl req -new -x509 -key tls.key -days 3650  -out tls.crt  -subj /C=CN/ST=HangZhou/L=HangZhou/O=devops/CN=www.test-http.com
[root@master cert]# ll 总用量
8 -rw-r--r-- 1 root root 1302 11月 15 14:12 tls.crt -rw-r--r-- 1 root root 1679 11月 15 14:07 tls.key [root@master cert]# kubectl create secret tls http-ingress-secret --cert=./tls.crt --key=./tls.key secret/http-ingress-secret created [root@master cert]# kubectl get secret NAME TYPE DATA AGE default-token-gjjv5 kubernetes.io/service-account-token 3 11d http-ingress-secret kubernetes.io/tls 2 28s [root@master cert]# kubectl describe secret http-ingress-secret Name: http-ingress-secret Namespace: default Labels: <none> Annotations: <none> Type: kubernetes.io/tls Data ==== tls.crt: 1302 bytes tls.key: 1679 bytes 2.编写ingress规则: [root@master ingress]# cat http-ingress.yaml --- apiVersion: extensions/v1beta1 kind: Ingress metadata: name: http-ingress namespace: default annotations: kubernetes.io/ingress.class: nginx spec: tls: - hosts: - www.test-http.com secretName: http-ingress-secret rules: - host: www.test-http.com http: paths: - path: backend: serviceName: http-svc servicePort: 80

3.修改ingress-nodeport开启443端口: [root@master yaml]# cat ingress-nodeport.yaml apiVersion: v1 kind: Service metadata: name: ingress-nginx namespace: ingress-nginx labels: app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginx spec: type: NodePort selector: app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginx ports: - name: http port: 80 targetPort: 80 - name: https port: 443 targetPort: 443 [root@master yaml]# kubectl get svc -n ingress-nginx NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE ingress-nginx NodePort 10.96.117.119 <none> 80:32446/TCP,443:32180/TCP 2d14h 4.测试访问:https://www.test-http.com:32180

 

 

                        

 

 

 

 

以上是关于ingress-nginx的主要内容,如果未能解决你的问题,请参考以下文章

[CKA备考实验][ingress-nginx] 4.1如何优雅部署自己的ingress-nginx环境

ingress-nginx请求改写

ingress-nginx

ingress-nginx 部署使用

Ingress-nginx+内部LB(nginx)实现业务负载均衡

K8s Ingress-nginx 部署和实例演示