（2022版）一套教程搞定k8s安装到实战 | Ingress

视频来源：B站《（2022版）最新、最全、最详细的Kubernetes（K8s）教程，从K8s安装到实战一套搞定》

一边学习一边整理老师的课程内容及试验笔记，并与大家分享，侵权即删，谢谢支持！

附上汇总贴：（2022版）一套教程搞定k8s安装到实战 | 汇总_COCOgsta的博客-CSDN博客

Ingress概念

通俗来讲，Ingress和之前提到的Service、Deployment，也是一个k8s的资源类型，Ingress用于实现用域名的方式访问k8s内部应用。

Ingress安装

首先安装heml管理工具：helm.sh/docs/intro/…

1. 下载helm-v3.0.0-linux-amd64.tar.gz

1. tar zxvf helm-v3.0.0-linux-amd64.tar.gz

1. mv linux-amd64/helm /usr/local/bin/helm

1. helm version检查版本信息

[root@k8s-master-lb ~]# helm version
version.BuildInfo{Version:"v3.0.0", GitCommit:"e29ce2a54e96cd02ccfce88bee4f58bb6e2a28b6", GitTreeState:"clean", GoVersion:"go1.13.4"}
You have new mail in /var/spool/mail/root
复制代码

使用helm安装ingress：kubernetes.github.io/ingress-ngi…

1. 添加ingress的helm仓库

helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
复制代码

1. 下载ingress的helm包至本地

helm pull ingress-nginx/ingress-nginx
复制代码

1. 更改对应的配置

mkdir temp
mv ingress-nginx-3.6.0.tgz temp/ # 实际helm仓库下载的为4.2.1，但为与视频环境保持一致，单独下载3.6.0
cd temp/
tar xf ingress-nginx-3.6.0.tgz
cd ingress-nginx
vim values.yaml
复制代码

1. 需要修改的位置

   1. Controller和admissionWebhook的镜像地址，需要将公网镜像同步至公司内网镜像仓库
   2. hostNetwork设置为true
   3. dnsPolicy设置为ClusterFirstWithHostNet
   4. NodeSelector添加ingress:"true"部署至指定节点
   5. 类型更改为kind:DaemonSet

1. 部署ingress

给需要部署ingress的节点上打标签

kubectl label node k8s-master03 ingress=true
kubectl create ns ingress-nginx
helm install ingress-nginx -n ingress-nginx .
复制代码

安装成功后可以看到如下提示：

[root@k8s-master-lb ingress-nginx]# helm install ingress-nginx -n ingress-nginx .
NAME: ingress-nginx
LAST DEPLOYED: Sat Aug 20 12:59:50 2022
NAMESPACE: ingress-nginx
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
The ingress-nginx controller has been installed.
Get the application URL by running these commands:
  export POD_NAME=$(kubectl --namespace ingress-nginx get pods -o jsonpath="{.items[0].metadata.name}" -l "app=ingress-nginx,component=,release=ingress-nginx")
  kubectl --namespace ingress-nginx port-forward $POD_NAME 8080:80
  echo "Visit http://127.0.0.1:8080 to access your application."

An example Ingress that makes use of the controller:

  apiVersion: networking.k8s.io/v1beta1
  kind: Ingress
  metadata:
    annotations:
      kubernetes.io/ingress.class: nginx
    name: example
    namespace: foo
  spec:
    rules:
      - host: www.example.com
        http:
          paths:
            - backend:
                serviceName: exampleService
                servicePort: 80
              path: /
    # This section is only required if TLS is to be enabled for the Ingress
    tls:
        - hosts:
            - www.example.com
          secretName: example-tls

If TLS is enabled for the Ingress, a Secret containing the certificate and key must also be provided:

  apiVersion: v1
  kind: Secret
  metadata:
    name: example-tls
    namespace: foo
  data:
    tls.crt: <base64 encoded cert>
    tls.key: <base64 encoded key>
  type: kubernetes.io/tls
[root@k8s-master-lb ingress-nginx]# 
复制代码

检查ingress运行状态

[root@k8s-master-lb ingress-nginx]# kubectl get pods -n ingress-nginx
NAME                             READY   STATUS    RESTARTS   AGE
ingress-nginx-controller-9gf7t   1/1     Running   0          106s
[root@k8s-master-lb ingress-nginx]# 
复制代码

ingress.yaml（单域名映射）

apiVersion: networking.k8s.io/v1beta1 # networking.k8s.io/v1 / extensions/v1beta1
kind: Ingress
metadata:
  annotations:
    kubernetes.io/ingress.class: "nginx"
  name: example
spec:
  rules: # 一个Ingress可以配置多个rules
  - host: foo.bar.com # 域名配置，可以不写，匹配*， *.bar.com
    http:
      paths: # 相当于nginx的location配合，同一个host可以配置多个path / /abc
      - backend:
          serviceName: nginx-svc
          servicePort: 80
        path: /
复制代码

ingress-mulDomain.yaml（多域名映射）

apiVersion: networking.k8s.io/v1beta1 # networking.k8s.io/v1 / extensions/v1beta1
kind: Ingress
metadata:
  annotations:
    kubernetes.io/ingress.class: "nginx"
  name: example
spec:
  rules: # 一个Ingress可以配置多个rules
  - host: foo.bar.com # 域名配置，可以不写，匹配*， *.bar.com
    http:
      paths: # 相当于nginx的location配合，同一个host可以配置多个path / /abc
      - backend:
          serviceName: nginx-svc
          servicePort: 80
        path: /
  - host: foo2.bar.com # 域名配置，可以不写，匹配*， *.bar.com
    http:
      paths: # 相当于nginx的location配合，同一个host可以配置多个path / /abc
      - backend:
          serviceName: nginx-svc-external
          servicePort: 80
        path: /
复制代码