k8s的Ingress
k8s ingress
2023-09-27 14:19:41 时间
一.Ingress简介
外部访问集群内的服务,可以通过NodePort或LoadBalancer(这通常由云服务商提供),还可以通过ingress访问.
Ingress包含两个组件Ingress Controller和Ingress:
Ingress:将Nginx的配置抽象成一个Ingress对象,每添加一个新的服务只需写一个新的Ingress的yaml文件即可
Ingress Controller:将新加入的Ingress转化成Nginx的配置文件并使之生效
二.安装和配置
1.官方文档:
https://kubernetes.github.io/ingress-nginx/deploy/
2.创建并应用default-backend.yaml
default-backend的作用是,如果外界访问的域名不存在的话,则默认转发到default-http-backend这个Service,其会直接返回404:
[root@master ingress]# cat default-backend.yaml apiVersion: extensions/v1beta1 kind: Deployment metadata: name: default labels: k8s-app: default-http-backend namespace: default spec: replicas: 1 template: metadata: labels: k8s-app: default-http-backend spec: terminationGracePeriodSeconds: 60 containers: - name: default-http-backend # Any image is permissable as long as: # 1. It serves a 404 page at / # 2. It serves 200 on a /healthz endpoint image: anjia0532/defaultbackend:1.0 livenessProbe: httpGet: path: /healthz port: 8080 scheme: HTTP initialDelaySeconds: 30 timeoutSeconds: 5 ports: - containerPort: 8080 resources: limits: cpu: 10m memory: 20Mi requests: cpu: 10m memory: 20Mi --- apiVersion: v1 kind: Service metadata: name: default-http-backend namespace: default labels: k8s-app: default-http-backend spec: ports: - port: 80 targetPort: 8080 selector: k8s-app: default-http-backend [root@master ingress]#kubectl create -f default-backend.yaml
2.创建并应用nginx-ingress-controller.yaml
[root@master ingress]# cat nginx-ingress-controller.yaml apiVersion: v1 kind: ReplicationController metadata: name: nginx-ingress-lb labels: name: nginx-ingress-lb namespace: default spec: replicas: 1 template: metadata: labels: name: nginx-ingress-lb annotations: prometheus.io/port: '10254' prometheus.io/scrape: 'true' spec: terminationGracePeriodSeconds: 60 hostNetwork: true containers: - image: anjia0532/nginx-ingress-controller:0.9.0-beta.7 name: nginx-ingress-lb readinessProbe: httpGet: path: /healthz port: 10254 scheme: HTTP livenessProbe: httpGet: path: /healthz port: 10254 scheme: HTTP initialDelaySeconds: 10 timeoutSeconds: 1 ports: - containerPort: 80 hostPort: 80 - containerPort: 443 hostPort: 443 env: - name: POD_NAME valueFrom: fieldRef: fieldPath: metadata.name - name: POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace - name: KUBERNETES_MASTER value: http://192.168.2.17:8080 args: - /nginx-ingress-controller - --default-backend-service=$(POD_NAMESPACE)/default-http-backend - --apiserver-host=http://192.168.2.17:8080 [root@master ingress]#kubectl create -f nginx-ingress-controller.yaml
ps:
注意以上master地址,需要配置成正确的地址
三.自定义Ingress
1.创建并应用test.nginx.ingress
[root@master ingress]# cat test-nginx-ingress.yaml apiVersion: extensions/v1beta1 kind: Ingress metadata: name: test-nginx-ingress namespace: default spec: rules: - host: test.nginx.ingress http: paths: - path: / backend: serviceName: nginx-service servicePort: 80 [root@master ingress]#kubectl create -f test-nginx-ingress.yaml
rules中的host必须为域名,不能为IP,表示Ingress-controller的Pod所在主机域名,也就是Ingress-controller的IP对应的域名。
paths中的path则表示映射的路径。如映射/表示若访问test.nginx.ingress,则会将请求转发至Kibana的service,端口为5601。
2.查看创建的ingress
[root@master ingress]# kubectl get ingress -o wide NAME HOSTS ADDRESS PORTS AGE dashboard-weblogic-ingress test.nginx.ingress 192.168.2.26 80 2m
我们通过以下命令将pod中nginx的配置文件输出到当前目录下看看
kubectl exec nginx-ingress-lb-6glds -it cat /etc/nginx/nginx.conf > nginx.conf
可以看到是一个标准的nginx配置文件
3.验证
#curl -H "Host:test.nginx.ingress" 192.168.2.26/a.html
如果正常,即可输出结果
相关文章
- 如何设置一个k8s节点上运行的最大的pod的数量?
- 通过kubeadm工具部署k8s集群
- K8s部署笔记一
- CKA-Kubernets(K8s) (三)
- Kubernetes(K8s) 学习笔记 updating...
- CKA考试习题:k8s故障排查
- k8s ingress高级配置,动态修改上传文件大小限制参数client_max_body_size
- 备战CKA每日一题——第11天 | k8s访问控制RBAC、Role、RoleBinding,并引出kubectl常用命令
- k8s中负载均衡器【ingress-nginx】部署
- Kubernetes kube-bench命令强化K8S 安全详解
- k8s kubelet重启后服务无法启动解决方法
- k8s 准入控制器【4】--编写和部署准入控制器 Webhook--以非root运行pod
- k8s外部访问pod之service
- jvm在k8s中参数调整
- k8s服务端二进制部署-kube-scheduler
- 【k8s第三步】Kubernetes-Dashboard仪表盘【已修正错误】
- 【k8s第二步】Kubernetes-Kubeadm部署安装【已修正错误】
- k8s 强制删除pod pvc namespace
- K8s node 断开连接后,在该 node 中运行的 Pod 会如何?
- k8s subPath
- k8s 强制删除pod kubectl -n kube-system delete pod traefik-ingress --force --grace-period=0