一.Ingress简介
外部访问集群内的服务,可以通过NodePort或LoadBalancer(这通常由云服务商提供),还可以通过ingress访问.
Ingress包含两个组件Ingress Controller和Ingress:
Ingress:将Nginx的配置抽象成一个Ingress对象,每添加一个新的服务只需写一个新的Ingress的yaml文件即可
Ingress Controller:将新加入的Ingress转化成Nginx的配置文件并使之生效
二.安装和配置
1.官方文档:
https://kubernetes.github.io/ingress-nginx/deploy/
2.创建并应用default-backend.yaml
default-backend的作用是,如果外界访问的域名不存在的话,则默认转发到default-http-backend这个Service,其会直接返回404:
[root@master ingress]# cat default-backend.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: default
labels:
k8s-app: default-http-backend
namespace: default
spec:
replicas: 1
template:
metadata:
labels:
k8s-app: default-http-backend
spec:
terminationGracePeriodSeconds: 60
containers:
- name: default-http-backend
# Any image is permissable as long as:
# 1. It serves a 404 page at /
# 2. It serves 200 on a /healthz endpoint
image: anjia0532/defaultbackend:1.0
livenessProbe:
httpGet:
path: /healthz
port: 8080
scheme: HTTP
initialDelaySeconds: 30
timeoutSeconds: 5
ports:
- containerPort: 8080
resources:
limits:
cpu: 10m
memory: 20Mi
requests:
cpu: 10m
memory: 20Mi
---
apiVersion: v1
kind: Service
metadata:
name: default-http-backend
namespace: default
labels:
k8s-app: default-http-backend
spec:
ports:
- port: 80
targetPort: 8080
selector:
k8s-app: default-http-backend
[root@master ingress]#kubectl create -f default-backend.yaml
2.创建并应用nginx-ingress-controller.yaml
[root@master ingress]# cat nginx-ingress-controller.yaml
apiVersion: v1
kind: ReplicationController
metadata:
name: nginx-ingress-lb
labels:
name: nginx-ingress-lb
namespace: default
spec:
replicas: 1
template:
metadata:
labels:
name: nginx-ingress-lb
annotations:
prometheus.io/port: '10254'
prometheus.io/scrape: 'true'
spec:
terminationGracePeriodSeconds: 60
hostNetwork: true
containers:
- image: anjia0532/nginx-ingress-controller:0.9.0-beta.7
name: nginx-ingress-lb
readinessProbe:
httpGet:
path: /healthz
port: 10254
scheme: HTTP
livenessProbe:
httpGet:
path: /healthz
port: 10254
scheme: HTTP
initialDelaySeconds: 10
timeoutSeconds: 1
ports:
- containerPort: 80
hostPort: 80
- containerPort: 443
hostPort: 443
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: KUBERNETES_MASTER
value: http://192.168.2.17:8080
args:
- /nginx-ingress-controller
- --default-backend-service=$(POD_NAMESPACE)/default-http-backend
- --apiserver-host=http://192.168.2.17:8080
[root@master ingress]#kubectl create -f nginx-ingress-controller.yaml
ps:
注意以上master地址,需要配置成正确的地址
三.自定义Ingress
1.创建并应用test.nginx.ingress
[root@master ingress]# cat test-nginx-ingress.yaml
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: test-nginx-ingress
namespace: default
spec:
rules:
- host: test.nginx.ingress
http:
paths:
- path: /
backend:
serviceName: nginx-service
servicePort: 80
[root@master ingress]#kubectl create -f test-nginx-ingress.yaml
rules中的host必须为域名,不能为IP,表示Ingress-controller的Pod所在主机域名,也就是Ingress-controller的IP对应的域名。
paths中的path则表示映射的路径。如映射/表示若访问test.nginx.ingress,则会将请求转发至Kibana的service,端口为5601。
2.查看创建的ingress
[root@master ingress]# kubectl get ingress -o wide NAME HOSTS ADDRESS PORTS AGE dashboard-weblogic-ingress test.nginx.ingress 192.168.2.26 80 2m
我们通过以下命令将pod中nginx的配置文件输出到当前目录下看看
kubectl exec nginx-ingress-lb-6glds -it cat /etc/nginx/nginx.conf > nginx.conf
可以看到是一个标准的nginx配置文件
3.验证
#curl -H "Host:test.nginx.ingress" 192.168.2.26/a.html
如果正常,即可输出结果