nginx-ingress部署
- 一、环境信息
- 二、k8s环境搭建
- 三、ingress环境搭建
- 3.1 deploy.yaml文件
- 3.2 service-nodeport.yaml文件
- 四、按照业务建立service及ingress
- 4.1 业务信息
- 4.2 建立service
- 4.3 创建ingress
- 五、验证结果
一、环境信息
- k8s集群版本:1.23.6
- ingress版本:1.1.1
- 操作系统版本:CentOS Linux release 7.9.2009 (Core)
- docker服务:Docker version 20.10.21, build baeda1f
- k8s控制节点IP:xxx.xxx.150.14
- 网站地址:xxxops.cn
二、k8s环境搭建
参考链接:K8s 1.23.6版本部署:kubelet-1.23.6+kube-proxy-1.17.6
三、ingress环境搭建
3.1 deploy.yaml文件
1、下载deploy.yaml文件
wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.1.1/deploy/static/provider/cloud/deploy.yaml
2、替换镜像源,修改为国内源
k8s.gcr.io/ingress-nginx/controller:v1.1.1
替换为
registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-ingress-controller:v1.1.1
k8s.gcr.io/ingress-nginx/kube-webhook-certgen:v1.1.1
替换为
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-webhook-certgen:v1.1.1
sed -i 's/k8s.gcr.io\/ingress-nginx\/controller:v1.1.1\@sha256:0bc88eb15f9e7f84e8e56c14fa5735aaa488b840983f87bd79b1054190e660de/registry.cn-hangzhou.aliyuncs.com\/google_containers\/nginx-ingress-controller:v1.1.1/g' deploy.yaml;
sed -i 's/k8s.gcr.io\/ingress-nginx\/kube-webhook-certgen:v1.1.1\@sha256:64d8c73dca984af206adf9d6d7e46aa550362b1d7a01f3a0a91b20cc67868660/registry.cn-hangzhou.aliyuncs.com\/google_containers\/kube-webhook-certgen:v1.1.1/g' deploy.yaml;
3、修改负载方式,修改负载方式为NodePort,注释externalTrafficPolicy
sed -i 's/type: LoadBalancer/type: NodePort/g' deploy.yaml;
sed -i 's/externalTrafficPolicy: Local/#externalTrafficPolicy: Local/g' deploy.yaml;
4、执行部署
kubectl apply -f deploy.yaml
5、查看部署结果
kubectl get pod -n ingress-nginx
[root@k8s-master ~]# kubectl get pod -n ingress-nginx
NAME READY STATUS RESTARTS AGE
ingress-nginx-admission-create-2m6cn 0/1 Completed 0 75m
ingress-nginx-admission-patch-x9x2m 0/1 Completed 0 75m
ingress-nginx-controller-74c6bcdc65-425jf 1/1 Running 0 75m
3.2 service-nodeport.yaml文件
1、下载deploy.yaml文件
wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/nginx-0.30.0/deploy/static/provider/baremetal/service-nodeport.yaml
2、执行deploy.yaml文件
kubectl apply -f service-nodeport.yaml
3、查看执行结果
kubectl get svc -n ingress-nginx
[root@k8s-master ~]# kubectl get svc -n ingress-nginx
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ingress-nginx NodePort 10.107.28.54 <none> 80:30716/TCP,443:31305/TCP 72m
ingress-nginx-controller NodePort 10.100.159.4 <none> 80:31247/TCP,443:31575/TCP 73m
ingress-nginx-controller-admission ClusterIP 10.106.162.218 <none> 443/TCP 73m
验证
访问xxx.xxx.150.14:31247验证是否可以出现404提示,出现404提示表示部署正常
四、按照业务建立service及ingress
4.1 业务信息
- 前端服务的service名称:xxxops-frontend
- 前端服务所处命名空间名称:xxxops
- 前端服务暴露端口:8080
前端服务service信息图如下
4.2 建立service
1、准备部署文件
这里的service是要引用其他命名空间的服务,所以type是ExternalName
配置文件:xxxops-dashboard.yaml
apiVersion: v1
kind: Service
metadata:
name: xxxops-frontend #service的名字
namespace: ingress-nginx #ingress-controller所在的namespace
spec:
type: ExternalName
sessionAffinity: None
externalName: xxxops-frontend.xxxops.svc.cluster.local
#servicename.namespacename.scv.cluster.local
2、执行部署
kubectl apply -f xxxops-dashboard.yaml
3、检查部署结果
[root@k8s-master ingress-1.1.1]# kubectl get svc -n ingress-nginx
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ingress-nginx NodePort 10.107.28.54 <none> 80:30716/TCP,443:31305/TCP 4h37m
ingress-nginx-controller NodePort 10.100.159.4 <none> 80:31247/TCP,443:31575/TCP 4h37m
ingress-nginx-controller-admission ClusterIP 10.106.162.218 <none> 443/TCP 4h37m
xxxops-frontend ExternalName <none> xxxops-frontend.xxxops.svc.cluster.local <none> 4h36m
4.3 创建ingress
1、准备部署文件
配置文件:xxxops-dashboard-ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: xxxops-ingress #ingress名称
namespace: xxxops #这里写前端服务运行所在的命名空间名称
annotations:
kubernetes.io/ingress.class: "nginx"
spec:
rules:
- host: xxxops.cn #设置域名
http:
paths:
- path: /
pathType: Prefix # 前缀匹配
backend:
service:
name: xxxops-frontend #填写上一步service的名称
port:
number: 8080 #填写服务暴漏的端口
2、执行部署
kubectl apply -f xxxops-dashboard-ingress.yaml
3、检查部署结果
在前端服务业务命名空间内查看ingress
[root@k8s-master ingress-1.1.1]# kubectl get ingress -n xxxops
NAME CLASS HOSTS ADDRESS PORTS AGE
xxxops-ingress <none> xxxops.cn 10.100.159.4 80 4h39m
五、验证结果
本地机器修改host,增加dns
192.168.150.14 xxxops.cn
使用浏览器访问
http://xxxops.cn:31247/
可以访问成功