Ingress YAML示例
1、定义YAML
$ vi mying.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: mying ##ingress名字
spec:
ingressClassName: mying ##定义关联的IngressClass
rules: ##定义具体的规则
- host: aminglinux.com ##访问的目标域名
http:
paths:
- path: /
pathType: Exact
backend: ##定义后端的service对象
service:
name: ngx-svc
port:
number: 80
说明:如果Ingress所在命名空间需要和后端服务所在命名空间保持一致
2、应用YAML
$ k apply -f mying.yaml
3、查看Ingress
$ k get ing
NAME CLASS HOSTS ADDRESS PORTS AGE
mying myingc aminglinux.com 80 4s
$ k describe ing mying
Name: mying
Labels: <none>
Namespace: default
Address:
Default backend: default-http-backend:80 (<error: endpoints "default-http-backend" not found>)
Rules:
Host Path Backends
---- ---- --------
aminglinux.com
/ ngx-svc:80 (<error: endpoints "ngx-svc" not found>)
Annotations: <none>
Events: <none>
IngressClassYAML示例
1、定义YAML
$ vi myingc.yaml
apiVersion: networking.k8s.io/v1
kind: IngressClass
metadata:
name: myingc
spec:
controller: nginx.org/ingress-controller ##定义要使用哪个controller
2、应用YAML
$ k apply -f myingc.yaml
3、查看ingressClass
$ k get ingressclass
NAME CONTROLLER PARAMETERS AGE
myingc nginx.org/ingress-controller <none> 5s
IngressClassYAML示例
参考Nginx官方
1、准备工作---部署ingress相关资源
(1)下载包并部署ingress相关资源
$ curl -O 'https://gitee.com/aminglinux/linux_study/raw/master/k8s/ingress.tar.gz'
$ tar zxf ingress.tar.gz
$ cd ingress
$ ./setup.sh ##说明,执行这个脚本会部署几个ingress相关资源,包括namespace、configmap、secrect等
(2)部署deployment
定义YAML文件
$ vi ng-deploy.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: myng
name: ng-deploy
spec:
replicas: 2 ##副本数
selector:
matchLabels:
app: myng
template:
metadata:
labels:
app: myng
spec:
containers:
- name: myng
image: nginx:1.21.6
ports:
- name: myng-port
containerPort: 80
应用YAML文件
$ k apply -f ng-deploy.yaml
查看
$ k get po
NAME READY STATUS RESTARTS AGE
ng-deploy-5db56f48f4-bklfc 1/1 Running 0 13m
ng-deploy-5db56f48f4-gmxsc 1/1 Running 0 13m
(3)部署svc
定义YAML文件
$ vi ng-svc.yaml
apiVersion: v1
kind: Service
metadata:
name: ngx-svc
spec:
selector:
app: myng
ports:
- protocol: TCP
port: 8080 ##service的port
targetPort: 80 ##pod的port
应用YAML文件
$ k apply -f ng-svc.yaml
查看
$ k get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ngx-svc ClusterIP 10.0.167.30 <none> 8080/TCP 14m
2、定义ingress-controller的YAML
$ vi ingress-controller.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: ngx-ing
namespace: nginx-ingress
spec:
replicas: 1
selector:
matchLabels:
app: ngx-ing
template:
metadata:
labels:
app: ngx-ing
#annotations:
#prometheus.io/scrape: "true"
#prometheus.io/port: "9113"
#prometheus.io/scheme: http
spec:
serviceAccountName: nginx-ingress
containers:
- image: nginx/nginx-ingress:2.2-alpine
imagePullPolicy: IfNotPresent
name: ngx-ing
ports:
- name: http
containerPort: 80
- name: https
containerPort: 443
- name: readiness-port
containerPort: 8081
- name: prometheus
containerPort: 9113
readinessProbe:
httpGet:
path: /nginx-ready
port: readiness-port
periodSeconds: 1
securityContext:
allowPrivilegeEscalation: true
runAsUser: 101 #nginx
capabilities:
drop:
- ALL
add:
- NET_BIND_SERVICE
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
args:
- -ingress-class=myingc
- -health-status
- -ready-status
- -nginx-status
- -nginx-configmaps=$(POD_NAMESPACE)/nginx-config
- -default-server-tls-secret=$(POD_NAMESPACE)/default-server-secret
2、应用ingress-controller的YAML
$ k apply -f ingress-controller.yaml
3、查看pod、deployment
$ k get po -n nginx-ingress
NAME READY STATUS RESTARTS AGE
ngx-ing-78468bdbdd-47zcx 1/1 Running 0 2m16s
$ k get deploy -n nginx-ingress
NAME READY UP-TO-DATE AVAILABLE AGE
ngx-ing 1/1 1 1 117s
4、将ingress对应的pod端口映射到master上临时测试
$ k port-forward -n nginx-ingress ngx-ing-78468bdbdd-47zcx 8888:80 &
5、修改ng-deploy对应的两个pod里的/usr/share/nginx/html/index.html文件内容,用于区分两个pod
$ k exec -it ng-deploy-5db56f48f4-bklfc -- bash
$ > /usr/share/nginx/html/index.html
$ echo "successfully login pod1" > /usr/share/nginx/html/index.html
$ k exec -it ng-deploy-5db56f48f4-gmxsc -- bash
$ > /usr/share/nginx/html/index.html
$ echo "successfully login pod2" > /usr/share/nginx/html/index.html
6、测试
[root@k8s-master01 k8s]# curl -x127.0.0.1:8888 aminglinux.com
Handling connection for 8888
successfully login pod1
[root@k8s-master01 k8s]# curl -x127.0.0.1:8888 aminglinux.com
Handling connection for 8888
successfully login pod1
[root@k8s-master01 k8s]# curl -x127.0.0.1:8888 aminglinux.com
Handling connection for 8888
successfully login pod2
[root@k8s-master01 k8s]# curl -x127.0.0.1:8888 aminglinux.com
Handling connection for 8888
successfully login pod2
[root@k8s-master01 k8s]# curl -x127.0.0.1:8888 aminglinux.com
Handling connection for 8888
successfully login pod1
[root@k8s-master01 k8s]# curl -x127.0.0.1:8888 aminglinux.com
Handling connection for 8888
successfully login pod2
7、恢复
删除后台任务
$ jobs -l
[1]+ 53215 Running kubectl port-forward -n nginx-ingress ngx-ing-78468bdbdd-47zcx 8888:80 &
$ kill -9 53215
删除ingress相关服务
$ k delete -f ingress-controller.yaml
$ k delete -f ng-deploy.yaml
$ k delete -f ng-svc.yaml
$ k delete -f mying.yaml
$ k delete -f myingc.yaml