K8S-nginx-Ingress（helm 使用chart安装nginx-Ingress，离线安装）

文章目录

• 1. 准备
• • 1.1 chart下载
  • 1.2 镜像准备
• 2. 修改chart
• 3. 启动 Ingress
• 4、使用Ingress
• 5. 其他问题
• • - 指定节点做代理

1. 准备

1.1 chart下载

之前下载地址 >>
新下载地址 >>

1.2 镜像准备

• controller

quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.30.0

下载这个镜像，修改后上传私有仓库

• webhook

jettech/kube-webhook-certgenv:1.0.0

下载这个镜像，修改后上传私有仓库

• defaultBackend

k8s.gcr.io/defaultbackend-amd64:1.5

这个镜像国内下载不到，search一下，找一个合适的，查找如下：

[root@iot-svc-test92XR6W ~]# docker search defaultbackend-amd64:1.5
NAME                                                DESCRIPTION                                     STARS               OFFICIAL            AUTOMATED
fungitive/defaultbackend-amd64                      k8s.gcr.io/defaultbackend-amd64:1.5             0                                       [OK]
hb562100/defaultbackend-amd64                       k8s.gcr.io/defaultbackend-amd64:1.5             0                                       [OK]
wingconncn/defaultbackend-amd64                     k8s.gcr.io/defaultbackend-amd64:1.5             0

可以看见前边几个描述都是k8s.gcr.io/defaultbackend-amd64:1.5 这个镜像
下载一个上传私有仓库即可。

2. 修改chart

将values.yaml 文件中3个镜像改为私有仓库镜像

3. 启动 Ingress

• 创建namespace

[root@DoM01 nginx-ingress]# kubectl create namespace ingress

• 启动ingress

[root@DoM01 nginx-ingress]# helm install ingress -n ingress ./

Release "ingress" has been upgraded. Happy Helming!
NAME: ingress
LAST DEPLOYED: Wed Mar 24 17:36:55 2021
NAMESPACE: ingress
STATUS: deployed
REVISION: 4
TEST SUITE: None
NOTES:
The nginx-ingress controller has been installed.
It may take a few minutes for the LoadBalancer IP to be available.
You can watch the status by running 'kubectl --namespace ingress get services -o wide -w ingress-nginx-ingress-controller'
 
An example Ingress that makes use of the controller:
 
  apiVersion: extensions/v1beta1
  kind: Ingress
  metadata:
    annotations:
      kubernetes.io/ingress.class: nginx
    name: example
    namespace: foo
  spec:
    rules:
      - host: www.example.com
        http:
          paths:
            - backend:
                serviceName: exampleService
                servicePort: 80
              path: /
    # This section is only required if TLS is to be enabled for the Ingress
    tls:
        - hosts:
            - www.example.com
          secretName: example-tls
 
If TLS is enabled for the Ingress, a Secret containing the certificate and key must also be provided:
 
  apiVersion: v1
  kind: Secret
  metadata:
    name: example-tls
    namespace: foo
  data:
    tls.crt: <base64 encoded cert>
    tls.key: <base64 encoded key>
  type: kubernetes.io/tls

• 查看服务

[root@DoM01 nginx-ingress]# kubectl get pod -n ingress
NAME                                                     READY   STATUS    RESTARTS   AGE
ingress-nginx-ingress-controller-6c6bdcb96f-zsfhl        1/1     Running   0          91m
ingress-nginx-ingress-default-backend-5fcb75dc56-txm57   1/1     Running   0          96m

4、使用Ingress

说明：
创建Ingress用来代理指定service。

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: ingress-iot01
  namespace: iot-01
spec:
  rules:
  # 下边写域名
  - host: iot01.k8s.lw
    http:
      paths:
      #以下分别是要代理的service的名字和端口
      - backend:
          serviceName: web-iot
          servicePort: 80

5. 其他问题

- 指定节点做代理

默认所有节点都可以代理。
如果要指定代理节点，添加如下 --set部分，或者找到values.yml中对应值修改（不建议）。

 --set "rbac.create=true,controller.service.externalIPs[0]=10.10.x'x'x.56,controller.service.externalIPs[1]=10.10.xxx.57" 

---