Installation ingress-nginx on helm

一、Installation ingress-nginx on helm

1 安装 helm

# wget 下载
cd /opt/software
wget https://get.helm.sh/helm-v3.10.1-linux-amd64.tar.gz

# 解压
tar -xf /opt/software/helm-v3.10.1-linux-amd64.tar.gz -C /opt

#  移动二进制文件
mv /opt/linux-amd64/helm /usr/local/bin

# 查看版本
[root@kube-master01 ~]# helm version
version.BuildInfo{Version:"v3.10.1", GitCommit:"9f88ccb6aee40b9a0535fcc7efea6055e1ef72c9", GitTreeState:"clean", GoVersion:"go1.18.7"}

Installation helm on Kubernetes-1.25.2：https://www.cnblogs.com/huaxiayuyi/p/16846301.html

 

2 安装 ingree-nginx

1 新建目录

mkdir /opt/kubernetes/addons/ingress-nginx && cd /opt/kubernetes/addons/ingress-nginx

2 新建仓库

[root@kube-master01 ingress-nginx]# helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
"ingress-nginx" has been added to your repositories

[root@kube-master01 ingress-nginx]# helm repo list
NAME         	URL                                       
ingress-nginx	https://kubernetes.github.io/ingress-nginx

3 下载

helm pull ingress-nginx/ingress-nginx

4 解压

tar -xf /opt/kubernetes/addons/ingress-nginx/ingress-nginx-4.3.0.tgz

5 修改 values 文件

vim /opt/kubernetes/addons/ingress-nginx/ingress-nginx/values.yaml

# dnsPolicy
dnsPolicy: ClusterFirstWithHostNet

# 使用hostNetwork，即使用宿主机上的端口80 443
hostNetwork: true

# 使用DaemonSet,将ingress部署在指定节点上
kind: DaemonSet

nodeSelector:
node-lab: ingress-nginx-iyuyixyz
# kubernetes.io/os: linux
     
# 修改type,改为ClusterIP。如果在云环境，有loadbanace可以使用loadbanace
type: ClusterIP

# 此处改为true，说明创建个默认的页面，如果有不匹配的请求将返回这个页面
enabled: true			

# 可以省略，但我无聊改了^-^
ingressClass: nginx-iyuyixyz

image:
    ## Keep false as default for now!
    chroot: false
    registry: registry.k8s.io
    image: ingress-nginx/controller
    ## for backwards compatibility consider setting the full image url via the repository value below
    ## use *either* current default registry/image or repository format or installing chart by providing the values.yaml will fail
    ## repository:
    tag: "v1.4.0"
    digest: sha256:34ee929b111ffc7aa426ffd409af44da48e5a0eea1eb2207994d9e0c0882d143
    digestChroot: sha256:b67e889f1db8692de7e41d4d9aef8de56645bf048261f31fa7f8bfc6ea2222a0

image:
    registry: registry.k8s.io
    image: ingress-nginx/kube-webhook-certgen
    ## for backwards compatibility consider setting the full image url via the repository value below
    ## use *either* current default registry/image or repository format or installing chart by providing the values.yaml will fail
    ## repository:
    tag: v20220916-gd32f8c343
    digest: sha256:39c5b2e3310dc4264d638ad28d9d1d96c4cbb2b2dcfb52368fe4e3c63f61e10f
    pullPolicy: IfNotPresent

image:
    registry: registry.k8s.io
    image: defaultbackend-amd64
    ## for backwards compatibility consider setting the full image url via the repository value below
    ## use *either* current default registry/image or repository format or installing chart by providing the values.yaml will fail
    ## repository:
    tag: "1.5"

6 注意：image 并没有修改。你自个想法子吧^-^

Kubernetes-1.25 Container Image Download：https://www.cnblogs.com/huaxiayuyi/p/16823613.html

Installation PUREVPN on the App,PC,Linux Side：https://www.cnblogs.com/huaxiayuyi/p/16841347.html

 

7 设置节点的label

# 查看lab
kubectl get node --show-labels

# 选择节点打label
kubectl label nodes 192.168.80.23 node-lab=ingress-nginx-iyuyixyz
kubectl label nodes 192.168.80.24 node-lab=ingress-nginx-iyuyixyz

# 删除标签
kubectl label node 192.168.80.23 node-lab-
kubectl label node 192.168.80.24 node-lab-

8 创建一个ingress的namespace

kubectl create ns ingress-nginx

9 使用helm执行安装

[root@kube-master01 ingress-nginx]# helm install ingress-nginx ingress-nginx/ingress-nginx -f values.yaml -n ingress-nginx
NAME: ingress-nginx
LAST DEPLOYED: Mon Oct 31 18:11:09 2022
NAMESPACE: ingress-nginx
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
The ingress-nginx controller has been installed.
Get the application URL by running these commands:
  export POD_NAME=$(kubectl --namespace ingress-nginx get pods -o jsonpath="{.items[0].metadata.name}" -l "app=ingress-nginx,component=controller,release=ingress-nginx")
  kubectl --namespace ingress-nginx port-forward $POD_NAME 8080:80
  echo "Visit http://127.0.0.1:8080 to access your application."

An example Ingress that makes use of the controller:
  apiVersion: networking.k8s.io/v1
  kind: Ingress
  metadata:
    name: example
    namespace: foo
  spec:
    ingressClassName: nginx
    rules:
      - host: www.example.com
        http:
          paths:
            - pathType: Prefix
              backend:
                service:
                  name: exampleService
                  port:
                    number: 80
              path: /
    # This section is only required if TLS is to be enabled for the Ingress
    tls:
      - hosts:
        - www.example.com
        secretName: example-tls

If TLS is enabled for the Ingress, a Secret containing the certificate and key must also be provided:

  apiVersion: v1
  kind: Secret
  metadata:
    name: example-tls
    namespace: foo
  data:
    tls.crt: <base64 encoded cert>
    tls.key: <base64 encoded key>
  type: kubernetes.io/tls

10 ingress-controall 部署好了，使用最新的nginx镜像进行部署测试后端好不好用。

vim /opt/kubernetes/yaml/helm-ingress-nginx-test.yaml

11 测试用例

apiVersion: v1
kind: Service
metadata:
  name: nginx-iyuyixyz-svc
spec:
  selector:
    app: nginx-iyuyixyz
  ports:
  - name: http
    port: 81
    targetPort: 80
---
apiVersion: apps/v1
kind: Deployment
metadata: 
  name: nginx-iyuyixyz-deployment
spec:
  replicas: 2
  selector: 
    matchLabels:
      app: nginx-iyuyixyz
  template:
    metadata:
      labels:
        app: nginx-iyuyixyz
    spec:
      containers:
      - name: nginx-iyuyixyz
        image: nginx:latest
        imagePullPolicy: IfNotPresent
        lifecycle:
          postStart:
            exec:
              command: ["/bin/sh","-c","echo iyuyi.xyz@aliyun.com > /usr/share/nginx/html/index.html"] 
        ports:
        - name: httpd
          containerPort: 81
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  annotations:
    kubernetes.io/ingress.class: "nginx-iyuyixyz" # 和values.yaml文件中 ingressClass 一致。
  name: example
spec:
  rules:
  - host: helm.iyuyi.xyz
    http:
      paths:
      - backend:
          service:
            name: nginx-iyuyixyz-svc
            port:
              number: 80
        path: /
        pathType: Prefix

12 解释

• kubernetes.io/ingressClass: "nginx"：使用ingressClass: "nginx"，告诉ingress实现的配置。
• rules： 一个rules可以有多个host。
• host : 访问ingress的域名。
• path : 类似于nginx的location配置，同一个host可以配置多个path。
• backend：Service和ServicePort的组合。对ingress匹配主机和路径的HTTP与HTTPS请求将被转发到后端Pod。

 

13 创建测试资源

kubectl apply -f /opt/kubernetes/yaml/helm-ingress-nginx-test.yaml

14 查看创建的资源

kubectl get ing,svc,pod,ds -A -o wide

启动了2个pod，一个为ingress-controller，一个为默认的后端defaultbackend。。。

nginx启动 2个，定义的2个副本。。。

15 修改hosts 文件，配置域名使用

vim /etc/hosts

C:\Windows\System32\drivers\etc\hosts

此域名没有在ingress-nginx 中定义，返回默认页面

 

3 修改后的 values.yaml 文件

已安装成功，测试已通过~