k8s的Ingress
一.Ingress简介
外部访问集群内的服务,可以通过NodePort或LoadBalancer(这通常由云服务商提供),还可以通过ingress访问.
Ingress包含两个组件Ingress Controller和Ingress:
Ingress:将Nginx的配置抽象成一个Ingress对象,每添加一个新的服务只需写一个新的Ingress的yaml文件即可
Ingress Controller:将新加入的Ingress转化成Nginx的配置文件并使之生效
二.安装和配置
1.官方文档:
https://kubernetes.github.io/ingress-nginx/deploy/
2.创建并应用default-backend.yaml
default-backend的作用是,如果外界访问的域名不存在的话,则默认转发到default-http-backend这个Service,其会直接返回404:
[root@master ingress]# cat default-backend.yaml apiVersion: extensions/v1beta1 kind: Deployment metadata: name: default labels: k8s-app: default-http-backend namespace: default spec: replicas: 1 template: metadata: labels: k8s-app: default-http-backend spec: terminationGracePeriodSeconds: 60 containers: - name: default-http-backend # Any image is permissable as long as: # 1. It serves a 404 page at / # 2. It serves 200 on a /healthz endpoint image: anjia0532/defaultbackend:1.0 livenessProbe: httpGet: path: /healthz port: 8080 scheme: HTTP initialDelaySeconds: 30 timeoutSeconds: 5 ports: - containerPort: 8080 resources: limits: cpu: 10m memory: 20Mi requests: cpu: 10m memory: 20Mi --- apiVersion: v1 kind: Service metadata: name: default-http-backend namespace: default labels: k8s-app: default-http-backend spec: ports: - port: 80 targetPort: 8080 selector: k8s-app: default-http-backend [root@master ingress]#kubectl create -f default-backend.yaml
2.创建并应用nginx-ingress-controller.yaml
[root@master ingress]# cat nginx-ingress-controller.yaml apiVersion: v1 kind: ReplicationController metadata: name: nginx-ingress-lb labels: name: nginx-ingress-lb namespace: default spec: replicas: 1 template: metadata: labels: name: nginx-ingress-lb annotations: prometheus.io/port: '10254' prometheus.io/scrape: 'true' spec: terminationGracePeriodSeconds: 60 hostNetwork: true containers: - image: anjia0532/nginx-ingress-controller:0.9.0-beta.7 name: nginx-ingress-lb readinessProbe: httpGet: path: /healthz port: 10254 scheme: HTTP livenessProbe: httpGet: path: /healthz port: 10254 scheme: HTTP initialDelaySeconds: 10 timeoutSeconds: 1 ports: - containerPort: 80 hostPort: 80 - containerPort: 443 hostPort: 443 env: - name: POD_NAME valueFrom: fieldRef: fieldPath: metadata.name - name: POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace - name: KUBERNETES_MASTER value: http://192.168.2.17:8080 args: - /nginx-ingress-controller - --default-backend-service=$(POD_NAMESPACE)/default-http-backend - --apiserver-host=http://192.168.2.17:8080 [root@master ingress]#kubectl create -f nginx-ingress-controller.yaml
ps:
注意以上master地址,需要配置成正确的地址
三.自定义Ingress
1.创建并应用test.nginx.ingress
[root@master ingress]# cat test-nginx-ingress.yaml apiVersion: extensions/v1beta1 kind: Ingress metadata: name: test-nginx-ingress namespace: default spec: rules: - host: test.nginx.ingress http: paths: - path: / backend: serviceName: nginx-service servicePort: 80 [root@master ingress]#kubectl create -f test-nginx-ingress.yaml
rules中的host必须为域名,不能为IP,表示Ingress-controller的Pod所在主机域名,也就是Ingress-controller的IP对应的域名。
paths中的path则表示映射的路径。如映射/表示若访问test.nginx.ingress,则会将请求转发至Kibana的service,端口为5601。
2.查看创建的ingress
[root@master ingress]# kubectl get ingress -o wide NAME HOSTS ADDRESS PORTS AGE dashboard-weblogic-ingress test.nginx.ingress 192.168.2.26 80 2m
我们通过以下命令将pod中nginx的配置文件输出到当前目录下看看
kubectl exec nginx-ingress-lb-6glds -it cat /etc/nginx/nginx.conf > nginx.conf
可以看到是一个标准的nginx配置文件
3.验证
#curl -H "Host:test.nginx.ingress" 192.168.2.26/a.html
如果正常,即可输出结果