ingress-nginx 配置例子

文档说明：只记录关键地方;
试验环境： linux debian 11
目标：自建K8S 对外提供 http https 服务

ingress-nginx 暴露服务端口

 apiVersion: v1
kind: Service
metadata:
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx
    app.kubernetes.io/version: 1.2.0
  name: ingress-nginx-controller
  namespace: ingress-nginx
spec:
  ports:
  - appProtocol: http
    name: http
    port: 80
    protocol: TCP
    targetPort: http
  - appProtocol: https
    name: https
    port: 443
    protocol: TCP
    targetPort: https
  selector:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/name: ingress-nginx
  type: NodePort # 关键点就在这里了
  externalIPs:
    - 192.168.3.123
    - 192.168.3.124

生成secret TLS

  
kubectl create -n default secret tls com-xiaoshuogeng-tls-cert-secret \
--key=/data/tls/wildcard.xiaoshuogeng.com.key.pem \
--cert=/data/tls/wildcard.xiaoshuogeng.com.fullchain.pem

ingress-nginx 配置路由

com-xiaoshuogeng-confluence-service是内部服务名称

 apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
    name: ingress-com-xiaoshuogeng-confluence
    namespace: default
    annotations:
        nginx.ingress.kubernetes.io/force-ssl-redirect: "True"
spec:
    ingressClassName: nginx
    rules:
        -   host: confluence.xiaoshuogeng.com
            http:
                paths:
                    -   path: /
                        pathType: Prefix
                        backend:
                            service:
                                name: com-xiaoshuogeng-confluence-service
                                port:
                                    number: 80
    tls:
        -   hosts:
                - confluence.xiaoshuogeng.com
            secretName: com-xiaoshuogeng-tls-cert-secret

上一篇 Kubernetes 仪表板（Dashboard）的使用

下一篇 ingress-istio配置服务

参考文档

posted @ 2022-11-01 23:52 jingjingxyk 阅读(312) 评论(0) 编辑收藏举报

jingjingxyk

ingress-nginx 配置例子

ingress-nginx 暴露服务端口

生成secret TLS

ingress-nginx 配置路由

上一篇 Kubernetes 仪表板（Dashboard）的使用

下一篇 ingress-istio配置服务

参考文档

公告

email: zonghengbaihe521@qq.com

常用链接

随笔分类

随笔档案

阅读排行榜

	apiVersion: v1
	kind: Service
	metadata:
	labels:
	app.kubernetes.io/component: controller
	app.kubernetes.io/instance: ingress-nginx
	app.kubernetes.io/name: ingress-nginx
	app.kubernetes.io/part-of: ingress-nginx
	app.kubernetes.io/version: 1.2.0
	name: ingress-nginx-controller
	namespace: ingress-nginx
	spec:
	ports:
	- appProtocol: http
	name: http
	port: 80
	protocol: TCP
	targetPort: http
	- appProtocol: https
	name: https
	port: 443
	protocol: TCP
	targetPort: https
	selector:
	app.kubernetes.io/component: controller
	app.kubernetes.io/instance: ingress-nginx
	app.kubernetes.io/name: ingress-nginx
	type: NodePort # 关键点就在这里了
	externalIPs:
	- 192.168.3.123
	- 192.168.3.124


	kubectl create -n default secret tls com-xiaoshuogeng-tls-cert-secret \
	--key=/data/tls/wildcard.xiaoshuogeng.com.key.pem \
	--cert=/data/tls/wildcard.xiaoshuogeng.com.fullchain.pem

	apiVersion: networking.k8s.io/v1
	kind: Ingress
	metadata:
	name: ingress-com-xiaoshuogeng-confluence
	namespace: default
	annotations:
	nginx.ingress.kubernetes.io/force-ssl-redirect: "True"
	spec:
	ingressClassName: nginx
	rules:
	- host: confluence.xiaoshuogeng.com
	http:
	paths:
	- path: /
	pathType: Prefix
	backend:
	service:
	name: com-xiaoshuogeng-confluence-service
	port:
	number: 80
	tls:
	- hosts:
	- confluence.xiaoshuogeng.com
	secretName: com-xiaoshuogeng-tls-cert-secret