k8s安装ingress-nginx
一、deploy方式安装
参考网址
1.查看对应的版本支持:网址
2.下载对应的deploy.yaml文件。网址
3.修改镜像为阿里云(共3处。2、3一致)
image: registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-ingress-controller:v1.3.0
image: registry.cn-hangzhou.aliyuncs.com/google_containers/kube-webhook-certgen:v1.1.1
4.修改type类型为NodePort
5. 绑定节点
#新增,ingress-nginx-controller 为 hostNetwork模式
hostNetwork: true
#新增,选择kht102节点
nodeName: kht102
#5.执行
kubectl apply -f deploy.yaml
#6.查看(netstat -ntulp |grep 31222)
[root@kht101 ~]# kubectl get pod -n ingress-nginx -owide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
ingress-nginx-admission-create-mz8tp 0/1 Completed 0 28s 10.233.97.24 kht101 <none> <none>
ingress-nginx-admission-patch-zbfd9 0/1 Completed 0 28s 10.233.67.33 kht102 <none> <none>
ingress-nginx-controller-8b488c58c-cvlgs 1/1 Running 0 28s 10.233.67.50 kht102 <none> <none>
[root@kht101 ~]# kubectl get svc -n ingress-nginx
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ingress-nginx-controller NodePort 10.233.54.21 <none> 80:30796/TCP,443:31245/TCP 62s
ingress-nginx-controller-admission ClusterIP 10.233.46.106 <none> 443/TCP 62s
7.#访问地址
pod中ingress-nginx-controller对应的节点IP:30796
直接使用绑定节点的IP访问,访问会出现如图所示的404效果
二、helm方式安装
#增加
[root@kht113 kht]#helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
#查看确认
[root@kht113 kht]# helm repo list
NAME URL
ingress-nginx https://kubernetes.github.io/ingress-nginx
#搜索
[root@kht113 kht]# helm search repo ingress-nginx
NAME CHART VERSION APP VERSION DESCRIPTION
ingress-nginx/ingress-nginx 4.4.0 1.5.1 Ingress controller for Kubernetes using NGINX a...
#拉取
[root@kht113 kht]# helm pull ingress-nginx/ingress-nginx
#空间创建
[root@kht113 ingress-nginx]# kubectl create ns ingress-nginx
#打标签
[root@kht113 ingress-nginx]# kubectl label node kht113 ingress=true
node/kht113 labeled
#安装,需要修改values文件
[root@kht113 ingress-nginx]# helm install ingress-nginx . -n ingress-nginx
三、访问测试
1.测试文件1.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
namespace: test
spec:
replicas: 1
selector:
matchLabels:
app: nginx-pod
template:
metadata:
labels:
app: nginx-pod
spec:
containers:
- name: nginx
image: nginx:1.17.1
ports:
- containerPort: 80
nodeName: kht114
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: tomcat-deployment
namespace: test
spec:
replicas: 1
selector:
matchLabels:
app: tomcat-pod
template:
metadata:
labels:
app: tomcat-pod
spec:
containers:
- name: tomcat
image: tomcat:8.5-jre10-slim
ports:
- containerPort: 8080
nodeName: kht114
2.测试文件2.yaml
---
apiVersion: v1
kind: Service
metadata:
name: nginx-service
namespace: test
spec:
ports:
- port: 80
name: nginx
clusterIP: None
selector:
app: nginx-pod
---
apiVersion: v1
kind: Service
metadata:
name: tomcat-service
namespace: test
spec:
selector:
app: tomcat-pod
type: ClusterIP
ports:
- protocol: TCP
port: 80
targetPort: 8080
测试文件3.yaml
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: ingress-http
namespace: test
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
kubernetes.io/ingress.class: nginx
# nginx.ingress.kubernetes.io/backend-protocol: HTTPS
# nginx.ingress.kubernetes.io/ssl-redirect: 'true'
# nginx.ingress.kubernetes.io/use-regex: 'true'
spec:
rules:
- host: nginx.test.com
http:
paths:
- path: /
backend:
serviceName: nginx-service
servicePort: 80
- host: tomcat.test.com
http:
paths:
- path: /
backend:
serviceName: tomcat-service
servicePort: 80
测试文件3.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ingress-http
namespace: test
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
kubernetes.io/ingress.class: nginx
# nginx.ingress.kubernetes.io/backend-protocol: HTTPS
# nginx.ingress.kubernetes.io/ssl-redirect: 'true'
# nginx.ingress.kubernetes.io/use-regex: 'true'
spec:
rules:
- host: nginx.test.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: nginx-service
port:
number: 80
- host: tomcat.test.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: tomcat-service
port:
number: 80
4.为ingress-nginx的pod指定node,并修改该node的hosts文件对应的域名
kubectl get pod -n ingress-nginx -o wide
#如下type当为ClusterIP,可以直接用域名访问
[root@kht113 test]# kubectl get svc -n ingress-nginx
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ingress-nginx-controller ClusterIP 10.98.190.37 <none> 80/TCP,443/TCP 103m
ingress-nginx-controller-admission ClusterIP 10.97.233.159 <none> 443/TCP 103m
#如下当type为NodePort时可以采用域名:IP的方式访问
[root@kht113 test]# kubectl get svc -n ingress-nginx
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ingress-nginx-controller NodePort 10.98.190.37 <none> 80:30471/TCP,443:32494/TCP 102m
ingress-nginx-controller-admission ClusterIP 10.97.233.159 <none> 443/TCP 102m
四、配置文件说明
dnsPolicy
Kubernetes 集群中支持通过 dnsPolicy 字段为每个 Pod 配置不同的 DNS 策略。目前支持四种策略:
ClusterFirst:通过集群 DNS 服务来做域名解析,Pod 内 /etc/resolv.conf 配置的 DNS 服务地址是集群 DNS 服务的 kube-dns 地址。该策略是集群工作负载的默认策略。
None:忽略集群 DNS 策略,需要您提供 dnsConfig 字段来指定 DNS 配置信息。
Default:Pod 直接继承集群节点的域名解析配置。即在集群直接使用节点的 /etc/resolv.conf 文件。
ClusterFirstWithHostNetwork:强制在 hostNetWork 网络模式下使用 ClusterFirst 策略(默认使用 Default 策略)
hostNetwork
hostNetwork: true 网络,这是一种直接定义Pod网络的方式。如果在POD中使用hostNetwork:true配置网络,
pod中运行的应用程序可以直接看到宿主主机的网络接口,宿主主机所在的局域网上所有网络接口都可以访问到该应用程序。
type 参考地址
