36、k8s-Ingress的使用-搭建ingress-nginx服务和ingress-controller控制器--http代理
1、搭建ingress服务环境(安装ingress-controller控制器)--这里使用nginx做负载均衡
1、创建文件:
·mkdir /opt/ingress
·cd /opt/ingress
2、获取ingress-nginx和ingress控制器的yaml文件:
##创建ingress-controller控制器的yaml文件
·wget https://github.com/kubernetes/ingress-nginx/blob/nginx-0.30.0/deploy/static/mandatory.yaml
##创建 ingress-nginx服务的yaml文件
·wget https://github.com/kubernetes/ingress-nginx/blob/nginx-0.30.0/deploy/static/provider/baremetal/service-nodeport.yaml
3、去到ingress目录下修改镜像仓库地址:
·vim /opt/ingress/mandatory.yaml
------------------------------------------------------------------------------------
搜/image
#将:image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.30.0
#改为国内仓库:image: quay-mirror.qiniu.com/kubernetes-ingress-controller/nginx-ingress-controller:0.30.0
#@如果国内镜像不行直接用国外镜像下载
#@注意使用 kubectl describe pods -n ingress-nginx 查看pod的下载启动情况
#@更换镜像后、先把yaml创建的pod和service删除:kubectl delete -f ./
#@再创建
------------------------------------------------------------------------------------------------------------------
4、执行yaml文件:
·cd /opt/ingress
·kubectl apply -f ./
5、查看pod状态:
·kubectl get pods -n ingress-nginx
----------------------------------------------------------------------------------------
NAME READY STATUS RESTARTS AGE
nginx-ingress-controller-7f74f657bd-97jbm 1/1 Running 0 12m
#只有READY 是1/1时pod才是正常运行状态
-----------------------------------------------------------------------------------------
6、查看service状态: #重点是这个服务(起到外部访问内部集群的作用、外部访问内部的集群通过这个ingress-nginx服务的端口来访问的)
·kubectl get service -n ingress-nginx
-----------------------------------------------------------------------------------------------
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ingress-nginx NodePort 10.97.145.253 <none> 80:30090/TCP,443:32457/TCP 13m
#这里service的类型是NodePort的
#80是http的端口
#443是https的端口
------------------------------------------------------------------------------------------------2、准备service和pod
·创建如下图架构
2、创建tomcat-nginx.yaml
1、创建dev空间:kubectl create ns dev
2、vim tomcat-nginx.yaml
---------------------------------------------------------------
#创建两个deployment控制器和6个pod、两个service
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
namespace: dev
spec:
replicas: 3
selector:
matchLabels:
app: nginx-pod
template:
metadata:
labels:
app: nginx-pod
spec:
containers:
- name: nginx
image: nginx:1.17.1
ports:
- containerPort: 80
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: tomcat-deployment
namespace: dev
spec:
replicas: 3
selector:
matchLabels:
app: tomcat-pod
template:
metadata:
labels:
app: tomcat-pod
spec:
containers:
- name: tomcat
image: tomcat:8.5-jre10-slim
ports:
- containerPort: 8080
---
apiVersion: v1
kind: Service
metadata:
name: nginx-service
namespace: dev
spec:
selector:
app: nginx-pod
clusterIP: None
type: ClusterIP
ports:
- port: 80
targetPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: tomcat-service
namespace: dev
spec:
selector:
app: tomcat-pod
clusterIP: None
type: ClusterIP #集群内部访问的service类型
ports:
- port: 8080
targetPort: 8080
-------------------------------------------------------------------------------------
3、创建deploy、pod、service:kubectl apply -f tomcat-nginx.yaml
4、查询service、pod、deploy的状态:
·kubectl get deployment,pods,svc -ndev -owide
------------------------------------------------------------------------------------------------
NAME READY UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR
deployment.apps/nginx-deployment 3/3 3 3 2m24s nginx nginx:1.17.1 app=nginx-pod
deployment.apps/tomcat-deployment 3/3 3 3 2m24s tomcat tomcat:8.5-jre10-slim app=tomcat-pod
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
pod/nginx-deployment-6696798b78-g489b 1/1 Running 0 2m24s 10.244.1.7 node-1 <none> <none>
pod/nginx-deployment-6696798b78-m2b9r 1/1 Running 0 2m24s 10.244.1.10 node-1 <none> <none>
pod/nginx-deployment-6696798b78-wx2r2 1/1 Running 0 2m24s 10.244.1.8 node-1 <none> <none>
pod/tomcat-deployment-58467d5474-d7cn5 1/1 Running 0 2m24s 10.244.1.9 node-1 <none> <none>
pod/tomcat-deployment-58467d5474-kwhrf 1/1 Running 0 2m24s 10.244.1.5 node-1 <none> <none>
pod/tomcat-deployment-58467d5474-lhbcj 1/1 Running 0 2m24s 10.244.1.6 node-1 <none> <none>
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
service/nginx-service ClusterIP None <none> 80/TCP 2m24s app=nginx-pod
service/tomcat-service ClusterIP None <none> 8080/TCP 2m24s app=tomcat-pod
-----------------------------------------------------------------------------------------------------------------------------------------------------
3、http代理(也就是ingress规则、配置规则才能使外部访问集群内部的应用)
1、创建ingress-http.yaml文件:vim ingress-http.yaml
-----------------------------------------------------------------------------------------------
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: ingress-http
namespace: dev
spec:
rules:
- host: nginx.xiaoxin.com #自定义域名(正式环境需要正确备案的域名)
http:
paths:
- path: / #这个路径如果是 /test 那么访问的时候就加上 http://nginx.xiaoxin.com/test
backend: #转发配置、转发到下面配置的服务
serviceName: nginx-service #这个就是上面创建的service、当访问http://nginx.xiaoxin.com/时 就会转发到这个service上
servicePort: 80
- host: tomcat.xiaoxin.com
http:
paths:
- path: /
backend:
serviceName: tomcat-service
servicePort: 8080
------------------------------------------------------------------------------------------------------------------------------
2、创建Ingress:kubectl create -f ingress-http.yaml
3、查看ingress状态:
·kubectl get ing ingress-http -ndev #ing是ingress的缩写
------------------------------------------------------------------------------------
NAME HOSTS ADDRESS PORTS AGE
ingress-http nginx.xiaoxin.com,tomcat.xiaoxin.com 10.97.145.253 80 73s
#hosts 是域名
#posts 是http暴露的端口
----------------------------------------------------------------------------------------
4、查看ingress更详细的信息:
·kubectl describe ing ingress-http -ndev
--------------------------------------------------------------------------------------------
Name: ingress-http
Namespace: dev
Address: 10.97.145.253
Default backend: default-http-backend:80 (<none>)
Rules:
Host Path Backends
---- ---- --------
nginx.xiaoxin.com #看这里即可 意思是 访问nginx.xiaoxin.com + / 就转发到nginx-service:80 (10.244.1.10:80,10.244.1.7:80,10.244.1.8:80) 这三个pod去处理
/ nginx-service:80 (10.244.1.10:80,10.244.1.7:80,10.244.1.8:80)
tomcat.xiaoxin.com
/ tomcat-service:8080 (10.244.1.5:8080,10.244.1.6:8080,10.244.1.9:8080)
Annotations:
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal CREATE 3m58s nginx-ingress-controller Ingress dev/ingress-http
Normal UPDATE 3m19s nginx-ingress-controller Ingress dev/ingress-http
----------------------------------------------------------------------------------------------------------------------------
5、测式:
·先在本机的hosts文件做域名解析:
··路径:C:\Windows\System32\drivers\etc\hosts
··添加域名 192.168.177.160 nginx.xiaoxin.com
··添加域名 192.168.177.160 tomcat.xiaoxin.com
·查看第一步安装的ingress-nginx服务给的端口号:
··kubectl get svc -n ingress-nginx
-------------------------------------------------------------------------------------------------
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ingress-nginx NodePort 10.97.145.253 <none> 80:30090/TCP,443:32457/TCP 134m
#这里PORT 80指http协议 30090就是ingress暴露给外界访问的端口号
---------------------------------------------------------------------------------------------------
·浏览器访问:
··http://nginx.xiaoxin.com:30090
··http://tomcat.xiaoxin.com:30090
