LAB-07：创建Ingress

LAB-07：创建Ingress

LAB 需求

在 ing-internal 命名空间下创建一个 ingress，名字为 pong，代理的 service hi，端口为 5678，配置路径 /hi。
验证：访问 curl -kL <INTERNAL_IP>/hi 会返回 hi

LAB 预配

# 1、创建 ns
# 创建一个名称为 ing-internal 命名空间
user1@k8s-master:~/cka/7$ cat ns-ing-internal.yaml 
apiVersion: v1
kind: Namespace
metadata:
  name: ing-internal

# 部署 ing-internal
user1@k8s-master:~/cka/7$ kubectl apply -f ns-ing-internal.yaml 
namespace/ing-internal created

# 2、创建 ingress-controller，这里使用 ingress-nginx 
# 下载 yaml 文件
user1@k8s-master:~/cka/7$ wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/main/deploy/static/provider/baremetal/1.22/deploy.yaml

# 部署 ingress 控制器
user1@k8s-master:~/cka/7$ kubectl apply -f deploy.yaml

# 查看创建的 SVC
user1@k8s-master:~$ kubectl get svc -n ingress-nginx 
NAME                                 TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)                      AGE
ingress-nginx-controller             NodePort    10.103.179.91    <none>        80:31116/TCP,443:30702/TCP   23h
ingress-nginx-controller-admission   ClusterIP   10.104.125.187   <none>        443/TCP                      23h

# 查看创建的 pod
user1@k8s-master:~$ kubectl get pod -n ingress-nginx -o wide
NAME                                       READY   STATUS      RESTARTS     AGE   IP              NODE         NOMINATED NODE   READINESS GATES
ingress-nginx-admission-patch--1-f9qth     0/1     Completed   0            23h   <none>          k8s-node-3   <none>           <none>
ingress-nginx-controller-76cbb4c8b-kb8s8   1/1     Running     1 (8h ago)   23h   10.244.140.81   k8s-node-2   <none>           <none>

# 查看 ingress-controller 的 endpoint。
user1@k8s-master:~$ kubectl get endpoints -n ingress-nginx 
NAME                                 ENDPOINTS                            AGE
ingress-nginx-controller             10.244.140.81:443,10.244.140.81:80   23h
ingress-nginx-controller-admission   10.244.140.81:8443                   23h

# 查看 ingress-controller 的详细信息
user1@k8s-master:~$ kubectl describe endpoints -n ingress-nginx ingress-nginx-controller
Name:         ingress-nginx-controller
Namespace:    ingress-nginx
Labels:       app.kubernetes.io/component=controller
              app.kubernetes.io/instance=ingress-nginx
              app.kubernetes.io/name=ingress-nginx
              app.kubernetes.io/part-of=ingress-nginx
              app.kubernetes.io/version=1.2.0
Annotations:  endpoints.kubernetes.io/last-change-trigger-time: 2022-05-02T04:39:28Z
Subsets:
  Addresses:          10.244.140.81
  NotReadyAddresses:  <none>
  Ports:
    Name   Port  Protocol
    ----   ----  --------
    https  443   TCP
    http   80    TCP

Events:  <none>

# 3、部署服务
# 在 k8s-node-2 创建目录
user1@k8s-node-2:~$ mkdir -p /tmp/7/html
user1@k8s-node-2:~$ cd /tmp/7/html/

# 在 k8s-node-2 创建文件
user1@k8s-node-2:/tmp/7/html$ cat index.html 
hi

# 编写 SVC 为 hi 的资源清单。指定在 k8s-node-2 节点，因为 hostpath 存储在 node-2 节点。
user1@k8s-master:~/cka/7$ cat nginx-app-service.yaml 
apiVersion: apps/v1
kind: Deployment 
metadata:
  name: nginx-app
  namespace: ing-internal 
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nginx-app
  template:
    metadata:
      labels:
        app: nginx-app
    spec:
      nodeName: k8s-node-2
      containers:
      - name: nginx 
        image: nginx:1.18.0
        imagePullPolicy: IfNotPresent
        volumeMounts:
        - name: html-hi
          mountPath: /usr/share/nginx/html/
      volumes:
      - name: html-hi
        hostPath:
          path: /tmp/7/html
---
apiVersion: v1 
kind: Service 
metadata:
  name: hi
  namespace: ing-internal
spec:
  selector:
    app: nginx-app
  ports:
  - name: web 
    port: 5678 
    targetPort: 80
    
# 部署 SVC 和 pod
user1@k8s-master:~/cka/7$ kubectl apply -f nginx-app-service.yaml 
deployment.apps/nginx-app created
service/hi created

# 查看部署的 SVC
user1@k8s-master:~$ kubectl get svc -n ing-internal 
NAME   TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)    AGE
hi     ClusterIP   10.101.142.58   <none>        5678/TCP   23h

# 查看部署的 pod
user1@k8s-master:~$ kubectl get pod -n ing-internal  -o wide
NAME                         READY   STATUS    RESTARTS     AGE   IP              NODE         NOMINATED NODE   READINESS GATES
nginx-app-778d9f8cbc-m9npr   1/1     Running   1 (9h ago)   23h   10.244.140.79   k8s-node-2   <none>           <none>

# 4、测试访问 
# 访问 SVC
user1@k8s-master:~$ curl 10.101.142.58:5678
hi

# 访问 pod
user1@k8s-master:~$ curl 10.244.140.79
hi

LAB 答案

# 切换 content
$ kubectl config use-context k8s

# 编写 ingress 的 yaml
$ cat pong.yaml 
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: pong
  namespace: ing-internal
  annotations:
    nginx.ingress.kubernetes.io/rewrite-target: /
    kubernetes.io/ingress.class: nginx  #测试环境，获取不到IP，就添加该配置
spec:
  rules:
  - http:
      paths:
      - path: /hi
        pathType: Prefix
        backend:
          service:
            name: hi
            port:
              number: 5678
              
# 部署 ingress
$ kubectl apply -f pong.yaml 
ingress.networking.k8s.io/pong created

LAB 验证

# 获取 ingress 的 IP 地址
user1@k8s-master:~$ kubectl get ingress -n ing-internal 
NAME   CLASS    HOSTS   ADDRESS         PORTS   AGE
pong   <none>   *       192.168.1.212   80      4h38m

# 测试访问，使用 ingress-nginx 的 svc 的 nodeport 端口 31116
user1@k8s-master:~$ curl http://192.168.1.212:31116/hi
hi

参考资料

• https://kubernetes.io/zh/docs/concepts/services-networking/ingress/