k8s1.26+ingress-nginx+keepalive+lvs实现ingress-controller高可用

 根据 Deployment+ nodeSeletor+pod 反亲和性策略，把ingress-nginx部署在 k8s 指定的两个 work 节点，nginx-ingress-controller 的网络模式改成NodePort, pod 共享宿主机 ip， keepalive+lvs 实现 nginx-ingress-controller 高可用

1. 下载配置文件

curl https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.6.4/deploy/static/provider/baremetal/deploy.yaml -o ingress-nginx.yaml

 

2.  获取镜像包，由于国外的资源我们无法获取，需要到阿里云获取相应的资源，具体命令如下：

docker pull  registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-ingress-controller:v1.6.4

docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-webhook-certgen:v1.5.2

containerd运行时的下载：

ctr -n k8s.io images pull  registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-ingress-controller:v1.6.4

ctr -n k8s.io images pull  registry.cn-hangzhou.aliyuncs.com/google_containers/kube-webhook-certgen:v1.5.2

## 导出镜像

ctr images export kube-webhook-certgen.tar   registry.cn-hangzhou.aliyuncs.com/google_containers/kube-webhook-certgen:v1.5.2 

 

3.  修改配置文件ingress-nginx.yaml配置文件的image部分，同时增加节点反亲和性，修改后如下：

image: registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-ingress-controller:v1.6.4
imagePullPolicy: IfNotPresent

image: registry.cn-hangzhou.aliyuncs.com/google_containers/kube-webhook-certgen:v1.5.2
imagePullPolicy: IfNotPresent

# 在Deployment的template.spec部分，定义一个affinity.podAntiAffinity

template:
    metadata:
      labels:
        app.kubernetes.io/name: ingress-nginx
        app.kubernetes.io/instance: ingress-nginx
        app.kubernetes.io/component: controller
    spec:
      hostNetwork: true
      affinity:
        podAntiAffinity:
          preferredDuringSchedulingIgnoredDuringExecution:
          - weight: 100
            podAffinityTerm:
              labelSelector:
                matchLabels:
                  app.kubernetes.io/name: ingress-nginx
              topologyKey: kubernetes.io/hostname

# 相应节点也要配置label,此处注意：并非所有节点都要配置这个label，当然如果使用了daemonset部署模式，也可以不配置该标签

kubectl lable nodes node1  app.kubernetes.io/name=ingress-nginx

 

 4. 也可以自己修改ingressClass的名称

apiVersion: networking.k8s.io/v1
kind: IngressClass
metadata:
labels:
app.kubernetes.io/component: controller
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
app.kubernetes.io/version: 1.6.4
name: nginx-mjx

5.  使用配置文件

kubectl apply -f ingress-nginx.yaml

 

 #############   部署keepalived