kubernetes的ingress-nginx使用案例

这是一篇学习记录。记录kubernetes集群中如何将jenkins服务通过域名接入外部。由于是测试环境，域名是自定义的，解析写在/etc/hosts和自己本地的hosts中。

部署图：

 

一、部署后端Jenkins的pod和service

# cd ../
# mkdir demo
# cd demo

# cat deploy-jenkinsdemo.yaml 
apiVersion: v1
kind: Service  #资源类别是Service
metadata:      #元数据
  name: myapp  #在同一个资源类别中，唯一的名字
  namespace: default  #名称空间
spec:    #目标状态
  selector:    #
    app: myapp
    release: canary
  ports:
  - name: http
    port: 8080
    targetPort: 8080
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: myapp-deploy
  namespace: default
spec:
  replicas: 1
  selector:
    matchLabels:
      app: myapp
      release: canary
  template:
    metadata:
      labels:
        app: myapp
        release: canary
    spec:
      containers:   #以下是容器的配置。与containers同级的配置属于pod的设置
      - name: myapp
        image: jenkins/jenkins:lts
        ports:
        - name: http
          containerPort: 8080

#docker pull jenkins/jenkins:lts

#kubectl apply -f deploy-jenkinsdemo.yaml 

# kubectl get pods -n default
NAME READY STATUS RESTARTS AGE
myapp-deploy-5565c495f4-9hz8d 1/1 Running 0 19h

# kubectl get svc -n default
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 77d
myapp ClusterIP 10.99.69.88 <none> 8080/TCP 19h

 

二、部署ingress-controller

https://github.com/kubernetes/ingress-nginx/tree/master/deploy/static 下载：

https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/mandatory.yaml（通用的部署方式，单用这文件可以部署）

我用基本的部署文件。先执行namespace.yaml，后执行configmap.yaml、rbac.yaml、with-rabc.yaml

#mkdir ingress-nginx

#cd ingress-nginx

#wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/configmap.yaml

#wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/namespace.yaml

#wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/rbac.yaml

#wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/with-rabc.yaml

#docker pull quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.25.0    (网络不好会比较慢，先下载)

#kubectl apply -f namespace.yaml 

#kubectl apply -f ./

# kubectl get pods -n ingress-nginx
NAME READY STATUS RESTARTS AGE
nginx-ingress-controller-86449c74bb-4cp6c 1/1 Running 0 19h

 

三、部署Service（ingress-nginx）

# cat service-nodeport.yaml 
apiVersion: v1
kind: Service
metadata:
  name: ingress-nginx
  namespace: ingress-nginx
  labels:
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx
spec:
  type: NodePort
  ports:
    - name: http
      port: 80
      targetPort: 80
      nodePort: 30080
      protocol: TCP
    - name: https
      port: 443
      targetPort: 443
      nodePort: 30443
      protocol: TCP
  selector:
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx

---

#kubectl apply -f service-nodeport.yaml

# kubectl get service -n ingress-nginx
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ingress-nginx NodePort 10.110.96.58 <none> 80:30080/TCP,443:30443/TCP 19h

启动service的ingres-nginx后，可以查看nginx.conf配置，配置会自动更新。

# kubectl exec -n ingress-nginx -it nginx-ingress-controller-86449c74bb-4cp6c -- /bin/sh
$ cat nginx.conf

查看所有节点的服务情况：

所有节点的30080端口都已经打开

 域名myapp.magedu.com会负载均衡到所有节点。

四、验证

由于域名是自己编的，没有dns解析。所以：

1.在k8s集群的节点配置hosts：

# cat /etc/hosts

ip.204 myapp.magedu.com
ip.143  myapp.magedu.com
ip.240  myapp.magedu.com

2.在自己本地修改hosts

3.在本机浏览器中访问：

myapp.magedu.com:30080

 

4.复制Jenkins的密钥：

# kubectl exec -n default -it myapp-deploy-5565c495f4-9hz8d -- /bin/sh
$ cat /var/jenkins_home/secrets/initialAdminPassword
d7d3a04411734841a49cdac9b78e6ab4

 5.正常使用Jenkins