kubernetes部署Ingress-nginx

版权声明：本文为博主原创文章，转载请注明出处。 https://blog.csdn.net/networken/article/details/85881558

Ingress-nginx简介

Pod的IP以及service IP只能在集群内访问，如果想在集群外访问kubernetes提供的服务，可以使用nodeport、proxy、loadbalacer以及ingress等方式，由于service的IP集群外不能访问，就是使用ingress方式再代理一次，即ingress代理service，service代理pod.
Ingress基本原理图如下：

部署nginx-ingress-controller

github地址
https://github.com/kubernetes/ingress-nginx
https://kubernetes.github.io/ingress-nginx/

下载nginx-ingress-controller配置文件

wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/nginx-0.21.0/deploy/mandatory.yaml

修改镜像路径
#替换镜像路径

[centos@k8s-master ~]$ vim mandatory.yaml
......
          #image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.21.0
          image: willdockerhub/nginx-ingress-controller:0.21.0
......

#执行yaml文件部署

[centos@k8s-master ~]$
[centos@k8s-master ~]$ kubectl apply -f mandatory.yaml 
namespace/ingress-nginx created
configmap/nginx-configuration created
serviceaccount/nginx-ingress-serviceaccount created
clusterrole.rbac.authorization.k8s.io/nginx-ingress-clusterrole created
role.rbac.authorization.k8s.io/nginx-ingress-role created
rolebinding.rbac.authorization.k8s.io/nginx-ingress-role-nisa-binding created
clusterrolebinding.rbac.authorization.k8s.io/nginx-ingress-clusterrole-nisa-binding created
deployment.extensions/nginx-ingress-controller created
[centos@k8s-master ~]$

nodeport方式对外提供服务：
通过ingress-controller对外提供服务，现在还需要手动给ingress-controller建立一个servcie，接收集群外部流量。
service-nodeport配置文件：

wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/provider/baremetal/service-nodeport.yaml

执行yaml

[centos@k8s-master ~]$ kubectl apply -f service-nodeport.yaml
service/ingress-nginx created
[centos@k8s-master ~]$

查看ingress-nginx组件状态

[centos@k8s-master ~]$ kubectl get pod -n ingress-nginx 
NAME                                        READY   STATUS    RESTARTS   AGE
nginx-ingress-controller-6bdcbbdfdc-wd2bn   1/1     Running   0          24s
[centos@k8s-master ~]$ kubectl get svc -n ingress-nginx 
NAME            TYPE       CLUSTER-IP       EXTERNAL-IP   PORT(S)                      AGE
ingress-nginx   NodePort   10.104.138.113   <none>        80:30737/TCP,443:31952/TCP   13s
[centos@k8s-master ~]$ 

查看创建的ingress service暴露的端口：

[centos@k8s-master ~]$ kubectl get svc -n ingress-nginx 
NAME            TYPE       CLUSTER-IP       EXTERNAL-IP   PORT(S)                      AGE
ingress-nginx   NodePort   10.102.214.165   <none>        80:32211/TCP,443:32294/TCP   13m

创建ingress-nginx后端服务
1.创建一个Service及后端Deployment(以nginx为例)

[centos@k8s-master ~]$ vim deploy-demon.yaml
apiVersion: v1
kind: Service
metadata:
  name: myapp
  namespace: default
spec:
  selector:
    app: myapp
    release: canary
  ports:
  - name: http
    port: 80
    targetPort: 80
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: myapp-deploy
spec:
  replicas: 2
  selector:
    matchLabels:
      app: myapp
      release: canary
  template:
    metadata:
      labels:
        app: myapp
        release: canary
    spec:
      containers:
      - name: myapp
        image: ikubernetes/myapp:v2
        ports:
        - name: httpd
          containerPort: 80

创建相关服务及检查状态是否就绪

[centos@k8s-master ~]$ kubectl apply -f deploy-demon.yaml 
service/myapp unchanged
deployment.apps/myapp-deploy configured
[centos@k8s-master ~]$
[centos@k8s-master ~]$ kubectl get pods                   
NAME                             READY   STATUS    RESTARTS   AGE
myapp-deploy-5cc79fc966-2228d    1/1     Running   0          62s
myapp-deploy-5cc79fc966-42w2d    1/1     Running   0          62s

创建myapp的ingress规则

[centos@k8s-master ~]$ vim  ingress-myapp.yaml 
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: ingress-myapp
  namespace: default
  annotations:
    kubernets.io/ingress.class: "nginx"
spec:
  rules:
  - host: myapp.magedu.com
    http:
      paths:
      - path:
        backend:
          serviceName: myapp
          servicePort: 80

查看创建的ingress规则

[centos@k8s-master ~]$ kubectl apply -f ingress-myapp.yaml  
ingress.extensions/ingress-myapp created
[centos@k8s-master ~]$ kubectl get ingress
NAME            HOSTS              ADDRESS   PORTS   AGE
ingress-myapp   myapp.magedu.com             80      11s
[centos@k8s-master ~]$ 

查看ingress-default-backend的详细信息：

[centos@k8s-master ~]$ kubectl exec -n ingress-nginx -ti nginx-ingress-controller-6bdcbbdfdc-wd2bn -- /bin/sh
$ cat nginx.conf
...... 
       ## start server myapp.magedu.com
        server {
                server_name myapp.magedu.com ;

                listen 80;

                set $proxy_upstream_name "-";

                location / {

                        set $namespace      "default";
                        set $ingress_name   "ingress-myapp";
                        set $service_name   "myapp";
                        set $service_port   "80";
                        set $location_path  "/";
...... 

配置集群外域名解析，当前测试环境我们使用windows hosts文件进行解析

92.168.92.56  myapp.magedu.com  
92.168.92.57  myapp.magedu.com  
92.168.92.58  myapp.magedu.com  

使用域名进行访问: