Ingress of K8S realizes seven-layer business agent

1. The role of Ingress

For Kubernetes Service, both Cluster-Ip and NodePort are four-layer load. How to achieve seven-layer load balancing for services in the cluster requires the help of Ingress; Ingress-nginx is a seven-layer load balancer, and at the same time Responsible for the unified management of external requests for Service in the k8s cluster.

2. Deploy Ingress

1. Download the corresponding yaml file

wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/nginx-0.30.0/deploy/static/mandatory.yaml

2. Modify the corresponding location

3. Create an ingress application

4. View the resource information created by ingress

3. Publish the current myblog application through ingress (svc) for external access

1. View the svc of the current myblog

2. Write ingress yaml file

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: myblog
  namespace: kang                           #命名空间必须要与svc一致
spec:
  rules:
  - host: myblog.cedarhd.com          #对外发布的域名（等同于nginx多主机头）
    http:
      paths:
      - path: /                                       #匹配路径
        backend:
          serviceName: myblog             #上面图片svc对应的名称
          servicePort: 80                        #上面图片svc的端口

3. Create ingress rules through yaml files

4. Access from the outside through myblog.cedarhd.com

4. Based on the above situation, issue a secure access agreement

1. Create a new securt through the domain name certificate purchased by the company

#This method protects the sensitive and confidential information of the private key

2. Create ingress rules for publishing htts

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: myblog
  namespace: kang
spec:
  rules:
  - host: myblog.cedarhd.com
    http:
      paths:
      - path: /
        backend:
          serviceName: myblog
          servicePort: 80
  tls:
    - hosts:
      - myblog.cedarhd.com
      secretName: https-secret

3. Create secret and view information

4. Verify success through the browser

5. Tips for using Ingress forwarding rules

1. Multi-path forwarding

#目标
myblog.luffy.com -> 192.168.136.10 -> /foo   service1:4200
                                      /bar   service2:8080
                                      /      myblog:80

#实现
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
  name: simple-fanout-example
  namespace: luffy
spec:
  rules:
  - host: myblog.luffy.com
    http:
      paths:
      - path: /foo
        backend:
          serviceName: service1
          servicePort: 4200
      - path: /bar
        backend:
          serviceName: service2
          servicePort: 8080
      - path: /
        backend:
          serviceName: myblog
          servicePort: 80

2. URL rewriting

目标：

myblog.luffy.com -> 192.168.136.10 -> /foo/    myblog:80/admin/

实现：
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
 name: rewrite-path
 namespace: luffy
 annotations:
   nginx.ingress.kubernetes.io/rewrite-target: /admin/$1
spec:
 rules:
 - host: myblog.luffy.com
   http:
     paths:
     - path: /foo/(.*)
       backend:
         serviceName: myblog
         servicePort: 80