In k8s configure access by domain name Ingress
https://juejin.im/post/5db8da4b6fb9a0204520b310
In the last article we have used k8s deployed the first application, then we can use Ingress it on the Internet can be accessed (of course, you have your own domain name and point to the right)
Here are the official website of the copying of Ingress a chart to describe the role of Ingress. If you know nothing about it, you can understand it as a traditional nginx, configure the domain name for your site so that it can be accessed via the Internet.
internet
|
[ Ingress ]
--|-----|--
[ Services ]
复制代码Wherein the Ingress two components
Ingress: Configure forwarding rules, similar to nginx configuration fileIngress Controller: Forward, like nginx, it will read theIngressrules and converted intonginxa configuration file
And Ingress Controller in addition to nginx outside as well haproxy, ingress and so, we use nginx as Ingress Controller
Use helm deploy nginx Ingress Controller
We use the helm official selection of stable / nginx-Ingress Chart deployment.
nginx-ingress Will be configured as a type LoadBalancer of service, you need to configure EXTERNAL-IP as IP k8s cluster nodes. Here external-ip is set to [172.17.68.39, 172.17.68.40]
We can kubectl get nodes obtain an IP address
# 获取node的 INTERNAL-IP,作为 LoadBalancer 的 EXTERNAL-IP
$ kubectl get nodes -o wide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
shanyue Ready master 13d v1.16.0 172.17.68.39 <none> CentOS Linux 7 (Core) 3.10.0-957.21.3.el7.x86_64 docker://18.6.2
shuifeng Ready <none> 13d v1.16.0 172.17.68.40 <none> CentOS Linux 7 (Core) 3.10.0-957.21.3.el7.x86_64 docker://18.6.2
复制代码Here external-ip is set to [172.17.68.39, 172.17.68.40]
controller.service.externalIPs[0]=172.17.68.39
controller.service.externalIPs[1]=172.17.68.40
复制代码# 使用 helm v3 部署,如果使用 helm v2 部署的话,把 release-name 使用 --name 指定
$ helm install nginx-ingress stable/nginx-ingress --set "controller.service.externalIPs[0]=172.17.68.39,controller.service.externalIPs[1]=172.17.68.40"
NAME: nginx-ingress
LAST DEPLOYED: 2019-10-18 21:21:44.115902395 +0800 CST m=+1.904554085
NAMESPACE: default
STATUS: deployed
NOTES:
The nginx-ingress controller has been installed.
It may take a few minutes for the LoadBalancer IP to be available.
You can watch the status by running 'kubectl --namespace default get services -o wide -w nginx-ingress-controller'
An example Ingress that makes use of the controller:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
kubernetes.io/ingress.class: nginx
name: example
namespace: foo
spec:
rules:
- host: www.example.com
http:
paths:
- backend:
serviceName: exampleService
servicePort: 80
path: /
# This section is only required if TLS is to be enabled for the Ingress tls: - hosts: - www.example.com secretName: example-tls If TLS is enabled for the Ingress, a Secret containing the certificate and key must also be provided: apiVersion: v1 kind: Secret metadata: name: example-tls namespace: foo data: tls.crt: <base64 encoded cert> tls.key: <base64 encoded key> type: kubernetes.io/tls 复制代码Deployment of verification nginx-ingress
$ helm ls
NAME NAMESPACE REVISION UPDATED STATUS CHART
nginx-ingress default 1 2019-10-18 11:21:44.115902395 +0800 CST deployed nginx-ingress-1.24.0
# 查看 nginx-ingress 所有的 service
$ kubectl get svc -l app=nginx-ingress
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
nginx-ingress-controller LoadBalancer 10.101.64.64 172.17.68.39,172.17.68.40 80:30285/TCP,443:31094/TCP 7m19s
nginx-ingress-default-backend ClusterIP 10.110.76.15 <none> 80/TCP 7m19s
复制代码Configuring Ingress mapping between domain names
Associated with the known knowledge will help us better learn new knowledge, the following is on nginx and ingress deploy a simple blog application configuration file
- External network access applications over the domain name nginx.xiange.tech
- Nginx proxy service to do load balancing
- nginx exposed port 80
server {
listen 80
server_name nginx.xiange.tech
location / {
proxy_pass: http://nginx:80
}
}
复制代码Use Ingress configure routing rules are
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata: name: nginx-service-ingress spec: rules: - host: nginx.xiange.tech http: paths: - backend: serviceName: nginx-service servicePort: 80 path: / 复制代码We use Ingress it to configure nginx.xiange.tech this domain name, the domain name in the browser open in the public network environment nginx.xiange.tech, you can see the familiar nginx configuration page
summary
Deploy an application from Deployment, Service and then to Ingress the full configuration file follows
apiVersion: apps/v1
kind: Deployment
metadata: name: nginx-deployment spec: selector: matchLabels: app: nginx replicas: 3 template: metadata: labels: app: nginx spec: containers: - name: nginx image: nginx:alpine ports: - containerPort: 80 --- apiVersion: v1 kind: Service metadata: name: nginx-service spec: selector: app: nginx ports: - protocol: TCP port: 80 targetPort: 80 --- apiVersion: networking.k8s.io/v1beta1 kind: Ingress metadata: name: nginx-service-ingress spec: rules: - host: nginx.xiange.tech http: paths: - backend: serviceName: nginx-service servicePort: 80 path: / 复制代码follow me
Welcome to public attention Signal Hill-month trip, I will share some of the front and rear end as well as operation and maintenance of articles on a regular basis, and there will be daily review and summary of technology and life, welcome attention to the exchange