クラスタサービスは、クラスタの外部に露出されやすくするために、あなたは侵入を使用しています。次ヘルムはnginxの進入Kubernetesを展開するために使用されます。nginxの進入コントローラは、エッジノードKubernetes上に展開することができます。
ここではmaster
、エッジノードとして、マークlabel
[root@master /]# kubectl label node master node-role.kubernetes.io/edge=
node/master labeled
[root@master /]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master Ready edge,master 4d3h v1.15.1
slaver1 Ready <none> 4d2h v1.15.1
slaver2 Ready <none> 4d2h v1.15.1
インストール
使用するyaml
インストールするには、設定ファイルを
安定/ nginxの-入口チャートファイル進入-nginx.yaml値は以下のとおりです。
controller:
replicaCount: 1
hostNetwork: true
nodeSelector:
node-role.kubernetes.io/edge: ''
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: app
operator: In
values:
- nginx-ingress
- key: component
operator: In
values:
- controller
topologyKey: kubernetes.io/hostname
tolerations:
- key: node-role.kubernetes.io/master
operator: Exists
effect: NoSchedule
- key: node-role.kubernetes.io/master
operator: Exists
effect: PreferNoSchedule
defaultBackend:
nodeSelector:
node-role.kubernetes.io/edge: ''
tolerations:
- key: node-role.kubernetes.io/master
operator: Exists
effect: NoSchedule
- key: node-role.kubernetes.io/master
operator: Exists
effect: PreferNoSchedule
nginxの進入制御replicaCountコピー数は1であるが、ノード1のエッジノードにスケジュールされます。ここでnginxの侵入コントローラサービスexternalIPsを指定しますが、しないことでhostNetwork: true
nginxの入口コントローラを提供しているホストのネットワークを使用。
helm repo update
helm install stable/nginx-ingress \
-n nginx-ingress \
--namespace ingress-nginx \
-f ingress-nginx.yaml
特定の情報:
[root@master /]# helm install stable/nginx-ingress -n nginx-ingress --namespace ingress-nginx -f ingress-nginx.yaml
NAME: nginx-ingress
LAST DEPLOYED: Tue Jul 30 14:39:58 2019
NAMESPACE: ingress-nginx
STATUS: DEPLOYED
RESOURCES:
==> v1/ConfigMap
NAME DATA AGE
nginx-ingress-controller 1 <invalid>
==> v1/Pod(related)
NAME READY STATUS RESTARTS AGE
nginx-ingress-controller-657658b9b-sp9fx 0/1 ContainerCreating 0 <invalid>
nginx-ingress-default-backend-f8b68765c-kfks5 0/1 ContainerCreating 0 <invalid>
==> v1/Service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
nginx-ingress-controller LoadBalancer 10.109.165.210 <pending> 80:32371/TCP,443:32057/TCP <invalid>
nginx-ingress-default-backend ClusterIP 10.101.156.153 <none> 80/TCP <invalid>
==> v1beta1/Deployment
NAME READY UP-TO-DATE AVAILABLE AGE
nginx-ingress-controller 0/1 1 0 <invalid>
nginx-ingress-default-backend 0/1 1 0 <invalid>
==> v1beta1/PodDisruptionBudget
NAME MIN AVAILABLE MAX UNAVAILABLE ALLOWED DISRUPTIONS AGE
nginx-ingress-controller 1 N/A 0 <invalid>
nginx-ingress-default-backend 1 N/A 0 <invalid>
NOTES:
The nginx-ingress controller has been installed.
It may take a few minutes for the LoadBalancer IP to be available.
You can watch the status by running 'kubectl --namespace ingress-nginx get services -o wide -w nginx-ingress-controller'
An example Ingress that makes use of the controller:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
kubernetes.io/ingress.class: nginx
name: example
namespace: foo
spec:
rules:
- host: www.example.com
http:
paths:
- backend:
serviceName: exampleService
servicePort: 80
path: /
# This section is only required if TLS is to be enabled for the Ingress
tls:
- hosts:
- www.example.com
secretName: example-tls
If TLS is enabled for the Ingress, a Secret containing the certificate and key must also be provided:
apiVersion: v1
kind: Secret
metadata:
name: example-tls
namespace: foo
data:
tls.crt: <base64 encoded cert>
tls.key: <base64 encoded key>
type: kubernetes.io/tls
コマンドを使用して直接インストール
helm install stable/nginx-ingress \
-n nginx-ingress \
--namespace ingress-nginx \
--set controller.hostNetwork=true,rbac.create=true \
--set controller.replicaCount=1
出力:
[root@master /]# helm install stable/nginx-ingress \
> -n nginx-ingress \
> --namespace ingress-nginx \
> --set controller.hostNetwork=true,rbac.create=true \
> --set controller.replicaCount=1
Error: release nginx-ingress failed: Deployment in version "v1beta1" cannot be handled as a Deployment: v1beta1.Deployment.Spec: v1beta1.DeploymentSpec.Template: v1.PodTemplateSpec.Spec: v1.PodSpec.HostNetwork: ReadBool: expect t or f, but found ", error found in #10 byte of ...|Network":"true,rba|..., bigger context ...|s":{}}],"dnsPolicy":"ClusterFirst","hostNetwork":"true,rbac.create=true","serviceAccountName":"def|...
私はここにRBACを設定せずに舵をインストールしたとき、例外をインストールし、それらを削除して再インストール
[root@master /]# helm install stable/nginx-ingress \
> -n nginx-ingress \
> --namespace ingress-nginx \
> --set controller.hostNetwork=true,controller.replicaCount=1
NAME: nginx-ingress
LAST DEPLOYED: Tue Jul 30 15:19:59 2019
NAMESPACE: ingress-nginx
STATUS: DEPLOYED
RESOURCES:
==> v1/ConfigMap
NAME DATA AGE
nginx-ingress-controller 1 <invalid>
==> v1/Pod(related)
NAME READY STATUS RESTARTS AGE
nginx-ingress-controller-67db56c89f-2hkxq 0/1 ContainerCreating 0 <invalid>
nginx-ingress-default-backend-878d64884-q4fmt 0/1 ContainerCreating 0 <invalid>
==> v1/Service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
nginx-ingress-controller LoadBalancer 10.108.107.199 <pending> 80:31412/TCP,443:31392/TCP <invalid>
nginx-ingress-default-backend ClusterIP 10.107.244.59 <none> 80/TCP <invalid>
==> v1beta1/Deployment
NAME READY UP-TO-DATE AVAILABLE AGE
nginx-ingress-controller 0/1 1 0 <invalid>
nginx-ingress-default-backend 0/1 1 0 <invalid>
==> v1beta1/PodDisruptionBudget
NAME MIN AVAILABLE MAX UNAVAILABLE ALLOWED DISRUPTIONS AGE
nginx-ingress-controller 1 N/A 0 <invalid>
nginx-ingress-default-backend 1 N/A 0 <invalid>
NOTES:
The nginx-ingress controller has been installed.
It may take a few minutes for the LoadBalancer IP to be available.
You can watch the status by running 'kubectl --namespace ingress-nginx get services -o wide -w nginx-ingress-controller'
An example Ingress that makes use of the controller:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
kubernetes.io/ingress.class: nginx
name: example
namespace: foo
spec:
rules:
- host: www.example.com
http:
paths:
- backend:
serviceName: exampleService
servicePort: 80
path: /
# This section is only required if TLS is to be enabled for the Ingress
tls:
- hosts:
- www.example.com
secretName: example-tls
If TLS is enabled for the Ingress, a Secret containing the certificate and key must also be provided:
apiVersion: v1
kind: Secret
metadata:
name: example-tls
namespace: foo
data:
tls.crt: <base64 encoded cert>
tls.key: <base64 encoded key>
type: kubernetes.io/tls
nginxの-侵入を削除
削除nginx-ingress
[root@master /]# helm delete nginx-ingress
release "nginx-ingress" deleted
[root@master /]# helm ls --all nginx-ingress
NAME REVISION UPDATED STATUS CHART APP VERSION NAMESPACE
nginx-ingress 1 Tue Jul 30 14:31:01 2019 DELETED nginx-ingress-0.9.5 0.10.2 ingress-nginx
[root@master /]# helm delete --purge nginx-ingress
release "nginx-ingress" deleted
[root@master /]# helm ls --all nginx-ingress
使用--purge
パラメータは、完全にレコードリリース、あなたはリリースの展開と同じ名前を使用することはできませんそれ以外の場合は、次の時間を残すことなく除去することができます。
インストールが成功し表示
ビューポッド:
[root@master /]# kubectl get pod -n ingress-nginx -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-ingress-controller-657658b9b-sp9fx 0/1 CrashLoopBackOff 2 61s 18.16.202.163 master <none> <none>
nginx-ingress-default-backend-f8b68765c-kfks5 1/1 Running 0 61s 10.244.0.2 master <none> <none>
ビューのサービス:
[root@master /]# kubectl get svc -o wide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
broken-gorilla-nginx-ingress-controller LoadBalancer 10.111.2.40 <pending> 80:31105/TCP,443:30258/TCP 9m38s app=nginx-ingress,component=controller,release=broken-gorilla
broken-gorilla-nginx-ingress-default-backend ClusterIP 10.103.239.117 <none> 80/TCP 9m38s app=nginx-ingress,component=default-backend,release=broken-gorilla
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 4d4h <none>
ヘルムビュー:
[root@master /]# helm ls --all nginx-ingress
NAME REVISION UPDATED STATUS CHART APP VERSION NAMESPACE
nginx-ingress 1 Tue Jul 30 14:39:58 2019 DEPLOYED nginx-ingress-0.9.5 0.10.2 ingress-nginx