[关闭]
@zhangyy 2020-03-13T02:38:17.000000Z 字数 5454 阅读 389

kubernetes 的 ingress 配置部署

kubernetes系列

  • 一:kubernetes 的 ingress

一:kubernetes 的 nginx ingress

1.1 ingress-nginx的部署

  1. Ingress-Nginx github 地址:https://github.com/kubernetes/ingress-nginx
  2. Ingress-Nginx 官方网站:https://kubernetes.github.io/ingress-nginx/

image_1e2qgqi6g1hoi1s7345s1moe1u4t9.png-364.6kB

image_1e2qgr12u9gabc11nf4naucnm.png-220.1kB

  1. 部署:
  3. wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/nginx-0.30.0/deploy/static/mandatory.yaml
  5. wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/nginx-0.30.0/deploy/static/provider/baremetal/service-nodeport.yaml
  7. kubectl apply -f mandatory.yaml
  9. kubectl apply -f service-nodeport.yaml
  11. ----
  13. 所有节点上传ingress-contro.tar 文件
  15. 所有节点加载镜像
  16. docker load -i ingree.contro.tar
  18. docker images 
  21. kubectl apply -f mandatory.yaml
  23. kubectl get deploy -n ingress-nginx
  24. kubectl get pod -n ingress-nginx

image_1e2qi3l331ev61urt1dul105lh6716.png-200.2kB

image_1e2qi4iq7noa3bjksgisj1gh61j.png-143.9kB

image_1e2qkh2fe15o117rqkj5ca6plu9.png-103.9kB

image_1e2qo4pse13ah24dobmrbs3go1g.png-204.4kB

  1. 如何使用国外机器打包镜像已经下载
  3. 先部署docker 
  5. yum install -y yum-utils device-mapper-persistent-data lvm2
  7. yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
  9. yum install docker-ce-18.09.9 docker-ce-cli-18.09.9 containerd.io -y
  11. service docker start
  13. ----
  15. docker pull quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.30.0
  17. docker save -o ingrss.contro.tar quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.30.0 
  19. tar -zcvf ingrss.contro.tar.gz ingrss.contro.tar
  21. 然后 下载 ingrss.contro.tar.gz 即可
  1. 部署ingress-nginx svc
  3. wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/nginx-0.30.0/deploy/static/provider/baremetal/service-nodeport.yaml
  5. kubectl apply -f service-nodeport.yaml
  7. kubectl get svc -n ingress-nignx

image_1e2qofkpgomcsdoi1u7fd1fdl1t.png-228.4kB

1.2:Ingress HTTP 代理访问

  1. deploymentServiceIngress Yaml 文件
  3. ---
  5. vim svc-deploy.yaml
  7. ---
  8. apiVersion: extensions/v1beta1
  9. kind: Deployment
  10. metadata:
  11.   name: nginx-dm
  12. spec:
  13.   replicas: 2
  14.   template:
  15.     metadata:
  16.       labels:
  17.         name: nginx
  18.     spec:
  19.       containers:
  20.         - name: nginx
  21.           image: wangyanglinux/myapp:v1
  22.           imagePullPolicy: IfNotPresent
  23.           ports:
  24.             - containerPort: 80
  25. ---
  27. apiVersion: v1
  28. kind: Service
  29. metadata:
  30.   name: nginx-svc
  31. spec:
  32.   ports:
  33.    - port: 80
  34.      targetPort: 80
  35.      protocol: TCP
  36.   selector:
  37.     name: nginx
  39. ---

image_1e2qps2gt133vp826c31p0jvss9.png-163.7kB

image_1e2qq04pv1qi1lrl1mlmfv88esm.png-142kB

  1. 使用ingress 发布
  3. vim nginx-ingress.yaml
  4. ----
  6. apiVersion: extensions/v1beta1
  7. kind: Ingress
  8. metadata:
  9.   name: nginx-test
  10. spec:
  11.   rules:
  12.     - host: node01.flyfish
  13.       http:
  14.         paths:
  15.         - path: /
  16.           backend:
  17.             serviceName: nginx-svc
  18.             servicePort: 80
  19. ---
  21. kubectl apply -f nginx-ingress.yaml
  23. kubectl get svc -n ingress-nginx

image_1e2qqfajh1a2j10afm201lc06tl1g.png-61.8kB

image_1e2qqc24f1cg882f1sqruvt1dt813.png-92.1kB

  1. 实现一个虚拟主机

image_1e2rv86aogi8le21tsn2n77b0m.png-158.4kB

  1. 定义deploy1 svc1 
  3. vim deployment1.yaml
  5. ---
  6. apiVersion: extensions/v1beta1
  7. kind: Deployment
  8. metadata:
  9.   name: deployment1
  10. spec:
  11.   replicas: 2
  12.   template:
  13.     metadata:
  14.       labels:
  15.         name: nginx1
  16.     spec:
  17.       containers:
  18.         - name: nginx1
  19.           image: wangyanglinux/myapp:v1
  20.           imagePullPolicy: IfNotPresent
  21.           ports:
  22.             - containerPort: 80
  23. ---
  24. apiVersion: v1
  25. kind: Service
  26. metadata:
  27.   name: svc-1
  28. spec:
  29.   ports:
  30.    - port: 80
  31.      targetPort: 80
  32.      protocol: TCP
  33.   selector:
  34.     name: nginx1
  35. ---
  36. kubectl apply -f deployment1.yaml

image_1e2rvceuna8nhpd1rl3tgcgme13.png-31.5kB

  1. 定义deploy2 svc2 
  3. vim deployment2.yaml
  5. ---
  6. apiVersion: extensions/v1beta1
  7. kind: Deployment
  8. metadata:
  9.   name: deployment2
  10. spec:
  11.   replicas: 2
  12.   template:
  13.     metadata:
  14.       labels:
  15.         name: nginx2
  16.     spec:
  17.       containers:
  18.         - name: nginx2
  19.           image: wangyanglinux/myapp:v2
  20.           imagePullPolicy: IfNotPresent
  21.           ports:
  22.             - containerPort: 80
  23. ---
  24. apiVersion: v1
  25. kind: Service
  26. metadata:
  27.   name: svc-2
  28. spec:
  29.   ports:
  30.    - port: 80
  31.      targetPort: 80
  32.      protocol: TCP
  33.   selector:
  34.     name: nginx2
  35. ---
  36. kubectl apply -f deployment2.yaml

image_1e2rvf3gscqm1c5i19kqa9m19oa1j.png-38.7kB

  1. 定义ingressnginx 对外连接
  3. vim ingress.yaml
  4. ---
  6. apiVersion: extensions/v1beta1
  7. kind: Ingress
  8. metadata:
  9.   name: ingress1
  10. spec:
  11.   rules:
  12.     - host: www1.flyfish.com
  13.       http:
  14.         paths:
  15.         - path: /
  16.           backend:
  17.             serviceName: svc-1
  18.             servicePort: 80
  19. ---
  20. apiVersion: extensions/v1beta1
  21. kind: Ingress
  22. metadata:
  23.   name: ingress2
  24. spec:
  25.   rules:
  26.     - host: www2.flyfish.com
  27.       http:
  28.         paths:
  29.         - path: /
  30.           backend:
  31.             serviceName: svc-2
  32.             servicePort: 80
  33. ---
  35. kubectl apply -f ingress.yaml

image_1e2rvkbo71gbg86n6sq9l2iu20.png-44.1kB

  1. 测试: 
  3. kubectl get svc 
  5. kubectl get svc -n ingress-nginx

image_1e2rvmmif11p1bagvcd138dj0v2t.png-136.5kB

image_1e2rvnngu1hk51rtjrflvpn62f3d.png-61.1kB

image_1e2rvognc1vcg1ic31bgbi4o1s9h3q.png-71.1kB

image_1e2rvotpt1sfg1o8h1p2a1m14f5k47.png-83.4kB

1.3 Ingress HTTPS 代理访问

  1. 创建证书,以及 cert 存储方式
  3. openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout tls.key -out tls.crt -subj "/CN=nginxsvc/O=nginxsvc"
  5. kubectl create secret tls tls-secret --key tls.key --cert tls.crt

image_1e2s1e65h1q9r1f2k9221l1bf715u.png-98.4kB

image_1e2s1f9i6m351rne78312o5q4e6u.png-39.2kB

image_1e2s1frca10khg691s2913ctjvu7b.png-52.5kB

  1. deploymentServiceIngress Yaml 文件
  3. vim deployment3.yaml
  5. ---
  6. apiVersion: extensions/v1beta1
  7. kind: Deployment
  8. metadata:
  9.   name: deployment1
  10. spec:
  11.   replicas: 2
  12.   template:
  13.     metadata:
  14.       labels:
  15.         name: nginx3
  16.     spec:
  17.       containers:
  18.         - name: nginx3
  19.           image: wangyanglinux/myapp:v3
  20.           imagePullPolicy: IfNotPresent
  21.           ports:
  22.             - containerPort: 80
  23. ---
  24. apiVersion: v1
  25. kind: Service
  26. metadata:
  27.   name: svc-3
  28. spec:
  29.   ports:
  30.    - port: 80
  31.      targetPort: 80
  32.      protocol: TCP
  33.   selector:
  34.     name: nginx3
  35. ---
  37. vim ingress.yaml
  39. ---
  40. apiVersion: extensions/v1beta1
  41. kind: Ingress
  42. metadata:
  43.   name: https
  44. spec:
  45.   tls:
  46.     - hosts:
  47.       - www3.flyfish.com
  48.       secretName: tls-secret
  49.   rules:
  50.     - host: www3.flyfish.com
  51.       http:
  52.         paths:
  53.         - path: /
  54.           backend:
  55.             serviceName: svc-3
  56.             servicePort: 80
  57. ---
  59. kubectl apply -f deployment3.yaml
  60. kubectl apply -f ingress.yaml

image_1e2s1km34nom1ursluu1ekj1eu485.png-37.4kB

image_1e2s1k978gfr75b9d1e8hdd87o.png-39.9kB

image_1e2s1m97kq2l8bj1rgt13gm16b48i.png-101.5kB

image_1e2s1c0ru1u6vkmesr91aijhuo4k.png-305.5kB

image_1e2s1cft53fmpri18mi1h8vmgt51.png-52kB

1.4 Nginx 进行 BasicAuth

  1. yum -y install httpd
  2. htpasswd -c auth foo
  3. kubectl create secret generic basic-auth --from-file=auth
  5. kubectl get secret

image_1e2s325i9e4u18t3e0bgtvpbt9p.png-44.6kB

image_1e2s3344u1f4f10pob2u1q3tpina6.png-150.9kB

  1. vim deployment4.yaml
  2. ---
  3. apiVersion: extensions/v1beta1
  4. kind: Deployment
  5. metadata:
  6.   name: deployment4
  7. spec:
  8.   replicas: 2
  9.   template:
  10.     metadata:
  11.       labels:
  12.         name: nginx4
  13.     spec:
  14.       containers:
  15.         - name: nginx4
  16.           image: wangyanglinux/myapp:v4
  17.           imagePullPolicy: IfNotPresent
  18.           ports:
  19.             - containerPort: 80
  20. ---
  21. apiVersion: v1
  22. kind: Service
  23. metadata:
  24.   name: svc-4
  25. spec:
  26.   ports:
  27.    - port: 80
  28.      targetPort: 80
  29.      protocol: TCP
  30.   selector:
  31.     name: nginx4
  32. ---
  34. vim  basicauth.yaml
  35. ---
  36. apiVersion: extensions/v1beta1
  37. kind: Ingress
  38. metadata:
  39.   name: ingress-with-auth
  40.   annotations:
  41.     nginx.ingress.kubernetes.io/auth-type: basic
  42.     nginx.ingress.kubernetes.io/auth-secret: basic-auth
  43.     nginx.ingress.kubernetes.io/auth-realm: 'Authentication Required - foo'
  44. spec:
  45.   rules:
  46.   - host: auth.flyfish.com
  47.     http:
  48.       paths:
  49.       - path: /
  50.         backend:
  51.           serviceName: svc-4
  52.           servicePort: 80
  53. ---
  54. kubectl apply -f deployment4.yaml
  55. kubectl apply -f basicauth.yaml
  56. kubectl get svc -n ingress-nginx

image_1e2s369a21lml1n9n16991277rejb0.png-51.7kB

image_1e2s35m2qona1mbclgcv7p1o59aj.png-128.6kB

image_1e2s2ih5919i0jrd74j13o414sk8v.png-124.6kB

image_1e2s2u71e1sb414k81bq61omh4jk9c.png-76.7kB

1.5 Nginx 进行重写

image_1e2s4cj9l1m58rir125lmh2b1nbj.png-149.4kB

image_1e2sa96vjo6u14mg4061bnnnocd.png-144.5kB

  1. vim ingress-re.yaml
  2. ---
  4. apiVersion: extensions/v1beta1
  5. kind: Ingress
  6. metadata:
  7.   name: nginx-re
  8.   annotations:
  9.     nginx.ingress.kubernetes.io/rewrite-target: https://www3.flyfish.com:32500/hostname.html
  10. spec:
  11.   rules:
  12.   - host: re.flyfish.com
  13.     http:
  14.      paths:
  15.      - path: /
  16.        backend:
  17.          serviceName: svc-2
  18.          servicePort: 80
  19. ---
  21. kubectl apply -f ingress-re.yaml
  23. kubectl get svc -n ingress-nginx

image_1e2sab7hq1o4q29q45nepcuc1cq.png-37.6kB

image_1e2sadkek1ado19ph1chc2qljcbd7.png-149.2kB

image_1e2safgomq4j143g4qj9r77cje1.png-63.2kB

image_1e2sae37g1qru1ves1gtv16v91qfndk.png-108.4kB

添加新批注
在作者公开此批注前,只有你和作者可见。
回复批注