[关闭]
@zhangyy 2020-03-13T10:38:17.000000Z 字数 5454 阅读 149

kubernetes 的 ingress 配置部署

kubernetes系列


  • 一:kubernetes 的 ingress

一:kubernetes 的 nginx ingress

1.1 ingress-nginx的部署

  1. Ingress-Nginx github 地址:https://github.com/kubernetes/ingress-nginx
  2. Ingress-Nginx 官方网站:https://kubernetes.github.io/ingress-nginx/

image_1e2qgqi6g1hoi1s7345s1moe1u4t9.png-364.6kB

image_1e2qgr12u9gabc11nf4naucnm.png-220.1kB

  1. 部署:
  2. wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/nginx-0.30.0/deploy/static/mandatory.yaml
  3. wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/nginx-0.30.0/deploy/static/provider/baremetal/service-nodeport.yaml
  4. kubectl apply -f mandatory.yaml
  5. kubectl apply -f service-nodeport.yaml
  6. ----
  7. 所有节点上传ingress-contro.tar 文件
  8. 所有节点加载镜像
  9. docker load -i ingree.contro.tar
  10. docker images
  11. kubectl apply -f mandatory.yaml
  12. kubectl get deploy -n ingress-nginx
  13. kubectl get pod -n ingress-nginx

image_1e2qi3l331ev61urt1dul105lh6716.png-200.2kB

image_1e2qi4iq7noa3bjksgisj1gh61j.png-143.9kB

image_1e2qkh2fe15o117rqkj5ca6plu9.png-103.9kB

image_1e2qo4pse13ah24dobmrbs3go1g.png-204.4kB


  1. 如何使用国外机器打包镜像已经下载
  2. 先部署docker
  3. yum install -y yum-utils device-mapper-persistent-data lvm2
  4. yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
  5. yum install docker-ce-18.09.9 docker-ce-cli-18.09.9 containerd.io -y
  6. service docker start
  7. ----
  8. docker pull quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.30.0
  9. docker save -o ingrss.contro.tar quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.30.0
  10. tar -zcvf ingrss.contro.tar.gz ingrss.contro.tar
  11. 然后 下载 ingrss.contro.tar.gz 即可

  1. 部署ingress-nginx svc
  2. wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/nginx-0.30.0/deploy/static/provider/baremetal/service-nodeport.yaml
  3. kubectl apply -f service-nodeport.yaml
  4. kubectl get svc -n ingress-nignx

image_1e2qofkpgomcsdoi1u7fd1fdl1t.png-228.4kB


1.2:Ingress HTTP 代理访问

  1. deploymentServiceIngress Yaml 文件
  2. ---
  3. vim svc-deploy.yaml
  4. ---
  5. apiVersion: extensions/v1beta1
  6. kind: Deployment
  7. metadata:
  8. name: nginx-dm
  9. spec:
  10. replicas: 2
  11. template:
  12. metadata:
  13. labels:
  14. name: nginx
  15. spec:
  16. containers:
  17. - name: nginx
  18. image: wangyanglinux/myapp:v1
  19. imagePullPolicy: IfNotPresent
  20. ports:
  21. - containerPort: 80
  22. ---
  23. apiVersion: v1
  24. kind: Service
  25. metadata:
  26. name: nginx-svc
  27. spec:
  28. ports:
  29. - port: 80
  30. targetPort: 80
  31. protocol: TCP
  32. selector:
  33. name: nginx
  34. ---

image_1e2qps2gt133vp826c31p0jvss9.png-163.7kB

image_1e2qq04pv1qi1lrl1mlmfv88esm.png-142kB

  1. 使用ingress 发布
  2. vim nginx-ingress.yaml
  3. ----
  4. apiVersion: extensions/v1beta1
  5. kind: Ingress
  6. metadata:
  7. name: nginx-test
  8. spec:
  9. rules:
  10. - host: node01.flyfish
  11. http:
  12. paths:
  13. - path: /
  14. backend:
  15. serviceName: nginx-svc
  16. servicePort: 80
  17. ---
  18. kubectl apply -f nginx-ingress.yaml
  19. kubectl get svc -n ingress-nginx

image_1e2qqfajh1a2j10afm201lc06tl1g.png-61.8kB

image_1e2qqc24f1cg882f1sqruvt1dt813.png-92.1kB


  1. 实现一个虚拟主机

image_1e2rv86aogi8le21tsn2n77b0m.png-158.4kB


  1. 定义deploy1 svc1
  2. vim deployment1.yaml
  3. ---
  4. apiVersion: extensions/v1beta1
  5. kind: Deployment
  6. metadata:
  7. name: deployment1
  8. spec:
  9. replicas: 2
  10. template:
  11. metadata:
  12. labels:
  13. name: nginx1
  14. spec:
  15. containers:
  16. - name: nginx1
  17. image: wangyanglinux/myapp:v1
  18. imagePullPolicy: IfNotPresent
  19. ports:
  20. - containerPort: 80
  21. ---
  22. apiVersion: v1
  23. kind: Service
  24. metadata:
  25. name: svc-1
  26. spec:
  27. ports:
  28. - port: 80
  29. targetPort: 80
  30. protocol: TCP
  31. selector:
  32. name: nginx1
  33. ---
  34. kubectl apply -f deployment1.yaml

image_1e2rvceuna8nhpd1rl3tgcgme13.png-31.5kB


  1. 定义deploy2 svc2
  2. vim deployment2.yaml
  3. ---
  4. apiVersion: extensions/v1beta1
  5. kind: Deployment
  6. metadata:
  7. name: deployment2
  8. spec:
  9. replicas: 2
  10. template:
  11. metadata:
  12. labels:
  13. name: nginx2
  14. spec:
  15. containers:
  16. - name: nginx2
  17. image: wangyanglinux/myapp:v2
  18. imagePullPolicy: IfNotPresent
  19. ports:
  20. - containerPort: 80
  21. ---
  22. apiVersion: v1
  23. kind: Service
  24. metadata:
  25. name: svc-2
  26. spec:
  27. ports:
  28. - port: 80
  29. targetPort: 80
  30. protocol: TCP
  31. selector:
  32. name: nginx2
  33. ---
  34. kubectl apply -f deployment2.yaml

image_1e2rvf3gscqm1c5i19kqa9m19oa1j.png-38.7kB

  1. 定义ingressnginx 对外连接
  2. vim ingress.yaml
  3. ---
  4. apiVersion: extensions/v1beta1
  5. kind: Ingress
  6. metadata:
  7. name: ingress1
  8. spec:
  9. rules:
  10. - host: www1.flyfish.com
  11. http:
  12. paths:
  13. - path: /
  14. backend:
  15. serviceName: svc-1
  16. servicePort: 80
  17. ---
  18. apiVersion: extensions/v1beta1
  19. kind: Ingress
  20. metadata:
  21. name: ingress2
  22. spec:
  23. rules:
  24. - host: www2.flyfish.com
  25. http:
  26. paths:
  27. - path: /
  28. backend:
  29. serviceName: svc-2
  30. servicePort: 80
  31. ---
  32. kubectl apply -f ingress.yaml

image_1e2rvkbo71gbg86n6sq9l2iu20.png-44.1kB

  1. 测试:
  2. kubectl get svc
  3. kubectl get svc -n ingress-nginx

image_1e2rvmmif11p1bagvcd138dj0v2t.png-136.5kB

image_1e2rvnngu1hk51rtjrflvpn62f3d.png-61.1kB

image_1e2rvognc1vcg1ic31bgbi4o1s9h3q.png-71.1kB

image_1e2rvotpt1sfg1o8h1p2a1m14f5k47.png-83.4kB


1.3 Ingress HTTPS 代理访问

  1. 创建证书,以及 cert 存储方式
  2. openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout tls.key -out tls.crt -subj "/CN=nginxsvc/O=nginxsvc"
  3. kubectl create secret tls tls-secret --key tls.key --cert tls.crt

image_1e2s1e65h1q9r1f2k9221l1bf715u.png-98.4kB

image_1e2s1f9i6m351rne78312o5q4e6u.png-39.2kB

image_1e2s1frca10khg691s2913ctjvu7b.png-52.5kB


  1. deploymentServiceIngress Yaml 文件
  2. vim deployment3.yaml
  3. ---
  4. apiVersion: extensions/v1beta1
  5. kind: Deployment
  6. metadata:
  7. name: deployment1
  8. spec:
  9. replicas: 2
  10. template:
  11. metadata:
  12. labels:
  13. name: nginx3
  14. spec:
  15. containers:
  16. - name: nginx3
  17. image: wangyanglinux/myapp:v3
  18. imagePullPolicy: IfNotPresent
  19. ports:
  20. - containerPort: 80
  21. ---
  22. apiVersion: v1
  23. kind: Service
  24. metadata:
  25. name: svc-3
  26. spec:
  27. ports:
  28. - port: 80
  29. targetPort: 80
  30. protocol: TCP
  31. selector:
  32. name: nginx3
  33. ---
  34. vim ingress.yaml
  35. ---
  36. apiVersion: extensions/v1beta1
  37. kind: Ingress
  38. metadata:
  39. name: https
  40. spec:
  41. tls:
  42. - hosts:
  43. - www3.flyfish.com
  44. secretName: tls-secret
  45. rules:
  46. - host: www3.flyfish.com
  47. http:
  48. paths:
  49. - path: /
  50. backend:
  51. serviceName: svc-3
  52. servicePort: 80
  53. ---
  54. kubectl apply -f deployment3.yaml
  55. kubectl apply -f ingress.yaml

image_1e2s1km34nom1ursluu1ekj1eu485.png-37.4kB

image_1e2s1k978gfr75b9d1e8hdd87o.png-39.9kB

image_1e2s1m97kq2l8bj1rgt13gm16b48i.png-101.5kB

image_1e2s1c0ru1u6vkmesr91aijhuo4k.png-305.5kB

image_1e2s1cft53fmpri18mi1h8vmgt51.png-52kB


1.4 Nginx 进行 BasicAuth

  1. yum -y install httpd
  2. htpasswd -c auth foo
  3. kubectl create secret generic basic-auth --from-file=auth
  4. kubectl get secret

image_1e2s325i9e4u18t3e0bgtvpbt9p.png-44.6kB

image_1e2s3344u1f4f10pob2u1q3tpina6.png-150.9kB


  1. vim deployment4.yaml
  2. ---
  3. apiVersion: extensions/v1beta1
  4. kind: Deployment
  5. metadata:
  6. name: deployment4
  7. spec:
  8. replicas: 2
  9. template:
  10. metadata:
  11. labels:
  12. name: nginx4
  13. spec:
  14. containers:
  15. - name: nginx4
  16. image: wangyanglinux/myapp:v4
  17. imagePullPolicy: IfNotPresent
  18. ports:
  19. - containerPort: 80
  20. ---
  21. apiVersion: v1
  22. kind: Service
  23. metadata:
  24. name: svc-4
  25. spec:
  26. ports:
  27. - port: 80
  28. targetPort: 80
  29. protocol: TCP
  30. selector:
  31. name: nginx4
  32. ---
  33. vim basicauth.yaml
  34. ---
  35. apiVersion: extensions/v1beta1
  36. kind: Ingress
  37. metadata:
  38. name: ingress-with-auth
  39. annotations:
  40. nginx.ingress.kubernetes.io/auth-type: basic
  41. nginx.ingress.kubernetes.io/auth-secret: basic-auth
  42. nginx.ingress.kubernetes.io/auth-realm: 'Authentication Required - foo'
  43. spec:
  44. rules:
  45. - host: auth.flyfish.com
  46. http:
  47. paths:
  48. - path: /
  49. backend:
  50. serviceName: svc-4
  51. servicePort: 80
  52. ---
  53. kubectl apply -f deployment4.yaml
  54. kubectl apply -f basicauth.yaml
  55. kubectl get svc -n ingress-nginx

image_1e2s369a21lml1n9n16991277rejb0.png-51.7kB

image_1e2s35m2qona1mbclgcv7p1o59aj.png-128.6kB

image_1e2s2ih5919i0jrd74j13o414sk8v.png-124.6kB

image_1e2s2u71e1sb414k81bq61omh4jk9c.png-76.7kB


1.5 Nginx 进行重写

image_1e2s4cj9l1m58rir125lmh2b1nbj.png-149.4kB

image_1e2sa96vjo6u14mg4061bnnnocd.png-144.5kB

  1. vim ingress-re.yaml
  2. ---
  3. apiVersion: extensions/v1beta1
  4. kind: Ingress
  5. metadata:
  6. name: nginx-re
  7. annotations:
  8. nginx.ingress.kubernetes.io/rewrite-target: https://www3.flyfish.com:32500/hostname.html
  9. spec:
  10. rules:
  11. - host: re.flyfish.com
  12. http:
  13. paths:
  14. - path: /
  15. backend:
  16. serviceName: svc-2
  17. servicePort: 80
  18. ---
  19. kubectl apply -f ingress-re.yaml
  20. kubectl get svc -n ingress-nginx

image_1e2sab7hq1o4q29q45nepcuc1cq.png-37.6kB

image_1e2sadkek1ado19ph1chc2qljcbd7.png-149.2kB

image_1e2safgomq4j143g4qj9r77cje1.png-63.2kB

image_1e2sae37g1qru1ves1gtv16v91qfndk.png-108.4kB

添加新批注
在作者公开此批注前,只有你和作者可见。
回复批注