服务发现ingress-nginx

zoukankan html css js c++ java

服务发现ingress-nginx
.下载 ingress-nginx: wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/nginx-0.24.0/deploy/mandatory.yaml [root@master yaml]# ll 总用量 583304 drwxr-xr-x 2 root root 58 11月 14 16:58 ingress -rw-r--r-- 1 root root 347 11月 13 15:08 ingress-nodeport.yaml -rw-r--r-- 1 root root 642 11月 13 15:10 jenkins.yaml -rw-r--r-- 1 root root 5976 11月 12 22:35 mandatory.yaml -rw-r--r-- 1 root root 517 11月 13 21:33 myapp-demo.yaml -rw-r--r-- 1 root root 479 11月 14 09:38 nginx-deploy.yaml -rw-r--r-- 1 root root 597274112 11月 13 00:37 nginx.tar -rw-r--r-- 1 root root 543 11月 14 01:13 tomcat-deploy.yaml 2.部署ingress-nginx-controller: [root@master test]#kubectl apply -f mandatory.yaml [root@master yaml]# kubectl get pod -n ingress-nginx NAME READY STATUS RESTARTS AGE nginx-ingress-controller-8f4cc97c9-ft7pk 1/1 Running 2 20h

3.暴露Ingress-nginx-controller端口：

[root@master yaml]# vim ingress-nodeport.yaml

apiVersion: v1

kind: Service

metadata:

name: ingress-nginx

namespace: ingress-nginx

labels:

app.kubernetes.io/name: ingress-nginx

app.kubernetes.io/part-of: ingress-nginx

spec:

type: NodePort

selector:

app.kubernetes.io/name: ingress-nginx

app.kubernetes.io/part-of: ingress-nginx

ports:

- name: http

port: 80

targetPort: 80

4.查看暴露端口：

[root@master yaml]# kubectl get svc -n ingress-nginx

NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE

ingress-nginx NodePort 10.96.117.119 <none> 80:32446/TCP 43h

##此时，ingress-nginx-controller的80端口映射为宿主机的端口32446.

此时，可以访问inrgess-nginx-controller的pod:

[root@master yaml]# curl 192.168.100.200:32446

<html>

<head><title>404 Not Found</title></head>

<body>

<center><h1>404 Not Found</h1></center>

<hr><center>nginx/1.15.9</center>

</body>

</html>

##此时ingress-nginx-controller部署完成。

5.部署一个后端的pod：

[root@master yaml]# vim myapp-demo.yaml --- apiVersion: apps/v1 kind: Deployment metadata: name: myapp labels: app: myapp spec: replicas: 2 selector: matchLabels: app: myapp template: metadata: name: myapp labels: app: myapp spec: containers: - name: myapp image: ikubernetes/myapp:v1 imagePullPolicy: IfNotPresent ports: - name: http containerPort: 80 --- apiVersion: v1 kind: Service metadata: name: myapp-svc spec: selector: app: myapp ports: - name: myapp port: 80 targetPort: 80

4.查看pod:

[root@master yaml]# kubectl get pod -o wide

NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES

myapp-599d47757d-gfz8d 1/1 Running 1 20h 10.244.2.41 node2 <none> <none>

myapp-599d47757d-qdf8g 1/1 Running 2 20h 10.244.1.34 node1 <none> <none>

[root@master yaml]# kubectl get svc

NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE

kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 11d

myapp-svc ClusterIP 10.100.182.96 <none> 80/TCP 9d

7.编写ingress规则：

[root@master ingress]# vim myapp-ingress.yaml

apiVersion: extensions/v1beta1

kind: Ingress

metadata:

name: myapp-ingress

annotations:

ikubernetes.io/ingress.class: nginx

spec:

rules:

- host: www.test-myapp.com

http:

paths:

- path:

backend:

serviceName: myapp-svc

servicePort: 80



[root@master ingress]# kubectl apply -f myapp-ingress.yaml

[root@master ingress]# kubectl get ingress

NAME HOSTS ADDRESS PORTS AGE

myapp-ingress www.test-myapp.com 80 26s

[root@master ingress]# kubectl describe ingress myapp-ingress

Name: myapp-ingress

Namespace: default

Address:

Default backend: default-http-backend:80 (<none>)

Rules:

Host Path Backends

---- ---- --------

www.test-myapp.com

myapp-svc:80 (10.244.1.34:80,10.244.2.41:80)

Annotations:

kubectl.kubernetes.io/last-applied-configuration: {"apiVersion":"extensions/v1beta1","kind":"Ingress","metadata":{"annotations":{"ikubernetes.io/ingress.class":"nginx"},"name":"myapp-ingress","namespace":"default"},"spec":{"rules":[{"host":"www.test-myapp.com","http":{"paths":[{"backend":{"serviceName":"myapp-svc","servicePort":80},"path":null}]}}]}}

ikubernetes.io/ingress.class: nginx

Events:

Type Reason Age From Message

---- ------ ---- ---- -------

Normal CREATE 43s nginx-ingress-controller Ingress default/myapp-ingress

8.测试此时可以访问www.test.myapp.com:

[root@master ingress]# curl www.test-myapp.com:32446

Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>

##注意： www.test-myapp.com 需要添加本地解析。

9. 基于url访问：

[root@master ingress]# vim nginx-ingress.yaml

---

apiVersion: extensions/v1beta1

kind: Ingress

metadata:

name: deployment-nginx-ingress

annotations:

kubernetes.io/ingress.class: nginx

nginx.ingress.kubernetes.io/rewrite-target: /

spec:

rules:

- host: www.test-nginx.com

http:

paths:

- path:

backend:

serviceName: nginx-svc

servicePort: 80

- path: /app1

backend:

serviceName: myapp-svc

servicePort: 80

~

[root@master ingress]# kubectl apply -f nginx-ingress.yaml

[root@master ingress]# kubectl get ingress

NAME HOSTS ADDRESS PORTS AGE

deployment-nginx-ingress www.test-nginx.com 80 2m51s

10.测试访问：

[root@master ingress]# curl www.test-nginx.com:32446

<!DOCTYPE html>

<html>

<head>

<title>Welcome to nginx!</title>

<style>

body {

35em;

margin: 0 auto;

font-family: Tahoma, Verdana, Arial, sans-serif;

}

</style>

</head>

<body>

<h1>Welcome to nginx!</h1>

........

[root@master ingress]# curl www.test-nginx.com:32446/app1

Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>

基于https访问：

1.创建自签证书： [root@master cert]# openssl genrsa -out tls.key 2048 [root@master cert]# openssl req -new -x509 -key tls.key -days 3650 -out tls.crt -subj /C=CN/ST=HangZhou/L=HangZhou/O=devops/CN=www.test-http.com
[root@master cert]# ll 总用量 8 -rw-r--r-- 1 root root 1302 11月 15 14:12 tls.crt -rw-r--r-- 1 root root 1679 11月 15 14:07 tls.key [root@master cert]# kubectl create secret tls http-ingress-secret --cert=./tls.crt --key=./tls.key secret/http-ingress-secret created [root@master cert]# kubectl get secret NAME TYPE DATA AGE default-token-gjjv5 kubernetes.io/service-account-token 3 11d http-ingress-secret kubernetes.io/tls 2 28s [root@master cert]# kubectl describe secret http-ingress-secret Name: http-ingress-secret Namespace: default Labels: <none> Annotations: <none> Type: kubernetes.io/tls Data ==== tls.crt: 1302 bytes tls.key: 1679 bytes 2.编写ingress规则： [root@master ingress]# cat http-ingress.yaml --- apiVersion: extensions/v1beta1 kind: Ingress metadata: name: http-ingress namespace: default annotations: kubernetes.io/ingress.class: nginx spec: tls: - hosts: - www.test-http.com secretName: http-ingress-secret rules: - host: www.test-http.com http: paths: - path: backend: serviceName: http-svc servicePort: 80

3.修改ingress-nodeport开启443端口： [root@master yaml]# cat ingress-nodeport.yaml apiVersion: v1 kind: Service metadata: name: ingress-nginx namespace: ingress-nginx labels: app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginx spec: type: NodePort selector: app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginx ports: - name: http port: 80 targetPort: 80 - name: https port: 443 targetPort: 443 [root@master yaml]# kubectl get svc -n ingress-nginx NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE ingress-nginx NodePort 10.96.117.119 <none> 80:32446/TCP,443:32180/TCP 2d14h 4.测试访问：https://www.test-http.com:32180
查看全文

相关阅读:
Linux更新时，出现无法更新锁
 Linux显示su：认证失败
 08 redis的缓存预热，雪崩，击穿，穿透问题以及常用的监控参数
 06 redis的哨兵系统的工作流程
 05 redis的主从复制机制的工作流程以及相关基础知识
 03 redis的事务以及锁、过期数据的删除策略、逐出算法、配置文件的核心配置参数
 02 jedis以及redis的持久化
 01 redis的5种基本数据类型的介绍，使用以及应用场景
 M1 MySQL事务知识点的总结
 02 Java文件读写通道的使用以及文件的基本操作方法

原文地址：https://www.cnblogs.com/ccbyk-90/p/11862628.html