kubernetes 1.21 部署 ingressnginx

https://kubernetes.github.io/ingress-nginx/deploy/baremetal/
https://docs.k0sproject.io/v1.22.2+k0s.1/examples/nginx-ingress/

一. 部署

# 使用 baremetal

curl -k https://raw.fastgit.org/kubernetes/ingress-nginx/main/deploy/static/provider/baremetal/deploy.yaml  -o deploy.yaml

sed -e 's|image: k8s.gcr.io|image: 192.168.100.198:5000|g' -i /tmp/deploy.yaml 

kubectl apply -f /tmp/deploy.yaml 

# kubectl get pods -n ingress-nginx -o wide
NAME                                        READY   STATUS      RESTARTS   AGE   IP             NODE     NOMINATED NODE   READINESS GATES
ingress-nginx-admission-create--1-hdssd     0/1     Completed   0          32s   10.240.2.161   vm-197   <none>           <none>
ingress-nginx-admission-patch--1-qlbt5      0/1     Completed   1          32s   10.240.2.162   vm-197   <none>           <none>
ingress-nginx-controller-7c9466769f-wwlpk   1/1     Running     0          33s   10.240.2.163   vm-197   <none>           <none>

# kubectl edit service ingress-nginx-controller -n ingress-nginx
type: NodePort -> type: LoadBalancer

# kubectl get services -n ingress-nginx
NAME                                 TYPE           CLUSTER-IP      EXTERNAL-IP       PORT(S)                      AGE
ingress-nginx-controller             LoadBalancer   10.96.11.180    192.168.100.161   80:31888/TCP,443:31071/TCP   3m49s
ingress-nginx-controller-admission   ClusterIP      10.101.45.192   <none>            443/TCP                      3m49s

二. 基于名称的负载均衡
1. 查看service

# kubectl get service -n kube-demo -o wide
NAME    TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)   AGE     SELECTOR
nginx   ClusterIP   10.97.122.87   <none>        80/TCP    7m13s   app=nginx

# kubectl describe service nginx -n kube-demo
Name:              nginx
Namespace:         kube-demo
Labels:            app=nginx
Annotations:       <none>
Selector:          app=nginx
Type:              ClusterIP
IP Family Policy:  SingleStack
IP Families:       IPv4
IP:                10.97.122.87
IPs:               10.97.122.87
Port:              <unset>  80/TCP
TargetPort:        80/TCP
Endpoints:         10.240.2.143:80,10.240.2.144:80,10.240.36.12:80
Session Affinity:  None
Events:            <none>

2. 建立ingress

服务名： name: nginx

cat > /tmp/ingress.yaml << EOF
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: ingress
  namespace: kube-demo
  annotations:
    kubernetes.io/ingress.class: nginx
spec:
  rules:
  - host: web.example.com
    http:
      paths:
      - pathType: Prefix
        path: "/"
        backend:
          service:
            name: nginx
            port:
              number: 80
EOF

# kubectl apply -f /tmp/ingress.yaml 
ingress.networking.k8s.io/ingress created

# kubectl get ingress -A
NAMESPACE         NAME      CLASS    HOSTS             ADDRESS   PORTS   AGE
kube-demo   ingress   <none>   web.example.com             80      13s

# kubectl describe ingress -n kube-demo
Name:             ingress
Namespace:        kube-demo
Address:          
Default backend:  default-http-backend:80 (<error: endpoints "default-http-backend" not found>)
Rules:
  Host             Path  Backends
  ----             ----  --------
  web.example.com  
                   /   web-nginx:80 (10.240.2.151:80,10.240.36.4:80,10.240.36.5:80)
Annotations:       kubernetes.io/ingress.class: nginx
Events:
  Type    Reason  Age   From                      Message
  ----    ------  ----  ----                      -------
  Normal  Sync    33s   nginx-ingress-controller  Scheduled for sync

3. 测试

# curl -I -k https://192.168.100.161 -H 'Host: web.example.com'
HTTP/1.1 200 OK
Date: Thu, 11 Nov 2021 06:29:50 GMT
Content-Type: text/html
Content-Length: 615
Connection: keep-alive
Last-Modified: Tue, 07 Sep 2021 15:50:58 GMT
ETag: "61378a62-267"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=15724800; includeSubDomains

# curl -I http://192.168.100.161 -H 'Host: web.example.com'
HTTP/1.1 200 OK
Date: Thu, 11 Nov 2021 06:30:13 GMT
Content-Type: text/html
Content-Length: 615
Connection: keep-alive
Last-Modified: Tue, 07 Sep 2021 15:50:58 GMT
ETag: "61378a62-267"
Accept-Ranges: bytes

三. 基于URI的负载均衡
1. 建立service

cat > /tmp/service.yaml << EOF
apiVersion: v1
kind: Service
metadata:
  labels:
    app: nginx
  name: service1
  namespace: deployment-demo
spec:
  ports:
  - port: 80
    protocol: TCP
    targetPort: 80
  selector:
    app: nginx
---
apiVersion: v1
kind: Service
metadata:
  labels:
    app: nginx
  name: service2
  namespace: deployment-demo
spec:
  ports:
  - port: 80
    protocol: TCP
    targetPort: 80
  selector:
    app: nginx
EOF

2. 建立ingress

cat > /tmp/ingress-uri.yaml << EOF
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: ingress-uri
spec:
  rules:
  - host: web2.example.com
    http:
      paths:
      - path: /foo
        pathType: Prefix
        backend:
          service:
            name: service1
            port:
              number: 80
      - path: /bar
        pathType: Prefix
        backend:
          service:
            name: service2
            port:
              number: 80
EOF

四、 TLS