日本免费高清视频-国产福利视频导航-黄色在线播放国产-天天操天天操天天操天天操|www.shdianci.com

學(xué)無先后,達(dá)者為師

網(wǎng)站首頁 編程語言 正文

k8s部署Ingress并創(chuàng)建規(guī)則的詳細(xì)介紹_云其它

作者:suqinyi ? 更新時間: 2022-05-31 編程語言

一、Ingress介紹

  1. Ingress由兩部分組成:Ingress controller和Ingress服務(wù)
  2. 通過 Service 發(fā)現(xiàn) Pod 進(jìn)行關(guān)聯(lián)。基于域名訪問
  3. 通過 Ingress Controller 實現(xiàn) Pod 負(fù)載均衡
  4. 支持 TCP/UDP 4 層負(fù)載均衡和 HTTP 7 層負(fù)載均衡
  5. 底層實現(xiàn)是nignx

在這里插入圖片描述

在這里插入圖片描述

二、Ingress文件獲取

1.1 、說明

官方地址:https://github.com/kubernetes/ingress-nginx

部署文件說明

## 這個地址被墻,需要科學(xué)上網(wǎng)!!!
# mandatory.yaml為ingress所有資源yml文件的集合
# 若是單獨(dú)部署,需要分別下載configmap.yaml、namespace.yaml、rbac.yaml、service-nodeport.yaml、with-rbac.yaml
wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/mandatory.yaml
# service-nodeport.yaml為ingress通過nodeport對外提供服務(wù),注意默認(rèn)nodeport暴露端口為隨機(jī),可以編輯該文件自定義端口
wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/provider/baremetal/service-nodeport.yaml

1.2 、文件內(nèi)容

ingress-controller.yaml

apiVersion: v1
kind: Namespace
metadata:
  name: ingress-nginx
  labels:
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx

---
kind: ConfigMap
  name: nginx-configuration
  namespace: ingress-nginx
  name: tcp-services
  name: udp-services
kind: ServiceAccount
  name: nginx-ingress-serviceaccount
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
  name: nginx-ingress-clusterrole
rules:
  - apiGroups:
      - ""
    resources:
      - configmaps
      - endpoints
      - nodes
      - pods
      - secrets
    verbs:
      - list
      - watch
      - get
      - services
      - "extensions"
      - ingresses
      - events
      - create
      - patch
      - ingresses/status
      - update
kind: Role
  name: nginx-ingress-role
      - namespaces
    resourceNames:
      # Defaults to "<election-id>-<ingress-class>"
      # Here: "<ingress-controller-leader>-<nginx>"
      # This has to be adapted if you change either parameter
      # when launching the nginx-ingress-controller.
      - "ingress-controller-leader-nginx"
kind: RoleBinding
  name: nginx-ingress-role-nisa-binding
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
subjects:
  - kind: ServiceAccount
    name: nginx-ingress-serviceaccount
    namespace: ingress-nginx
kind: ClusterRoleBinding
  name: nginx-ingress-clusterrole-nisa-binding
  kind: ClusterRole
apiVersion: apps/v1
kind: DaemonSet 
  name: nginx-ingress-controller
spec:
  selector:
    matchLabels:
      app.kubernetes.io/name: ingress-nginx
      app.kubernetes.io/part-of: ingress-nginx
  template:
    metadata:
      labels:
        app.kubernetes.io/name: ingress-nginx
        app.kubernetes.io/part-of: ingress-nginx
      annotations:
        prometheus.io/port: "10254"
        prometheus.io/scrape: "true"
    spec:
      hostNetwork: true
      serviceAccountName: nginx-ingress-serviceaccount
      containers:
        - name: nginx-ingress-controller
          image: siriuszg/nginx-ingress-controller:0.20.0
          args:
            - /nginx-ingress-controller
            - --configmap=$(POD_NAMESPACE)/nginx-configuration
            - --tcp-services-configmap=$(POD_NAMESPACE)/tcp-services
            - --udp-services-configmap=$(POD_NAMESPACE)/udp-services
            - --publish-service=$(POD_NAMESPACE)/ingress-nginx
            - --annotations-prefix=nginx.ingress.kubernetes.io
          securityContext:
            allowPrivilegeEscalation: true
            capabilities:
              drop:
                - ALL
              add:
                - NET_BIND_SERVICE
            # www-data -> 33
            runAsUser: 33
          env:
            - name: POD_NAME
              valueFrom:
                fieldRef:
                  fieldPath: metadata.name
            - name: POD_NAMESPACE
                  fieldPath: metadata.namespace
          ports:
            - name: http
              containerPort: 80
            - name: https
              containerPort: 443
          livenessProbe:
            failureThreshold: 3
            httpGet:
              path: /healthz
              port: 10254
              scheme: HTTP
            initialDelaySeconds: 10
            periodSeconds: 10
            successThreshold: 1
            timeoutSeconds: 10
          readinessProbe:
kind: Service
  #type: NodePort
  ports:
  - name: http
    port: 80
    targetPort: 80
    protocol: TCP
  - name: https
    port: 443
    targetPort: 443

三、k8s應(yīng)用 ingress-controller.yaml

應(yīng)用

kubectl apply -f ingress-controller.yaml

如圖:

在這里插入圖片描述

查看是否完成

kubectl get pods --all-namespaces

在這里插入圖片描述

四、創(chuàng)建Ingress規(guī)則

如果沒有部署和服務(wù)==>查看k8s部署并映射tomcat8

查看自己創(chuàng)建的服務(wù),以tomcat8為例

kubectl get all

自己創(chuàng)建文件 ingress-tomcat8.yaml

vi ingress-tomcat8.yaml

ingress-tomcat8.yaml規(guī)則內(nèi)容

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: web
spec:
  rules: 
  - host: k8s.tomcat8.com
    http:
      paths:
        - backend:
           serviceName: tomcat8
           servicePort: 80

如圖:

在這里插入圖片描述

五、應(yīng)用文件

kubectl apply -f ingress-tomcat8.yaml

在這里插入圖片描述

六、訪問

1.本地測試用域名會訪問不到,所以要配置下本地hosts文件

hosts文件位置:C:\Windows\System32\drivers\etc\HOSTS

如圖:

在這里插入圖片描述

不帶端口訪問,直接使用域名

在這里插入圖片描述

使用ip端口訪問的效果

在這里插入圖片描述

原文鏈接:https://blog.csdn.net/qq_44413835/article/details/123763974

欄目分類
最近更新