k8s下安装ingress

环境:
OS:Centos 7
k8s:v1.24.17
ingress:1.10.4

1.下载官方 yaml
cd /root/hxl/ingress-demo
wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.10.4/deploy/static/provider/cloud/deploy.yaml

 

2.查看都使用了那些镜像

[root@host134 ingress-demo]# cat deploy.yaml |grep image
        image: registry.k8s.io/ingress-nginx/controller:v1.10.4@sha256:505b9048c02dde3d6c8667bf0b52aba7b36adf7b03da34c47d5fa312d2d4c6fc
        imagePullPolicy: IfNotPresent
        image: registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.4.3@sha256:a320a50cc91bd15fd2d6fa6de58bd98c1bd64b9a6f926ce23a600d87043455a3
        imagePullPolicy: IfNotPresent
        image: registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.4.3@sha256:a320a50cc91bd15fd2d6fa6de58bd98c1bd64b9a6f926ce23a600d87043455a3
        imagePullPolicy: IfNotPresent

 

3.单独下载镜像
每个节点都要执行
docker pull registry.k8s.io/ingress-nginx/controller:v1.10.4
docker pull registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.4.3

 

3.修改部署文件去掉@后面的字符串
vi deploy.yaml
修改完成后查看

[root@host134 ingress-demo]# cat deploy.yaml |grep image
        image: registry.k8s.io/ingress-nginx/controller:v1.10.4
        imagePullPolicy: IfNotPresent
        image: registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.4.3
        imagePullPolicy: IfNotPresent
        image: registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.4.3
        imagePullPolicy: IfNotPresent

 

4.部署containerd镜像
每个节点都执行
cd /tmp
docker save -o controller-v1.10.4.tar registry.k8s.io/ingress-nginx/controller:v1.10.4
docker save -o webhook-v1.4.3.tar registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.4.3

导入到 containerd
ctr -n k8s.io images import controller-v1.10.4.tar
ctr -n k8s.io images import webhook-v1.4.3.tar

验证导入结果
ctr -n k8s.io images list | grep -E "controller|kube-webhook-certgen"

 

查看镜像
crictl images
#过滤
crictl images | grep ingress

直接拉取镜像
crictl pull registry.k8s.io/ingress-nginx/controller:v1.10.4

或是使用如下命令
ctr -n k8s.io images pull registry.k8s.io/ingress-nginx/controller:v1.10.4
ctr -n k8s.io images pull registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.4.3

 

4.部署
cd /root/hxl/ingress-demo
kubectl apply -f deploy.yaml

 

查看

[root@host134 ingress-demo]# kubectl get pods -n ingress-nginx
NAME                                       READY   STATUS      RESTARTS   AGE
ingress-nginx-admission-create-lsh52       0/1     Completed   0          2m21s
ingress-nginx-admission-patch-ndbhp        0/1     Completed   1          2m20s
ingress-nginx-controller-f4f9f47d9-smqcs   1/1     Running     0          2m21s

前面2个显示Completed是正常的,这2个是job一次性任务

 

#################################应用例子#################################

1.查看 Ingress 控制器服务入口

[root@host134 ingress-demo]# kubectl get svc -n ingress-nginx
NAME                                 TYPE           CLUSTER-IP     EXTERNAL-IP   PORT(S)                      AGE
ingress-nginx-controller             LoadBalancer   10.1.121.181   <pending>     80:31871/TCP,443:32203/TCP   25m
ingress-nginx-controller-admission   ClusterIP      10.1.8.19      <none>        443/TCP                      25m

 

2.创建名称空间
kubectl create namespace test-ns

 

2.部署测试应用 + Service
cd /root/hxl/ingress-demo
vi test-app-ns.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: test-nginx
  namespace: test-ns   # 指定命名空间
spec:
  replicas: 1
  selector:
    matchLabels:
      app: test-nginx
  template:
    metadata:
      labels:
        app: test-nginx
    spec:
      containers:
      - name: nginx
        image: registry.cn-shenzhen.aliyuncs.com/hxlk8s/nginx:latest
        ports:
        - containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
  name: test-nginx-svc
  namespace: test-ns   # 和应用同命名空间
spec:
  selector:
    app: test-nginx
  ports:
  - port: 80
    targetPort: 80
  type: ClusterIP

 

3.执行部署
cd /root/hxl/ingress-demo
kubectl apply -f test-app-ns.yaml
# 查看状态
kubectl get pods -n test-ns
kubectl get svc -n test-ns

 

4.Ingress 路由(两种写法,二选一即可)
Ingress 也放在 test-ns 命名空间
写法:域名方式(推荐正式使用)
vi ingress-test-ns.yaml

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: test-ingress
  namespace: test-ns   # 指定命名空间
  annotations:
    kubernetes.io/ingress.class: "nginx"
spec:
  rules:
  - host: test.ingress.local
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: test-nginx-svc  # 同命名空间下的 Service
            port:
              number: 80

 

执行部署
kubectl apply -f ingress-test-ns.yaml
# 查看 Ingress

[root@host134 ingress-demo]# kubectl get ingress -n test-ns
NAME           CLASS    HOSTS                ADDRESS   PORTS   AGE
test-ingress   <none>   test.ingress.local             80      15s

 


4.访问测试
先获取 Ingress 入口信息

[root@host134 ingress-demo]# kubectl get svc -n ingress-nginx
NAME                                 TYPE           CLUSTER-IP     EXTERNAL-IP   PORT(S)                      AGE
ingress-nginx-controller             LoadBalancer   10.1.121.181   <pending>     80:31871/TCP,443:32203/TCP   35m
ingress-nginx-controller-admission   ClusterIP      10.1.8.19      <none>        443/TCP                      35m

 

# 把节点IP 和域名绑定
echo "192.168.1.134 test.ingress.local" >> /etc/hosts

curl http://test.ingress.local:31871
发现只有在134机器上能访问

 

# 扩容为2副本
kubectl scale deployment ingress-nginx-controller -n ingress-nginx --replicas=2
# 等待片刻,查看Pod分布,确认分到不同节点

 

[root@host134 ingress-demo]# kubectl get pods -n ingress-nginx -o wide
NAME                                       READY   STATUS      RESTARTS   AGE   IP             NODE      NOMINATED NODE   READINESS GATES
ingress-nginx-admission-create-lsh52       0/1     Completed   0          61m   10.244.2.97    host113   <none>           <none>
ingress-nginx-admission-patch-ndbhp        0/1     Completed   1          61m   10.244.2.98    host113   <none>           <none>
ingress-nginx-controller-f4f9f47d9-6wmfn   1/1     Running     0          13m   10.244.1.125   host135   <none>           <none>
ingress-nginx-controller-f4f9f47d9-smqcs   1/1     Running     0          61m   10.244.2.99    host113   <none>           <none>

 

只选任意一个有 ingress-nginx-controller 的节点 IP 绑定即可,推荐 192.168.1.113
# 先删除旧的错误条目
sed -i '/test.ingress.local/d' /etc/hosts
# 只加一行
echo "192.168.1.113 test.ingress.local" >> /etc/hosts


每个节点执行如下命令:
curl http://test.ingress.local:31871

 

posted @ 2026-06-29 17:44  slnngk  阅读(4)  评论(0)    收藏  举报