k8s下安装ingress
环境:
OS:Centos 7
k8s:v1.24.17
ingress:1.10.4
1.下载官方 yaml
cd /root/hxl/ingress-demo
wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.10.4/deploy/static/provider/cloud/deploy.yaml
2.查看都使用了那些镜像
[root@host134 ingress-demo]# cat deploy.yaml |grep image
image: registry.k8s.io/ingress-nginx/controller:v1.10.4@sha256:505b9048c02dde3d6c8667bf0b52aba7b36adf7b03da34c47d5fa312d2d4c6fc
imagePullPolicy: IfNotPresent
image: registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.4.3@sha256:a320a50cc91bd15fd2d6fa6de58bd98c1bd64b9a6f926ce23a600d87043455a3
imagePullPolicy: IfNotPresent
image: registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.4.3@sha256:a320a50cc91bd15fd2d6fa6de58bd98c1bd64b9a6f926ce23a600d87043455a3
imagePullPolicy: IfNotPresent
3.单独下载镜像
每个节点都要执行
docker pull registry.k8s.io/ingress-nginx/controller:v1.10.4
docker pull registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.4.3
3.修改部署文件去掉@后面的字符串
vi deploy.yaml
修改完成后查看
[root@host134 ingress-demo]# cat deploy.yaml |grep image
image: registry.k8s.io/ingress-nginx/controller:v1.10.4
imagePullPolicy: IfNotPresent
image: registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.4.3
imagePullPolicy: IfNotPresent
image: registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.4.3
imagePullPolicy: IfNotPresent
4.部署containerd镜像
每个节点都执行
cd /tmp
docker save -o controller-v1.10.4.tar registry.k8s.io/ingress-nginx/controller:v1.10.4
docker save -o webhook-v1.4.3.tar registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.4.3
导入到 containerd
ctr -n k8s.io images import controller-v1.10.4.tar
ctr -n k8s.io images import webhook-v1.4.3.tar
验证导入结果
ctr -n k8s.io images list | grep -E "controller|kube-webhook-certgen"
查看镜像
crictl images
#过滤
crictl images | grep ingress
直接拉取镜像
crictl pull registry.k8s.io/ingress-nginx/controller:v1.10.4
或是使用如下命令
ctr -n k8s.io images pull registry.k8s.io/ingress-nginx/controller:v1.10.4
ctr -n k8s.io images pull registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.4.3
4.部署
cd /root/hxl/ingress-demo
kubectl apply -f deploy.yaml
查看
[root@host134 ingress-demo]# kubectl get pods -n ingress-nginx
NAME READY STATUS RESTARTS AGE
ingress-nginx-admission-create-lsh52 0/1 Completed 0 2m21s
ingress-nginx-admission-patch-ndbhp 0/1 Completed 1 2m20s
ingress-nginx-controller-f4f9f47d9-smqcs 1/1 Running 0 2m21s
前面2个显示Completed是正常的,这2个是job一次性任务
#################################应用例子#################################
1.查看 Ingress 控制器服务入口
[root@host134 ingress-demo]# kubectl get svc -n ingress-nginx
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ingress-nginx-controller LoadBalancer 10.1.121.181 <pending> 80:31871/TCP,443:32203/TCP 25m
ingress-nginx-controller-admission ClusterIP 10.1.8.19 <none> 443/TCP 25m
2.创建名称空间
kubectl create namespace test-ns
2.部署测试应用 + Service
cd /root/hxl/ingress-demo
vi test-app-ns.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: test-nginx
namespace: test-ns # 指定命名空间
spec:
replicas: 1
selector:
matchLabels:
app: test-nginx
template:
metadata:
labels:
app: test-nginx
spec:
containers:
- name: nginx
image: registry.cn-shenzhen.aliyuncs.com/hxlk8s/nginx:latest
ports:
- containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: test-nginx-svc
namespace: test-ns # 和应用同命名空间
spec:
selector:
app: test-nginx
ports:
- port: 80
targetPort: 80
type: ClusterIP
3.执行部署
cd /root/hxl/ingress-demo
kubectl apply -f test-app-ns.yaml
# 查看状态
kubectl get pods -n test-ns
kubectl get svc -n test-ns
4.Ingress 路由(两种写法,二选一即可)
Ingress 也放在 test-ns 命名空间
写法:域名方式(推荐正式使用)
vi ingress-test-ns.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: test-ingress
namespace: test-ns # 指定命名空间
annotations:
kubernetes.io/ingress.class: "nginx"
spec:
rules:
- host: test.ingress.local
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: test-nginx-svc # 同命名空间下的 Service
port:
number: 80
执行部署
kubectl apply -f ingress-test-ns.yaml
# 查看 Ingress
[root@host134 ingress-demo]# kubectl get ingress -n test-ns
NAME CLASS HOSTS ADDRESS PORTS AGE
test-ingress <none> test.ingress.local 80 15s
4.访问测试
先获取 Ingress 入口信息
[root@host134 ingress-demo]# kubectl get svc -n ingress-nginx
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ingress-nginx-controller LoadBalancer 10.1.121.181 <pending> 80:31871/TCP,443:32203/TCP 35m
ingress-nginx-controller-admission ClusterIP 10.1.8.19 <none> 443/TCP 35m
# 把节点IP 和域名绑定
echo "192.168.1.134 test.ingress.local" >> /etc/hosts
curl http://test.ingress.local:31871
发现只有在134机器上能访问
# 扩容为2副本
kubectl scale deployment ingress-nginx-controller -n ingress-nginx --replicas=2
# 等待片刻,查看Pod分布,确认分到不同节点
[root@host134 ingress-demo]# kubectl get pods -n ingress-nginx -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
ingress-nginx-admission-create-lsh52 0/1 Completed 0 61m 10.244.2.97 host113 <none> <none>
ingress-nginx-admission-patch-ndbhp 0/1 Completed 1 61m 10.244.2.98 host113 <none> <none>
ingress-nginx-controller-f4f9f47d9-6wmfn 1/1 Running 0 13m 10.244.1.125 host135 <none> <none>
ingress-nginx-controller-f4f9f47d9-smqcs 1/1 Running 0 61m 10.244.2.99 host113 <none> <none>
只选任意一个有 ingress-nginx-controller 的节点 IP 绑定即可,推荐 192.168.1.113
# 先删除旧的错误条目
sed -i '/test.ingress.local/d' /etc/hosts
# 只加一行
echo "192.168.1.113 test.ingress.local" >> /etc/hosts
每个节点执行如下命令:
curl http://test.ingress.local:31871
浙公网安备 33010602011771号