helm 安装 nginx-ingress-controller v1.10.0

1、说明准备

nginx-ingress 三种不同的部署模式

• Deployment+LoadBalancer

采用deployment进行部署nginx-ingress-controller，需要创建一个type:LoadBalancer的service进行关联nginx-ingress-controller这组pod。通常是在使用公有云进行创建负载均衡器并绑定公网地址。只要将域名解析指向该地址，即可实现集群服务的对外访问。

• Deployment+NodePort

采用deployment进行部署nginx-ingress-controller，需要创建一个type:NodePort的service进行关联nginx-ingress-controller这组pod。ingress暴露在集群节点ip的特定端口上。由于nodeport暴露的端口是随机端口，一般会在前面再搭建一套负载均衡器来转发请求。改方式一般用于宿主机是相对固定的环境ip地址不变的场景。

• DaemonSet+HostNetwork

用DaemonSet 结合nodeselector来部署ingress-controller到特定的Node上。然后使用HostNetwork直接把该pod与宿主机node的网络打通，直接使用宿主机的80/443端口就能访问服务。该方式整个请求链路最简单，性能相对nodeport模式更好。缺点是由于直接利用宿主机节点的网络和端口，一个node只能部署一个ingress-controller pod。比较适合大并发的生产环境使用

2、二进制安装helm

helm官方文档
helm-v3.14.3下载

下载 需要的版本
$ tar -zxvf helm-v3.14.3-linux-amd64.tar.gz
在解压目录中找到helm程序，移动到需要的目录中
$ mv linux-amd64/helm /usr/local/bin/helm

3、添加nginx-ingress-controller repo

$ helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
$ helm repo update
$ helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
$ helm search repo ingress-nginx
NAME                            CHART VERSION   APP VERSION     DESCRIPTION                                       
ingress-nginx/ingress-nginx     4.10.0          1.10.0          Ingress controller for Kubernetes using NGINX a...
$ helm pull ingress-nginx/ingress-nginx --version 4.10.0

由于无法拉取包的网络问题，通过脚本进行下载helm相关的chart包

ingress-nginx-4.10.0 helm 下载

4、修改values.yaml文件

4.1、修改镜像仓库

......省略......
controller:
  name: controller
  enableAnnotationValidations: false
  image:
    ## Keep false as default for now!
    chroot: false
    #registry: registry.k8s.io
    registry: registry.aliyuncs.com
    image: google_containers/nginx-ingress-controller
....再省略...........
    patch:
      enabled: true
      image:
        registry: registry.aliyuncs.com
        image: google_containers/kube-webhook-certgen
        tag: v1.4.0
        #digest: sha256:44d1d0e9f19c63f58b380c5fddaca7cf22c7cee564adeff365225a5df5ef3334   注释掉
        pullPolicy: IfNotPresent

4.2、修改hostNetwork

  hostNetwork: true

4.3、修改dnsPolicy

  dnsPolicy: ClusterFirstWithHostNet

4.4、修改kind类型

  kind: DaemonSet

4.5、修改nodePort

    type: NodePort
.........省略，这里有俩个nodePorts修改.......
    nodePorts:
      # -- Node port allocated for the external HTTP listener. If left empty, the service controller allocates one from the configured node port range.
      http: "80"
      # -- Node port allocated for the external HTTPS listener. If left empty, the service controller allocates one from the configured node port range.
      https: "443"

这里修改为80和443端口，同时要进行修改kube-api.yaml中的参数，增加参数：

#主节点的kube-api都要进行修改，这样就能支持80和443，否则在安装过程中会提示端口范围问题
$ vim /etc/kubernetes/manifests/kube-apiserver.yaml
    - --service-node-port-range=1-65535
$ systemctl daemon-reload
$ systemctl restart kubelet

5、安装ingress-nginx

在ingress-nginx目录中
$ kubectl create ns ingress-nginx
$ helm install ingress-nginx -n ingress-nginx .   #安装
$ helm uninstall ingress-nginx -n ingress-nginx   #卸载

[root@K8SMS0001 ingress-nginx]# kubectl get pods -n ingress-nginx
NAME                             READY   STATUS    RESTARTS   AGE
ingress-nginx-controller-7mgtk   1/1     Running   0          96m
ingress-nginx-controller-gtdsb   1/1     Running   0          96m
ingress-nginx-controller-rnvhl   1/1     Running   0          96m

[root@K8SMS0001 ingress-nginx]# kubectl get svc -n ingress-nginx
NAME                                 TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)                 AGE
ingress-nginx-controller             NodePort    10.96.179.151   <none>        80:80/TCP,443:443/TCP   97m
ingress-nginx-controller-admission   ClusterIP   10.96.138.59    <none>        443/TCP                 97m