Kubernetes1.13.1 ingress haproxy
1.haproxy-ingress.yaml
---apiVersion: v1kind: Namespacemetadata: name: ingress-controller---apiVersion: v1kind: ServiceAccountmetadata: name: ingress-controller namespace: ingress-controller---apiVersion: rbac.authorization.k8s.io/v1beta1kind: ClusterRolemetadata: name: ingress-controllerrules: - apiGroups: - "" resources: - configmaps - endpoints - nodes - pods - secrets verbs: - list - watch - apiGroups: - "" resources: - nodes verbs: - get - apiGroups: - "" resources: - services verbs: - get - list - watch - apiGroups: - "extensions" resources: - ingresses verbs: - get - list - watch - apiGroups: - "" resources: - events verbs: - create - patch - apiGroups: - "extensions" resources: - ingresses/status verbs: - update---apiVersion: rbac.authorization.k8s.io/v1beta1kind: Rolemetadata: name: ingress-controller namespace: ingress-controllerrules: - apiGroups: - "" resources: - configmaps - pods - secrets - namespaces verbs: - get - apiGroups: - "" resources: - configmaps verbs: - get - update - apiGroups: - "" resources: - configmaps verbs: - create - apiGroups: - "" resources: - endpoints verbs: - get - create - update---apiVersion: rbac.authorization.k8s.io/v1beta1kind: ClusterRoleBindingmetadata: name: ingress-controllerroleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: ingress-controllersubjects: - kind: ServiceAccount name: ingress-controller namespace: ingress-controller - apiGroup: rbac.authorization.k8s.io kind: User name: ingress-controller---apiVersion: rbac.authorization.k8s.io/v1beta1kind: RoleBindingmetadata: name: ingress-controller namespace: ingress-controllerroleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: ingress-controllersubjects: - kind: ServiceAccount name: ingress-controller namespace: ingress-controller - apiGroup: rbac.authorization.k8s.io kind: User name: ingress-controller---apiVersion: extensions/v1beta1kind: Deploymentmetadata: labels: run: ingress-default-backend name: ingress-default-backend namespace: ingress-controllerspec: selector: matchLabels: run: ingress-default-backend template: metadata: labels: run: ingress-default-backend spec: containers: - name: ingress-default-backend image: mirrorgooglecontainers/defaultbackend:1.0 ports: - containerPort: 8080 #resources: # limits: # cpu: 8000m # memory: 2000Mi---apiVersion: v1kind: Servicemetadata: name: ingress-default-backend namespace: ingress-controllerspec: ports: - port: 8080 selector: run: ingress-default-backend---apiVersion: v1kind: ConfigMapmetadata: name: haproxy-ingress namespace: ingress-controller---apiVersion: extensions/v1beta1kind: DaemonSetmetadata: labels: run: haproxy-ingress name: haproxy-ingress namespace: ingress-controllerspec: updateStrategy: type: RollingUpdate selector: matchLabels: run: haproxy-ingress template: metadata: labels: run: haproxy-ingress spec: hostNetwork: true nodeSelector: role: ingress-controller serviceAccountName: ingress-controller containers: - name: haproxy-ingress image: docker.zhixueyun.com:5000/haproxy-ingress args: - --default-backend-service=$(POD_NAMESPACE)/ingress-default-backend - --configmap=$(POD_NAMESPACE)/haproxy-ingress - --sort-backends ports: - name: http containerPort: 80 - name: https containerPort: 443 - name: stat containerPort: 1936 env: - name: POD_NAME valueFrom: fieldRef: fieldPath: metadata.name - name: POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace |
2.zxy9.yaml
apiVersion: extensions/v1beta1kind: Ingressmetadata: name: haproxy-ingressspec: rules: - host: datatest.zhixueyun.com http: paths: - path: /api/v1/system/ backend: serviceName: system-web-server servicePort: 8080 - path: /api/v1/course-study/ backend: serviceName: cs-web-server servicePort: 8080 - path: /api/v1/human/ backend: serviceName: human-resource-web servicePort: 8080 - path: /api/v1/exam/ backend: serviceName: exam-web-server servicePort: 8080 - path: /api/v1/training/ backend: serviceName: training-web-server servicePort: 8080 - path: /api/v1/microclass/ backend: serviceName: microclass-web-server servicePort: 8080 - path: /api/v1/ask-bar/ backend: serviceName: ask-bar-web-server servicePort: 8080 - path: /oauth/ backend: serviceName: oauth-provider servicePort: 8080 - path: /api/v1/zxy-log/ backend: serviceName: zxy-log-web-server servicePort: 8080 - path: /security-center/ backend: serviceName: security-center servicePort: 8080 - path: /static/ backend: serviceName: quick-report-boot servicePort: 8080 - path: /quick-report-web/reportInfo/ backend: serviceName: quick-report-boot servicePort: 8080 - path: /quick-report-web/compute/ backend: serviceName: quick-report-boot servicePort: 8080 - path: /quick-report/ backend: serviceName: quick-report-boot servicePort: 8080 - path: /api/v1/live/ backend: serviceName: live-web-server servicePort: 8080 - path: /api/v1/cloud-center/ backend: serviceName: cloud-web-server servicePort: 8080 - path: /api/v1/hr-sync/ backend: serviceName: hr-sync-web-server servicePort: 8080 - path: /api/v1/history/ backend: serviceName: history-web-server servicePort: 8080 - path: /api/v1/message/ backend: serviceName: message-send servicePort: 8080 - path: /api/v1/help-center/ backend: serviceName: help-center-web-server servicePort: 8080 |
3.启动
kubectl create -f haproxy-ingress.yaml
kubectl create -f zxy9.yaml
4.经性能测试发现ingress-haproxy性能比较差,不适合用于生产环境
浙公网安备 33010602011771号