1. Johngo学长首页
  2. 技术点详细复盘专题
  3. Linux

ingress-nginx 部署使用

Linux 阅读 90

安装部署 nginx-ingress-controller

输入下面网址:选择版本

https://github.com/kubernetes/ingress-nginx/blob/nginx-0.30.0/deploy/static/mandatory.yaml

ingress-nginx 部署使用

ingress-nginx 部署使用 
vim mandatory.yaml  #新建一个yaml文件直接复制粘贴  ps: vim 编辑器 需要 set paste  防止格式错误​​

官网提示(0.30版本):!!! tip If you are using a Kubernetes version previous to 1.14, you need to change kubernetes.io/osto beta.kubernetes.io/osat line 217 of

把第217 行 的 kubernetes.io/os 替换成 beta.kubernetes.io/os

kubectl   version    查看集群版本Client Version: version.Info{Major:"1", Minor:"13", GitVersion:"v1.13.3", GitCommit:"721bfa751924da8d1680787490c54b9179b1fed0", GitTreeState:"clean", BuildDate:"2019-02-01T20:08:12Z", GoVersion:"go1.11.5", Compiler:"gc", Platform:"linux/amd64"}Server Version: version.Info{Major:"1", Minor:"13", GitVersion:"v1.13.3", GitCommit:"721bfa751924da8d1680787490c54b9179b1fed0", GitTreeState:"clean", BuildDate:"2019-02-01T20:00:57Z", GoVersion:"go1.11.5", Compiler:"gc", Platform:"linux/amd64"}​

214       terminationGracePeriodSeconds: 300215       serviceAccountName: nginx-ingress-serviceaccount216       nodeSelector:217         beta.kubernetes.io/os: linux218       containers:219         - name: nginx-ingress-controller:set nu

修改完创建资源

[root@localhost ~/test/ingress]# kubectl apply -f mandatory.yaml namespace/ingress-nginx createdconfigmap/nginx-configuration createdconfigmap/tcp-services createdconfigmap/udp-services createdserviceaccount/nginx-ingress-serviceaccount createdclusterrole.rbac.authorization.k8s.io/nginx-ingress-clusterrole createdrole.rbac.authorization.k8s.io/nginx-ingress-role createdrolebinding.rbac.authorization.k8s.io/nginx-ingress-role-nisa-binding createdclusterrolebinding.rbac.authorization.k8s.io/nginx-ingress-clusterrole-nisa-binding createddeployment.apps/nginx-ingress-controller createdlimitrange/ingress-nginx created​查看控制器Pod  已经正常运行[root@localhost ~/test/ingress]# kubectl get pods -n ingress-nginxNAME                                       READY   STATUS    RESTARTS   AGEnginx-ingress-controller-97547988b-jh9q4   1/1     Running   0          3m32s​​​

创建个service 集群外访问

[root@localhost ~/test/ingress]# vim service-nodeport.yaml ​apiVersion: v1kind: Servicemetadata:  name: ingress-nginx  namespace: ingress-nginxspec:  type: NodePort  ports:  - name: http    port: 80    targetPort: 80    protocol: TCP    nodePort: 30080  - name: https    port: 443    targetPort: 443    protocol: TCP    nodePort: 30443  selector:    app.kubernetes.io/name: ingress-nginx    app.kubernetes.io/part-of: ingress-nginx​​​​kubectl apply  -f  service-nodeport.yaml    ​​

创建一组应用pod和对应的service

[root@localhost ~/test/ingress/tomcat]# vim deploy-tomcat.yaml ​apiVersion: v1kind: Servicemetadata:  name: tomcat  namespace: defaultspec:  selector:    app: tomcat    release: canary  ports:  - name: http    port: 80    targetPort: 8080 # - name: ajp  #  port: 8009   # targetPort: 8009​---apiVersion: apps/v1kind: Deploymentmetadata:  name: tomcat-deployspec:  replicas: 3  selector:    matchLabels:      app: tomcatrelease: canary  template:    metadata:      labels:        app: tomcat        release: canary    spec:      containers:      - name: tomcat        image: tomcat:7-alpine        ports:        - name: httpd          containerPort: 8080    #    - name: ajp     #     containerPort: 8009                                  kubectl apply -f deploy-tomcat.yaml

配置 ingress 规则

[root@localhost ~/test/ingress/tomcat]# vim tomcat.yaml ​apiVersion: extensions/v1beta1kind: Ingressmetadata:  name: ingress-tomcat  namespace: default  annotations:    kubernets.io/ingress.class: "nginx"spec:  rules:  - host: tomcat.luoluo.com    http:      paths:      - path:        backend:          serviceName: tomcat          servicePort: 8080                    kubectl apply -f tomcat.yaml ​

浏览器输入 tomcat.luoluo.com:30080 验证 #测试需要修改宿主机 C:\Windows\System32\drivers\etc 下 HOSTS文件 映射

ingress-nginx 部署使用

对tomcat服务添加httpds服务

创建私有证书及secret

openssl genrsa -out tls.key 2048​[root@localhost ~/test/ingress/tomcat]# openssl req -new -x509 -key tls.key -out tls.crt -subj /C=CN/ST=Beijing/L=Beijing/O=DevOps/CN=tomcat.luoluo.com  #注意域名要和服务的域名一致 ​​kubectl create secret tls tomcat-ingress-secret --cert=tls.crt --key=tls.key #创建secret​​​

将证书应用至tomcat服务中

[root@localhost ~/test/ingress/tomcat]# vim ingress-tomcat-tls.yaml ​apiVersion: extensions/v1beta1kind: Ingressmetadata:  name: ingress-tomcat-tls  namespace: default  annotations:    kubernets.io/ingress.class: "nginx"spec:  tls:  - hosts:    - tomcat.luoluo.com        #与secret证书的域名需要保持一致    secretName: tomcat-ingress-secret   #secret证书的名称  rules:  - host: tomcat.luoluo.com    https:      paths:      - path:        backend:          serviceName: tomcat          servicePort: 8080~                                                                                                                                     ~                                                                                              kubectl apply -f ingress-tomcat-tls.yaml    ​~

ingress-nginx 部署使用

Original: https://www.cnblogs.com/luoluo160717/p/15757925.html
Author: 不用去猜。
Title: ingress-nginx 部署使用

原创文章受到原创版权保护。转载请注明出处:https://www.johngo689.com/611493/

转载文章受原作者版权保护。转载请注明原作者出处!

(0)
0

【自取】最近整理的,有需要可以领取学习:



Linux核心资料大放送~

全栈面试题汇总(持续更新&可下载)

一个提高学习100%效率的工具!

【超详细】深度学习面试题目!

LeetCode Python刷题答案下载!

LeetCode Java版刷题答案下载!

LeetCode C++ 版本,抓紧保存!

LeetCode GO语言 刷题答案下载!

大家都在看

亲爱的 Coder【最近整理,可免费获取】👉 最新必读书单  | 👏 面试题下载  | 🌎 免费的AI知识星球