ingress部署
# 手动部署
# 部署ingress-nginx 官方地址:https://github.com/kubernetes/ingress-nginx
# 参考链接:https://www.jianshu.com/p/c726ed03562a
wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/mandatory.yaml
# 修改mandatory.yaml
##########################################
apiVersion: v1
kind: Namespace
metadata:
name: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx --- kind: ConfigMap
apiVersion: v1
metadata:
name: nginx-configuration
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx ---
kind: ConfigMap
apiVersion: v1
metadata:
name: tcp-services
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx ---
kind: ConfigMap
apiVersion: v1
metadata:
name: udp-services
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx ---
apiVersion: v1
kind: ServiceAccount
metadata:
name: nginx-ingress-serviceaccount
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx ---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
name: nginx-ingress-clusterrole
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
rules:
- apiGroups:
- ""
resources:
- configmaps
- endpoints
- nodes
- pods
- secrets
verbs:
- list
- watch
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- apiGroups:
- ""
resources:
- services
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
- apiGroups:
- "extensions"
- "networking.k8s.io"
resources:
- ingresses
verbs:
- get
- list
- watch
- apiGroups:
- "extensions"
- "networking.k8s.io"
resources:
- ingresses/status
verbs:
- update ---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: Role
metadata:
name: nginx-ingress-role
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
rules:
- apiGroups:
- ""
resources:
- configmaps
- pods
- secrets
- namespaces
verbs:
- get
- apiGroups:
- ""
resources:
- configmaps
resourceNames:
# Defaults to "<election-id>-<ingress-class>"
# Here: "<ingress-controller-leader>-<nginx>"
# This has to be adapted if you change either parameter
# when launching the nginx-ingress-controller.
- "ingress-controller-leader-nginx"
verbs:
- get
- update
- apiGroups:
- ""
resources:
- configmaps
verbs:
- create
- apiGroups:
- ""
resources:
- endpoints
verbs:
- get ---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: RoleBinding
metadata:
name: nginx-ingress-role-nisa-binding
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: nginx-ingress-role
subjects:
- kind: ServiceAccount
name: nginx-ingress-serviceaccount
namespace: ingress-nginx ---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: nginx-ingress-clusterrole-nisa-binding
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: nginx-ingress-clusterrole
subjects:
- kind: ServiceAccount
name: nginx-ingress-serviceaccount
namespace: ingress-nginx --- apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: nginx-ingress-controller
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
spec:
selector:
matchLabels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
template:
metadata:
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
annotations:
prometheus.io/port: ""
prometheus.io/scrape: "true"
spec:
hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet
nodeSelector:
nginx-ingress: "true"
tolerations:
- key: "node-role.kubernetes.io/master"
operator: "Exists"
effect: "NoSchedule"
serviceAccountName: nginx-ingress-serviceaccount
containers:
- name: nginx-ingress-controller
image: registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-ingress-controller:0.25.
args:
- /nginx-ingress-controller
- --configmap=$(POD_NAMESPACE)/nginx-configuration
- --tcp-services-configmap=$(POD_NAMESPACE)/tcp-services
- --udp-services-configmap=$(POD_NAMESPACE)/udp-services
- --publish-service=$(POD_NAMESPACE)/ingress-nginx
- --annotations-prefix=nginx.ingress.kubernetes.io
securityContext:
allowPrivilegeEscalation: true
capabilities:
drop:
- ALL
add:
- NET_BIND_SERVICE
# www-data ->
runAsUser:
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
ports:
- name: http
containerPort:
- name: https
containerPort:
livenessProbe:
failureThreshold:
httpGet:
path: /healthz
port:
scheme: HTTP
initialDelaySeconds:
periodSeconds:
successThreshold:
timeoutSeconds:
readinessProbe:
failureThreshold:
httpGet:
path: /healthz
port:
scheme: HTTP
periodSeconds:
successThreshold:
timeoutSeconds: ---
##########################################
修改参数:
、image修改为阿里云镜像registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-ingress-controller:0.25.
、kind修改为DaemonSet,apiVersion修改为extensions/v1beta1
、replicas: #删除此行,DaemonSet不需要此参数
、hostNetwork: true #添加该字段让docker使用物理机网络,在物理机暴露服务端口(),注意物理机80端口提前不能被占用
、dnsPolicy: ClusterFirstWithHostNet #使用hostNetwork后容器会使用物理机网络包括DNS,会无法解析内部service,使用此参数让容器使用K8S的DNS
、nginx-ingress: "true" #添加节点标签
、tolerations: 添加对指定节点污点容忍度 # 创建ingress-ingress的service
[root@test-k8s-master01 ~]# cat svc-ingress-nginx.yaml
##########################################
kind: Service
apiVersion: v1
metadata:
name: ingress-nginx
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
spec:
selector:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
ports:
- name: http
port:
targetPort: http
- name: https
port:
targetPort: https
##########################################
kubectl apply -f svc-ingress-nginx.yaml # 节点打上标签、污点
# 查看标签
kubectl get node --show-labels
# 打标签
kubectl label nodes test-k8s-master01 nginx-ingress=true
# 删除标签
kubectl label nodes test-k8s-master01 nginx-ingress-
# 查看污点
kubectl describe node test-k8s-master01
# 打污点
kubectl taint nodes test-k8s-master01 nginx-ingress=true:NoSchedule
# 删除污点
kubectl taint nodes test-k8s-master01 nginx-ingress:NoSchedule- # 创建资源
kubectl apply -f mandatory.yaml
kubectl get pod -n ingress-nginx -o wide # helm方式部署
helm fetch stable/nginx-ingress
tar xf nginx-ingress-1.17..tgz
nginx-ingress 目录下面的values.yaml文件为默认参数值
# 自定义参数
[root@test-k8s-master01 nginx-ingress]# cat custom.yaml
######################################
controller:
replicaCount:
image:
repository: quay.io/kubernetes-ingress-controller/nginx-ingress-controller
hostNetwork: true
daemonset:
useHostPort: false
hostPorts:
http:
https:
service:
type: ClusterIP
tolerations:
- operator: "Exists"
nodeSelector:
nginx-ingress: "true" defaultBackend:
replicaCount:
image:
repository: gcr.azk8s.cn/google-containers/defaultbackend-amd64
tolerations:
- operator: "Exists"
nodeSelector:
nginx-ingress: "true"
######################################
helm install stable/nginx-ingress --namespace nginx-ingress --name nginx-ingress -f custom.yaml #其它参考:https://www.cnblogs.com/wenlin-gk/p/9627403.htmlhttps://www.cnblogs.com/crazymagic/p/11267303.htmlhttps://blog.csdn.net/bbwangj/article/details/82940419
ingress部署的更多相关文章
- Kubernetes Ingress 部署
Kubernetes Ingress 部署 Pod与Ingress的关系• 通过service相关联• 通过Ingress Controller实现Pod的负载均衡- 支持TCP/UDP 4层和HTT ...
- K8S从入门到放弃系列-(15)Kubernetes集群Ingress部署
Ingress是kubernetes集群对外提供服务的一种方式.ingress部署相对比较简单,官方把相关资源配置文件,都已经集合到一个yml文件中(mandatory.yaml),镜像地址也修改为q ...
- k8s Ingress 理解和部署
目录 前言 Ingress 与 ingress-controller Ingress 部署 1.部署 ingress-controller 2.部署测试 web 服务 3.部署 Ingress 4.检 ...
- 【转帖】kubernetes 部署ingress
kubernetes 部署ingress https://www.cnblogs.com/dingbin/p/9754993.html 明天尝试一下 之前的文档里面一直没有提 需要改host文件 我有 ...
- kubernetes 部署ingress
kubernetes Ingess 是有2部分组成,Ingress Controller 和Ingress服务组成,常用的Ingress Controller 是ingress-nginx,工作的原理 ...
- Nginx Ingress on TKE 部署最佳实践
概述 开源的 Ingress Controller 的实现使用量最大的莫过于 Nginx Ingress 了,功能强大且性能极高.Nginx Ingress 有多种部署方式,本文将介绍 Nginx I ...
- kubernetes-dashboard(1.8.3)部署与踩坑
Kubernetes Dashboard 是一个管理Kubernetes集群的全功能Web界面,旨在以UI的方式完全替代命令行工具(kubectl 等). 目录 部署 创建用户 集成Heapster ...
- 二进制部署Kubernetes-v1.14.1集群
一.部署Kubernetes集群 1.1 Kubernetes介绍 Kubernetes(K8S)是Google开源的容器集群管理系统,K8S在Docker容器技术的基础之上,大大地提高了容器化部署应 ...
- 生产环境:ansible自动化部署kubernetes-1.14
概述: 本文提供ansible-playbooks用来帮助读者用ansible构建二进制kubernetes1.14, 集群包含calico.nginx-ingress.HA 提供资源有kuberne ...
随机推荐
- JAVA实验报告四及第六周总结
JAVA第六周作业 实验报告四 第一题 (1)根据下面的要求实现圆类Circle. 1.圆类Circle的成员变量:radius表示圆的半径. 2.圆类Circle的方法成员: Circle():构造 ...
- [转帖]Xenix — 微软与UNIX的短暂爱恋
Xenix — 微软与UNIX的短暂爱恋 https://www.linuxdashen.com/xenix-微软与unix的短暂爱恋 原来微软曾经 干过那么牛B的 unix系统. 微软向外宣布Mic ...
- PAT B1046.猜拳
课本AC #include <cstdio> int main() { int n, failA = 0, failB = 0; scanf("%d", &n) ...
- URL去重与文章去重的一些基本方法
一.url去重url存到数据库所有url放到set中(一亿条占用9G内存)md5之后放到set中(一亿条占用2,3G的内存)scrapy采用的就是类似方法bitmap方法(url经过hash后映射到b ...
- spark教程(八)-SparkSession
spark 有三大引擎,spark core.sparkSQL.sparkStreaming, spark core 的关键抽象是 SparkContext.RDD: SparkSQL 的关键抽象是 ...
- T100——接口代码记录,jsonArray和json
{<section id="cs_t1client.description" >} #應用 a00 樣板自動產生(Version:) #+ Version..: T10 ...
- O030、Launch 和 shut off 操作详解
参考https://www.cnblogs.com/CloudMan6/p/5460464.html 本节详细分析 instance launch 和 shut off 操作 ,以及如何在日志中快 ...
- Laravel 实现指定用户下的设备分页(与查询指定分类下的文章原理相同)
<?php //控制器 namespace App\Http\Controllers\Api\User; use App\Http\Controllers\Controller; use Ill ...
- Spark 源码和应用开发环境的构建
引言 Spark 现在无疑是大数据领域最热门的技术之一,读者很容易搜索到介绍如何应用 Spark 技术的文章,但是作为开发人员,在了解了应用的概念之后,更习惯的是打开开发环境,开发一些应用来更深入的学 ...
- 在vue-cli项目中使用bootstrap
1.安装插件 npm install jquery --save npm install bootstrap --save npm install popper.js --save 2.配置webpa ...