ingress部署
# 手动部署
# 部署ingress-nginx 官方地址:https://github.com/kubernetes/ingress-nginx
# 参考链接:https://www.jianshu.com/p/c726ed03562a
wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/mandatory.yaml
# 修改mandatory.yaml
##########################################
apiVersion: v1
kind: Namespace
metadata:
name: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx --- kind: ConfigMap
apiVersion: v1
metadata:
name: nginx-configuration
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx ---
kind: ConfigMap
apiVersion: v1
metadata:
name: tcp-services
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx ---
kind: ConfigMap
apiVersion: v1
metadata:
name: udp-services
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx ---
apiVersion: v1
kind: ServiceAccount
metadata:
name: nginx-ingress-serviceaccount
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx ---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
name: nginx-ingress-clusterrole
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
rules:
- apiGroups:
- ""
resources:
- configmaps
- endpoints
- nodes
- pods
- secrets
verbs:
- list
- watch
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- apiGroups:
- ""
resources:
- services
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
- apiGroups:
- "extensions"
- "networking.k8s.io"
resources:
- ingresses
verbs:
- get
- list
- watch
- apiGroups:
- "extensions"
- "networking.k8s.io"
resources:
- ingresses/status
verbs:
- update ---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: Role
metadata:
name: nginx-ingress-role
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
rules:
- apiGroups:
- ""
resources:
- configmaps
- pods
- secrets
- namespaces
verbs:
- get
- apiGroups:
- ""
resources:
- configmaps
resourceNames:
# Defaults to "<election-id>-<ingress-class>"
# Here: "<ingress-controller-leader>-<nginx>"
# This has to be adapted if you change either parameter
# when launching the nginx-ingress-controller.
- "ingress-controller-leader-nginx"
verbs:
- get
- update
- apiGroups:
- ""
resources:
- configmaps
verbs:
- create
- apiGroups:
- ""
resources:
- endpoints
verbs:
- get ---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: RoleBinding
metadata:
name: nginx-ingress-role-nisa-binding
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: nginx-ingress-role
subjects:
- kind: ServiceAccount
name: nginx-ingress-serviceaccount
namespace: ingress-nginx ---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: nginx-ingress-clusterrole-nisa-binding
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: nginx-ingress-clusterrole
subjects:
- kind: ServiceAccount
name: nginx-ingress-serviceaccount
namespace: ingress-nginx --- apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: nginx-ingress-controller
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
spec:
selector:
matchLabels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
template:
metadata:
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
annotations:
prometheus.io/port: ""
prometheus.io/scrape: "true"
spec:
hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet
nodeSelector:
nginx-ingress: "true"
tolerations:
- key: "node-role.kubernetes.io/master"
operator: "Exists"
effect: "NoSchedule"
serviceAccountName: nginx-ingress-serviceaccount
containers:
- name: nginx-ingress-controller
image: registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-ingress-controller:0.25.
args:
- /nginx-ingress-controller
- --configmap=$(POD_NAMESPACE)/nginx-configuration
- --tcp-services-configmap=$(POD_NAMESPACE)/tcp-services
- --udp-services-configmap=$(POD_NAMESPACE)/udp-services
- --publish-service=$(POD_NAMESPACE)/ingress-nginx
- --annotations-prefix=nginx.ingress.kubernetes.io
securityContext:
allowPrivilegeEscalation: true
capabilities:
drop:
- ALL
add:
- NET_BIND_SERVICE
# www-data ->
runAsUser:
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
ports:
- name: http
containerPort:
- name: https
containerPort:
livenessProbe:
failureThreshold:
httpGet:
path: /healthz
port:
scheme: HTTP
initialDelaySeconds:
periodSeconds:
successThreshold:
timeoutSeconds:
readinessProbe:
failureThreshold:
httpGet:
path: /healthz
port:
scheme: HTTP
periodSeconds:
successThreshold:
timeoutSeconds: ---
##########################################
修改参数:
、image修改为阿里云镜像registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-ingress-controller:0.25.
、kind修改为DaemonSet,apiVersion修改为extensions/v1beta1
、replicas: #删除此行,DaemonSet不需要此参数
、hostNetwork: true #添加该字段让docker使用物理机网络,在物理机暴露服务端口(),注意物理机80端口提前不能被占用
、dnsPolicy: ClusterFirstWithHostNet #使用hostNetwork后容器会使用物理机网络包括DNS,会无法解析内部service,使用此参数让容器使用K8S的DNS
、nginx-ingress: "true" #添加节点标签
、tolerations: 添加对指定节点污点容忍度 # 创建ingress-ingress的service
[root@test-k8s-master01 ~]# cat svc-ingress-nginx.yaml
##########################################
kind: Service
apiVersion: v1
metadata:
name: ingress-nginx
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
spec:
selector:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
ports:
- name: http
port:
targetPort: http
- name: https
port:
targetPort: https
##########################################
kubectl apply -f svc-ingress-nginx.yaml # 节点打上标签、污点
# 查看标签
kubectl get node --show-labels
# 打标签
kubectl label nodes test-k8s-master01 nginx-ingress=true
# 删除标签
kubectl label nodes test-k8s-master01 nginx-ingress-
# 查看污点
kubectl describe node test-k8s-master01
# 打污点
kubectl taint nodes test-k8s-master01 nginx-ingress=true:NoSchedule
# 删除污点
kubectl taint nodes test-k8s-master01 nginx-ingress:NoSchedule- # 创建资源
kubectl apply -f mandatory.yaml
kubectl get pod -n ingress-nginx -o wide # helm方式部署
helm fetch stable/nginx-ingress
tar xf nginx-ingress-1.17..tgz
nginx-ingress 目录下面的values.yaml文件为默认参数值
# 自定义参数
[root@test-k8s-master01 nginx-ingress]# cat custom.yaml
######################################
controller:
replicaCount:
image:
repository: quay.io/kubernetes-ingress-controller/nginx-ingress-controller
hostNetwork: true
daemonset:
useHostPort: false
hostPorts:
http:
https:
service:
type: ClusterIP
tolerations:
- operator: "Exists"
nodeSelector:
nginx-ingress: "true" defaultBackend:
replicaCount:
image:
repository: gcr.azk8s.cn/google-containers/defaultbackend-amd64
tolerations:
- operator: "Exists"
nodeSelector:
nginx-ingress: "true"
######################################
helm install stable/nginx-ingress --namespace nginx-ingress --name nginx-ingress -f custom.yaml #其它参考:https://www.cnblogs.com/wenlin-gk/p/9627403.htmlhttps://www.cnblogs.com/crazymagic/p/11267303.htmlhttps://blog.csdn.net/bbwangj/article/details/82940419
ingress部署的更多相关文章
- Kubernetes Ingress 部署
Kubernetes Ingress 部署 Pod与Ingress的关系• 通过service相关联• 通过Ingress Controller实现Pod的负载均衡- 支持TCP/UDP 4层和HTT ...
- K8S从入门到放弃系列-(15)Kubernetes集群Ingress部署
Ingress是kubernetes集群对外提供服务的一种方式.ingress部署相对比较简单,官方把相关资源配置文件,都已经集合到一个yml文件中(mandatory.yaml),镜像地址也修改为q ...
- k8s Ingress 理解和部署
目录 前言 Ingress 与 ingress-controller Ingress 部署 1.部署 ingress-controller 2.部署测试 web 服务 3.部署 Ingress 4.检 ...
- 【转帖】kubernetes 部署ingress
kubernetes 部署ingress https://www.cnblogs.com/dingbin/p/9754993.html 明天尝试一下 之前的文档里面一直没有提 需要改host文件 我有 ...
- kubernetes 部署ingress
kubernetes Ingess 是有2部分组成,Ingress Controller 和Ingress服务组成,常用的Ingress Controller 是ingress-nginx,工作的原理 ...
- Nginx Ingress on TKE 部署最佳实践
概述 开源的 Ingress Controller 的实现使用量最大的莫过于 Nginx Ingress 了,功能强大且性能极高.Nginx Ingress 有多种部署方式,本文将介绍 Nginx I ...
- kubernetes-dashboard(1.8.3)部署与踩坑
Kubernetes Dashboard 是一个管理Kubernetes集群的全功能Web界面,旨在以UI的方式完全替代命令行工具(kubectl 等). 目录 部署 创建用户 集成Heapster ...
- 二进制部署Kubernetes-v1.14.1集群
一.部署Kubernetes集群 1.1 Kubernetes介绍 Kubernetes(K8S)是Google开源的容器集群管理系统,K8S在Docker容器技术的基础之上,大大地提高了容器化部署应 ...
- 生产环境:ansible自动化部署kubernetes-1.14
概述: 本文提供ansible-playbooks用来帮助读者用ansible构建二进制kubernetes1.14, 集群包含calico.nginx-ingress.HA 提供资源有kuberne ...
随机推荐
- java 基础(一)-实验楼
一.标识符:区分大小写由数字.大小写字母.$._ 组成,不能由数字开头.各种变量.方法和类等要素命名时使用的字符序列称.凡是自己可以起名字的地方都叫标识符.不可以使用关键字和保留字,但能包含关键字和保 ...
- 剑指offer5:用两个栈来实现一个队列,完成队列的Push和Pop操作。 队列中的元素为int类型。
1. 题目描述 用两个栈来实现一个队列,完成队列的Push和Pop操作. 队列中的元素为int类型. 2. 思想 (1)栈的特点是先进后出,而队列的特点是先进先出: (2)因此,入队列的情况和入栈的情 ...
- MySQL8在CentOS7上的安装
Install_CentOS7_MySQL8_binary.sh #!/bin/bash MySQL_Package=mysql-8.0.16-linux-glibc2.12-x86_64.tar.x ...
- 论文笔记-IGCV3:Interleaved Low-Rank Group Convolutions for Efficient Deep Neural Networks
论文笔记-IGCV3:Interleaved Low-Rank Group Convolutions for Efficient Deep Neural Networks 2018年07月11日 14 ...
- 今天朋友带领去谷歌ok2eat 餐厅吃免费午餐
中午去队友公司免费吃饭.朋友带我们去她的楼下吃,就算是googler真的也不是所有cafe都知道,感谢朋友带领.
- java实现spark常用算子之Reduce
import org.apache.spark.SparkConf;import org.apache.spark.api.java.JavaRDD;import org.apache.spark.a ...
- 1 sql server 利用多重赋值将一列的数据以逗号分隔,返回
declare @mav varchar(max) select @mav=coalesce(@mav+', '+d.Name,d.Name) from ( select Name from Huma ...
- -parameters 参数的使用 解决 Feign PathVariable annotation was empty on param 0
在使用 FeignClient 如果参数没有给默认名字 @PathVariable("districtId") Long districtId 比如 @FeignClient(&q ...
- Python 之 random模块
Python中的random模块用于生成随机数.1.random.random() #用于生成一个0到1的随机浮点数:0<= n < 1.0>>> random.ran ...
- SQL Server 2005 实现数据库同步备份 过程--结果---分析
数据库复制: 简单来说,数据库复制就是由两台服务器,主服务器和备份服务器,主服务器修改后,备份服务器自动修改. 复制的模式有两种:推送模式和请求模式,推送模式是主服务器修改后,自动发给备份服务器, ...