ingress部署
# 手动部署
# 部署ingress-nginx 官方地址:https://github.com/kubernetes/ingress-nginx
# 参考链接:https://www.jianshu.com/p/c726ed03562a
wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/mandatory.yaml
# 修改mandatory.yaml
##########################################
apiVersion: v1
kind: Namespace
metadata:
name: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx --- kind: ConfigMap
apiVersion: v1
metadata:
name: nginx-configuration
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx ---
kind: ConfigMap
apiVersion: v1
metadata:
name: tcp-services
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx ---
kind: ConfigMap
apiVersion: v1
metadata:
name: udp-services
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx ---
apiVersion: v1
kind: ServiceAccount
metadata:
name: nginx-ingress-serviceaccount
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx ---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
name: nginx-ingress-clusterrole
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
rules:
- apiGroups:
- ""
resources:
- configmaps
- endpoints
- nodes
- pods
- secrets
verbs:
- list
- watch
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- apiGroups:
- ""
resources:
- services
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
- apiGroups:
- "extensions"
- "networking.k8s.io"
resources:
- ingresses
verbs:
- get
- list
- watch
- apiGroups:
- "extensions"
- "networking.k8s.io"
resources:
- ingresses/status
verbs:
- update ---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: Role
metadata:
name: nginx-ingress-role
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
rules:
- apiGroups:
- ""
resources:
- configmaps
- pods
- secrets
- namespaces
verbs:
- get
- apiGroups:
- ""
resources:
- configmaps
resourceNames:
# Defaults to "<election-id>-<ingress-class>"
# Here: "<ingress-controller-leader>-<nginx>"
# This has to be adapted if you change either parameter
# when launching the nginx-ingress-controller.
- "ingress-controller-leader-nginx"
verbs:
- get
- update
- apiGroups:
- ""
resources:
- configmaps
verbs:
- create
- apiGroups:
- ""
resources:
- endpoints
verbs:
- get ---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: RoleBinding
metadata:
name: nginx-ingress-role-nisa-binding
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: nginx-ingress-role
subjects:
- kind: ServiceAccount
name: nginx-ingress-serviceaccount
namespace: ingress-nginx ---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: nginx-ingress-clusterrole-nisa-binding
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: nginx-ingress-clusterrole
subjects:
- kind: ServiceAccount
name: nginx-ingress-serviceaccount
namespace: ingress-nginx --- apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: nginx-ingress-controller
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
spec:
selector:
matchLabels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
template:
metadata:
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
annotations:
prometheus.io/port: ""
prometheus.io/scrape: "true"
spec:
hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet
nodeSelector:
nginx-ingress: "true"
tolerations:
- key: "node-role.kubernetes.io/master"
operator: "Exists"
effect: "NoSchedule"
serviceAccountName: nginx-ingress-serviceaccount
containers:
- name: nginx-ingress-controller
image: registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-ingress-controller:0.25.
args:
- /nginx-ingress-controller
- --configmap=$(POD_NAMESPACE)/nginx-configuration
- --tcp-services-configmap=$(POD_NAMESPACE)/tcp-services
- --udp-services-configmap=$(POD_NAMESPACE)/udp-services
- --publish-service=$(POD_NAMESPACE)/ingress-nginx
- --annotations-prefix=nginx.ingress.kubernetes.io
securityContext:
allowPrivilegeEscalation: true
capabilities:
drop:
- ALL
add:
- NET_BIND_SERVICE
# www-data ->
runAsUser:
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
ports:
- name: http
containerPort:
- name: https
containerPort:
livenessProbe:
failureThreshold:
httpGet:
path: /healthz
port:
scheme: HTTP
initialDelaySeconds:
periodSeconds:
successThreshold:
timeoutSeconds:
readinessProbe:
failureThreshold:
httpGet:
path: /healthz
port:
scheme: HTTP
periodSeconds:
successThreshold:
timeoutSeconds: ---
##########################################
修改参数:
、image修改为阿里云镜像registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-ingress-controller:0.25.
、kind修改为DaemonSet,apiVersion修改为extensions/v1beta1
、replicas: #删除此行,DaemonSet不需要此参数
、hostNetwork: true #添加该字段让docker使用物理机网络,在物理机暴露服务端口(),注意物理机80端口提前不能被占用
、dnsPolicy: ClusterFirstWithHostNet #使用hostNetwork后容器会使用物理机网络包括DNS,会无法解析内部service,使用此参数让容器使用K8S的DNS
、nginx-ingress: "true" #添加节点标签
、tolerations: 添加对指定节点污点容忍度 # 创建ingress-ingress的service
[root@test-k8s-master01 ~]# cat svc-ingress-nginx.yaml
##########################################
kind: Service
apiVersion: v1
metadata:
name: ingress-nginx
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
spec:
selector:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
ports:
- name: http
port:
targetPort: http
- name: https
port:
targetPort: https
##########################################
kubectl apply -f svc-ingress-nginx.yaml # 节点打上标签、污点
# 查看标签
kubectl get node --show-labels
# 打标签
kubectl label nodes test-k8s-master01 nginx-ingress=true
# 删除标签
kubectl label nodes test-k8s-master01 nginx-ingress-
# 查看污点
kubectl describe node test-k8s-master01
# 打污点
kubectl taint nodes test-k8s-master01 nginx-ingress=true:NoSchedule
# 删除污点
kubectl taint nodes test-k8s-master01 nginx-ingress:NoSchedule- # 创建资源
kubectl apply -f mandatory.yaml
kubectl get pod -n ingress-nginx -o wide # helm方式部署
helm fetch stable/nginx-ingress
tar xf nginx-ingress-1.17..tgz
nginx-ingress 目录下面的values.yaml文件为默认参数值
# 自定义参数
[root@test-k8s-master01 nginx-ingress]# cat custom.yaml
######################################
controller:
replicaCount:
image:
repository: quay.io/kubernetes-ingress-controller/nginx-ingress-controller
hostNetwork: true
daemonset:
useHostPort: false
hostPorts:
http:
https:
service:
type: ClusterIP
tolerations:
- operator: "Exists"
nodeSelector:
nginx-ingress: "true" defaultBackend:
replicaCount:
image:
repository: gcr.azk8s.cn/google-containers/defaultbackend-amd64
tolerations:
- operator: "Exists"
nodeSelector:
nginx-ingress: "true"
######################################
helm install stable/nginx-ingress --namespace nginx-ingress --name nginx-ingress -f custom.yaml #其它参考:https://www.cnblogs.com/wenlin-gk/p/9627403.htmlhttps://www.cnblogs.com/crazymagic/p/11267303.htmlhttps://blog.csdn.net/bbwangj/article/details/82940419
ingress部署的更多相关文章
- Kubernetes Ingress 部署
Kubernetes Ingress 部署 Pod与Ingress的关系• 通过service相关联• 通过Ingress Controller实现Pod的负载均衡- 支持TCP/UDP 4层和HTT ...
- K8S从入门到放弃系列-(15)Kubernetes集群Ingress部署
Ingress是kubernetes集群对外提供服务的一种方式.ingress部署相对比较简单,官方把相关资源配置文件,都已经集合到一个yml文件中(mandatory.yaml),镜像地址也修改为q ...
- k8s Ingress 理解和部署
目录 前言 Ingress 与 ingress-controller Ingress 部署 1.部署 ingress-controller 2.部署测试 web 服务 3.部署 Ingress 4.检 ...
- 【转帖】kubernetes 部署ingress
kubernetes 部署ingress https://www.cnblogs.com/dingbin/p/9754993.html 明天尝试一下 之前的文档里面一直没有提 需要改host文件 我有 ...
- kubernetes 部署ingress
kubernetes Ingess 是有2部分组成,Ingress Controller 和Ingress服务组成,常用的Ingress Controller 是ingress-nginx,工作的原理 ...
- Nginx Ingress on TKE 部署最佳实践
概述 开源的 Ingress Controller 的实现使用量最大的莫过于 Nginx Ingress 了,功能强大且性能极高.Nginx Ingress 有多种部署方式,本文将介绍 Nginx I ...
- kubernetes-dashboard(1.8.3)部署与踩坑
Kubernetes Dashboard 是一个管理Kubernetes集群的全功能Web界面,旨在以UI的方式完全替代命令行工具(kubectl 等). 目录 部署 创建用户 集成Heapster ...
- 二进制部署Kubernetes-v1.14.1集群
一.部署Kubernetes集群 1.1 Kubernetes介绍 Kubernetes(K8S)是Google开源的容器集群管理系统,K8S在Docker容器技术的基础之上,大大地提高了容器化部署应 ...
- 生产环境:ansible自动化部署kubernetes-1.14
概述: 本文提供ansible-playbooks用来帮助读者用ansible构建二进制kubernetes1.14, 集群包含calico.nginx-ingress.HA 提供资源有kuberne ...
随机推荐
- Python全栈开发之4、迭代器、生成器、装饰器
一.迭代器 1.为何要有迭代器? 对于序列类型:字符串.列表.元组,我们可以使用索引的方式迭代取出其包含的元素.但对于字典.集合.文件等类型是没有索引的,若还想取出其内部包含的元素,则必须找出一种不依 ...
- PAT B1023 组个最小数(20)
题目描述 给定数字 0-9 各若干个.你可以以任意顺序排列这些数字,但必须全部使用.目标是使得最后得到的数尽可能小(注意 0 不能做首位).例如:给定两个 0,两个 1,三个 5,一个 8,我们得到的 ...
- VC++ 窗口透明化及透明窗口上绘画、截图、轨迹
源文件:https://files.cnblogs.com/files/MrFengD/Temp.rar
- DRF url控制 解析器 响应器 版本控制 分页(常规分页,偏移分页,cursor游标分页)
url控制 第二种写法(只要继承了ViewSetMixin) url(r'^pub/$',views.Pub.as_view({'get':'list','post':'create'})), #获取 ...
- django F与Q查询 事务 only与defer
F与Q 查询 class Product(models.Model): name = models.CharField(max_length=32) #都是类实例化出来的对象 price = mode ...
- Unknown custom element: <swiper>
刚开始使用VUE,一直提示这个,后来才发现是注册组件时注册反了:先新建VUE实例再注册组件是问题根源,调转一下顺序即可解决
- MySql 中锁的定义
行级锁,一般是指排它锁,即被锁定行不可进行修改,删除,只可以被其他会话select.行级锁之前需要先加表结构共享锁. 表级锁,一般是指表结构共享锁锁,是不可对该表执行DDL操作,但对DML操作都不限制 ...
- IDEA将项目打包为指定class文件的jar
转自:https://blog.csdn.net/makang456/article/details/86699375 [背景] 公司最近要和某大公司合作,将本公司的产品提供给其它公司单独部署 ...
- Make It One CodeForces - 1043F (数论,最短路,好题)
大意: 给定序列$a$, 求最小子集, 使得gcd为1. 对于数$x$, 素因子多少次幂是无关紧要的, 这样就可以用一个二进制数来表示. $x$取$gcd$后的二进制状态最多$2^7$, 可以暴力枚举 ...
- js对象的 两种访问方式
来对象访问属性有两种方式.有一个对象Obj = {"Name":"Langshen","AGE":"28"} 用点访问, ...