ingress部署
# 手动部署
# 部署ingress-nginx 官方地址:https://github.com/kubernetes/ingress-nginx
# 参考链接:https://www.jianshu.com/p/c726ed03562a
wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/mandatory.yaml
# 修改mandatory.yaml
##########################################
apiVersion: v1
kind: Namespace
metadata:
name: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx --- kind: ConfigMap
apiVersion: v1
metadata:
name: nginx-configuration
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx ---
kind: ConfigMap
apiVersion: v1
metadata:
name: tcp-services
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx ---
kind: ConfigMap
apiVersion: v1
metadata:
name: udp-services
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx ---
apiVersion: v1
kind: ServiceAccount
metadata:
name: nginx-ingress-serviceaccount
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx ---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
name: nginx-ingress-clusterrole
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
rules:
- apiGroups:
- ""
resources:
- configmaps
- endpoints
- nodes
- pods
- secrets
verbs:
- list
- watch
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- apiGroups:
- ""
resources:
- services
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
- apiGroups:
- "extensions"
- "networking.k8s.io"
resources:
- ingresses
verbs:
- get
- list
- watch
- apiGroups:
- "extensions"
- "networking.k8s.io"
resources:
- ingresses/status
verbs:
- update ---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: Role
metadata:
name: nginx-ingress-role
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
rules:
- apiGroups:
- ""
resources:
- configmaps
- pods
- secrets
- namespaces
verbs:
- get
- apiGroups:
- ""
resources:
- configmaps
resourceNames:
# Defaults to "<election-id>-<ingress-class>"
# Here: "<ingress-controller-leader>-<nginx>"
# This has to be adapted if you change either parameter
# when launching the nginx-ingress-controller.
- "ingress-controller-leader-nginx"
verbs:
- get
- update
- apiGroups:
- ""
resources:
- configmaps
verbs:
- create
- apiGroups:
- ""
resources:
- endpoints
verbs:
- get ---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: RoleBinding
metadata:
name: nginx-ingress-role-nisa-binding
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: nginx-ingress-role
subjects:
- kind: ServiceAccount
name: nginx-ingress-serviceaccount
namespace: ingress-nginx ---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: nginx-ingress-clusterrole-nisa-binding
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: nginx-ingress-clusterrole
subjects:
- kind: ServiceAccount
name: nginx-ingress-serviceaccount
namespace: ingress-nginx --- apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: nginx-ingress-controller
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
spec:
selector:
matchLabels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
template:
metadata:
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
annotations:
prometheus.io/port: ""
prometheus.io/scrape: "true"
spec:
hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet
nodeSelector:
nginx-ingress: "true"
tolerations:
- key: "node-role.kubernetes.io/master"
operator: "Exists"
effect: "NoSchedule"
serviceAccountName: nginx-ingress-serviceaccount
containers:
- name: nginx-ingress-controller
image: registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-ingress-controller:0.25.
args:
- /nginx-ingress-controller
- --configmap=$(POD_NAMESPACE)/nginx-configuration
- --tcp-services-configmap=$(POD_NAMESPACE)/tcp-services
- --udp-services-configmap=$(POD_NAMESPACE)/udp-services
- --publish-service=$(POD_NAMESPACE)/ingress-nginx
- --annotations-prefix=nginx.ingress.kubernetes.io
securityContext:
allowPrivilegeEscalation: true
capabilities:
drop:
- ALL
add:
- NET_BIND_SERVICE
# www-data ->
runAsUser:
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
ports:
- name: http
containerPort:
- name: https
containerPort:
livenessProbe:
failureThreshold:
httpGet:
path: /healthz
port:
scheme: HTTP
initialDelaySeconds:
periodSeconds:
successThreshold:
timeoutSeconds:
readinessProbe:
failureThreshold:
httpGet:
path: /healthz
port:
scheme: HTTP
periodSeconds:
successThreshold:
timeoutSeconds: ---
##########################################
修改参数:
、image修改为阿里云镜像registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-ingress-controller:0.25.
、kind修改为DaemonSet,apiVersion修改为extensions/v1beta1
、replicas: #删除此行,DaemonSet不需要此参数
、hostNetwork: true #添加该字段让docker使用物理机网络,在物理机暴露服务端口(),注意物理机80端口提前不能被占用
、dnsPolicy: ClusterFirstWithHostNet #使用hostNetwork后容器会使用物理机网络包括DNS,会无法解析内部service,使用此参数让容器使用K8S的DNS
、nginx-ingress: "true" #添加节点标签
、tolerations: 添加对指定节点污点容忍度 # 创建ingress-ingress的service
[root@test-k8s-master01 ~]# cat svc-ingress-nginx.yaml
##########################################
kind: Service
apiVersion: v1
metadata:
name: ingress-nginx
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
spec:
selector:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
ports:
- name: http
port:
targetPort: http
- name: https
port:
targetPort: https
##########################################
kubectl apply -f svc-ingress-nginx.yaml # 节点打上标签、污点
# 查看标签
kubectl get node --show-labels
# 打标签
kubectl label nodes test-k8s-master01 nginx-ingress=true
# 删除标签
kubectl label nodes test-k8s-master01 nginx-ingress-
# 查看污点
kubectl describe node test-k8s-master01
# 打污点
kubectl taint nodes test-k8s-master01 nginx-ingress=true:NoSchedule
# 删除污点
kubectl taint nodes test-k8s-master01 nginx-ingress:NoSchedule- # 创建资源
kubectl apply -f mandatory.yaml
kubectl get pod -n ingress-nginx -o wide # helm方式部署
helm fetch stable/nginx-ingress
tar xf nginx-ingress-1.17..tgz
nginx-ingress 目录下面的values.yaml文件为默认参数值
# 自定义参数
[root@test-k8s-master01 nginx-ingress]# cat custom.yaml
######################################
controller:
replicaCount:
image:
repository: quay.io/kubernetes-ingress-controller/nginx-ingress-controller
hostNetwork: true
daemonset:
useHostPort: false
hostPorts:
http:
https:
service:
type: ClusterIP
tolerations:
- operator: "Exists"
nodeSelector:
nginx-ingress: "true" defaultBackend:
replicaCount:
image:
repository: gcr.azk8s.cn/google-containers/defaultbackend-amd64
tolerations:
- operator: "Exists"
nodeSelector:
nginx-ingress: "true"
######################################
helm install stable/nginx-ingress --namespace nginx-ingress --name nginx-ingress -f custom.yaml #其它参考:https://www.cnblogs.com/wenlin-gk/p/9627403.htmlhttps://www.cnblogs.com/crazymagic/p/11267303.htmlhttps://blog.csdn.net/bbwangj/article/details/82940419
ingress部署的更多相关文章
- Kubernetes Ingress 部署
Kubernetes Ingress 部署 Pod与Ingress的关系• 通过service相关联• 通过Ingress Controller实现Pod的负载均衡- 支持TCP/UDP 4层和HTT ...
- K8S从入门到放弃系列-(15)Kubernetes集群Ingress部署
Ingress是kubernetes集群对外提供服务的一种方式.ingress部署相对比较简单,官方把相关资源配置文件,都已经集合到一个yml文件中(mandatory.yaml),镜像地址也修改为q ...
- k8s Ingress 理解和部署
目录 前言 Ingress 与 ingress-controller Ingress 部署 1.部署 ingress-controller 2.部署测试 web 服务 3.部署 Ingress 4.检 ...
- 【转帖】kubernetes 部署ingress
kubernetes 部署ingress https://www.cnblogs.com/dingbin/p/9754993.html 明天尝试一下 之前的文档里面一直没有提 需要改host文件 我有 ...
- kubernetes 部署ingress
kubernetes Ingess 是有2部分组成,Ingress Controller 和Ingress服务组成,常用的Ingress Controller 是ingress-nginx,工作的原理 ...
- Nginx Ingress on TKE 部署最佳实践
概述 开源的 Ingress Controller 的实现使用量最大的莫过于 Nginx Ingress 了,功能强大且性能极高.Nginx Ingress 有多种部署方式,本文将介绍 Nginx I ...
- kubernetes-dashboard(1.8.3)部署与踩坑
Kubernetes Dashboard 是一个管理Kubernetes集群的全功能Web界面,旨在以UI的方式完全替代命令行工具(kubectl 等). 目录 部署 创建用户 集成Heapster ...
- 二进制部署Kubernetes-v1.14.1集群
一.部署Kubernetes集群 1.1 Kubernetes介绍 Kubernetes(K8S)是Google开源的容器集群管理系统,K8S在Docker容器技术的基础之上,大大地提高了容器化部署应 ...
- 生产环境:ansible自动化部署kubernetes-1.14
概述: 本文提供ansible-playbooks用来帮助读者用ansible构建二进制kubernetes1.14, 集群包含calico.nginx-ingress.HA 提供资源有kuberne ...
随机推荐
- linux内核开源代码地址下载
https://www.kernel.org/pub/linux/kernel/v2.6/
- DOS ftp
C:\>ftp /? 将文件传送到运行 FTP 服务器服务(经常称为后台程序)的计算机以及将文件从该计算机传出.可以交互使用 Ftp. FTP [-v] [-d] [-i] [-n] [-g] ...
- 大数据备忘录———将数据从oracle导入impala中
上周遇到了将数据从oracle导入到impala的问题,这个项目耽误了我近一周的时间,虽然是种种原因导致的,但是还是做个总结. 需求首先是跑数据,跑数据这个就不叙述,用的是公司的平台. 讲讲耽误我最久 ...
- django 模块查询
# 查询轮播图slider_list = Slider.objects.filter(type = constants.SLIDER_TYPE_INDEX) # 查询新闻now_time = date ...
- 异或运算符(^)、与运算符(&)、或运算符(|)、反运算符(~)、右移运算符(>>)、无符号右移运算符(>>>)
目录 异或(^).异或和 的性质及应用总结 异或的含义 异或的性质:满足交换律和结合律 异或的应用 按位 与运算符(&) 按位 或运算符(|) 取 反运算符(~) 右移运算符(>> ...
- Python验证数据的抽样分布类型
假如要对一份统计数据进行分析,一般其来源来自于社会调研/普查,所以数据不是总体而是一定程度的抽样.对于抽样数据的分析,就可以结合上篇统计量及其抽样分布的内容,判断数据符合哪种分布.使用已知分布特性,可 ...
- C语言无法使用引用,一定要使用怎么办? ------指针的指针做参数
#include <stdio.h> #include <stdlib.h> #include <string.h> void fun1(char** s); vo ...
- 如何使用koa搭建一个简单服务
1.首先检测是否已经有node环境? 把Windows的黑窗体的命令行工具调用出来 敲击命令行node -v , 然后,就可以看到这个打印出了一个版本号,这就证明我们的node.js已经是安装 ...
- mongodb启用auth,使用密码登录
更新操作: db.users.update({'currentVersion':3},{$set:{'currentVersion':5}}) 首先安装下载(略过) mongod 启动服务,有多重启动 ...
- Ubuntu 16.04 装机后如何永久更改ulimit和修改MySQL的存储路径datadir
Ubuntu 16.04 装机后的配置要点: 1. 网络的配置 2. 更改源列表 3. 永久更改ulimit ulimit限制着程序打开文件的数目,默认情况下为1024,作为服务器使用时,这个数字往往 ...