前面配置了servcie的nodepoint和clusterIP附在均衡

一 headless service配置

1.1 默认下的DNS配置

[root@docker-server1 deployment]# kubectl get  svc

  1. NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
  2. kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 2d18h
  3. mysql-svc ClusterIP 10.96.240.104 <none> 3306/TCP 2d7h
  4. wordpress NodePort 10.96.72.115 <none> 80:32080/TCP 2d7h

headless service也属于clusterIP模式,不过设置为none

[root@docker-server1 deployment]# cd ../svcs/

[root@docker-server1 svcs]# vi nginx-svc.yaml

  1. apiVersion: v1
  2. kind: Service
  3. metadata:
  4. name: nginx-svc
  5. spec:
  6. selector:
  7. name: hello-deployment
  8. type: ClusterIP
  9. ports:
  10. - port: 80
  11. targetPort: 80

[root@docker-server1 svcs]# kubectl get deployment

  1. NAME READY UP-TO-DATE AVAILABLE AGE
  2. hello-deployment 3/3 3 3 6m12s
  3. mysql 1/1 1 1 2d7h
  4. wordpress 1/1 1 1 2d7h

[root@docker-server1 svcs]# kubectl get deployment hello-deployment -o yaml

  1. apiVersion: apps/v1
  2. kind: Deployment
  3. metadata:
  4. annotations:
  5. deployment.kubernetes.io/revision: "1"
  6. kubectl.kubernetes.io/last-applied-configuration: |
  7. {"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"hello-deployment","namespace":"default"},"spec":{"replicas":3,"selector":{"matchLabels":{"name":"hello-deployment"}},"strategy":{"rollingUpdate":{"maxSurge":"10%","maxUnavailable":0},"type":"RollingUpdate"},"template":{"metadata":{"labels":{"name":"hello-deployment"}},"spec":{"containers":[{"image":"nginx:1.14","name":"webserver","ports":[{"containerPort":80}]}]}}}}
  8. creationTimestamp: "2020-01-12T13:01:40Z"
  9. generation: 1
  10. name: hello-deployment
  11. namespace: default
  12. resourceVersion: "113947"
  13. selfLink: /apis/apps/v1/namespaces/default/deployments/hello-deployment
  14. uid: a65ecd15-4e40-4596-8bf1-414eb877bc98
  15. spec:
  16. progressDeadlineSeconds: 600
  17. replicas: 3
  18. revisionHistoryLimit: 10
  19. selector:
  20. matchLabels:
  21. name: hello-deployment
  22. strategy:
  23. rollingUpdate:
  24. maxSurge: 10%
  25. maxUnavailable: 0
  26. type: RollingUpdate
  27. template:
  28. metadata:
  29. creationTimestamp: null
  30. labels:
  31. name: hello-deployment
  32. spec:
  33. containers:
  34. - image: nginx:1.14
  35. imagePullPolicy: IfNotPresent
  36. name: webserver
  37. ports:
  38. - containerPort: 80
  39. protocol: TCP
  40. resources: {}
  41. terminationMessagePath: /dev/termination-log
  42. terminationMessagePolicy: File
  43. dnsPolicy: ClusterFirst
  44. restartPolicy: Always
  45. schedulerName: default-scheduler
  46. securityContext: {}
  47. terminationGracePeriodSeconds: 30
  48. status:
  49. availableReplicas: 3
  50. conditions:
  51. - lastTransitionTime: "2020-01-12T13:01:42Z"
  52. lastUpdateTime: "2020-01-12T13:01:42Z"
  53. message: Deployment has minimum availability.
  54. reason: MinimumReplicasAvailable
  55. status: "True"
  56. type: Available
  57. - lastTransitionTime: "2020-01-12T13:01:40Z"
  58. lastUpdateTime: "2020-01-12T13:01:42Z"
  59. message: ReplicaSet "hello-deployment-5fdb46d67c" has successfully progressed.
  60. reason: NewReplicaSetAvailable
  61. status: "True"
  62. type: Progressing
  63. observedGeneration: 1
  64. readyReplicas: 3
  65. replicas: 3
  66. updatedReplicas: 3

[root@docker-server1 svcs]# kubectl get pods

  1. NAME READY STATUS RESTARTS AGE
  2. goproxy 1/1 Running 1 2d10h
  3. hello-deployment-5fdb46d67c-dqnnh 1/1 Running 0 7m54s
  4. hello-deployment-5fdb46d67c-s68tf 1/1 Running 0 7m54s
  5. hello-deployment-5fdb46d67c-x5nwl 1/1 Running 0 7m54s
  6. init-demo 1/1 Running 1 2d9h
  7. mysql-5d4695cd5-x9j2z 1/1 Running 1 2d7h
  8. nginx 2/2 Running 8 2d13h
  9. nginx-volume 1/1 Running 1 2d10h
  10. wordpress-6cbb67575d-ztxxp 1/1 Running 1 2d7h

[root@docker-server1 svcs]# kubectl apply -f nginx-svc.yaml

[root@docker-server1 svcs]# kubectl get svc

  1. NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
  2. kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 2d18h
  3. mysql-svc ClusterIP 10.96.240.104 <none> 3306/TCP 2d7h
  4. nginx-svc ClusterIP 10.96.235.140 <none> 80/TCP 5s
  5. wordpress NodePort 10.96.72.115 <none> 80:32080/TCP 2d7h

[root@docker-server1 svcs]# curl http://10.96.235.140

  1. <!DOCTYPE html>
  2. <html>
  3. <head>
  4. <title>Welcome to nginx!</title>
  5. <style>
  6. body {
  7. width: 35em;
  8. margin: 0 auto;
  9. font-family: Tahoma, Verdana, Arial, sans-serif;
  10. }
  11. </style>
  12. </head>
  13. <body>
  14. <h1>Welcome to nginx!</h1>
  15. <p>If you see this page, the nginx web server is successfully installed and
  16. working. Further configuration is required.</p>
  17.  
  18. <p>For online documentation and support please refer to
  19. <a href="http://nginx.org/">nginx.org</a>.<br/>
  20. Commercial support is available at
  21. <a href="http://nginx.com/">nginx.com</a>.</p>
  22.  
  23. <p><em>Thank you for using nginx.</em></p>
  24. </body>
  25. </html>

1.2 查看详细信息

[root@docker-server1 ~]# kubectl describe svc nginx-svc  

  1. Name: nginx-svc
  2. Namespace: default
  3. Labels: <none>
  4. Annotations: kubectl.kubernetes.io/last-applied-configuration:
  5. {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"nginx-svc","namespace":"default"},"spec":{"ports":[{"port":80,"ta...
  6. Selector: name=hello-deployment
  7. Type: ClusterIP
  8. IP: 10.96.235.140
  9. Port: <unset> 80/TCP
  10. TargetPort: 80/TCP
  11. Endpoints: 10.244.1.24:80,10.244.1.25:80,10.244.2.15:80
  12. Session Affinity: None
  13. Events: <none>

1.3 域的默认配置项

在/root/kubeadm-config.yaml 有这两个配置项

  1. dns:
  2. type: CoreDNS
  3. etcd:
  4. local:
  5. dataDir: /var/lib/etcd
  6. imageRepository: k8s.gcr.io
  7. kind: ClusterConfiguration
  8. kubernetesVersion: v1.17.0
  9. networking:
  10. dnsDomain: cluster.local #默认的域名后缀
  11. serviceSubnet: 10.96.0.0/12
  12. podSubnet: 10.244.0.0/16

会配置两个coredns服务

[root@docker-server1 svcs]# kubectl get pods -n kube-system

  1. NAME READY STATUS RESTARTS AGE
  2. coredns-6955765f44-8kxdg 1/1 Running 1 2d18h
  3. coredns-6955765f44-m66bw 1/1 Running 1 2d18h
  4. etcd-192.168.132.131 1/1 Running 1 2d9h
  5. kube-apiserver-192.168.132.131 1/1 Running 2 2d18h
  6. kube-controller-manager-192.168.132.131 1/1 Running 4 2d18h
  7. kube-flannel-ds-amd64-dbckr 1/1 Running 1 2d18h
  8. kube-flannel-ds-amd64-fg972 1/1 Running 1 2d18h
  9. kube-flannel-ds-amd64-m9lgq 1/1 Running 1 2d18h
  10. kube-proxy-7xgt9 1/1 Running 1 2d18h
  11. kube-proxy-k8kb7 1/1 Running 1 2d18h
  12. kube-proxy-q867d 1/1 Running 1 2d18h
  13. kube-scheduler-192.168.132.131 1/1 Running 4 2d18h

[root@docker-server1 svcs]# kubectl get svc -n kube-system

  1. NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
  2. kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP,9153/TCP 2d18h

1.4 进入容器查看dns

[root@docker-server1 svcs]# kubectl exec -it hello-deployment-5fdb46d67c-dqnnh /bin/bash

  1. [root@docker-server1 svcs]# kubectl exec -it hello-deployment-5fdb46d67c-dqnnh /bin/bash
  2. root@hello-deployment-5fdb46d67c-dqnnh:/# cat /etc/resolv.conf
  3. nameserver 10.96.0.10
  4. search default.svc.cluster.local svc.cluster.local cluster.local
  5. options ndots:5

coredns会默认创建一个域名解析

1.5 创建一个busybox pod测试

[root@docker-server1 ~]# cd /yamls/deployment/

[root@docker-server1 deployment]# vi busybox-deployment.yaml

  1. apiVersion: apps/v1
  2. kind: Deployment
  3. metadata:
  4. name: busybox
  5. namespace: default
  6. spec:
  7. replicas: 1
  8. selector:
  9. matchLabels:
  10. name: busybox
  11. strategy:
  12. type: RollingUpdate
  13. rollingUpdate:
  14. maxSurge: 10%
  15. maxUnavailable: 0
  16. template:
  17. metadata:
  18. labels:
  19. name: busybox
  20. spec:
  21. containers:
  22. - name: busybox
  23. image: busybox
  24. command:
  25. - /bin/sh
  26. - -c
  27. - "sleep 3600"

[root@docker-server1 deployment]# kubectl apply -f busybox-deployment.yaml

  1. deployment.apps/busybox created

[root@docker-server1 deployment]# kubectl get pods

  1. NAME READY STATUS RESTARTS AGE
  2. busybox-546555c84-2psbb 1/1 Running 0 13s
  3. goproxy 1/1 Running 1 2d11h
  4. hello-deployment-5fdb46d67c-dqnnh 1/1 Running 0 24m
  5. hello-deployment-5fdb46d67c-s68tf 1/1 Running 0 24m
  6. hello-deployment-5fdb46d67c-x5nwl 1/1 Running 0 24m
  7. init-demo 1/1 Running 1 2d10h
  8. mysql-5d4695cd5-x9j2z 1/1 Running 1 2d7h
  9. nginx 2/2 Running 8 2d13h
  10. nginx-volume 1/1 Running 1 2d10h
  11. wordpress-6cbb67575d-ztxxp 1/1 Running 1 2d7h

[root@docker-server1 deployment]# kubectl exec -it busybox-546555c84-2psbb /bin/sh

/ # cat /etc/resolv.conf

  1. nameserver 10.96.0.10
  2. search default.svc.cluster.local svc.cluster.local cluster.local
  3. options ndots:5

/ # nslookup  nginx-svc.default.svc.cluster.local

  1. Server: 10.96.0.10
  2. Address: 10.96.0.10:53
  3.  
  4. Name: nginx-svc.default.svc.cluster.local
  5. Address: 10.96.235.140

/ # ping nginx-svc.default.svc.cluster.local

  1. PING nginx-svc.default.svc.cluster.local (10.96.235.140): 56 data bytes

[root@docker-server1 deployment]# kubectl get svc

  1. NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
  2. kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 2d19h
  3. mysql-svc ClusterIP 10.96.240.104 <none> 3306/TCP 2d7h
  4. nginx-svc ClusterIP 10.96.235.140 <none> 80/TCP 22m
  5. wordpress NodePort 10.96.72.115 <none> 80:32080/TCP 2d7h

1.6 Headles service设置

Headles service不适用clusterip,他直接解析到关联的POD

[root@docker-server1 svcs]# kubectl delete -f nginx-svc.yaml

[root@docker-server1 svcs]# vi nginx-svc.yaml

  1. apiVersion: v1
  2. kind: Service
  3. metadata:
  4. name: nginx-svc
  5. spec:
  6. selector:
  7. name: hello-deployment
  8. type: ClusterIP
  9. clusterIP: None
  10. ports:
  11. - port: 80
  12. targetPort: 80

[root@docker-server1 svcs]# kubectl apply -f nginx-svc.yaml

[root@docker-server1 svcs]# kubectl get svc

  1. NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
  2. kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 2d19h
  3. mysql-svc ClusterIP 10.96.240.104 <none> 3306/TCP 2d8h
  4. nginx-svc ClusterIP None <none> 80/TCP 10s
  5. wordpress NodePort 10.96.72.115 <none> 80:32080/TCP 2d7h

[root@docker-server1 deployment]# kubectl exec -it busybox-546555c84-2psbb /bin/sh

/ # ping   nginx-svc.default.svc.cluster.local

  1. PING nginx-svc.default.svc.cluster.local (10.244.1.24): 56 data bytes
  2. PING nginx-svc.default.svc.cluster.local (10.244.1.25): 56 data bytes
  3. PING nginx-svc.default.svc.cluster.local (10.244.2.15): 56 data bytes

轮询解析到pod中

[root@docker-server1 svcs]# kubectl get pods -o wide |grep hello

  1. hello-deployment-5fdb46d67c-dqnnh 1/1 Running 0 45m 10.244.1.25 192.168.132.132 <none> <none>
  2. hello-deployment-5fdb46d67c-s68tf 1/1 Running 0 45m 10.244.2.15 192.168.132.133 <none> <none>
  3. hello-deployment-5fdb46d67c-x5nwl 1/1 Running 0 45m 10.244.1.24 192.168.132.132 <none> <none>

1.7 缺点

当外部访问使用映射的方式进行暴露端口进行访问时,业务比较多时,暴露大量的端口映射,同时效率不高

[root@docker-server1 svcs]# netstat -ntlp

  1. Active Internet connections (only servers)
  2. Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
  3. tcp 0 0 127.0.0.1:10248 0.0.0.0:* LISTEN 967/kubelet
  4. tcp 0 0 127.0.0.1:10249 0.0.0.0:* LISTEN 8386/kube-proxy
  5. tcp 0 0 192.168.132.131:2379 0.0.0.0:* LISTEN 4581/etcd
  6. tcp 0 0 127.0.0.1:2379 0.0.0.0:* LISTEN 4581/etcd
  7. tcp 0 0 192.168.132.131:2380 0.0.0.0:* LISTEN 4581/etcd
  8. tcp 0 0 127.0.0.1:2381 0.0.0.0:* LISTEN 4581/etcd
  9. tcp 0 0 127.0.0.1:10257 0.0.0.0:* LISTEN 4467/kube-controlle
  10. tcp 0 0 127.0.0.1:40081 0.0.0.0:* LISTEN 967/kubelet
  11. tcp 0 0 127.0.0.1:10259 0.0.0.0:* LISTEN 4509/kube-scheduler
  12. tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1228/sshd
  13. tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1602/master
  14. tcp6 0 0 :::32443 :::* LISTEN 8386/kube-proxy
  15. tcp6 0 0 :::10250 :::* LISTEN 967/kubelet
  16. tcp6 0 0 :::10251 :::* LISTEN 4509/kube-scheduler
  17. tcp6 0 0 :::6443 :::* LISTEN 4493/kube-apiserver
  18. tcp6 0 0 :::10252 :::* LISTEN 4467/kube-controlle
  19. tcp6 0 0 :::32080 :::* LISTEN 8386/kube-proxy
  20. tcp6 0 0 :::10256 :::* LISTEN 8386/kube-proxy
  21. tcp6 0 0 :::22 :::* LISTEN 1228/sshd
  22. tcp6 0 0 ::1:25 :::* LISTEN 1602/master

二 ingress的配置使用

2.1 介绍

使用ingress暴露端口

[root@docker-server1 svcs]# kubectl get deploy

  1. NAME READY UP-TO-DATE AVAILABLE AGE
  2. busybox 1/1 1 1 34m
  3. hello-deployment 3/3 3 3 58m
  4. mysql 1/1 1 1 2d8h
  5. wordpress 1/1 2 2 2d8h

[root@docker-server1 svcs]# kubectl edit deploy wordpress

[root@docker-server1 svcs]# kubectl get pods

  1. NAME READY STATUS RESTARTS AGE
  2. busybox-546555c84-2psbb 1/1 Running 0 34m
  3. goproxy 1/1 Running 1 2d11h
  4. hello-deployment-5fdb46d67c-dqnnh 1/1 Running 0 58m
  5. hello-deployment-5fdb46d67c-s68tf 1/1 Running 0 58m
  6. hello-deployment-5fdb46d67c-x5nwl 1/1 Running 0 58m
  7. init-demo 1/1 Running 1 2d10h
  8. mysql-5d4695cd5-x9j2z 1/1 Running 1 2d8h
  9. nginx 2/2 Running 9 2d13h
  10. nginx-volume 1/1 Running 1 2d11h
  11. wordpress-6cbb67575d-bxdsk 1/1 Running 0 10s
  12. wordpress-6cbb67575d-ztxxp 1/1 Running 1 2d8h

[root@docker-server1 svcs]# kubectl get deploy

  1. NAME READY UP-TO-DATE AVAILABLE AGE
  2. busybox 1/1 1 1 34m
  3. hello-deployment 3/3 3 3 58m
  4. mysql 1/1 1 1 2d8h
  5. wordpress 2/2 2 2 2d8h

使用ingress暴露端口

Kubernetes暴露服务的方式目前有三种:

  • LoadBlancer Service
  • NodePort Service
  • Ingress

虽然通过NodePort Service和LoadBlancer Service可以将集群内服务对外暴露。但事实上,各自又存在各自的问题:

  • LoadBalancer Service 通常用于与公有云厂商对接,当然也可以自行实现其接口以完成与企业自建的负载均衡器对接。事实上LoadBanlacer Service的工作机制就是调用外部的负载均衡器以实现服务暴露,这依托于外部的负载均衡器。

  • NodePort Service 它的实现机制其实就是在每个node节点上都开启一个端口,并通过iptables的dnat方式将这个宿主机端口映射至集群内部的service ip上。nodeport的问题是,当集群当中的服务越来越多的时候,在每个node上开启的端口也越来越多,最终我们要维护大量的端口映射关系,这使得业务管理工作变得非常复杂。

2.2 Ingress架构及原理

针对上述nodeport暴露服务的问题,其实可以有一个解决办法,即使用一个nginx/haproxy这样的负载均衡器,只监听在一个端口上,比如80或443,然后按照域名往后端转发。将这样的负载均衡器以pod的方式运行在集群中,并通过hostNetwork或者nodeport的方式只暴露负载均衡器监听的端口即可。

这里其实有一个问题,就是nginx/haproxy怎么知道什么域名应该转发至什么后端? 后端应用的pod如果发生变化,nginx/haproxy又应该如何感知到,并同步更新自己的配置文件然后重载配置?

而这就是ingress的作用。官方的ingress由三部分组成:

  • Ingress类型的资源:其实就是个规则文件,其定义流量的转发规则
  • Ingress Controller: 通过与kubernetes api交互,动态的去感知集群中ingress规则变化,然后读取它,再按照自己的模板生成一段nginx配置,再写到nginx pod里,最后reload一下nginx
  • Nginx:真正负责流量转发的负载均衡器

事实上,kubernetes已经将ingress Controller和nginx结合到一起,统称之ingress controller,所以在实际部署中,只需要部署ingress controller即可。

2.3 Nginx Ingress配置

官方托管代码位置:https://github.com/kubernetes/ingress-nginx

[root@docker-server1 svcs]# cd ../

[root@docker-server1 yamls]# mkdir ingress

[root@docker-server1 yamls]# cd ingress

[root@docker-server1 ingress]# wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/mandatory.yaml

[root@docker-server1 ingress]# mv mandatory.yaml  nginx-controller.yaml

添加一个hostNetwork,同时如果在国内,镜像可能需要使用代理

[root@docker-server1 ingress]# kubectl apply -f nginx-controller.yaml

  1. namespace/ingress-nginx created
  2. configmap/nginx-configuration created
  3. configmap/tcp-services created
  4. configmap/udp-services created
  5. serviceaccount/nginx-ingress-serviceaccount created
  6. clusterrole.rbac.authorization.k8s.io/nginx-ingress-clusterrole created
  7. role.rbac.authorization.k8s.io/nginx-ingress-role created
  8. rolebinding.rbac.authorization.k8s.io/nginx-ingress-role-nisa-binding created
  9. clusterrolebinding.rbac.authorization.k8s.io/nginx-ingress-clusterrole-nisa-binding created
  10. deployment.apps/nginx-ingress-controller created
  11. limitrange/ingress-nginx created

[root@docker-server1 ingress]# kubectl get ns

  1. NAME STATUS AGE
  2. default Active 2d20h
  3. ingress-nginx Active 35s
  4. kube-node-lease Active 2d20h
  5. kube-public Active 2d20h
  6. kube-system Active 2d20h
  7. kubernetes-dashboard Active 2d19h

[root@docker-server1 ingress]# kubectl get pods -n ingress-nginx

  1. NAME READY STATUS RESTARTS AGE
  2. nginx-ingress-controller-5c6985f9cc-wkngv 1/1 Running 0 65s

[root@docker-server1 ingress]# kubectl get pods -n ingress-nginx -o wide

  1. NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
  2. nginx-ingress-controller-5c6985f9cc-wkngv 1/1 Running 0 99s 192.168.132.132 192.168.132.132 <none> <none>

2.3 配置一个ingress的描述文件

[root@docker-server1 ingress]# vim nginx-ingress.yaml

  1. apiVersion: extensions/v1beta1
  2. kind: Ingress
  3. metadata:
  4. name: hello-ingress
  5. spec:
  6. rules:
  7. - host: hello.example.com
  8. http:
  9. paths:
  10. - path: /
  11. backend:
  12. serviceName: nginx-svc
  13. servicePort: 80

[root@docker-server1 ingress]# kubectl apply -f nginx-ingress.yaml

[root@docker-server1 ingress]# kubectl get ingress

  1. NAME HOSTS ADDRESS PORTS AGE
  2. hello-ingress hello.example.com 80 6s

[root@docker-server1 ingress]# kubectl get ingress -o yaml

  1. apiVersion: v1
  2. items:
  3. - apiVersion: extensions/v1beta1
  4. kind: Ingress
  5. metadata:
  6. annotations:
  7. kubectl.kubernetes.io/last-applied-configuration: |
  8. {"apiVersion":"extensions/v1beta1","kind":"Ingress","metadata":{"annotations":{},"name":"hello-ingress","namespace":"default"},"spec":{"rules":[{"host":"hello.example.com","http":{"paths":[{"backend":{"serviceName":"nginx-svc","servicePort":80},"path":"/"}]}}]}}
  9. creationTimestamp: "2020-01-12T14:27:19Z"
  10. generation: 1
  11. name: hello-ingress
  12. namespace: default
  13. resourceVersion: "126400"
  14. selfLink: /apis/extensions/v1beta1/namespaces/default/ingresses/hello-ingress
  15. uid: ea3585f5-dc5d-4df0-91c9-b8422bf4f27e
  16. spec:
  17. rules:
  18. - host: hello.example.com
  19. http:
  20. paths:
  21. - backend:
  22. serviceName: nginx-svc
  23. servicePort: 80
  24. path: /
  25. status:
  26. loadBalancer: {}
  27. kind: List
  28. metadata:
  29. resourceVersion: ""
  30. selfLink: ""

[root@docker-server1 ingress]# kubectl describe ingress hello-ingress

  1. Name: hello-ingress
  2. Namespace: default
  3. Address:
  4. Default backend: default-http-backend:80 (<none>)
  5. Rules:
  6. Host Path Backends
  7. ---- ---- --------
  8. hello.example.com
  9. / nginx-svc:80 (10.244.1.24:80,10.244.1.25:80,10.244.2.15:80)
  10. Annotations:
  11. kubectl.kubernetes.io/last-applied-configuration: {"apiVersion":"extensions/v1beta1","kind":"Ingress","metadata":{"annotations":{},"name":"hello-ingress","namespace":"default"},"spec":{"rules":[{"host":"hello.example.com","http":{"paths":[{"backend":{"serviceName":"nginx-svc","servicePort":80},"path":"/"}]}}]}}
  12.  
  13. Events:
  14. Type Reason Age From Message
  15. ---- ------ ---- ---- -------
  16. Normal CREATE 67s nginx-ingress-controller Ingress default/hello-ingress

[root@docker-server1 ingress]# kubectl get pods -n ingress-nginx

  1. NAME READY STATUS RESTARTS AGE
  2. nginx-ingress-controller-5c6985f9cc-wkngv 1/1 Running 0 9m37s

2.4 进入容器查看

[root@docker-server1 ingress]# kubectl exec -it nginx-ingress-controller-5c6985f9cc-wkngv -n ingress-nginx /bin/bash

  1. bash-5.0$ pwd
  2. /etc/nginx

bash-5.0$ cat nginx.conf

[root@docker-server1 ingress]# kubectl get pods -n ingress-nginx -o wide

  1. NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
  2. nginx-ingress-controller-5c6985f9cc-wkngv 1/1 Running 0 99s 192.168.132.132 192.168.132.132 <none> <none>

解析到192.168.132.132,修改本机hosts

2.5 访问nginx

访问 http://hello.example.com/

2.6 使用ingress访问wordpress

[root@docker-server1 ingress]# vi wordpress-ingress.yaml

  1. apiVersion: extensions/v1beta1
  2. kind: Ingress
  3. metadata:
  4. name: hello-world
  5. spec:
  6. rules:
  7. - host: blog.example.com
  8. http:
  9. paths:
  10. - path: /
  11. backend:
  12. serviceName: wordpress
  13. servicePort: 80

[root@docker-server1 ingress]# kubectl apply -f wordpress-ingress.yaml

[root@docker-server1 ingress]# kubectl get ingress

  1. NAME HOSTS ADDRESS PORTS AGE
  2. hello-ingress hello.example.com 80 23m
  3. hello-world blog.example.com 80 49s

写入hosts文件解析并访问blog.example.com

但是转到32080

2.7 修复跳转问题

使用ingress时,不使用端口映射

  1. # Please edit the object below. Lines beginning with a '#' will be ignored,
  2. # and an empty file will abort the edit. If an error occurs while saving this file will be
  3. # reopened with the relevant failures.
  4. #
  5. apiVersion: v1
  6. kind: Service
  7. metadata:
  8. annotations:
  9. kubectl.kubernetes.io/last-applied-configuration: |
  10. {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"wordpress","namespace":"default"},"spec":{"ports":[{"nodePort":32080,"port":80,"targetPort":80}],"selector":{"app":"wordpress"},"type":"NodePort"}}
  11. creationTimestamp: "2020-01-10T05:56:02Z"
  12. name: wordpress
  13. namespace: default
  14. resourceVersion: "101304"
  15. selfLink: /api/v1/namespaces/default/services/wordpress
  16. uid: 7d1c6de8-3d53-4235-9bd3-bb6e755aed2c
  17. spec:
  18. clusterIP: 10.96.72.115
  19. externalTrafficPolicy: Cluster
  20. ports:
  21. - nodePort: 32080
  22. port: 80
  23. protocol: TCP
  24. targetPort: 80
  25. selector:
  26. app: wordpress
  27. sessionAffinity: None
  28. type: NodePort
  29. status:
  30. loadBalancer: {}

修改为

[root@docker-server1 ingress]# kubectl get svc

  1. NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
  2. kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 2d20h
  3. mysql-svc ClusterIP 10.96.240.104 <none> 3306/TCP 2d9h
  4. nginx-svc ClusterIP None <none> 80/TCP 75m
  5. wordpress ClusterIP 10.96.72.115 <none> 80/TCP 2d9h

[root@docker-server1 ingress]# curl -I -H "Host:blog.example.com"  http://192.168.132.132

  1. HTTP/1.1 301 Moved Permanently
  2. Server: nginx/1.17.7
  3. Date: Sun, 12 Jan 2020 15:01:35 GMT
  4. Content-Type: text/html; charset=UTF-8
  5. Connection: keep-alive
  6. X-Powered-By: PHP/7.2.26
  7. X-Redirect-By: WordPress
  8. Location: http://blog.example.com:32080/

依然发生转发,是因为在wordpress初始化的时候,把访问http://IP:32080写进数据库

重新安装一次

[root@docker-server1 ingress]# kubectl delete -f /yamls/deployment/mysql-deployment.yaml

[root@docker-server1 ingress]# kubectl delete -f /yamls/deployment/wordpress-deployment.yaml

[root@docker-server1 ingress]# kubectl delete -f /yamls/svcs/wordpress-svc.yaml

[root@docker-server1 ingress]# vi /yamls/svcs/wordpress-svc.yaml

  1. apiVersion: v1
  2. kind: Service
  3. metadata:
  4. name: wordpress
  5. spec:
  6. selector:
  7. app: wordpress
  8. type: ClusterIP
  9. ports:
  10. - port: 80
  11. targetPort: 80

[root@docker-server1 ingress]# kubectl delete -f /yamls/svcs/mysql-svc.yaml

[root@docker-server1 ingress]# kubectl apply -f /yamls/deployment/mysql-deployment.yaml

[root@docker-server1 ingress]# kubectl apply -f /yamls/svcs/mysql-svc.yaml

[root@docker-server1 ingress]# kubectl apply -f /yamls/deployment/wordpress-deployment.yaml

[root@docker-server1 ingress]# kubectl apply -f /yamls/svcs/wordpress-svc.yaml

[root@docker-server1 ingress]# kubectl get pods

  1. NAME READY STATUS RESTARTS AGE
  2. busybox-546555c84-2psbb 1/1 Running 1 113m
  3. goproxy 1/1 Running 1 2d13h
  4. hello-deployment-5fdb46d67c-dqnnh 1/1 Running 0 136m
  5. hello-deployment-5fdb46d67c-s68tf 1/1 Running 0 136m
  6. hello-deployment-5fdb46d67c-x5nwl 1/1 Running 0 136m
  7. init-demo 1/1 Running 1 2d12h
  8. mysql-5d4695cd5-kzlms 1/1 Running 0 37s
  9. nginx 2/2 Running 10 2d15h
  10. nginx-volume 1/1 Running 1 2d12h
  11. wordpress-6cbb67575d-b9md5 1/1 Running 0 22s

[root@docker-server1 ingress]# curl -I -H "Host:blog.example.com"  http://192.168.132.132

  1. HTTP/1.1 302 Found
  2. Server: nginx/1.17.7
  3. Date: Sun, 12 Jan 2020 15:19:08 GMT
  4. Content-Type: text/html; charset=UTF-8
  5. Connection: keep-alive
  6. X-Powered-By: PHP/7.2.26
  7. Expires: Wed, 11 Jan 1984 05:00:00 GMT
  8. Cache-Control: no-cache, must-revalidate, max-age=0
  9. X-Redirect-By: WordPress
  10. Location: http://blog.example.com/wp-admin/install.php

2.8 访问wordpress

访问http://blog.example.com

ingress配置访问wordpress完成


博主声明:本文的内容来源主要来自誉天教育晏威老师,由本人实验完成操作验证,需要的博友请联系誉天教育(http://www.yutianedu.com/),获得官方同意或者晏老师(https://www.cnblogs.com/breezey/)本人同意即可转载,谢谢!

007.kubernets的headless service配置和ingress的简单配置的更多相关文章

  1. 再谈zabbix 邮件通知配置(不用脚本,简单配置就可以了)

    备注: 安装过zabbix 的人,大家都应该了解,后者查询网上的资料邮件通知一般是编写一个脚本,即报警媒介类型,创建一个script类似的 然后编写脚本,进行发送,但是实际上,系统内置的邮件发送还是比 ...

  2. MySQL 5.1.63 单机配置多实例(简单配置)

    需求: 在一台服务器上通过源码编译安装一个版本为5.1.63版本MySQL数据库: 方案:将所有配置文件与数据等均存放在/home/zhaoshuangshuang下.在同一个MySQL中运行两个实例 ...

  3. Django安装与简单配置(1)

    目录 1. 环境准备 2. 开始安装 2.1 安装Django 2.2 安装 Mysql数据库 3. 开始配置 3.1 Django简单配置 3.1.1 创建一个工程(project)为devops: ...

  4. 小丁带你走进git世界一-git简单配置

    小丁带你走进git世界一-git简单配置 1.github的简单配置 配置提交代码的信息,例如是谁提交的代码之类的. git config  –global user.name BattleHeaer ...

  5. kubernetes的headless service介绍

    headless service是一个特殊的ClusterIP类service,这种service创建时不指定clusterIP(--cluster-ip=None),因为这点,kube-proxy不 ...

  6. statefulSet + headless service 学习记录 service :selector --> template :label

    1.statefulset.yaml apiVersion: apps/v1kind: StatefulSetmetadata:   name: webspec:    serviceName: &q ...

  7. Reporting Service服务SharePoint集成模式安装配置(9、PowerPivot for SharePoint 安装配置详细)

    PowerPivot for SharePoint 增加了对发布到 SharePoint 中的 PowerPivot 工作簿的协作和文档管理支持. PowerPivot for SharePoint ...

  8. Reporting Service服务SharePoint集成模式安装配置(3、4、安装sharepoint 2010必备组件及产品)

    Reporting Service服务SharePoint集成模式安装配置 第三步和第四部 第三步 安装sharepoint 2010必备组件 1.安装SharePoint2010必备组件,执行Pre ...

  9. Kubernetes Headless Service

    1. Headless Service headless service 需要将 spec.clusterIP 设置成 None. 因为没有ClusterIP,kube-proxy 并不处理此类服务, ...

随机推荐

  1. 如何使用Excel发送邮件?

    假设你有一个Excel,其中列出了所有收件人的信息,如下所示: 如果需要向列表中的每个用户发送一封邮件,最好使用当前记录生成一个附件,并且格式如下: 姓名, 发送消息 你应该怎么办?一个一个拷贝发送? ...

  2. H5 端 rem 适配方案与 viewport 适配

    H5 端 rem 适配方案与 viewport 适配 rem rem 是 CSS3 新增的一个相对单位(root em,根 em) 只根据当前页面 HTML 页面的 font-size 设置,如果根目 ...

  3. 【CTF】XCTF Misc 心仪的公司 & 就在其中 writeup

    前言 这两题都是Misc中数据包的题目,一直觉得对数据包比较陌生,不知道怎么处理. 这里放两道题的wp,第一题strings命令秒杀觉得非常优秀,另外一题有涉及RSA加密与解密(本文不具体讨论RSA非 ...

  4. Spring Security框架中踢人下线技术探索

    1.背景 在某次项目的开发中,使用到了Spring Security权限框架进行后端权限开发的权限校验,底层集成Spring Session组件,非常方便的集成Redis进行分布式Session的会话 ...

  5. selenium启动IE失败,并报错:Unexpected error launching Internet Explorer. Protected Mode settings are not the same for all zones

    1.selenium去启动IE时,报错: Started InternetExplorerDriver server (32-bit)2.50.0.0Listening on port 24641On ...

  6. Day03_16_递归

    Java递归 递归包含两个部分 递归头: 标明了什么时候结束递归调用,如果没有递归头,程序将陷入死循环. 递归体: 标明了什么时候需要继续调用自身. 实例 import java.util.Scann ...

  7. (数据科学学习手札119)Python+Dash快速web应用开发——多页面应用

    本文示例代码已上传至我的Github仓库https://github.com/CNFeffery/DataScienceStudyNotes 1 简介 这是我的系列教程Python+Dash快速web ...

  8. git 配置ssh

    git 配置ssh 生成一个个人账号/邮箱的sshkey ssh-keygen -t rsa -C "youremail@yourcompany.com" -f ~/.ssh/XX ...

  9. ubuntu 1804 配置阿里源

    以防出错,先备份sudo cp /etc/apt/sources.list /etc/apt/sources.list.bak编辑元列表文件sudo vim /etc/apt/sources.list ...

  10. PAT 乙级 -- 1011 -- A+B和C

    问题简述 给定区间[-231, 231]内的3个整数A.B和C,请判断A+B是否大于C. 输入格式: 输入第1行给出正整数T(<=10),是测试用例的个数.随后给出T组测试用例,每组占一行,顺序 ...