今天来介绍一下 kubernetes ingress, 什么是kubernetes ingress, 简单来说 "就是一个可以暴露内部服务的一个7层的loadblance"
- <li "="" style="word-wrap: break-word; margin-bottom: 0px; margin-left: 0px; padding-left: 10px; list-style: none outside none; font-size: 14px; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;"> ingress 工作组件以及相应功能
- <li "="" style="word-wrap: break-word; margin-bottom: 0px; margin-left: 0px; padding-left: 10px; list-style: none outside none; font-size: 14px; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;"> <li "="" style="word-wrap: break-word; margin-bottom: 0px; margin-left: 0px; padding-left: 10px; list-style: none outside none; font-size: 14px; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;"> ingress Controller: watch ApiSverver /ingress ep updates to th Ingress resource ,内置一个nginx,反向代理ingress内的服务。
- ingress : 描述访问的rules,与后端svc之间的关系。
工作流程: ingress Controller 监听 apiSverve ingress 当发现又新的 ingress,基于你定义的 go text/template重写一份 nginx配置文件,重启nginx。
部署一个完整的 kubernetes ingress
step 1 deploy ingress Controller
[root@kuber-master-141 ingress]# cat nginx-ctl.yaml
apiVersion: v1
kind: Service
metadata:
name: default-http-backend
labels:
k8s-app: default-http-backend
spec:
ports:
- port: 80
targetPort: 8080
protocol: TCP
name: http
selector:
k8s-app: default-http-backend
---
apiVersion: v1
kind: ReplicationController
metadata:
name: default-http-backend
spec:
replicas: 1
selector:
k8s-app: default-http-backend
template:
metadata:
labels:
k8s-app: default-http-backend
spec:
terminationGracePeriodSeconds: 60
containers:
- name: default-http-backend
# Any image is permissable as long as:
# 1. It serves a 404 page at /
# 2. It serves 200 on a /healthz endpoint
image: registry.wepiao.com/defaultbackend:1.2
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
path: /healthz
port: 8080
scheme: HTTP
initialDelaySeconds: 30
timeoutSeconds: 5
ports:
- containerPort: 8080
resources:
limits:
cpu: 10m
memory: 20Mi
requests:
cpu: 10m
memory: 20Mi
---
apiVersion: v1
kind: ReplicationController
metadata:
name: nginx-ingress-controller
labels:
k8s-app: nginx-ingress-lb
spec:
replicas: 1
selector:
k8s-app: nginx-ingress-lb
template:
metadata:
labels:
k8s-app: nginx-ingress-lb
name: nginx-ingress-lb
spec:
terminationGracePeriodSeconds: 60
containers:
- image: registry.wepiao.com/nginx-ingress-controller:0.8.3
imagePullPolicy: IfNotPresent
name: nginx-ingress-lb
#imagePullPolicy: Always
readinessProbe:
httpGet:
path: /healthz
port: 10254
scheme: HTTP
livenessProbe:
httpGet:
path: /healthz
port: 10254
scheme: HTTP
initialDelaySeconds: 10
timeoutSeconds: 1
# use downward API
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: KUBERNETES_MASTER
value: http://10.3.1.141:8080
ports:
- containerPort: 80
hostPort: 80
- containerPort: 443
hostPort: 443
# we expose 18080 to access nginx stats in url /nginx-status
# this is optional
- containerPort: 18080
hostPort: 18080
args:
- /nginx-ingress-controller
- --default-backend-service=$(POD_NAMESPACE)/default-http-backend
step 2 创建2个nginx svc
apiVersion: v1
kind: ReplicationController
metadata:
name: kubea-nginx-rc
spec:
replicas: 1
template:
metadata:
labels:
project: kubea-nginx
spec:
containers:
- name: kubea-nginx
image: docker.io/nginx
imagePullPolicy: IfNotPresent
ports:
- containerPort: 80
---
kind: Service
apiVersion: v1
metadata:
labels:
project: kubea-nginx
name: kubea-nginx-svc
namespace: default
spec:
type: ClusterIP
ports:
- port: 80
targetPort: 80
selector:
project: kubea-nginx
apiVersion: v1
kind: ReplicationController
metadata:
name: kubeb-nginx-rc
spec:
replicas: 1
template:
metadata:
labels:
project: kubeb-nginx
spec:
containers:
- name: kubeb-nginx
image: docker.io/nginx
imagePullPolicy: IfNotPresent
ports:
- containerPort: 80
---
kind: Service
apiVersion: v1
metadata:
labels:
project: kubeb-nginx
name: kubeb-nginx-svc
namespace: default
spec:
type: ClusterIP
ports:
- port: 80
targetPort: 80
selector:
project: kubeb-nginx
[root@kuber-master-141 msite]# kubectl get,svc
NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
default-http-backend 20.254.192.115 80/TCP 7d
kubea-nginx-svc 20.254.67.68 80/TCP 1d
kubeb-nginx-svc 20.254.123.19 80/TCP 1d
kubernetes 20.254.0.1 443/TCP 48d
po/busybox 1/1 Running 981 40d
po/default-http-backend-03m2a 1/1 Running 0 7d
po/kubea-nginx-rc-cfye5 1/1 Running 0 1d
po/kubeb-nginx-rc-ia64v 1/1 Running 0 1d
po/nginx-ingress-controller-t6qwp 1/1 Running 0 7d
再pod创建2个文件来区分服务,创建的过程我就不在赘述了
[root@kuber-master-141 msite]# kubectl exec kubea-nginx-rc-cfye5 -- cat /usr/share/nginx/html/kubea.html
kubea
[root@kuber-master-141 msite]# kubectl exec kubeb-nginx-rc-ia64v -- cat /usr/share/nginx/html/kubeb.html
kubeb
step 3 我们建立2个ingress
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: kubea
spec:
rules:
- host: kubea.wepiao.com
http:
paths:
- path: /
backend:
serviceName: kubea-nginx-svc
servicePort: 80
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: kubeb
spec:
rules:
- host: kubeb.wepiao.com
http:
paths:
- path: /
backend:
serviceName: kubeb-nginx-svc
servicePort: 80
[root@kuber-master-141 ~]# kubectl get ing
NAME HOSTS ADDRESS PORTS AGE
kubea kubea.wepiao.com 10.3.1.60 80 2d
kubeb kubeb.wepiao.com 10.3.1.60 80 2d
[root@VM_1_234_centos ~]# curl --resolve kubea.wepiao.com:80:10.3.1.60 kubea.wepiao.com/kubea.html
kubea
[root@VM_1_234_centos ~]# curl --resolve kubeb.wepiao.com:80:10.3.1.60 kubeb.wepiao.com/kubeb.html
kubeb
Cail_wepiao
参考链接: https://github.com/kubernetes/contrib/tree/master/ingress/controllers
http://kubernetes.io/docs/user-guide/ingress/
http://blog.chinaunix.net/uid-28840446-id-5757743.html
http://blog.csdn.net/u013812710/article/details/52801656#概述
https://kubernetes.io/docs/user-guide/ingress/
https://github.com/nginxinc/kubernetes-ingress
相关推荐
"Kubernetes Ingress日志分析最佳实践" Kubernetes Ingress日志分析是云原生应用程序的重要组件之一。随着容器化和微服务架构的普及,Kubernetes成为企业级容器编排的主要选择。然而,在Kubernetes集群中,日志分析...
在Kubernetes集群中,Ingress是一种管理外部访问到Pod服务的机制,主要负责提供网络路由规则,使得外部请求可以通过特定的URL和端口映射到内部的服务上。本压缩包文件“Kubernetes ingress yaml文件包”很可能是包含...
021 Kubernetes ingress及Ingress Controller.mp4
藏经阁-基于Kubernetes的互联网Ingress实践 本文档介绍了基于Kubernetes的互联网Ingress实践,涵盖了Ingress Controller、Kubernetes Ingress Spec、TLS termination、L7 path forwarding、redirecting、URL/Header...
kube-lego从Let's Encrypt自动为Kubernetes Ingress资源申请证书 截屏 产品特点 认识到在这种情况下需要新证书: 不存在证书 现有证书未包含所有域名 现有证书已过期或接近有效期(请参阅选项LEGO_MINIMUM_...
用于构建容器的资产,以向nginx-ingress Kubernetes Ingress控制器提供自定义默认后端 编辑错误页面 容器具有一组基于错误代码返回的错误HTML和JSON文件。 这些文件存储在www/目录中,并复制到容器中的/www/目录中。...
kubernetes的quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.20.0镜像包,版本为v0.20.0。文件先解压,之后得到nginx-ingress-controller.0.20.0.tar
Istio入口控制器使用Kubernetes Ingress作为定义来创建和配置Istio VirtualServices。 基于如何贡献参见执照除非另有说明,否则此项目的源代码受加拿大政府的官方版权保护,并根据分发。 与该发行版有关的“加拿大”...
Ingress-controller是在Kubernetes上的一种负载均衡方式,它允许外部流量进入Kubernetes集群,实现对服务的访问和管理。本文将从多个角度详细阐述Ingress-controller,并特别介绍了Ingress-controller与Istio、...
发夹代理PROXY协议支持Kubernetes Ingress用户从内部到LoadBalancer的流量,特别是用于证书管理器自检。 如果您遇到了ingress-nginx,cert-manager,LetsEncrypt ACME HTTP01自检失败以及PROXY协议的问题,请继续...
标题 "ingress.tar.gz" 涉及的主题是 Kubernetes 网络,特别是关于 Ingress 的概念和使用。Ingress 是 Kubernetes 集群中的一种资源对象,它提供了对外部访问 Kubernetes 服务的方法,通常用于配置 HTTP 和 HTTPS ...
docker build -t haproxytech/kubernetes-ingress -f build/Dockerfile . 可以使用以下示例环境创建 deploy/kind/create.sh 请参阅以获取控制器图像的所有可用参数。 可用的自定义在进行了描述 文件中描述了运行...
11-kubernetes ingress及Ingress Controller.mp4 12-存储卷.mp4 13-kubernetes pv、pvc、configmap和secret.mp4 14-kubernetes statefulset控制器.mp4 15-kubernetes认证及serviceaccount.mp4 16-kubernetes RBAC....
│ 11-kubernetes ingress及Ingress Controller.mp4 │ 12-存储卷.mp4 │ 13-kubernetes pv、pvc、configmap和secret.mp4 │ 14-kubernetes statefulset控制器.mp4 │ 15-kubernetes认证及serviceaccount.mp4 │ 16-...
允许限制入口资源的Kubewarden策略。该政策允许限制什么策略配置允许设置几个属性: requireTLS : boolean 入口资源的spec是否必须包含tls属性,该属性包括入口资源的.spec.rules属性中定义的所有主机。...
11-kubernetes ingress及Ingress Controller 12-存储卷 13-kubernetes pv、pvc、configmap和secret 14-kubernetes statefulset控制器 15-kubernetes认证及serviceaccount 16-kubernetes RBAC 17-kubernetes ...
在实际操作中,部署 ingress-nginx 控制器时,你需要确保集群已经安装了 Kubernetes Ingress API,并正确配置了 NodePort 或 LoadBalancer 类型的 Service,以便外部能够访问。修改好 "ingress-nginx-controller-1.9...
在Kubernetes(K8s)集群中,Ingress是一种用于管理外部访问服务的重要机制,它提供了统一的入口点,使得外部网络可以方便地与内部运行的应用进行交互。本篇文章将详细探讨Kubernetes Ingress及其附件,帮助你理解...
11-kubernetes ingress及Ingress Controller 12-存储卷 13-kubernetes pv、pvc、configmap和secret 14-kubernetes statefulset控制器 15-kubernetes认证及serviceaccount 16-kubernetes RBAC 17-kubernetes ...
Kubernetes Ingress 和 ConfigMap Kubernetes 是一个容器编排系统,可以自动化容器的部署、缩放和管理。Ingress 是 Kubernetes 中的一种资源,用于暴露容器应用程序的外部访问入口。ConfigMap 是 Kubernetes 中的一...