从 Ingress 开始有了域名

Ingressopen in new window 公开了从集群外部到集群内服务的 HTTP 和 HTTPS 路由。 流量路由由 Ingress 资源上定义的规则控制。

Ingress 可以提供负载均衡、TLS 证书以及域名。

ingress-k8s

本文要部署的 Ingress 控制器是 ingress-nginxopen in new window

前置条件:

安装

添加 ingress-nginx 仓库

helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
helm repo update

根据 Supported Versions tableopen in new window 查找合适的 ingress-nginx chart 版本,因为作者部署的 k8s 版本是 1.23,所以选择 chart 的版本是 4.5.2。

helm search repo ingress-nginx -l
# NAME                       	CHART VERSION	APP VERSION	DESCRIPTION
# ingress-nginx/ingress-nginx	4.7.0        	1.8.0      	Ingress controller for Kubernetes using NGINX
# ingress-nginx/ingress-nginx	4.6.1        	1.7.1      	Ingress controller for Kubernetes using NGINX
# ingress-nginx/ingress-nginx	4.6.0        	1.7.0      	Ingress controller for Kubernetes using NGINX
# ingress-nginx/ingress-nginx	4.5.2        	1.6.4      	Ingress controller for Kubernetes using NGINX

生成 values.yaml

helm show values ingress-nginx/ingress-nginx --version 4.5.2 > values.yaml

如果有需要,修改 values.yaml,更改配置,但现在不需要。

如果你想查看将要部署的清单,可以运行如下命令:

helm template ingress-nginx ingress-nginx/ingress-nginx -n ingress-nginx --create-namespace -f ./values.yaml --version 4.5.2 > ingress-nginx.yaml

安装 ingress-nginx

helm install ingress-nginx ingress-nginx/ingress-nginx -n ingress-nginx --create-namespace -f ./values.yaml --version 4.5.2

执行如下命令可以卸载重来:

helm uninstall ingress-nginx -n ingress-nginx

查看 EXTERNAL-IP

kubectl get svc -n ingress-nginx

# NAME                                 TYPE           CLUSTER-IP     EXTERNAL-IP     PORT(S)                      AGE
# ingress-nginx-controller             LoadBalancer   10.104.7.237   192.168.32.64   80:32168/TCP,443:31027/TCP   11s
# ingress-nginx-controller-admission   ClusterIP      10.98.250.70   <none>          443/TCP                      11s

请留意 EXTERNAL-IP 为 192.168.32.64

等待

kubectl get pods -n ingress-nginx -w

# NAME                                        READY   STATUS              RESTARTS   AGE
# ingress-nginx-admission-create--1-jp6ww     0/1     Completed           0          23s
# ingress-nginx-admission-patch--1-xh4gn      0/1     Completed           1          23s
# ingress-nginx-controller-5c8d66c76d-4slrh   0/1     ContainerCreating   0          23s
# ingress-nginx-controller-5c8d66c76d-4slrh   0/1     Running             0          39s
# ingress-nginx-controller-5c8d66c76d-4slrh   1/1     Running             0          50s

测试

部署

kubectl apply -f whoami.yaml
# ingress/nginx/whoami.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: whoami
  labels:
    app: containous
    name: whoami
spec:
  replicas: 2
  selector:
    matchLabels:
      app: containous
      task: whoami
  template:
    metadata:
      labels:
        app: containous
        task: whoami
    spec:
      containers:
        - name: containouswhoami
          image: containous/whoami
          resources:
          ports:
            - containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
  name: whoami
spec:
  ports:
    - name: http
      port: 80
  selector:
    app: containous
    task: whoami
  type: ClusterIP

---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: whoami-ingress
  annotations:
    kubernetes.io/ingress.class: nginx
    nginx.ingress.kubernetes.io/rewrite-target: /
spec:
  rules:
    - host: whoami.todoit.tech
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: whoami
                port:
                  number: 80

查看 ingress 信息

kubectl get ingress

# NAME             CLASS    HOSTS                ADDRESS         PORTS   AGE
# whoami-ingress   <none>   whoami.todoit.tech   192.168.32.64   80      35s

此时 curl 192.168.32.64, 会得到 404 的信息

这里给 whoami 配置了一个域名 whoami.todoit.tech,在宿主机将该域名映射到 192.168.32.64。为了方便,我使用 SwitchHostsopen in new window 这款应用来做域名映射,可以到 GitHub 下载安装。

switchhosts

在浏览器输入 whoami.todoit.tech,没有意外的话,可以看到,有意外的话可以使用 safari 打开。

whoami-ingress

由于我没有配备 SSL 证书,浏览器提示我们不安全,可以通过使用 cert-manager 签发免费证书来解决这个问题。

清理

kubectl delete -f whoami.yaml

# deployment.apps "whoami" deleted
# service "whoami" deleted
# ingress.networking.k8s.io "whoami-ingress" deleted
上次更新: