ingress
https://kubernetes.io/docs/concepts/services-networking/ingress/
pod与ingress的关系
•通过label-selector相关联
•通过Ingress Controller实现Pod的负载均衡
-支持TCP/UDP 4层和HTTP 7层
Ingress 组成?
ingress controller:将新加入的Ingress转化成Nginx的配置文件并使之生效
ingress服务:将Nginx的配置抽象成一个Ingress对象,每添加一个新的服务只需写一个新的Ingress的yaml文件即可
Ingress 工作原理?
ingress controller通过和kubernetes api交互,动态的去感知集群中ingress规则变化,
然后读取它,按照自定义的规则,规则就是写明了哪个域名对应哪个service,生成一段nginx配置,
再写到nginx-ingress-control的pod里,这个Ingress controller的pod里运行着一个Nginx服务,控制器会把生成的nginx配置写入/etc/nginx.conf文件中,
然后reload一下使配置生效。
以此达到域名分配置和动态更新的问题。
ingress部署文档
https://github.com/kubernetes/ingress-nginx/blob/master/docs/deploy/index.md
下载yaml文件,修改使用宿主机网络 hostNetwork: true
[root@k8s-master1 ingress]# wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/mandatory.yaml [root@k8s-master1 ingress]# kubectl apply -f mandatory.yaml namespace/ingress-nginx created configmap/nginx-configuration created configmap/tcp-services created configmap/udp-services created serviceaccount/nginx-ingress-serviceaccount created clusterrole.rbac.authorization.k8s.io/nginx-ingress-clusterrole created role.rbac.authorization.k8s.io/nginx-ingress-role created rolebinding.rbac.authorization.k8s.io/nginx-ingress-role-nisa-binding created clusterrolebinding.rbac.authorization.k8s.io/nginx-ingress-clusterrole-nisa-binding created deployment.extensions/nginx-ingress-controller created
查看ingress部署的node节点,使用宿主机网络会在node监听80和443端口
[root@k8s-master1 ingress]# kubectl get ns NAME STATUS AGE default Active 6d20h ingress-nginx Active 27m kube-public Active 6d20h kube-system Active 6d20h [root@k8s-master1 ingress]# kubectl get pods -n ingress-nginx -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES nginx-ingress-controller-5c98c674b8-l9ft2 1/1 Running 0 28m 192.168.0.125 192.168.0.125 <none> <none>
[root@k8s-node01 ~]# netstat -tnlp |egrep "80|443"
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 2358/nginx: master
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 2358/nginx: master
tcp 0 0 0.0.0.0:18080 0.0.0.0:* LISTEN 2358/nginx: master
tcp6 0 0 :::80 :::* LISTEN 2358/nginx: master
tcp6 0 0 :::443 :::* LISTEN 2358/nginx: master
tcp6 0 0 :::18080 :::* LISTEN 2358/nginx: master
准备后端服务
[root@k8s-master1 ingress]# cat deploy-demo.yaml #创建service为myapp apiVersion: v1 kind: Service metadata: name: myapp namespace: default spec: selector: app: myapp release: canary ports: - name: http targetPort: 80 port: 80 --- #创建后端服务的deployment apiVersion: apps/v1 kind: Deployment metadata: name: myapp-backend-pod namespace: default spec: replicas: 3 selector: matchLabels: app: myapp release: canary template: metadata: labels: app: myapp release: canary spec: containers: - name: myapp image: ikubernetes/myapp:v2 ports: - name: http containerPort: 80 [root@k8s-master1 ingress]# kubectl apply -f deploy-demo.yaml service/myapp created deployment.apps/myapp-backend-pod created [root@k8s-master1 ingress]# kubectl get pod,svc NAME READY STATUS RESTARTS AGE pod/myapp-backend-pod-6b56d98b6b-27vvs 1/1 Running 0 12s pod/myapp-backend-pod-6b56d98b6b-6rq8w 1/1 Running 0 12s pod/myapp-backend-pod-6b56d98b6b-ndbm6 1/1 Running 0 12s NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE service/kubernetes ClusterIP 10.0.0.1 <none> 443/TCP 6d21h service/myapp ClusterIP 10.0.0.79 <none> 80/TCP 12s [root@k8s-node01 ~]# curl 10.0.0.79 Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>