背景简介
Ingress是Kubernetes资源,用于管理外部到集群内部服务的HTTP和HTTPS流量,提供URL路由、负载均衡等功能。
Note: 本文以 ingress-nginx 控制器为示例 【官方参考链接】
环境配置
- Kubernetes v1.29.1。【Kubernetes - 安装】
详细步骤
可选 - 第一步: 获取 ingress-nginx 控制器 yaml 配置文件【官方链接】【示例文件】
第二步: 启动 ingress-nginx 控制器
# kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.12.0/deploy/static/provider/cloud/deploy.yaml
或者使用 第一步 已获取的 yaml 配置文件启动,如需修改镜像,请先下载_**yaml**_配置文件
$ kubectl apply -f ingress-nginx-deploy.yaml
如需修改镜像,替换 yaml 中的:
- registry.k8s.io/ingress-nginx/controller:v1.12.0@sha256:e6b8de175acda6ca913891f0f727bca4527e797d52688cbe9fec9040d6f6b6fa
- registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.5.0@sha256:aaafd456bda110628b2d4ca6296f38731a3aaf0bf7581efae824a41c770a8fc4
如需配置 image pull secret,请参考 【Kubernetes - 配置 Image Pull Secret】
如本地环境不支持 LoadBalancer 配置,请修改为 NodePort
apiVersion: v1 kind: Service metadata: labels: app.kubernetes.io/component: controller app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginx app.kubernetes.io/version: 1.12.0 name: ingress-nginx-controller namespace: ingress-nginx spec: externalTrafficPolicy: Local ****** selector: app.kubernetes.io/component: controller app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/name: ingress-nginx type: NodePort
namespace/ingress-nginx created
serviceaccount/ingress-nginx created
serviceaccount/ingress-nginx-admission created
role.rbac.authorization.k8s.io/ingress-nginx created
role.rbac.authorization.k8s.io/ingress-nginx-admission created
clusterrole.rbac.authorization.k8s.io/ingress-nginx created
clusterrole.rbac.authorization.k8s.io/ingress-nginx-admission created
rolebinding.rbac.authorization.k8s.io/ingress-nginx created
rolebinding.rbac.authorization.k8s.io/ingress-nginx-admission created
clusterrolebinding.rbac.authorization.k8s.io/ingress-nginx created
clusterrolebinding.rbac.authorization.k8s.io/ingress-nginx-admission created
configmap/ingress-nginx-controller created
service/ingress-nginx-controller created
service/ingress-nginx-controller-admission created
deployment.apps/ingress-nginx-controller created
job.batch/ingress-nginx-admission-create created
job.batch/ingress-nginx-admission-patch created
ingressclass.networking.k8s.io/nginx created
validatingwebhookconfiguration.admissionregistration.k8s.io/ingress-nginx-admission created
第三步: 查看部署结果
$ kubectl get pod,svc -n ingress-nginx
NAME READY STATUS RESTARTS AGE
pod/ingress-nginx-admission-create-t6h8p 0/1 Completed 0 17s
pod/ingress-nginx-admission-patch-4wtv7 0/1 Completed 1 17s
pod/ingress-nginx-controller-688b8569c5-knmst 1/1 Running 0 17s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/ingress-nginx-controller NodePort 10.103.197.217 <none> 80:31272/TCP,443:31881/TCP 17s
service/ingress-nginx-controller-admission ClusterIP 10.109.19.22 <none> 443/TCP 17s
第四步: 查看日志
$ kubectl logs -f --tail 20 ingress-nginx-controller-688b8569c5-246h9 -n ingress-nginx
nginx version: nginx/1.25.5
-------------------------------------------------------------------------------
W0226 03:34:45.153472 7 client_config.go:667] Neither --kubeconfig nor --master was specified. Using the inClusterConfig. This might not work.
I0226 03:34:45.153867 7 main.go:205] "Creating API client" host="https://10.96.0.1:443"
I0226 03:34:45.169954 7 main.go:248] "Running in Kubernetes cluster" major="1" minor="29" git="v1.29.1" state="clean" commit="bc401b91f2782410b3fb3f9acf43a995c4de90d2" platform="linux/amd64"
I0226 03:34:45.397582 7 main.go:101] "SSL fake certificate created" file="/etc/ingress-controller/ssl/default-fake-certificate.pem"
I0226 03:34:45.416510 7 ssl.go:535] "loading tls certificate" path="/usr/local/certificates/cert" key="/usr/local/certificates/key"
I0226 03:34:45.440065 7 nginx.go:271] "Starting NGINX Ingress controller"
I0226 03:34:45.456383 7 event.go:377] Event(v1.ObjectReference{Kind:"ConfigMap", Namespace:"ingress-nginx", Name:"ingress-nginx-controller", UID:"71daaf73-5e9f-47ce-b788-791d53ec1470", APIVersion:"v1", ResourceVersion:"8515649", FieldPath:""}): type: 'Normal' reason: 'CREATE' ConfigMap ingress-nginx/ingress-nginx-controller
I0226 03:34:46.642952 7 nginx.go:317] "Starting NGINX process"
I0226 03:34:46.643051 7 leaderelection.go:257] attempting to acquire leader lease ingress-nginx/ingress-nginx-leader...
I0226 03:34:46.643871 7 nginx.go:337] "Starting validation webhook" address=":8443" certPath="/usr/local/certificates/cert" keyPath="/usr/local/certificates/key"
I0226 03:34:46.644262 7 controller.go:196] "Configuration changes detected, backend reload required"
I0226 03:34:46.699085 7 leaderelection.go:271] successfully acquired lease ingress-nginx/ingress-nginx-leader
I0226 03:34:46.699175 7 status.go:85] "New leader elected" identity="ingress-nginx-controller-688b8569c5-246h9"
I0226 03:34:46.823937 7 controller.go:216] "Backend successfully reloaded"
I0226 03:34:46.824114 7 controller.go:227] "Initial sync, sleeping for 1 second"
I0226 03:34:46.824270 7 event.go:377] Event(v1.ObjectReference{Kind:"Pod", Namespace:"ingress-nginx", Name:"ingress-nginx-controller-688b8569c5-246h9", UID:"40719ce1-16db-4cc3-a4dc-99d7649dbdd8", APIVersion:"v1", ResourceVersion:"8515683", FieldPath:""}): type: 'Normal' reason: 'RELOAD' NGINX reload triggered due to a change in configuration
后续 Ingress 配合 service 的使用,请参考【Kubernetes - 通过 Ingress 访问 Service】
以上便是本文的全部内容,感谢您的阅读,如遇到任何问题,欢迎在评论区留言讨论。