K8S学习之ingress网络实验
2022-03-15 本文已影响0人
david161
实验一
使用镜像
docker pull tomcat:9.0.20-jre8-alpine
docker pull quay.io/kubernetes-ingress-controller/nginx-ingress- controller:0.30.0
运行ingress-controller
在mandatory.yaml文件的Deployment资源中增加属性sepc.template.sepc.hostNetWork
hostNetwork: true
hostNetwork网络,这是一种直接定义Pod网络的方式。如果在Pod中使用hostNetwork:true配置网络,那么Pod中运行的应用程序可以直接使用node节点的端口
运行ingress/mandatory.yaml文件
kubectl apply -f mandatory.yaml
运行ingress服务
运行ingress/service-nodeport.yaml文件
kubectl apply -f service-nodeport.yaml
部署tomcat-服务
ingress/tomcat-service.yml
apiVersion: apps/v1
kind: Deployment
metadata:
name: tomcat-deploy
labels:
app: tomcat-deploy
spec:
replicas: 1
template:
metadata:
name: tomcat-deploy
labels:
app: tomcat-deploy
spec:
containers:
- name: tomcat-deploy
image: tomcat:9.0.20-jre8-alpine
imagePullPolicy: IfNotPresent
ports:
- containerPort: 8080
restartPolicy: Always
selector:
matchLabels:
app: tomcat-deploy
---
apiVersion: v1
kind: Service
metadata:
name: tomcat-svc
spec:
selector:
app: tomcat-deploy
ports:
- port: 8080
targetPort: 8080
type: NodePort
运行tomcat-service
kubectl apply -f tomcat-service.yml
部署ingress规则文件
ingress/ingress-tomcat.yml
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: nginx-ingress-test
spec:
backend:
serviceName: tomcat-svc
servicePort: 8080
运行ingress规则
kubectl apply -f ingress-tomcat.yml
查看ingress
kubectl get ingress
查看ingress服务:查看service的部署端口号
kubectl get svc -n ingress-nginx
查看ingress-controller运行在那个node节点
kubectl get pod -n ingress-nginx -o wide
通过ingress访问tomcat
http://192.168.198.158:31530/
实验二
上边案例的部署方式只能通过ingress-controller部署的节点访问。集群内其他节点无法访问ingress规则。本章节通过修改mandatory.yaml文件的控制类类型,让集群内每一个节点都可以正常访问ingress规则。
ingress-controller
ingress/mandatory.yaml
修改mandatory.yaml配置文件
1.将Deployment类型控制器修改为:DaemonSet
2.属性:replicas: 1 # 删除这行
service-nodeport固定端口
ingress/service-nodeport.yml
apiVersion: v1
kind: Service
metadata:
name: ingress-nginx
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
spec:
type: NodePort
ports:
- name: http
port: 80
targetPort: 80
nodePort: 31188
protocol: TCP
- name: https
port: 443
targetPort: 443
nodePort: 31443
protocol: TCP
selector:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
域名访问ingress规则
service/ingress-tomcat.yml
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: nginx-ingress-test
spec:
rules:
- host: ingress-tomcat.lagou.com
http:
paths:
- path: /
backend:
serviceName: nodeporttomcat-svc
servicePort: 8080
修改宿主机hosts文件
C:\Windows\System32\drivers\etc\hosts
增加ingress-tomcat.lagou.com 域名配置:
192.168.198.157 ingress-tomcat.lagou.com
部署服务
kubectl apply -f .
浏览器测试
http://ingress-tomcat.lagou.com:31188/
nginx-controller原理
查看ingress-nginx 命名空间下的pod
kubectl get pods -n ingress-nginx
进入ingress-nginx 的pod
kubectl exec -it nginx-ingress-controller-5gt4l -n ingress-nginx sh
查看nginx反向代理域名ingress-tomcat.lagou.com
cat nginx.conf