kubernetes Helm之使用helm部署ingress-nginx


部署前将之前部署的ingress-nginx删除:

[root@server1 helm]# kubectl delete namespaces ingress-nginx 
namespace "ingress-nginx" deleted
[root@server1 nginx-ingress]# kubectl get ingress
\NAME              CLASS    HOSTS             ADDRESS          PORTS   AGE
rewrite-example   <none>   www1.westos.org   10.109.140.206   80      17d
[root@server1 nginx-ingress]# kubectl delete ingress rewrite-example
ingress.extensions "rewrite-example" deleted

一、部署

拉取并解压部署文件:

[root@server1 helm]# helm search repo nginx-ingress
NAME                	CHART VERSION	APP VERSION	DESCRIPTION                                       
stable/nginx-ingress	1.36.3       	0.30.0     	An nginx Ingress controller that uses ConfigMap...
stable/nginx-lego   	0.3.1        	           	Chart for nginx-ingress-controller and kube-lego  
[root@server1 helm]# helm pull stable/nginx-ingress
[root@server1 helm]# ls
mychart  nfs-client-provisioner  nfs-client-provisioner-1.2.8.tgz  nginx-ingress-1.36.3.tgz  pvc.yaml
[root@server1 helm]# tar zxf nginx-ingress-1.36.3.tgz
......
[root@server1 helm]# ls
mychart  nfs-client-provisioner  nfs-client-provisioner-1.2.8.tgz  nginx-ingress  nginx-ingress-1.36.3.tgz  pvc.yaml
[root@server1 helm]# cd nginx-ingress/
[root@server1 nginx-ingress]# ls
Chart.yaml  ci  OWNERS  README.md  templates  values.yaml

更改变量文件:

[root@server1 nginx-ingress]# vim values.yaml 

镜像及标签:
在这里插入图片描述确保仓库中有该镜像。

使用主机网络:
在这里插入图片描述daemoSet使用主机端口打开:
在这里插入图片描述更改控制器类型为DaemoSet:
在这里插入图片描述指定节点选择规则:
在这里插入图片描述
其中ingress: nginx为节点标签需要给及节点添加(可以编辑文件之后添加):
在这里插入图片描述由于我们使用的是hostnetwork的方式,因此不创建service:

在这里插入图片描述
定义deafultBackend:

在这里插入图片描述需熬镜像:
在这里插入图片描述其他的选项我们不做更改。

创建独立的namespace:

[root@server1 nginx-ingress]# kubectl create namespace nginx-ingress
namespace/nginx-ingress created

安装:

[root@server1 nginx-ingress]# helm -n nginx-ingress install nginx-ingress .
NAME: nginx-ingress
LAST DEPLOYED: Wed May 13 01:19:18 2020
NAMESPACE: nginx-ingress
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
The nginx-ingress controller has been installed.
......

查看:

[root@server1 nginx-ingress]# helm -n nginx-ingress list
NAME         	NAMESPACE    	REVISION	UPDATED                                	STATUS  	CHART               	APP VERSION
nginx-ingress	nginx-ingress	1       	2020-05-13 01:19:18.580042874 +0800 CST	deployed	nginx-ingress-1.36.3	0.30.0  

部署完成。

二、测试

定义deployment控制器:

[root@server1 nginx-ingress]# vim deployment.yaml 
[root@server1 nginx-ingress]# cat deployment.yaml 
apiVersion: apps/v1
kind: Deployment
metadata:
  name: deployment-nginx
  labels:
    app: nginx
spec:
  replicas: 2
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: myapp:v1
        ports:
        - containerPort: 80

[root@server1 nginx-ingress]# kubectl apply -f deployment.yaml 
deployment.apps/deployment-nginx created
[root@server1 nginx-ingress]# kubectl get pod --show-labels 
NAME                                READY   STATUS    RESTARTS   AGE   LABELS
deployment-nginx-5c58fb7c46-6fws2   1/1     Running   0          18s   app=nginx,pod-template-hash=5c58fb7c46
deployment-nginx-5c58fb7c46-r924f   1/1     Running   0          18s   app=nginx,pod-template-hash=5c58fb7c46

创建名为myservice的service:

[root@server1 nginx-ingress]# vim service.yaml 
[root@server1 nginx-ingress]# cat service.yaml 
apiVersion: v1
kind: Service
metadata:
  name: myservice
spec:
  ports:
    - protocol: TCP
      port: 80
      targetPort: 80
  selector:
    app: nginx
  type: ClusterIP

[root@server1 nginx-ingress]# kubectl apply -f service.yaml 
service/myservice created
[root@server1 nginx-ingress]# kubectl get svc
NAME         TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)   AGE
kubernetes   ClusterIP   10.96.0.1        <none>        443/TCP   25d
myservice    ClusterIP   10.110.156.252   <none>        80/TCP    11s

可以看到该service有两个endpoint:

[root@server1 nginx-ingress]# kubectl describe svc myservice 
Name:              myservice
Namespace:         default
Labels:            <none>
Annotations:       Selector:  app=nginx
Type:              ClusterIP
IP:                10.110.156.252
Port:              <unset>  80/TCP
TargetPort:        80/TCP
Endpoints:         10.244.1.135:80,10.244.2.115:80
Session Affinity:  None
Events:            <none>

创建ingress:

[root@server1 nginx-ingress]# vim ingress1.yaml 
[root@server1 nginx-ingress]# cat ingress1.yaml 
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  annotations:
    kubernetes.io/ingress.class: nginx
  name: example
#  namespace: 
spec:
  rules:
    - host: www1.westos.org
      http:
        paths:
          - backend:
              serviceName: myservice			#上面定义的service的名称
              servicePort: 80
            path: /

[root@server1 nginx-ingress]# kubectl apply -f ingress1.yaml
ingress.extensions/example created

查看创建的ingress的详细信息:
在这里插入图片描述在浏览器访问(需要做www1.westos.org的解析):
在这里插入图片描述
可以正常访问,后端也可正常负载:

[root@foundation63 ~]# curl www1.westos.org
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
[root@foundation63 ~]# curl www1.westos.org/hostname.html
deployment-nginx-5c58fb7c46-6fws2
[root@foundation63 ~]# curl www1.westos.org/hostname.html
deployment-nginx-5c58fb7c46-r924f

三、部署加密访问

我们之前已经创建过tls的secret:

[root@server1 nginx-ingress]# kubectl get secrets 
NAME                  TYPE                                  DATA   AGE
1-secret              Opaque                                2      14d
basic-auth            Opaque                                1      17d
default-token-25448   kubernetes.io/service-account-token   3      25d
my-secret             Opaque                                2      14d
myregistrykey         kubernetes.io/dockerconfigjson        1      13d
mysecret              Opaque                                2      14d
test-token-mjhwb      kubernetes.io/service-account-token   3      4d4h
tls-secret            kubernetes.io/tls                     2      17d

其中的tls-secret可以直接使用:

[root@server1 nginx-ingress]# vim ingress1.yaml 
[root@server1 nginx-ingress]# cat ingress1.yaml 
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  annotations:
    kubernetes.io/ingress.class: nginx
  name: example
#  namespace: 
spec:
  rules:
    - host: www1.westos.org
      http:
        paths:
          - backend:
              serviceName: myservice
              servicePort: 80
            path: /
  tls:
    - hosts:
        - www1.westos.org
      secretName: tls-secret

[root@server1 nginx-ingress]# kubectl apply -f ingress1.yaml 
ingress.extensions/example configured

在这里插入图片描述

在浏览器访问https://www1.westos.org:

在这里插入图片描述高级—>接受风险:
在这里插入图片描述同样可以访问到。
当访问没有定义的地址时会返回404.

Logo

K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容

更多推荐