本文介绍了如何在国内因DNS问题临时修改hosts文件,安装Ingress-nginx,设置NodePort服务,创建nginx服务并配置Ingress,最终实现通过域名访问。
由于raw.githubusercontent.com国内dns不能解析,我们先临时调整/etc/hosts来解决
tee >> /etc/hosts <<EOF
199.232.28.133 raw.githubusercontent.com
EOF
安装ingress-nginx版本
curl https://raw.githubusercontent.com/kubernetes/ingress-nginx/nginx-0.30.0/deploy/static/mandatory.yaml -o nginx-ingress.yaml
If the Image can't be downloaded ,change the image with below
registry.cn-hangzhou.aliyuncs.com/bin_x/nginx-ingress:v0.34.1@sha256:80359bdf124d49264fabf136d2aecadac729b54f16618162194356d3c78ce2fe
执行,一般情况下不会有错误。warning可以忽略
[root@centos7v4-k8s ~]# kubectl apply -f nginx-ingress.yaml
namespace/ingress-nginx created
configmap/nginx-configuration created
configmap/tcp-services created
configmap/udp-services created
serviceaccount/nginx-ingress-serviceaccount created
Warning: rbac.authorization.k8s.io/v1beta1 ClusterRole is deprecated in v1.17+, unavailable in v1.22+; use rbac.authorization.k8s.io/v1 ClusterRole
clusterrole.rbac.authorization.k8s.io/nginx-ingress-clusterrole created
Warning: rbac.authorization.k8s.io/v1beta1 Role is deprecated in v1.17+, unavailable in v1.22+; use rbac.authorization.k8s.io/v1 Role
role.rbac.authorization.k8s.io/nginx-ingress-role created
Warning: rbac.authorization.k8s.io/v1beta1 RoleBinding is deprecated in v1.17+, unavailable in v1.22+; use rbac.authorization.k8s.io/v1 RoleBinding
rolebinding.rbac.authorization.k8s.io/nginx-ingress-role-nisa-binding created
Warning: rbac.authorization.k8s.io/v1beta1 ClusterRoleBinding is deprecated in v1.17+, unavailable in v1.22+; use rbac.authorization.k8s.io/v1 ClusterRoleBinding
clusterrolebinding.rbac.authorization.k8s.io/nginx-ingress-clusterrole-nisa-binding created
deployment.apps/nginx-ingress-controller created
limitrange/ingress-nginx created
[root@centos7v4-k8s ~]# kubectl get pod -n ingress-nginx
NAME READY STATUS RESTARTS AGE
nginx-ingress-controller-54b86f8f7b-j49xg 1/1 Running 1 1m
ingress-nginx的实质也是也个pod,对外提供服务也需要通过nodePort,LB,等,并使用service提供负载均衡。
先创建一个service给ingress-nginx,并执行以下的yaml文件
[root@centos7v4-k8s ~]# cat ingress-service.yaml
apiVersion: v1
kind: Service
metadata:
name: ingress-nginx
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
spec:
type: NodePort
ports:
- name: http
port: 80
targetPort: 80
protocol: TCP
nodePort: 32080 #http
- name: https
port: 443
targetPort: 443
protocol: TCP
nodePort: 32443 #https
selector:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
执行程序看到service已经起来了 ,访问成功。出现404因为还没有后端服务。默认是404。
[root@centos7v4-k8s ~]# kubectl create -f ingress-service.yaml
[root@centos7v4-k8s ~]# kubectl get svc -n ingress-nginx
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ingress-nginx NodePort 10.10.133.234 <none> 80:32080/TCP,443:32443/TCP 88m
[root@centos7v4-k8s ~]# curl 10.10.133.234
<html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.17.8</center>
</body>
</html>
我们创建一个nginx服务在后端,提供service,并且增加一个ingress的服务
[root@centos7v4-k8s ~]# cat nginx-svc.yaml
apiVersion: v1
kind: Service
metadata:
name: nginx-external
namespace: default
spec:
selector:
name: nginx
ports:
- port: 80
targetPort: 80
---
apiVersion: v1
kind: Pod
metadata:
name: nginx
labels:
name: nginx
spec:
containers:
- name: nginx
image: nginx
ports:
- containerPort: 80 #源端口
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: ingress-nginx-external
namespace: default
annotations:
kubernetes.io/ingress.class: "nginx"
spec:
rules:
- host: nginx.yc.com #生产中该域名应当可以被公网解析
http:
paths:
- path:
backend:
serviceName: nginx-external
servicePort: 80
创建。
[root@centos7v4-k8s ~]# kubectl create -f nginx-svc.yaml
[root@centos7v4-k8s ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.10.0.1 <none> 443/TCP 46h
mysql ClusterIP None <none> 3306/TCP 45h
mysql-read ClusterIP 10.10.55.22 <none> 3306/TCP 45h
nginx-external ClusterIP 10.10.151.190 <none> 80/TCP 14h
nginx-headless ClusterIP None 192.168.11.62 80/TCP 43h
[root@centos7v4-k8s ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
mysql-0 2/2 Running 17 45h 10.122.112.193 centos7v3-k8s <none> <none>
mysql-1 2/2 Running 10 45h 10.122.42.193 centos7v2-k8s <none> <none>
mysql-2 2/2 Running 7 15h 10.122.103.71 centos7v1-k8s <none> <none>
nginx 1/1 Running 0 14h 10.122.42.197 centos7v2-k8s <none> <none>
[root@centos7v4-k8s ~]# kubectl get ingress
NAME CLASS HOSTS ADDRESS PORTS AGE
ingress-nginx-external <none> nginx.yc.com 10.10.133.234 80 14h
添加dns解析
echo "192.168.11.62 nginx.yc.com" >>/etc/hosts
访问服务
[root@centos7v4-k8s ~]# curl nignx.yc.com:32080
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
结束
扫一扫
2506
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
