服务发布Label&Selector、Service、Ingress

一.label&Selector

Label:对k8s中各种资源进行分类、分组,添加一个具有特别属性的一个标签。
Selector:通过一个过滤的语法进行查找到对应标签的资源。
当Kubernetes对系统的任何API对象如Pod和节点进行“分组”时,会对其添加Label(key=value形式的“键-值对”)用以精准地选择对应的API对象。而Selector(标签选择器)则是针对匹配对象的查询方法。注:键-值对就是key-value pair。
例如,常用的标签tier可用于区分容器的属性,如frontend、backend;或者一个release_track用于区分容器的环境,如canary、production等

1.定义label

公司与xx银行有一条专属的高速光纤通道,此通道只能与192.168.7.0网段进行通信,因此只能将与xx银行通信的应用部署到192.168.7.0网段所在的节点上,此时可以对节点进行Label(即加标签):

[root@k8s-master01 ~]# kubectl label node k8s-node02 region=subnet7
node/k8s-node02 labeled

然后,可以通过Selector对其筛选:

[root@k8s-master01 ~]# kubectl get no -l region=subnet7
NAME         STATUS   ROLES    AGE     VERSION
k8s-node02   Ready       3d17h   v1.17.3

最后,在Deployment或其他控制器中指定将Pod部署到该节点:

containers:
  ......
dnsPolicy: ClusterFirst
nodeSelector:
  region: subnet7
restartPolicy: Always
......

也可以用同样的方式对Service进行Label:

[root@k8s-master01 ~]# kubectl label svc canary-v1 -n canary-production env=canary version=v1
service/canary-v1 labeled

查看Labels:

[root@k8s-master01 ~]# kubectl get svc -n canary-production --show-labels
NAME        TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)    AGE   LABELS
canary-v1   ClusterIP   10.110.253.62           8080/TCP   24h   env=canary,version=v1

还可以查看所有Version为v1的svc:

[root@k8s-master01 canary]# kubectl get svc --all-namespaces -l version=v1
NAMESPACE           NAME        TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)    AGE
canary-production   canary-v1   ClusterIP   10.110.253.62           8080/TCP   25h

其他资源的Label方式相同。

2.Selector条件匹配

Selector主要用于资源的匹配,只有符合条件的资源才会被调用或使用,可以使用该方式对集群中的各类资源进行分配。
假如对Selector进行条件匹配,目前已有的Label如下:

[root@k8s-master01 ~]# kubectl get svc --show-labels
NAME          TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)    AGE     LABELS
details       ClusterIP   10.99.9.178      <none>        9080/TCP   45h     app=details
kubernetes    ClusterIP   10.96.0.1        <none>        443/TCP    3d19h   component=apiserver,provider=kubernetes
nginx         ClusterIP   10.106.194.137   <none>        80/TCP     2d21h   app=productpage,version=v1
nginx-v2      ClusterIP   10.108.176.132   <none>        80/TCP     2d20h   
productpage   ClusterIP   10.105.229.52    <none>        9080/TCP   45h     app=productpage,tier=frontend
ratings       ClusterIP   10.96.104.95     <none>        9080/TCP   45h     app=ratings
reviews       ClusterIP   10.102.188.143   <none>        9080/TCP   45h     app=reviews

选择app为reviews或者productpage的svc:

[root@k8s-master01 ~]# kubectl get svc -l  'app in (details, productpage)' --show-labels
NAME          TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)    AGE     LABELS
details       ClusterIP   10.99.9.178      <none>        9080/TCP   45h     app=details
nginx         ClusterIP   10.106.194.137   <none>        80/TCP     2d21h   app=productpage,version=v1
productpage   ClusterIP   10.105.229.52    <none>        9080/TCP   45h     app=productpage,tier=frontend

选择app为productpage或reviews但不包括version=v1的svc:

[root@k8s-master01 ~]# kubectl get svc -l  version!=v1,'app in (details, productpage)' --show-labels
NAME          TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)    AGE   LABELS
details       ClusterIP   10.99.9.178     <none>        9080/TCP   45h   app=details
productpage   ClusterIP   10.105.229.52   <none>        9080/TCP   45h   app=productpage,tier=frontend

选择labelkey名为app的svc:
[root@k8s-master01 ~]# kubectl get svc -l app –show-labels

NAME          TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)    AGE     LABELS
details       ClusterIP   10.99.9.178      <none>        9080/TCP   45h     app=details
nginx         ClusterIP   10.106.194.137   <none>        80/TCP     2d21h   app=productpage,version=v1
productpage   ClusterIP   10.105.229.52    <none>        9080/TCP   45h     app=productpage,tier=frontend
ratings       ClusterIP   10.96.104.95     <none>        9080/TCP   45h     app=ratings
reviews       ClusterIP   10.102.188.143   <none>        9080/TCP   45h     app=reviews

3.修改标签(Label)

在实际使用中,Label的更改是经常发生的事情,可以使用overwrite参数修改标签。
修改标签,比如将version=v1改为version=v2:

[root@k8s-master01 canary]# kubectl get svc -n canary-production --show-labels
NAME        TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)    AGE   LABELS
canary-v1   ClusterIP   10.110.253.62   <none>        8080/TCP   26h   env=canary,version=v1

[root@k8s-master01 canary]# kubectl label svc canary-v1 -n canary-production version=v2 --overwrite
service/canary-v1 labeled

[root@k8s-master01 canary]# kubectl get svc -n canary-production --show-labels
NAME        TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)    AGE   LABELS
canary-v1   ClusterIP   10.110.253.62   <none>        8080/TCP   26h   env=canary,version=v2

4.删除标签(Label)

删除标签,比如删除version:

[root@k8s-master01 canary]# kubectl label svc canary-v1 -n canary-production version-
service/canary-v1 labeled

[root@k8s-master01 canary]# kubectl get svc -n canary-production --show-labels
NAME        TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)    AGE   LABELS
canary-v1   ClusterIP   10.110.253.62   <none>        8080/TCP   26h   env=canary

二.Service

Service可以简单的理解为逻辑上的一组Pod。一种可以访问Pod的策略,而且其他Pod可以通过这个Service访问到这个Service代理的Pod。相对于Pod而言,它会有一个固定的名称,一旦创建就固定不变。
绑定svc和deploy等方法:svc中的spec.selector标签对应 deploy的spec.template.lables和spec.selector.matchLabels.

1.创建一个Service

首先定义deploy和svc的yaml

# cat nginx-deploy.yaml   
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: nginx
  name: nginx
  namespace: default
spec:
  progressDeadlineSeconds: 600
  replicas: 2
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      app: nginx
  strategy:
    rollingUpdate:
      maxSurge: 25%
      maxUnavailable: 25%
    type: RollingUpdate
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: nginx      //添加labels,app=nginx方便svc绑定
    spec:
      containers:
      - image: nginx:1.15.2
        imagePullPolicy: IfNotPresent
        name: nginx
        resources: {}
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
      dnsPolicy: ClusterFirst
      restartPolicy: Always
      schedulerName: default-scheduler
      securityContext: {}
      terminationGracePeriodSeconds: 30


# cat nginx-svc.yaml
apiVersion: v1
kind: Service
metadata:
  labels:
    app: nginx-svc
  name: nginx-svc
spec:
  ports:
  - name: http # Service端口的名称
    port: 80 # Service自己的端口, servicea --> serviceb http://serviceb,  http://serviceb:8080 
    protocol: TCP # UDP TCP SCTP default: TCP
    targetPort: 80 # 后端应用的端口
  - name: https
    port: 443
    protocol: TCP
    targetPort: 443
  selector:
    app: nginx      //设定nginx的label  
  sessionAffinity: None
  type: ClusterIP

创建deploy和svc

[root@k8s-master01 ~]# kubectl create -f nginx-deploy.yaml   //创建deploy
[root@k8s-master01 ~]# kubectl get po --show-labels   //查看label
NAME                     READY   STATUS    RESTARTS   AGE   LABELS
nginx-66bbc9fdc5-m6r2h   1/1     Running   0          16m   app=nginx,pod-template-hash=66bbc9fdc5
nginx-66bbc9fdc5-vgv44   1/1     Running   0          16m   app=nginx,pod-template-hash=66bbc9fdc5

[root@k8s-master01 ~]# kubectl create -f nginx-svc.yaml  //创建SVC
[root@k8s-master01 ~]# kubectl get svc   //查看svc
NAME         TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)          AGE
kubernetes   ClusterIP   10.96.0.1       <none>       443/TCP          104d
nginx-svc    ClusterIP   10.103.147.19   <none>        80/TCP,443/TCP   6s

验证

[root@k8s-master01 ~]# curl 10.103.147.19   //curl svc验证
...Welcome to nginx!...
[root@k8s-master01 ~]# kubectl logs -f nginx-66bbc9fdc5-m6r2h   //查看日志
172.169.244.192 - - [20/Jul/2021:14:39:35 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.29.0" "-"

[root@k8s-master01 ~]# kubectl get  pod 
NAME                     READY   STATUS    RESTARTS   AGE
nginx-66bbc9fdc5-m6r2h   1/1     Running   0          28m
nginx-66bbc9fdc5-vgv44   1/1     Running   0          28m
[root@k8s-master01 ~]# kubectl delete pod nginx-66bbc9fdc5-m6r2h nginx-66bbc9fdc5-vgv44   //删除pod
pod "nginx-66bbc9fdc5-m6r2h" deleted
pod "nginx-66bbc9fdc5-vgv44" deleted
[root@k8s-master01 ~]# kubectl get  pod -owide   //发现创建了别的Pod
NAME                     READY   STATUS    RESTARTS   AGE     IP                NODE           NOMINATED NODE   READINESS GATES
nginx-66bbc9fdc5-5jpdx   1/1     Running   0          3m25s   172.169.244.215   k8s-master01   <none>          <none>
nginx-66bbc9fdc5-c9rxk   1/1     Running   0          3m25s   172.169.244.214   k8s-master01   <none>          <none>
[root@k8s-master01 ~]# kubectl get ep   //查看endpoints
NAME         ENDPOINTS                                                                AGE
kubernetes   192.168.1.100:6443,192.168.1.101:6443,192.168.1.102:6443                 104d
nginx-svc    172.169.244.214:443,172.169.244.215:443,172.169.244.214:80 + 1 more...   10m
[root@k8s-master01 ~]# curl 10.103.147.19  //再次curl svc
...Welcome to nginx!...   //依旧成功

2.使用Service代理k8s外部应用

使用场景:
1.希望在生产环境中使用某个固定的名称而非IP地址进行访问外部的中间件服务
2.希望Service指向另一个Namespace中或其他集群中的服务
3.某个项目正在迁移至k8s集群,但是一部分服务仍然在集群外部,此时可以使用service代理至k8s集群外部的服务
方法:svc代理外部应用:先创建svc,其次创建与svc的label一致的ep,绑定代理的ip地址

a.定义svc的yaml
[root@k8s-master01 ~]# cat nginx-svc-external.yaml 
apiVersion: v1
kind: Service
metadata:
  labels:
    app: nginx-svc-external
  name: nginx-svc-external
spec:
  ports:
  - name: http # Service端口的名称
    port: 80 # Service自己的端口, servicea --> serviceb http://serviceb,  http://serviceb:8080 
    protocol: TCP # UDP TCP SCTP default: TCP
    targetPort: 80 # 后端应用的端口
  sessionAffinity: None
  type: ClusterIP

[root@k8s-master01 ~]# kubectl create -f nginx-svc-external.yaml   //创建
service/nginx-svc-external created
[root@k8s-master01 ~]# kubectl get svc  //查看,已有新SVC
NAME                 TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)          AGE
kubernetes           ClusterIP   10.96.0.1                443/TCP          104d
nginx-svc            ClusterIP   10.103.147.19            80/TCP,443/TCP   29m
nginx-svc-external   ClusterIP   10.109.109.212           80/TCP           4s
[root@k8s-master01 ~]# kubectl get ep   //没有ep的ip
NAME         ENDPOINTS                                                                AGE
kubernetes   192.168.1.100:6443,192.168.1.101:6443,192.168.1.102:6443                 104d
nginx-svc    172.169.244.214:443,172.169.244.215:443,172.169.244.214:80 + 1 more...   29m

b.定义ep的yaml
[root@k8s-master01 ~]# ping www.qq.com   //ping得到qq的地址
PING ins-r23tsuuf.ias.tencent-cloud.net (121.14.77.201) 56(84) bytes of data.

[root@k8s-master01 ~]# cat nginx-ep-external.yaml  //定义ep的yaml
apiVersion: v1
kind: Endpoints
metadata:
  labels:
    app: nginx-svc-external
  name: nginx-svc-external
  namespace: default
subsets:
- addresses:
  - ip: 121.14.77.201    //代理QQ的ip地址
  ports:
  - name: http
    port: 80
    protocol: TCP

[root@k8s-master01 ~]# kubectl create -f nginx-ep-external.yaml   //创建ep
endpoints/nginx-svc-external created
[root@k8s-master01 ~]# kubectl get ep    //查看ep,发现nginx-svc-external有了qq的代理ip
NAME                 ENDPOINTS                                                                AGE
kubernetes           192.168.1.100:6443,192.168.1.101:6443,192.168.1.102:6443                 104d
nginx-svc            172.169.244.214:443,172.169.244.215:443,172.169.244.214:80 + 1 more...   36m
nginx-svc-external   121.14.77.201:80                                                         12s
[root@k8s-master01 ~]# kubectl get svc //查看svc的地址
NAME                 TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)          AGE
kubernetes           ClusterIP   10.96.0.1                443/TCP          104d
nginx-svc            ClusterIP   10.103.147.19            80/TCP,443/TCP   37m
nginx-svc-external   ClusterIP   10.109.109.212           80/TCP           7m34s
[root@k8s-master01 ~]# curl 10.109.109.212 -I   //curl svc的地址,返回值404
HTTP/1.1 404 Not Found
Server: ias/1.4.2_1.17.3
Date: Tue, 20 Jul 2021 15:35:55 GMT
Content-Type: text/html
Content-Length: 157
Connection: keep-alive
c.修改ep的代理ip
[root@k8s-master01 ~]# ping www.baidu.com   //得到百度的IP:14.215.177.38
PING www.a.shifen.com (14.215.177.38) 56(84) bytes of data.
64 bytes from 14.215.177.38 (14.215.177.38): icmp_seq=1 ttl=128 time=8.04 ms

[root@k8s-master01 ~]# kubectl edit ep nginx-svc-external    //修改edit代理ip
apiVersion: v1
kind: Endpoints
metadata:
  creationTimestamp: "2021-07-20T15:34:51Z"
  labels:
    app: nginx-svc-external
  name: nginx-svc-external
  namespace: default
  resourceVersion: "152823"
  uid: d1bcb171-b746-4e34-9bee-2dfce180382c
subsets:
- addresses:
  - ip: 14.215.177.38   //修改成百度的IP 
  ports:
  - name: http
    port: 80
    protocol: TCP

[root@k8s-master01 ~]# kubectl get ep     //再次查看nginx-svc-external的ep地址已变成百度的ip
NAME                 ENDPOINTS                                                                AGE
kubernetes           192.168.1.100:6443,192.168.1.101:6443,192.168.1.102:6443                 105d
nginx-svc            172.169.244.214:443,172.169.244.215:443,172.169.244.214:80 + 1 more...   42m
nginx-svc-external   14.215.177.38:80                                                         6m18s
[root@k8s-master01 ~]# kubectl get svc   //查看svc
NAME                 TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)          AGE
kubernetes           ClusterIP   10.96.0.1                443/TCP          105d
nginx-svc            ClusterIP   10.103.147.19            80/TCP,443/TCP   43m
nginx-svc-external   ClusterIP   10.109.109.212           80/TCP           13m

[root@k8s-master01 ~]# curl 10.109.109.212 -I  //再次curl,发现返回值已经改变,返回302
HTTP/1.1 302 Found
Connection: keep-alive
Content-Length: 17931
Content-Type: text/html
Date: Tue, 20 Jul 2021 15:41:31 GMT
Etag: "54d9748e-460b"
Server: bfe/1.0.8.18

3.使用Service反向代理域名

方法:svc反向代理:直接创建绑定代理域名的svc,然后通过创建ingress添加访问域名绑定svc名称进行反向代理。
创建反代yaml

[root@k8s-master01 ~]#  cat nginx-externalName.yaml    
apiVersion: v1
kind: Service
metadata:
  labels:
    app: nginx-externalname
  name: nginx-externalname
spec:
  type: ExternalName
  externalName: www.baidu.com

[root@k8s-master01 ~]# kubectl apply -f nginx-externalName.yaml   //创建
service/nginx-externalname created
[root@k8s-master01 ~]# kubectl get svc 
NAME                 TYPE           CLUSTER-IP       EXTERNAL-IP     PORT(S)          AGE
kubernetes           ClusterIP      10.96.0.1        <none>          443/TCP          105d
nginx-externalname   ExternalName   <none>           www.baidu.com   <none>           23s
nginx-svc            ClusterIP      10.103.147.19    <none>          80/TCP,443/TCP   79m
nginx-svc-external   ClusterIP      10.109.109.212   <none>          80/TCP           49m

4.Service类型

1.ClusterIP:在集群内部使用,也是默认值。
2.ExternalName:通过返回定义的CNAME别名。
3.NodePort:在所有安装了kube-proxy的节点上打开一个端口,此端口可以代理至后端Pod,然后集群外部可以使用节点的IP地址和NodePort的端口号访问到集群Pod的服务。NodePort端口范围默认是30000-32767。
4.LoadBalancer:使用云提供商的负载均衡器公开服务。

a.NodePort
[root@k8s-master01 ~]# kubectl get svc -n kubernetes-dashboard    //查看kubernetes-dashboard的端口31058
NAME                        TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)         AGE
dashboard-metrics-scraper   ClusterIP   10.108.154.168   <none>        8000/TCP        105d
kubernetes-dashboard        NodePort    10.98.105.10     <none>        443:31058/TCP   105d

浏览器测试:https://192.168.1.100:31058       //本机ip+端口测试

更改nginx-svc的类型为NodePort

[root@k8s-master01 ~]# kubectl get svc   //查看nginx-svc为ClusterIP 
NAME                 TYPE           CLUSTER-IP       EXTERNAL-IP     PORT(S)          AGE
kubernetes           ClusterIP      10.96.0.1        <none>          443/TCP          105d
nginx-externalname   ExternalName   <none>           www.baidu.com  <none>           27m
nginx-svc            ClusterIP      10.103.147.19    <none>          80/TCP,443/TCP   105m
nginx-svc-external   ClusterIP      10.109.109.212   <none>          80/TCP           76m

[root@k8s-master01 ~]# kubectl edit svc nginx-svc  //修改
apiVersion: v1
kind: Service
metadata:
  creationTimestamp: "2021-07-20T14:58:14Z"
  labels:
    app: nginx-svc
  name: nginx-svc
  namespace: default
  resourceVersion: "160649"
  uid: 7c575d2d-cec3-4c73-b512-d3589421871d
spec:
  clusterIP: 10.103.147.19
  clusterIPs:
  - 10.103.147.19
  externalTrafficPolicy: Cluster
  ports:
  - name: http
    nodePort: 31000       //添加暴露端口
    port: 80
    protocol: TCP
    targetPort: 80
  - name: https
    nodePort: 31238      //添加暴露端口
    port: 443
    protocol: TCP
    targetPort: 443

  selector:
    app: nginx
  sessionAffinity: None
  type: NodePort    //修改为NodePort
status:
  loadBalancer: {}

[root@k8s-master01 ~]# kubectl get svc   //类型已发生改变
NAME                 TYPE           CLUSTER-IP       EXTERNAL-IP     PORT(S)                      AGE
kubernetes           ClusterIP      10.96.0.1        <none>          443/TCP                      105d
nginx-externalname   ExternalName   <none>           www.baidu.com   <none>                       31m
nginx-svc            NodePort       10.103.147.19    <none>          80:31000/TCP,443:31238/TCP   110m      
nginx-svc-external   ClusterIP      10.109.109.212   <none>          80/TCP                       80m

访问测试:

三.Ingress

通俗来讲,ingress和之前的Service、Deployment,也是一个k8s的资源类型,ingress用于实现用域名的方式访问k8s内部应用。

1.Ingress的安装

官方:ingress-nginx

a.首先安装helm管理工具:

https://helm.sh/docs/intro/install/
下载页:https://github.com/helm/helm/releases

[root@k8s-master01 opt]# wget https://get.helm.sh/helm-v3.6.3-linux-amd64.tar.gz

解压

[root@k8s-master01 opt]# tar -zxvf helm-v3.0.0-linux-amd64.tar.gz

在解压目中找到helm程序,移动到需要的目录中

[root@k8s-master01 opt]# mv linux-amd64/helm /usr/local/bin/helm
[root@k8s-master01 opt]# helm version  //查看版本
version.BuildInfo{Version:"v3.6.3", GitCommit:"d506314abfb5d21419df8c7e7e68012379db2354", GitTreeState:"clean", GoVersion:"go1.16.5"}
b.使用helm安装ingress:

https://kubernetes.github.io/ingress-nginx/deploy/#using-helm
1.添加ingress的helm仓库

[root@k8s-master01 opt]# helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx

2.下载ingress的helm包至本地

[root@k8s-master01 opt]# helm pull ingress-nginx/ingress-nginx

3.更改对应的配置

[root@k8s-master01 opt]# tar xf ingress-nginx-3.6.0.tgz
[root@k8s-master01 opt]# cd ingress-nginx
[root@k8s-master01 ingress-nginx]# vim values.yaml

4.需要修改的位置

a)Controller和admissionWebhook的镜像地址,需要将公网镜像同步至公司内网镜像仓库(需要自行同步gcr镜像的,可以百度查一下使用阿里云同步gcr的镜像,也可以参考这个连接https://blog.csdn.net/weixin_39961559/article/details/80739352,或者参考这个连接: https://blog.csdn.net/sinat_35543900/article/details/103290782)
b)hostNetwork设置为true
c)dnsPolicy设置为 ClusterFirstWithHostNet
d)NodeSelector添加ingress: "true"部署至指定节点
e)类型更改为kind: DaemonSet

5.部署ingress
给需要部署ingress的节点上打标签

[root@k8s-master01 ingress-nginx]# kubectl label node k8s-master03 ingress=true
[root@k8s-master01 ingress-nginx]# kubectl create ns ingress-nginx
[root@k8s-master01 ingress-nginx]# helm install ingress-nginx -n ingress-nginx .
[root@k8s-master01 ingress-nginx]# kubectl get pod -n ingress-nginx //成功
NAME                                   READY   STATUS      RESTARTS   AGE
ingress-nginx-controller-ftpj2         1/1     Running     0          104s

6.将ingress controller部署至Node节点(ingress controller不能部署在master节点,实验步骤将ingress controller部署至Node节点,生产环境最少三个ingress controller,并且最好是独立的节点)

[root@k8s-master01 ingress-nginx]# kubectl label node k8s-node01 ingress=true     //扩容ingress
[root@k8s-master01 ~]# kubectl get pod -n ingress-nginx 
NAME                                   READY   STATUS      RESTARTS   AGE
ingress-nginx-controller-ftpj2         1/1     Running     0          11m
ingress-nginx-controller-hxxfz         1/1     Running     0          3m6s

[root@k8s-master01 ingress-nginx]# kubectl label node k8s-master03 ingress-    //缩容ingress
[root@k8s-master01 ~]# kubectl get pod -n ingress-nginx -owide     //只在node1有ingress了
NAME                                   READY   STATUS      RESTARTS   AGE     IP                NODE           NOMINATED NODE   READINESS GATES
ingress-nginx-controller-hxxfz         1/1     Running     0          6m25s   192.168.1.103     k8s-node01     <none>           <none>

[root@k8s-node01 ~]# ss -ltunp | grep 80     //在node01下查看端口
tcp    LISTEN     0      16384     *:80                    *:*                   users:(("nginx",pid=117465,fd=19),("nginx",pid=117453,fd=19))
tcp    LISTEN     0      16384     *:80                    *:*                   users:(("nginx",pid=117464,fd=11),("nginx",pid=117453,fd=11))
tcp    LISTEN     0      16384  [::]:80                 [::]:*                   users:(("nginx",pid=117464,fd=12),("nginx",pid=117453,fd=12))
tcp    LISTEN     0      16384  [::]:80                 [::]:*                   users:(("nginx",pid=117465,fd=20),("nginx",pid=117453,fd=20))
[root@k8s-node01 ~]# ps -ef | grep nginx    //在node01下查看进程,已经存在
101      117400 117368  0 03:26 ?        00:00:00 /usr/bin/dumb-init -- /nginx-ingress-controller --election-id=ingress-controller-leader --ingress-class=nginx --configmap=ingress-nginx/ingress-nginx-controller --validating-webhook=:8443 --validating-webhook-certificate=/usr/local/certificates/cert --validating-webhook-key=/usr/local/certificates/key
101      117434 117400  0 03:26 ?        00:00:00 /nginx-ingress-controller --election-id=ingress-controller-leader --ingress-class=nginx --configmap=ingress-nginx/ingress-nginx-controller --validating-webhook=:8443 --validating-webhook-certificate=/usr/local/certificates/cert --validating-webhook-key=/usr/local/certificates/key
101      117453 117434  0 03:26 ?        00:00:00 nginx: master process /usr/local/nginx/sbin/nginx -c /etc/nginx/nginx.conf
101      117464 117453  0 03:26 ?        00:00:00 nginx: worker process
101      117465 117453  0 03:26 ?        00:00:00 nginx: worker process
101      117466 117453  0 03:26 ?        00:00:00 nginx: cache manager process
root     121311   4731  0 03:31 pts/0    00:00:00 grep --color=auto nginx

2.Ingress的使用

ingress作用:可以创建绑定svc,然后通过访问ingress绑定的域名跳转到svc。
注意:1.设置svc的端口。2.多个域名直接在里面加然后replace。3.解析IP为ingress安装节点的IP

a.nginx-svc使用

创建一个ingress

[root@k8s-master01 ~]# vim ingress-nginx-svc.yaml
apiVersion: networking.k8s.io/v1beta1 # networking.k8s.io/v1 / extensions/v1beta1 
kind: Ingress
metadata:
  annotations:
    kubernetes.io/ingress.class: "nginx"   #声明用nginx的ingress
  name: example
spec:
  rules: # 一个Ingress可以配置多个rules
  - host: foo.bar.com # 域名配置,可以不写,匹配*, *.bar.com
    http:
      paths: # 相当于nginx的location配合,同一个host可以配置多个path / /abc
      - backend:
          serviceName: nginx-svc
          servicePort: 80
        path: /

[root@k8s-master01 ~]# kubectl create -f ingress-nginx-svc.yaml   //创建
Warning: networking.k8s.io/v1beta1 Ingress is deprecated in v1.19+, unavailable in v1.22+; use networking.k8s.io/v1 Ingress
ingress.networking.k8s.io/example created

[root@k8s-master01 ~]# kubectl get ingress   //查看ingress
NAME      CLASS    HOSTS         ADDRESS         PORTS   AGE
example   <none>   foo.bar.com   192.168.1.103   80      102s

由于foo.bar.com是测试域名,修改本机hosts文件即可(路径:C:\Windows\System32\drivers\etc\ 用记事本打开)
末尾添加:192.168.1.103 foo.bar.com 保存退出(ip为ingress安装节点的IP)
浏览器访问测试:

b.创建一个多域名ingress
[root@k8s-master01 ~]# vim ingress-mulDomain.yaml  //创建多域名ingress-yaml
apiVersion: networking.k8s.io/v1beta1 # networking.k8s.io/v1 / extensions/v1beta1 
kind: Ingress
metadata:
  annotations:
    kubernetes.io/ingress.class: "nginx"
  name: example
spec:
  rules: # 一个Ingress可以配置多个rules
  - host: foo.bar.com # 域名配置,可以不写,匹配*, *.bar.com
    http:
      paths: # 相当于nginx的location配合,同一个host可以配置多个path / /abc
      - backend:
          serviceName: nginx-svc
          servicePort: 80
        path: /
  - host: foo2.bar.com # 域名配置,可以不写,匹配*, *.bar.com
    http:
      paths: # 相当于nginx的location配合,同一个host可以配置多个path / /abc
      - backend:
          serviceName: nginx-svc-external    //添加另一个svc
          servicePort: 80
        path: /

[root@k8s-master01 ~]# kubectl replace -f ingress-mulDomain.yaml    //由于之前创建了ingress,所以用replace更新
Warning: networking.k8s.io/v1beta1 Ingress is deprecated in v1.19+, unavailable in v1.22+; use networking.k8s.io/v1 Ingress
ingress.networking.k8s.io/example replaced

[root@k8s-master01 ~]# kubectl get ingress   //查看
NAME      CLASS    HOSTS                      ADDRESS         PORTS   AGE
example   <none>   foo.bar.com,foo2.bar.com   192.168.1.103   80      23m

修改本机hosts文件
末尾添加保存:192.168.1.103 foo.bar.com foo2.bar.com
浏览器验证

暂无评论

发送评论 编辑评论


				
|´・ω・)ノ
ヾ(≧∇≦*)ゝ
(☆ω☆)
(╯‵□′)╯︵┴─┴
 ̄﹃ ̄
(/ω\)
∠( ᐛ 」∠)_
(๑•̀ㅁ•́ฅ)
→_→
୧(๑•̀⌄•́๑)૭
٩(ˊᗜˋ*)و
(ノ°ο°)ノ
(´இ皿இ`)
⌇●﹏●⌇
(ฅ´ω`ฅ)
(╯°A°)╯︵○○○
φ( ̄∇ ̄o)
ヾ(´・ ・`。)ノ"
( ง ᵒ̌皿ᵒ̌)ง⁼³₌₃
(ó﹏ò。)
Σ(っ °Д °;)っ
( ,,´・ω・)ノ"(´っω・`。)
╮(╯▽╰)╭
o(*////▽////*)q
>﹏<
( ๑´•ω•) "(ㆆᴗㆆ)
😂
😀
😅
😊
🙂
🙃
😌
😍
😘
😜
😝
😏
😒
🙄
😳
😡
😔
😫
😱
😭
💩
👻
🙌
🖕
👍
👫
👬
👭
🌚
🌝
🙈
💊
😶
🙏
🍦
🍉
😣
Source: github.com/k4yt3x/flowerhd
颜文字
Emoji
小恐龙
花!
上一篇
下一篇