服务器信息
master:192.168.201.1
node1:192.168.101.2
node2:192.168.101.3
1、查找nginx-ingresshelm search repo nginx-ingress
选择这个nginx/nginx-ingress
2、展示values.yaml文件,分析helm安装nginx ingress的命令行覆盖参数(很重要)helm show values nginx/nginx-ingress
3、安装nginx-ingresskubectl create namespace nginx-ingress
helm install gateway nginx/nginx-ingress \
--namespace nginx-ingress \
--set controller.hostNetwork=true \
--set controller.healthStatus=true \
--set controller.service.type=NodePort \
--set controller.service.httpPort.nodePort=30080 \
--set controller.service.httpsPort.nodePort=30443
使用NodePort网络访问方式,http端口为30080,https端口为30443
4、安装显示NAME: gateway
LAST DEPLOYED: Wed Nov 4 09:40:59 2020
NAMESPACE: nginx-ingress
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
The NGINX Ingress Controller has been installed.
5、查看podkubectl get pod -n nginx-ingress -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
gateway-nginx-ingress-84fd9b79fd-6qscj 1/1 Running 0 2m54s 192.168.101.2 k8s-node1 <none> <none>
6、ingress-controller的作用
实现反向代理及负载均衡的功能,对ingress定义的规则进行解析,根据配置的规则来实现请求转发。也就是说有了一个外网的统一入口。网上有些文章会先打一个边缘节点的label,在安装时指定nodeSelector,也是这个作用,就是指定了一个对外暴露的公网ip地址
7、查看node1和node2
由于这个pod的副本只有一份,放到了node1上
所以node1上拉取了nginx/nginx-ingress 1.9.0的docker镜像
在集群所有服务器上都监听了30080和30443端口
8、访问健康检查地址
分两种情况
1)本机访问本机IP
master访问:curl http://192.168.201.1:30080/nginx-health
node1访问:curl http://192.168.101.2:30080/nginx-health
node2访问:curl http://192.168.101.3:30080/nginx-health
2)集群外及master、node2访问node1 IPcurl http://192.168.101.2:30080/nginx-health
3)都返回healthy
9、查看nginx-ingress资源kubectl get all -n nginx-ingress
NAME READY STATUS RESTARTS AGE
pod/gateway-nginx-ingress-84fd9b79fd-6qscj 1/1 Running 0 4m43s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/gateway-nginx-ingress NodePort 10.102.221.147
10、更新nginx-ingress配置(需要全量参数)
执行:helm install gateway nginx/nginx-ingress \
--namespace nginx-ingress \
--set controller.hostNetwork=true \
--set controller.healthStatus=true \
--set controller.service.type=NodePort \
--set controller.service.httpPort.nodePort=30080 \
--set controller.service.httpsPort.nodePort=30443 \
--set enableTLSPassthrough=true
提示:Release "gateway" has been upgraded. Happy Helming!
NAME: gateway
LAST DEPLOYED: Sun Nov 22 07:35:52 2020
NAMESPACE: nginx-ingress
STATUS: deployed
REVISION: 2
TEST SUITE: None
NOTES:
The NGINX Ingress Controller has been installed.
参考资料:
https://blog.csdn.net/twingao/article/details/105157724
https://www.cnblogs.com/iiiiher/p/8051947.html