Ingress是什么?
An API object that manages external access to the services in a cluster, typically HTTP.
Ref: https://kubernetes.io/docs/concepts/services-networking/ingress/
HTTP方式暴露K8S服务到集群外面。
和NodePort方式和LoadBalancer方式的不同?
An Ingress does not expose arbitrary ports or protocols. Exposing services other than HTTP and HTTPS to the internet typically uses a service of type Service.Type=NodePort or Service.Type=LoadBalancer.
除了提供HTTP,HTTPS的服务之外, 还有很多以TCP方式提供服务的如Redis等数据库是不能用Ingress方式暴露服务的,也就是说Ingress只适合Web应用或提供HTTP Restful API的应用。
部署Ingress Controller
Nginx
这个找Docker镜像真的是很烦,有一个库:https://quay.io/repository/被墙了,所以镜像包一直下载不下来,
可以去Docker hub上找一个镜像:
很奇怪,我这里下载了之后,docker竟然自动给镜像打了另一个tag.
2
3
4
2quay.io/kubernetes-ingress-controller/nginx-ingress-controller 0.26.1 29024c9c6e70 6 weeks ago 483MB
3
4
pod日志里面,额,什么都没有:
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
2 Type Reason Age From Message
3 ---- ------ ---- ---- -------
4 Normal Scheduled <unknown> default-scheduler Successfully assigned ingress-nginx/nginx-ingress-controller-568867bf56-6h6fv to k8s-master
5 Warning Failed 42m kubelet, k8s-master Failed to pull image "quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1": rpc error: code = Unknown desc = read tcp 192.168.0.148:60704->99.86.193.171:443: read: connection reset by peer
6 Warning Failed 31m (x3 over 52m) kubelet, k8s-master Failed to pull image "quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1": rpc error: code = Unknown desc = net/http: TLS handshake timeout
7 Normal Pulling 31m (x5 over 65m) kubelet, k8s-master Pulling image "quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1"
8 Warning Failed 30m (x5 over 52m) kubelet, k8s-master Error: ErrImagePull
9 Warning Failed 30m kubelet, k8s-master Failed to pull image "quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1": rpc error: code = Unknown desc = unexpected EOF
10 Normal SandboxChanged 30m kubelet, k8s-master Pod sandbox changed, it will be killed and re-created.
11 Normal BackOff 30m (x7 over 52m) kubelet, k8s-master Back-off pulling image "quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1"
12 Warning Failed 30m (x7 over 52m) kubelet, k8s-master Error: ImagePullBackOff
13 Normal Pulled 29s kubelet, k8s-master Successfully pulled image "quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1"
14 Normal Created 29s kubelet, k8s-master Created container nginx-ingress-controller
15 Normal Started 28s kubelet, k8s-master Started container nginx-ingress-controller
16
17
18
总之,镜像搞定了,服务也自动起来了。
Ref
https://github.com/kubernetes/ingress-nginx/blob/master/docs/deploy/index.md\#verify-installation
创建Ingress对象
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
2kind: Ingress
3metadata:
4 name: test-ingress
5 annotations:
6 nginx.ingress.kubernetes.io/rewrite-target: /
7spec:
8 rules:
9 - http:
10 paths:
11 - path: /testpath
12 backend:
13 -- 后端的服务名和端口
14 serviceName: test
15 servicePort: 80
16
17
2
3
4
5
6
2NAME HOSTS ADDRESS PORTS AGE
3test-ingress * 80 3m35s
4
5
6
bare-metal
这里发现我这里Ingress没有被分配ADDRESS,少一个步骤是:
2
3
2
3
因为我是自己虚拟机搭建,所以属于Bare-metal,而不属于Cloud-Provider.
这个步骤执行完,
2
3
4
5
6
7
8
9
2NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
3ingress-nginx NodePort 10.97.136.122 <none> 80:31164/TCP,443:32406/TCP 28s
4[root@k8s-master tomcat]# kubectl get ingress test-ingress
5NAME HOSTS ADDRESS PORTS AGE
6test-ingress * 10.97.136.122 80 25m
7
8
9
之后我可以在物理机上通过http://192.168.0.148:31164/tomcat来访问tomcat服务,但是页面的CSS都找不到,通过端口直接暴露的却可以找到。
???
