Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

Multiple Ingress controllers (multi-ingress deployment)

2025-03-30 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >

Share

Shulou(Shulou.com)06/02 Report--

Background:

1. The business has personalized requirements, such as deploying agent analysis logs and providing alarms on nginx, but the service does not pay attention to the logs of other businesses.

2. Every time the business changes, the nginx worker process has to execute reload. As the volume of business increases, reload will become more and more frequent. Splitting ingress can effectively avoid business interaction.

# add different tags to the machine, such as azone/bzone to distinguish Zone A from Zone B.

Kubectl label node test-node-1.1.1.1 ingress-role= "azone"

Kubectl label node test-node-2.2.2.2 ingress-role= "bzone"

# create ingress

Root@ubuntu:/home/test# kubectl apply-f nginx-ingress-controller-ds-azone.yml

Root@ubuntu:/home/test# kubectl apply-f nginx-ingress-controller-ds-bzone.yml

# View deployment of ingress instances

Root@ubuntu:/home/test# kubectl get pod-n kube-system-o wide | grep nginx

Azone-nginx-ingress-controller-d92zq 1/1 Running 0 2m 10.26.129.21 test-node-1.1.1.1

Bzone-nginx-ingress-controller-dswv9 1/1 Running 0 2m 10.26.129.22 test-node-2.2.2.2

# nginx-controller is configured as follows

ApiVersion: extensions/v1beta1

Kind: DaemonSet

Metadata:

Name: azone-nginx-ingress-controller

Labels:

App: ingress-nginx

Namespace: kube-system

Spec:

Template:

Metadata:

Labels:

App: ingress-nginx

Annotations:

Prometheus.io/scrape: "true"

Prometheus.io/port: "10254"

Prometheus.io/type: "ingress-nginx"

Spec:

HostNetwork: true

Tolerations:

-key: "node-role.kubernetes.io/ingress"

Operator: "Equal"

Value: "true"

Effect: "NoSchedule"

NodeSelector:

Node-role.kubernetes.io/ingress: "true"

Ingress-role: "azone" # add the specified tag and bind the fixed deployment machine

ServiceAccountName: admin

Containers:

-name: azone-nginx-ingress-controller

Image: registry.cn-hangzhou.aliyuncs.com/test/ingress-controller:0.15.0-10

Args:

-/ nginx-ingress-controller

-default-backend-service=$ (POD_NAMESPACE) / default-http-backend

-configmap=$ (POD_NAMESPACE) / nginx-configuration

-tcp-services-configmap=$ (POD_NAMESPACE) / tcp-services

-udp-services-configmap=$ (POD_NAMESPACE) / udp-services

-publish-service=$ (POD_NAMESPACE) / ingress-nginx

-annotations-prefix=nginx.ingress.kubernetes.io

-vici2

-enable-dynamic-configuration=true

-ingress-class=azone # specify ingress-class attribute

Env:

-name: POD_NAME

ValueFrom:

FieldRef:

FieldPath: metadata.name

-name: COLLECT_LOG_DOCKER_DATA_WEBLOG

Value: "true"

-name: POD_NAMESPACE

ValueFrom:

FieldRef:

FieldPath: metadata.namespace

Ports:

-name: http

ContainerPort: 80

-name: https

ContainerPort: 443

VolumeMounts:

-name: localtime-config

MountPath: / etc/localtime

LivenessProbe:

FailureThreshold: 3

HttpGet:

Path: / healthz

Port: 10254

Scheme: HTTP

InitialDelaySeconds: 10

PeriodSeconds: 10

SuccessThreshold: 1

TimeoutSeconds: 1

ReadinessProbe:

FailureThreshold: 3

HttpGet:

Path: / healthz

Port: 10254

Scheme: HTTP

PeriodSeconds: 10

SuccessThreshold: 1

TimeoutSeconds: 1

Volumes:

-name: localtime-config

HostPath:

Path: / etc/localtime

# create ingress and bind class in configuration

Root@ubuntu:/home/test# cat azone-test.aaa.com-ingress.yml

ApiVersion: extensions/v1beta1

Kind: Ingress

Metadata:

Name: azone-test-ingress-https

Annotations:

Kubernetes.io/ingress.class: "azone" # bind ingress-class

Nginx.ingress.kubernetes.io/ssl-redirect: "false"

Spec:

Rules:

-host: azone-test.aaa.com

Http:

Paths:

-path: /

Backend:

ServiceName: azone-test-svc

ServicePort: 80

# check the binding situation

Root@ubuntu:/home/wuguihong1# kubectl-n kube-system get pod-o wide | grep nginx

Azone-ingress-controller-d92zq 1/1 Running 0 16h 10.26.129.21 test-node-1.1.1.1

Bzone-ingress-controller-62458 1/1 Running 0 15h 10.26.129.22 test-node-2.2.2.2

Root@ubuntu:/home/test# kubectl-n kube-system exec azone-ingress-controller-d92zq cat / etc/nginx/nginx.conf | grep azone-test.aaa.com

Server_name azone-test.aaa.com

Root@ubuntu:/home/test# kubectl-n kube-system exec bzone-ingress-controller-62458 cat / etc/nginx/nginx.conf | grep azone-test.aaa.com

You can see that one ingress-controller is running on each of the two node nodes, and the domain name of azone-test.aaa.com is bound to azone, but not to bzone.

Reference:

Multiple Ingress controllers

Https://kubernetes.github.io/ingress-nginx/user-guide/multiple-ingress/

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 286

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

Servers

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report