Implementation of ingress---- in k8s cluster based on nginx 03/04 Update SLTechnology News&Howtos

Implementation of ingress---- in k8s cluster based on nginx

2025-03-04 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >

Shulou(Shulou.com)06/02 Report--

Create ingress based on nginx

1. Create ingress controller pod and svc based on nginx.

$docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-ingress-controller:0.25.0

$wget https://github.com/kubernetes/ingress-nginx/blob/master/deploy/static/mandatory.yaml

$mv mandatory.yaml nginx-ingress-controller.yaml

$vim nginx-ingress-controller.yaml

ApiVersion: v1kind: Namespacemetadata: name: ingress-nginx labels: app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginx---kind: ConfigMapapiVersion: v1metadata: name: nginx-configuration namespace: ingress-nginx labels: app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginx---kind: ConfigMapapiVersion: v1metadata: name: tcp-services namespace: ingress-nginx labels: app.kubernetes.io/ Name: ingress-nginx app.kubernetes.io/part-of: ingress-nginx---kind: ConfigMapapiVersion: v1metadata: name: udp-services namespace: ingress-nginx labels: app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginx---apiVersion: v1kind: ServiceAccountmetadata: name: nginx-ingress-serviceaccount namespace: ingress-nginx labels: app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginx- -- apiVersion: rbac.authorization.k8s.io/v1beta1kind: ClusterRolemetadata: name: nginx-ingress-clusterrole labels: app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginxrules:-apiGroups:-"" resources:-configmaps-endpoints-nodes-pods-secrets verbs:-list-watch-apiGroups:-"" Resources:-nodes verbs:-get-apiGroups:-"" resources:-services verbs:-get-list-watch-apiGroups:-"" resources:-events verbs:-create-patch-apiGroups:-"extensions"-"networking.k8s.io" resources:-ingresses Verbs:-get-list-watch-apiGroups:-extensions-"networking.k8s.io" resources:-ingresses/status verbs:-update---apiVersion: rbac.authorization.k8s.io/v1beta1kind: Rolemetadata: name: nginx-ingress-role namespace: ingress-nginx labels: app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginxrules: -apiGroups:-"" resources:-configmaps-pods-secrets-namespaces verbs:-get-apiGroups:-"" resources:-configmaps resourceNames:-"ingress-controller-leader-nginx" verbs:-get-update-apiGroups:-"" resources:-configmaps verbs: -create-apiGroups:-"" resources:-endpoints verbs:-get---apiVersion: rbac.authorization.k8s.io/v1beta1kind: name: nginx-ingress-role-nisa-binding namespace: ingress-nginx labels: app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginxroleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: nginx-ingress-rolesubjects:-kind: ServiceAccount Name: nginx-ingress-serviceaccount namespace: ingress-nginx---apiVersion: rbac.authorization.k8s.io/v1beta1kind: ClusterRoleBindingmetadata: name: nginx-ingress-clusterrole-nisa-binding labels: app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginxroleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: nginx-ingress-clusterrolesubjects:-kind: ServiceAccount name: nginx-ingress-serviceaccount namespace: ingress-nginx---apiVersion: apps/ V1kind: Deploymentmetadata: name: nginx-ingress-controller namespace: ingress-nginx labels: app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginxspec: replicas: 1 selector: matchLabels: app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginx template: metadata: labels: app.kubernetes.io/name: ingress-nginx app.kubernetes.io / part-of: ingress-nginx annotations: prometheus.io/port: "10254" prometheus.io/scrape: "true" spec: serviceAccountName: nginx-ingress-serviceaccount containers:-name: nginx-ingress-controller image: registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-ingress-controller:0.25.0 # modify the image file Args:-/ nginx-ingress-controller-- configmap=$ (POD_NAMESPACE) / nginx-configuration-tcp-services-configmap=$ (POD_NAMESPACE) / tcp-services- udp-services-configmap=$ (POD_NAMESPACE) / udp-services- publish-service=$ (POD_NAMESPACE) / ingress-nginx-annotations -prefix=nginx.ingress.kubernetes.io securityContext: allowPrivilegeEscalation: true capabilities: drop:-ALL add:-NET_BIND_SERVICE runAsUser: 33 env:-name: POD_NAME valueFrom: fieldRef: FieldPath: metadata.name-name: POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace ports:-name: http containerPort: 80 hostPort: 80 # add hostPort-name: https containerPort: 443livenessProbe: FailureThreshold: 3 httpGet: path: / healthz port: 10254 scheme: HTTP initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 10 readinessProbe: failureThreshold: 3 httpGet: path: / healthz port: 10254 scheme: HTTP periodSeconds: 10 successThreshold: 1 timeoutSeconds: 10

$kubectl get pod-n ingress-nginx-o wide | grep ingress

Create a svc using the command

$kubectl expose deployment nginx-ingress-controller-- name=ingress-nginx-- type=NodePort-n ingress-nginx

$kubectl get svc-n ingress-nginx | grep ingress

2. Create application pod and svc

$kubectl run nginx1-image=nginx-port=80

$kubectl run nginx3-image=nginx-port=80

$kubectl run nginx5-image=nginx-port=80

$kubectl expose deployment nginx1-name=nginx1

$kubectl expose deployment nginx3-name=nginx3

$kubectl expose deployment nginx5-name=nginx5

$kubectl get pod | grep nginx

$kubectl exec nginx1-6697bccbf9-gdcxd-it bash

/ # cd / usr/share/nginx/html/

/ # echo 11111 > index.html

$kubectl exec nginx3-b869cb8df-5vfgg-it bash

/ # cd / usr/share/nginx/html/

/ # mkdir rhce

/ # echo 33333 > rhce/index.html

$kubectl exec nginx5-76c7c85869-4ttrr-it bash

/ # cd / usr/share/nginx/html/

/ # echo 55555 > index.html

3. Create an ingress policy for pod and svc applications

ApiVersion: extensions/v1beta1kind: Ingressmetadata: name: myingressspec: rules:-host: www.rhce.cc http: paths:-path: / # Web page file must be in / usr/share/nginx/html/ backend: serviceName: nginx1 servicePort: 80-path: / rhce # Web page file must be in / usr/share/nginx/html/rhce/ backend: ServiceName: nginx3 servicePort: 80-host: www5.rhce.cc http: paths:-path: / backend: serviceName: nginx5 servicePort: 80$ kubectl get ingressmyingress www.example.cc Www5.example.cc 80 81d4 、 Access test to see which node the ingress controller pod uses $kubectl get pod-n ingress-nginx-o wide to simulate dns$ vim / etc/hosts192.168.1.241 www.example.cc192.168.1.241 www5.example.cc http://www.example.cc on server241.example.com-access nginx1 http://www.example.cc/rhce-access nginx3 http://www5.example.cc-access nginx5

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.