In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-01-16 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >
Share
Shulou(Shulou.com)06/02 Report--
Kubernetes Ingress is used to add rules to route traffic from outside to the services of the Kubernetes cluster. In this article you will learn about the concept of ingress and the ingress controller used to route external traffic to Kubernetes deployment.
Typically, custom Nginx or HAproxy Kubernetes deployments are exposed as services that are used to proxy external traffic to services in the internal cluster. Where the routing rule will be bake to Pod and added as configmap. Kubernetes ingress behaves similarly, except that routing rules are maintained as Kubernetes ingress objects. It has the great advantage of dynamic routing rule configuration, so there is no need to redeploy proxy pods.
A brief Analysis of getting started with Kubernetes Ingress
To get started with Kubernetes Ingress, you need to understand the following two key concepts:
1 、 Kubernetes Ingress
2 、 Kubernetes Ingress Controller
Let's learn one by one.
Kubernetes Ingress
Kubernetes Ingress is a native Kubernetes resource, and you can set rules to route traffic from outside to service endpoints within the cluster. It requires an Ingress Controller to route the rules specified by the ingress object. The Ingress object is as follows:
ApiVersion: extensions/v1beta1kind: Ingressmetadata: name: test-ingress namespace: devspec: rules:-host: test.apps.example.com http: paths:-backend: serviceName: hello-service servicePort: 80
The above declaration means that all calls to test.apps.example.com should hit a service named hello-service, which is located in the dev namespace.
The key things you need to know about Ingress objects are as follows:
You should create ingress rules in the namespace of the service you deploy. If you are in other namespaces that do not have ingress objects, you will not be able to route traffic into the service.
An ingress object needs an ingress controller to route traffic
External traffic will not hit ingress API, but will be hit ingress controller services. Kubernetes Ingress Controller
Ingress controller is a typical proxy service deployed in a cluster, and it is only exposed to the Kubernetes deployment of the service. The following Ingress Controller is available for Kubernetes:
Nginx Ingress Controller
Traefik
HAproxy
Contour
GKE Ingress Controller
At present, Nginx is the choice of most enterprises. Here is how Nginx Ingress Controller works:
The nginx.conf file inside Nginx controller pod is a go template that communicates with Kubernetes Ingress API and gets the latest value of traffic routing in real time.
Nginx controller communicates with Kubernetes ingress API to check if rules have been created for traffic routing.
If it finds any ingress rules, it will apply to the Nginx Controller configuration, that is, the nginx.conf file in pod using the go template.
If you use exec to connect to pod and check the / etc/nginx/nginx.conf file, you can see all the rules specified in the ingress object applied in the conf file.
The following architecture diagram explains the ingress settings on a Kubernetes cluster.
Next, let's take a closer look at how to set up Ingress in Kubernetes using Nginx Ingress Controller.
Preparation in advance
A Kubernetes cluster
Installed kubectl and authenticated Kubernetes cluster
Administrator access to the Kubernetes cluster
Point to the valid domain of the ingress controller load balancer
If you are on Google Cloud, please assign administrator rights to your account to enable the cluster role.
ACCOUNT=$ (gcloud info-- format='value (config.account)') kubectl create clusterrolebinding owner-cluster-admin-binding\-- clusterrole cluster-admin\-- user $ACCOUNT
Please note that this tutorial has been tried on the Google Cloud GKE cluster. In theory, it can be used in all cloud environments. If you do encounter any errors, you may need to make some adjustments in the settings.
Set up Nginx Ingress Controller
There are two nginx ingress controller:
Nginx ingress controller of the Kubernetes community: https://github.com/kubernetes/ingress-nginx
Nginx's Nginx ingress controller: https://github.com/nginxinc/kubernetes-ingress
We will use the nginx controller of the Kubernetes community.
Ingress controller requires specific namespaces, service accounts, cluster role bindings, configmap, and so on. Therefore, you need to use the yaml file in the official ingress repo to create the mentioned Kubernetes object.
Official repo:
Https://github.com/kubernetes/ingress-nginx/tree/master/deploy
Let's deploy ingress controller using the mandatory.yaml file, which you can find at the official repo. It has a list of Kubernetes objects required by nginx.
Let's use kubectl to create a Nginx controller deployment:
Kubectl apply-f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/mandatory.yaml
Check the ingress controller pod to make sure it is set correctly:
Kubectl get pods-n ingress-nginx sets the LoadBalancer service for Ingress Controller
The next step is to create a service of type LoadBalancer to expose the nginx controller deployment outside the cluster.
Step1: create a project directory locally and change to that directory.
Mkdir ingress-deployment & & cd ingress-deployment
Step2: create a file called nginx-ingress.yaml
Vi nginx-ingress.yaml
Step3: copy the following to a file
Please note: annotation under label is very important for nginx controller deployment integration
Kind: ServiceapiVersion: v1metadata:name: ingress-nginxnamespace: ingress-nginxlabels:app.kubernetes.io/name: ingress-nginxapp.kubernetes.io/part-of: ingress-nginxspec:externalTrafficPolicy: Localtype: LoadBalancerselector:app.kubernetes.io/name: ingress-nginxapp.kubernetes.io/part-of: ingress-nginxports:- name: httpport: 80targetPort: http- name: httpsport: 443targetPort: https
Step4: creating an ingress service
Kubectl apply-f nginx-ingress.yaml
Step5: check whether the created service is connected to an external load balancer
Kubectl get svc-n ingress-nginx maps domain names to Loadbalancer IP
In order for our ingress settings to work, we need to map a domain name to the load balancer IP. You can do this in two ways.
Single DNS Mappin
You can map a single domain as an A record directly to the load balancer IP. With this feature, you can only provide one domain for ingress controller and can route traffic based on multiple paths.
For example:
Www.example.com-- > Loadbalancer IP
You can use this model for path-based routing.
Here are a few examples:
Http://www.example.com/app1http://www.example.com/app2http://www.example.com/app1/apihttp://www.example.com/app2/api wildcard DNS mapping
If you map a wildcard DNS to a load balancer, you can have dynamic DNS endpoints through ingress.
For example:
* .apps.example.com
In this way, you can have multiple dynamic subdomains through a single ingress controller, and each DNS has its own path-based routing.
For example:
# URL one http://demo1.apps.example.com/apihttp://demo1.apps.example.com/api/v1http://demo1.apps.example.com/api/v2#URL two http://demo2.apps.example.com/apihttp://demo2.apps.example.com/api/v1http://demo2.apps.example.com/api/v2
For demonstration purposes, we have mapped the wildcard DNS to LoadBalancer IP. You can make this setting according to your DNS provider.
Set up a Demo application
For testing purposes, we will deploy a demo application and add a ClusterIP service to the application.
Step1: create a namespace named dev
Kubectl create namespace dev
Step2: create a file called hello-app.yaml
Step3: copy the following to a file and save
ApiVersion: apps/v1kind: Deploymentmetadata: name: hello-app namespace: devspec: selector: matchLabels: app: hello replicas: 3 template: metadata: labels: app: hello spec: containers:-name: hello image: "gcr.io/google-samples/hello-app:2.0"
Step4: using kubectl to create deployment
Kubectl create-f hello-app.yaml
Check deployment status
Step5: create a file called hello-app-service.yaml
Step6: copy the following to a file and save
ApiVersion: v1kind: Servicemetadata: name: hello-service namespace: dev labels: app: hellospec: type: ClusterIP selector: app: hello ports:-port: 80 targetPort: 8080 protocol: TCP
Step7: creating services using kubectl
Kubectl create-f hello-app-service.yaml
Check service status
Kubectl get svc-n dev creates a Kubernetes Ingress object
Now let's use a DNS to create an Ingress object to access our hello app. The Ingress object can set routing rules.
Ingress controller pod connects to the Ingress API to check the rules and updates its nginx.conf accordingly.
Step1: create a file called ingress.yaml
Step2: copy the following to a file and save
Replace test.apps.example.info with your domain name. Here, we assume that you already have a wildcard domain name in * .apps.example.info format.
ApiVersion: extensions/v1beta1kind: Ingressmetadata: name: test-ingress namespace: devspec: rules:-host: test.apps.example.info http: paths:-backend: serviceName: hello-service servicePort: 80
Step3: describes the created ingress object, which is used to check the configuration
Kubectl describe ingress-n dev
Now, if you try to access the test.apps.example.info domain (replace it with your domain name), you should be able to access our deployed app.
Original text link:
Https://devopscube.com/kubernetes-ingress-tutorial/
Https://devopscube.com/setup-ingress-kubernetes-nginx-controller/
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.