k8s服务暴露流程

2024-01-29 18:04:34

环境信息:

IP地址 系统 角色
192.168.86.100 centos7.7 master
192.168.86.101 centos7.7 node1
192.168.86.102 centos7.7 node2
192.168.86.7 centos7.7 lb

k8s版本:v1.18.2
helm版本: v3.2.1

一、部署服务并暴露

1、访问过程
domain–>lb–>ingress-nginx-controller的svc (nodeip+nodeport)–>ingress->svc–>pod

2、部署ingress-nginx

安装helm
wget https://get.helm.sh/helm-v3.2.1-linux-amd64.tar.gz
tar -xf helm-v3.2.1-linux-amd64.tar.gz
mv ./linux-amd64/helm /usr/bin

添加repo源
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
helm repo update

创建ingress的namespace
kubectl create namespace ingress-public
helm install --namespace=ingress-public ingress-nginx-public ingress-nginx/ingress-nginx

修改ingress-controller镜像(默认gcr仓库下载不到)
kubectl -n ingress-public set image deployment ingress-nginx-public-controller controller=registry.cn-beijing.aliyuncs.com/lingshiedu/ingress-nginx-controller:0.41.2 --record

3、部署服务通过ingress暴露(部署到此已经可以通过hosts解析域名加上nodeip和ingress-nginx-controller的svc nodeport端口访问了)

kubecel apply -f ingress-test.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: nginx-test
  name: nginx-test
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nginx-test
  template:
    metadata:
      labels:
        app: nginx-test
    spec:
      containers:
      - image: nginx
        name: nginx
---
apiVersion: v1
kind: Service
metadata:
  labels:
    app: nginx-test
  name: nginx-test
spec:
  ports:
  - port: 80
    protocol: TCP
    targetPort: 80
  selector:
    app: nginx-test
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: nginx-test
spec:
  rules:
  - host: nginx-test.com
    http:
      paths:
      - backend:
          serviceName: nginx-test
          servicePort: 80
二、部署配置LB并测试访问

1、通过nginx配置反向代理ingress-nginx-controller的svc nodeport端口

docker run -itd --restart=unless-stopped -p 80:80 -p 443:443 --name ingress-lb -v /root/ingress/nginx.conf:/etc/nginx/nginx.conf nginx:latest

cat /root/ingress/nginx.conf

worker_processes 4;
worker_rlimit_nofile 40000;

events {
    worker_connections 8192;
}

stream {
    upstream ingress_test_http {
        least_conn;
        server 192.168.86.101:23115 max_fails=3 fail_timeout=5s;
        server 192.168.86.102:23115 max_fails=3 fail_timeout=5s;
    }
    server {
        listen 80;
        proxy_pass ingress_test_http;
    }

}

2、在hosts中添加解析浏览器访问

C:\Windows\System32\drivers\etc\hosts
192.168.86.7 nginx-test.com
上一篇:memcpy memmove


下一篇:部署kubernetes/ingress-nginx(踩坑)