前言:
helm作为kubernetes集群内的专用包管理器还是非常的方便的,只是helm在给我们提供便利的同时又给我们增加了不少的困难,例如,很多新的概念,比如,helm仓库,related版本等等,因此,使用helm也是增加了一部分的学习成本在里面。
本文计划使用helm3快速的离线安装ingress-nginx ,也就是不需要考虑仓库的事情了,本地化的工作也不需要考虑了(本地化指的是部署的时候使用的镜像通常都是国外某些网站的镜像,替换成国内的镜像),组件的问题也不需要考虑了,我都写好了,放到网盘内,需要的朋友直接下载,然后一条命令就可以部署好ingress-nginx了,非常的方便快捷。
相关资料下载地址:
链接:https://pan.baidu.com/s/1SZiXx_XLwt5woKpvgYuLdg?pwd=sdaa
提取码:sdaa
相关资料说明:
helm的版本(任意的三版本都可以):
[root@k8s-master ~]# helm version
version.BuildInfo{Version:"v3.2.4", GitCommit:"0ad800ef43d3b826f31a5ad8dfbb4fe05d143688", GitTreeState:"clean", GoVersion:"go1.13.12"}
此次部署使用了三个镜像:
registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-ingress-controller
registry.cnhangzhou.aliyuncs.com_google_containers_defaultbackend_1.4 注意,这个镜像是起保险套的作用,如果ingress清单文件有问题,找不到相对应的资源的时候,这个镜像提供默认的错误页面,例如,ingress的资源清单文件里写错了,访问不到网站了,它就给一个错误页面,省的看到这个页面和管理这个页面的人尴尬!!!!:
jettech_kube-webhook-certgen_v1.5.1
部署方式为DaemonSet,因为是ds模式,因此建议master节点不设置污点。
网络模式为hostNetWork ,因此,请确保宿主机的80和443端口没有被占用。
部署命令:
helm install ingress ingress-nginx-3.25.0.tgz -n ingress
此命令的输出为(不要害怕这么长的输出,里面有使用ingress的示例,应该好好看看的哦。):
[root@k8s-master ~]# helm install ingress ingress-nginx-3.25.0.tgz -n ingress
NAME: ingress
LAST DEPLOYED: Sun Oct 9 23:00:29 2022
NAMESPACE: ingress
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
The ingress-nginx controller has been installed.
Get the application URL by running these commands:
export HTTP_NODE_PORT=32080
export HTTPS_NODE_PORT=32443
export NODE_IP=$(kubectl --namespace ingress get nodes -o jsonpath="{.items[0].status.addresses[1].address}")
echo "Visit http://$NODE_IP:$HTTP_NODE_PORT to access your application via HTTP."
echo "Visit https://$NODE_IP:$HTTPS_NODE_PORT to access your application via HTTPS."
An example Ingress that makes use of the controller:
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
annotations:
kubernetes.io/ingress.class: nginx
name: example
namespace: foo
spec:
rules:
- host: www.example.com
http:
paths:
- backend:
serviceName: exampleService
servicePort: 80
path: /
# This section is only required if TLS is to be enabled for the Ingress
tls:
- hosts:
- www.example.com
secretName: example-tls
If TLS is enabled for the Ingress, a Secret containing the certificate and key must also be provided:
apiVersion: v1
kind: Secret
metadata:
name: example-tls
namespace: foo
data:
tls.crt: <base64 encoded cert>
tls.key: <base64 encoded key>
type: kubernetes.io/tls
稍等pod启动片刻后,可以看到如下输出表示部署成功(这里的ingress的service固定端口了,是32080和32443,如有被占用,请释放这两个端口):
[root@k8s-master ~]# k get po,svc -n ingress
NAME READY STATUS RESTARTS AGE
pod/ingress-ingress-nginx-controller-87sh8 1/1 Running 0 2m33s
pod/ingress-ingress-nginx-controller-bfbzj 1/1 Running 0 2m33s
pod/ingress-ingress-nginx-controller-c8xbn 1/1 Running 0 2m33s
pod/ingress-ingress-nginx-defaultbackend-7db4678cf7-zzjnd 1/1 Running 0 2m33s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/ingress-ingress-nginx-controller NodePort 10.0.154.40 <none> 80:32080/TCP,443:32443/TCP 2m33s
service/ingress-ingress-nginx-controller-admission ClusterIP 10.0.124.47 <none> 443/TCP 2m33s
service/ingress-ingress-nginx-defaultbackend ClusterIP 10.0.190.225 <none> 80/TCP 2m33s
卸载命令(如果pod有问题,启动有毛病,需要回退的话):
helm uninstall ingress -n ingress
[root@k8s-master ~]# helm uninstall ingress -n ingress
release "ingress" uninstalled
测试ingress的功能:
部署两个测试用pod:
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
namespace: dev
spec:
replicas: 1
selector:
matchLabels:
app: nginx-pod
template:
metadata:
labels:
app: nginx-pod
spec:
containers:
- name: nginx
image: nginx:1.17.1
ports:
- containerPort: 80
nodeName: k8s-node1
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: tomcat-deployment
namespace: dev
spec:
replicas: 1
selector:
matchLabels:
app: tomcat-pod
template:
metadata:
labels:
app: tomcat-pod
spec:
containers:
- name: tomcat
image: tomcat:8.5-jre10-slim
ports:
- containerPort: 8080
nodeName: k8s-node2
发布服务:
vim tomcat-nginx-svc.yaml
---
apiVersion: v1
kind: Service
metadata:
name: nginx-service
namespace: dev
spec:
ports:
- port: 80
name: nginx
clusterIP: None
selector:
app: nginx-pod
---
apiVersion: v1
kind: Service
metadata:
name: tomcat-service
namespace: dev
spec:
selector:
app: tomcat-pod
type: ClusterIP
ports:
- protocol: TCP
port: 80
targetPort: 8080
建立ingress清单文件:
vim ingress-http.yaml
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: ingress-http
namespace: dev
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
kubernetes.io/ingress.class: nginx
# nginx.ingress.kubernetes.io/backend-protocol: HTTPS
# nginx.ingress.kubernetes.io/ssl-redirect: 'true'
# nginx.ingress.kubernetes.io/use-regex: 'true'
spec:
rules:
- host: nginx.test.com
http:
paths:
- path: /
backend:
serviceName: nginx-service
servicePort: 80
- host: tomcat.test.com
http:
paths:
- path: /
backend:
serviceName: tomcat-service
servicePort: 80
打开浏览器,(node节点ip和上面的两个域名要做hosts解析,过于简单就不解释如何hosts了)输入上面定义的域名+32080端口:
那么,OK了,helm3部署ingress-nginx就圆满完成了。