kubernetes-ingress 安裝

kubernetes-ingress 安裝

官方文檔：
       https://github.com/nginxinc/kubernetes-ingress/blob/release-1.5/docs/installation.md

部署環境：

•     邊緣節點配置標籤：nodeRole: app-edge
•     Ingress 經過DaemonSet方式部署到對應的邊緣節點分組

拉取代碼倉庫：

git clone https://github.com/nginxinc/kubernetes-ingress.git
cd kubernetes-ingress 
git checkout v1.5.8

 修改配置文件： deployments/daemon-set/nginx-ingress.yaml 

Ingress網絡方式：

• hostNetwork  （直接使用主機網絡，能夠繞過Iptables的轉發）
• hostPort          （Iptables：  nf_conntrack: table full, dropping packet ）
• NodePort         （Iptables：  nf_conntrack: table full, dropping packet ）

# 增長nodeSelector 綁定到指定的邊緣節點
+      nodeSelector:
+        nodeRole: app-edge

#  使用主機網絡
    spec:
      hostNetwork: true    # 啓用主機網絡
      dnsPolicy: ClusterFirstWithHostNet   # 默認DNS使用節點的配置，經過修改dnsPloicy優先使用集羣DNS

#  完成配置以下：

apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: nginx-ingress
  namespace: nginx-ingress
spec:
  selector:
    matchLabels:
      app: nginx-ingress
  template:
    metadata:
      labels:
        app: nginx-ingress
      annotations:
        prometheus.io/scrape: "true"
        prometheus.io/port: "9113"
    spec:
      hostNetwork: true
      dnsPolicy: ClusterFirstWithHostNet
      serviceAccountName: nginx-ingress
      nodeSelector:
        nodeRole: app-edge
      containers:
      - image: nginx/nginx-ingress:1.5.8
        name: nginx-ingress
        ports:
        - name: http
          containerPort: 80
        - name: https
          containerPort: 443
        - name: prometheus
          containerPort: 9113
        env:
        - name: POD_NAMESPACE
          valueFrom:
            fieldRef:
              fieldPath: metadata.namespace
        - name: POD_NAME
          valueFrom:
            fieldRef:
              fieldPath: metadata.name
        args:
          - -nginx-configmaps=$(POD_NAMESPACE)/nginx-config
          - -default-server-tls-secret=$(POD_NAMESPACE)/default-server-secret
         #- -v=3 # Enables extensive logging. Useful for troubleshooting.
         #- -report-ingress-status
         #- -external-service=nginx-ingress
         #- -enable-leader-election
          - -enable-prometheus-metrics
         #- -enable-custom-resources

執行安裝部署

cd deployments
kubectl apply -f common/ns-and-sa.yaml
kubectl apply -f common/default-server-secret.yaml
kubectl apply -f common/nginx-config.yaml
kubectl apply -f common/custom-resource-definitions.yaml
kubectl apply -f rbac/rbac.yaml
kubectl apply -f daemon-set/nginx-ingress.yaml

經過邊緣節點查看Nginx-ingress端口