部署kubernetes/ingress-nginx(踩坑)

nginx-ingress-controller:0.25.0有問題，因此這裏採用nginx-ingress-controller:0.30.0

[root@k8s-master ~]# wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/nginx-0.30.0/deploy/static/mandatory.yaml

[root@k8s-master ~]# cat mandatory.yaml | grep image
image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.30.0

全部節點下載quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.30.0
[root@k8s-master ~]# docker pull quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.30.0

[root@k8s-master ~]# kubectl apply -f mandatory.yaml

[root@k8s-master ~]# kubectl get pod -n ingress-nginx
NAME READY STATUS RESTARTS AGE
nginx-ingress-controller-7fcf8df75d-kps22 1/1 Running 0 79s

[root@k8s-master ~]# kubectl describe pod -n ingress-nginx
Events:
Type Reason Age From Message

---

Normal Scheduled 45s default-scheduler Successfully assigned ingress-nginx/nginx-ingress-controller-7fcf8df75d-p79dr to k8s-node2
Normal Pulled 39s kubelet, k8s-node2 Container image "quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.30.0" already present on machine
Normal Created 38s kubelet, k8s-node2 Created container nginx-ingress-controller
Normal Started 38s kubelet, k8s-node2 Started container nginx-ingress-controller

[root@k8s-master ~]# wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/nginx-0.30.0/deploy/static/provider/baremetal/service-nodeport.yaml

[root@k8s-master ~]# kubectl apply -f service-nodeport.yaml
service/ingress-nginx created

[root@k8s-master ~]# kubectl get svc -n ingress-nginx
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ingress-nginx NodePort 10.97.244.100 <none> 80:31355/TCP,443:30036/TCP 6s

[root@k8s-master ~]# kubectl get pod -o wide -n ingress-nginx
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-ingress-controller-7fcf8df75d-v42m9 1/1 Running 0 103s 10.244.1.198 k8s-node2 <none> <none>

[root@k8s-master ~]# ipvsadm -Ln （能夠看到當訪問NodePort的31355端口時，其實訪問的是nginx-ingress-controller 10.244.1.198 的80）

Ingress HTTP 代理訪問
deployment、Service、Ingress Yaml 文件
[root@k8s-master ~]# vi ingress.http.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: nginx-dm
spec:
replicas: 2
template:
metadata:
labels:
name: nginx
spec:
containers:

• name: nginx
  image: wangyanglinux/myapp:v1
  imagePullPolicy: IfNotPresent
  ports:

  • containerPort: 80

    apiVersion: v1
    kind: Service
    metadata:
    name: nginx-svc
    spec:
    ports:

    • port: 80
      targetPort: 80
      protocol: TCP
      selector:
      name: nginx

[root@k8s-master ~]# kubectl apply -f ingress.http.yaml
deployment.extensions/nginx-dm created
service/nginx-svc created

[root@k8s-master ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 76m
nginx-svc ClusterIP 10.108.165.161 <none> 80/TCP 6s

[root@k8s-master ~]# curl 10.108.165.161
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>

[root@k8s-master ~]# vi ingress1.yaml
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
namespace: ingress-nginx
name: nginx-test
spec:
rules:

• host: www1.normantest.com
  http:
  paths:

  • path: /
    backend:
    serviceName: nginx-svc
    servicePort: 80

  [root@k8s-master ~]# kubectl apply -f ingress1.yaml
  ingress.extensions/nginx-test created

[root@k8s-master ~]# kubectl get svc -n ingress-nginx
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ingress-nginx NodePort 10.97.244.100 <none> 80:31355/TCP,443:30036/TCP 4m5s

[root@k8s-master ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-dm-7d967c7ff5-fhpnh 1/1 Running 0 84s 10.244.1.199 k8s-node2 <none> <none>
nginx-dm-7d967c7ff5-z4fm6 1/1 Running 0 84s 10.244.2.108 k8s-node1 <none> <none>

[root@k8s-master ~]# kubectl get pod -n ingress-nginx
NAME READY STATUS RESTARTS AGE
nginx-ingress-controller-7fcf8df75d-v42m9 1/1 Running 0 5m35s

[root@k8s-master ~]# kubectl get pod -o wide -n ingress-nginx
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-ingress-controller-7fcf8df75d-v42m9 1/1 Running 0 8m59s 10.244.1.198 k8s-node2 <none> <none>

爲了測試效果，我在Windows主機上的C:\Windows\System32\drivers\etc\hosts創建如下DNS記錄
10.10.21.8 www1.normantest.com
在瀏覽器訪問www1.normantest.com:31355，訪問頁面出錯

[root@k8s-master ~]# ipvsadm -Ln（能夠看到當訪問NodePort的31355端口時，其實訪問的是nginx-ingress-controller 10.244.1.198 的80）

進入容器nginx-ingress-controller 排錯：
[root@k8s-master ~]# kubectl exec nginx-ingress-controller-7fcf8df75d-v42m9 -it -n ingress-nginx /bin/bash
bash-5.0$ ls
fastcgi.conf geoip mime.types nginx.conf scgi_params uwsgi_params.default
fastcgi.conf.default koi-utf mime.types.default nginx.conf.default scgi_params.default win-utf
fastcgi_params koi-win modsecurity opentracing.json template
fastcgi_params.default lua modules owasp-modsecurity-crs uwsgi_params

bash-5.0$ vi nginx.conf (發現上面部署的ingress沒有注入到nginx-ingress-controller的nginx配置中，修改後正確配置以下)

最後成功訪問