代码之家  ›  专栏  ›  技术社区  ›  user84592

Kubernetes,入口资源配置,路由到同一主机,但端口不同

kubernetes-ingress kubernetes
  •  0
  • user84592  · 技术社区  · 7 年前

    another question . 从 this link ,我可以说使用入口路由到不同的端口服务是可行的。

    我首先列出了我的两个服务:(eureka和config) ingress_nginx_res.yaml 

    apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: my-ingress
spec:
  rules:
  - host:
    http:
      paths:
      - backend:
          serviceName: gearbox-rack-eureka-server
          servicePort: 8761
  - host:
    http:
      paths:
      - path:
        backend:
          serviceName: gearbox-rack-config-server
          servicePort: 8888

    可以看到,齿轮箱机架eureka服务器监听端口8761,齿轮箱机架配置服务器监听端口8888。

    现在,所有服务和k8s都安装在本地虚拟机(centos 7x)172.16.100.83上 kubectl apply -f ingress_nginx_res.yaml ,我看出来了。 

    [root@master3 ingress]# kubectl get ing
NAME         HOSTS     ADDRESS   PORTS     AGE
my-ingress   *                   80        11s

    我试着确认入口,然后把 172.16.100.83:8761

    尤里卡豆荚山药: 

    apiVersion: v1
kind: Pod
metadata:
  name: gearbox-rack-eureka-server
  labels:
    app: gearbox-rack-eureka-server
    purpose: platform_eureka_demo
spec:
  containers:
  - name:  gearbox-rack-eureka-server
    image: 192.168.1.229:5000/gearboxrack/gearbox-rack-eureka-server
    ports:
        - containerPort: 8761

    尤里卡·亚姆: 

    apiVersion: v1
kind: Service
metadata:
  name: gearbox-rack-eureka-server
  labels:
    name: gearbox_rack_eureka_server
spec:
  selector:
    app: gearbox-rack-eureka-server
  type: NodePort
  ports:
    - port: 8761
      nodePort: 31501
      name: tcp


    apiVersion: v1
kind: Pod
metadata:
  name: gearbox-rack-config-server
  labels:
    app: gearbox-rack-config-server
    purpose: platform-demo
spec:
  containers:
  - name:  gearbox-rack-config-server
    image: 192.168.1.229:5000/gearboxrack/gearbox-rack-config-server
    ports:
    - containerPort: 8888
    env:
      - name: EUREKA_SERVER
        value: http://172.16.100.83:8761

    配置文件: 

    apiVersion: v1
kind: Service
metadata:
  name: gearbox-rack-config-server
  labels:
    name: gearbox-rack-config-server
spec:
  selector:
    app: gearbox-rack-config-server
  type: NodePort
  ports:
    - port: 8888
      nodePort: 31502
      name: tcp

    入口角色: 

    apiVersion: v1
kind: ServiceAccount
metadata:
  name: lb
  namespace: kube-system

---

apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
  name: nginx-ingress-normal
rules:
  - apiGroups:
      - ""
    resources:
      - configmaps
      - endpoints
      - nodes
      - pods
      - secrets
    verbs:
      - list
      - watch
  - apiGroups:
      - ""
    resources:
      - nodes
    verbs:
      - get
  - apiGroups:
      - ""
    resources:
      - services
    verbs:
      - get
      - list
      - watch
  - apiGroups:
      - "extensions"
    resources:
      - ingresses
    verbs:
      - get
      - list
      - watch
  - apiGroups:
      - ""
    resources:
        - events
    verbs:
        - create
        - patch
  - apiGroups:
      - "extensions"
    resources:
      - ingresses/status
    verbs:
      - update

---

apiVersion: rbac.authorization.k8s.io/v1beta1
kind: Role
metadata:
  name: nginx-ingress-minimal
  namespace: kube-system
rules:
  - apiGroups:
      - ""
    resources:
      - configmaps
      - pods
      - secrets
      - namespaces
    verbs:
      - get
  - apiGroups:
      - ""
    resources:
      - configmaps
    resourceNames:
      - "ingress-controller-leader-dev"
      - "ingress-controller-leader-prod"
    verbs:
      - get
      - update
  - apiGroups:
      - ""
    resources:
      - configmaps
    verbs:
      - create
  - apiGroups:
      - ""
    resources:
      - endpoints
    verbs:
      - get

---

apiVersion: rbac.authorization.k8s.io/v1beta1
kind: RoleBinding
metadata:
  name: nginx-ingress-minimal
  namespace: kube-system
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: nginx-ingress-minimal
subjects:
  - kind: ServiceAccount
    name: lb
    namespace: kube-system
---

apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
  name: nginx-ingress-normal
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: nginx-ingress-normal
subjects:
  - kind: ServiceAccount
    name: lb
    namespace: kube-system


    kind: Service
apiVersion: v1
metadata:
  name: nginx-default-backend
  namespace: kube-system
spec:
  ports:
  - port: 80
    targetPort: http
  selector:
    app: nginx-default-backend
---
kind: Deployment
apiVersion: extensions/v1beta1
metadata:
  name: nginx-default-backend
  namespace: kube-system
spec:
  replicas: 1
  template:
    metadata:
      labels:
        app: nginx-default-backend
    spec:
      terminationGracePeriodSeconds: 60
      containers:
      - name: default-http-backend
        image: chenliujin/defaultbackend
        livenessProbe:
          httpGet:
            path: /healthz
            port: 8080
            scheme: HTTP
          initialDelaySeconds: 30
          timeoutSeconds: 5
        resources:
          limits:
            cpu: 10m
            memory: 20Mi
          requests:
            cpu: 10m
            memory: 20Mi
        ports:
        - name: http
          containerPort: 8080
          protocol: TCP

    入口控制线 

    kind: Service
apiVersion: v1
metadata:
  name: ingress-nginx
spec:
  type: LoadBalancer
  selector:
    app: ingress-nginx
  ports:
  - name: http
    port: 80
    targetPort: http
  - name: https
    port: 443
    targetPort: https
---
kind: Deployment
apiVersion: extensions/v1beta1
metadata:
  name: ingress-nginx
  namespace: kube-system
spec:
  replicas: 1
  template:
    metadata:
      labels:
        app: ingress-nginx
    spec:
      terminationGracePeriodSeconds: 60
      serviceAccount: lb
      containers:
      - image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.15.0
        name: ingress-nginx
        imagePullPolicy: Always
        ports:
          - name: http
            containerPort: 80
            protocol: TCP
          - name: https
            containerPort: 443
            protocol: TCP
        livenessProbe:
          httpGet:
            path: /healthz
            port: 10254
            scheme: HTTP
          initialDelaySeconds: 30
          timeoutSeconds: 5
        env:
          - name: POD_NAME
            valueFrom:
              fieldRef:
                fieldPath: metadata.name
          - name: POD_NAMESPACE
            valueFrom:
              fieldRef:
                fieldPath: metadata.namespace
        args:
        - /nginx-ingress-controller
        - --default-backend-service=$(POD_NAMESPACE)/nginx-default-backend

    我的配置有问题吗?或者有什么关于故障排除指挥的提示让我自己处理?

    第二版

    一。 我的虚拟机centOs(7.x)运行在我的主机win10,专业版上。我不使用谷歌云或AWS。我没有任何负载均衡器,我想nginx是反向代理,所以它有负载均衡器功能。 ingress_nginx_ctl.yaml : quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.15.0 是ingress和nginx之间的连接器,而不是nginx本身?

    2个 

      172.16.100.83 gearbox-rack-eureka-server.sup.com
  172.16.100.83 gearbox-rack-config-server.sup.com

    b) 我看到k8s集群中有dns服务器,如何将这两个条目添加到dns中?或者dns控制台在哪里,我可以把这两个条目放在哪里?

    2 回复  |  直到 7 年前
        1
  •  0
  •   Kun Li    7 年前

    我不知道你的环境,你确定你有“负载均衡器”吗?为了简化,您可以使用“hostNetwork:true”设置nginx控制器部署,这样您就可以通过主机ip直接访问控制器。

    而且,由于我们通过入口控制器访问各种服务,我们如何区分不同的服务?使用域名。我们可以将gearbox-rack-eureka-server.your.domain指向gearbox-rack-eureka-server:8761,而使用gearbox-rack-config-server.your.domain指向入口中的gearbox-rack-config-server:8888,如下所示: 

    apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: my-ingress
spec:
  rules:
  - host: gearbox-rack-eureka-server.your.domain
    http:
      paths:
      - backend:
          serviceName: gearbox-rack-eureka-server
          servicePort: 8761
  - host: gearbox-rack-config-server.your.domain
    http:
      paths:
      - backend:
          serviceName: gearbox-rack-config-server
          servicePort: 8888

    并将域名配置到主机ip,然后使用域名访问这些服务。

        2
  •  0
  •   Artem Golenyaev    7 年前

    1. 当您指定 type: LoadBalancer 对于服务,它依赖于云提供商提供的外部负载平衡器。因此,如果集群中没有这样的负载平衡器,则不能使用 类型:负载均衡器 type: NodePort . 例如: 

      kind: Service
apiVersion: v1
metadata:
  name: ingress-nginx
spec:
  type: NodePort
  selector:
    app: ingress-nginx
  ports:
    - port: 80
      nodePort: 31080
      name: http

      现在您可以使用地址访问入口 http://<ip-address-of-any-node>:31080 http://172.16.100.83:31080

    2. 下一步,您需要为入口提供配置。您可以将入口抽象想象为入口控制器的配置(在您的例子中是Nginx的配置)。 

      apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: my-ingress
spec:
  rules:
  - http:
      paths:
      - path: /eureka
        backend:
          serviceName: gearbox-rack-eureka-server 
          servicePort: 8761 
      - path: /config
        backend:
          serviceName: gearbox-rack-config-server 
          servicePort: 8888

      正如您所提到的,这里Nginx作为入口控制器扮演反向代理的角色并匹配 http://<ip-address-of-any-node>:31080/<path>

    3. 而且,使用 类型:NodePort 对于使用入口公开的服务。最好是用 type: ClusterIP 

      apiVersion: v1
kind: Service
metadata:
  name: gearbox-rack-eureka-server
  labels:
    name: gearbox_rack_eureka_server
spec:
  selector:
    app: gearbox-rack-eureka-server
  type: ClusterIP
  ports:
    - port: 8761
      name: tcp
---
apiVersion: v1
kind: Service
metadata:
  name: gearbox-rack-config-server
  labels:
    name: gearbox-rack-config-server
spec:
  selector:
    app: gearbox-rack-config-server
  type: ClusterIP
  ports:
    - port: 8888
      name: tcp

      现在你可以通过 http://172.16.100.83:31080/eureka http://172.16.100.83:31080/config

    推荐文章
    关于   移动版
    代码之家 - 一站式码农服务社区
    沪ICP备11025650号