4 Service-LoadBalance
通常需要第三方雲提供商支持,有約束性
Ingress
官網
:https://kubernetes.io/docs/concepts/services-networking/ingress/
GitHub Ingress Nginx
:https://github.com/kubernetes/ingress-nginx
Nginx Ingress Controller
:<https://kubernetes.github.io/ingress-nginx/An API object that manages external access to the services in a cluster, typically HTTP. Ingress can provide load balancing, SSL termination and name-based virtual hosting.
Ingress exposes HTTP and HTTPS routes from outside the cluster to services within the cluster. Traffic routing is controlled by rules defined on the Ingress resource.
internet
|
[ Ingress ]
--|-----|--
[ Services ]
可以發現,Ingress就是幫助我們訪問集羣內的服務的。爲了彰顯其優勢,我們在使用Ingress之前,先以一個簡單案例出發。
4.1使用NodePort類型的service在K8S集羣中部署tomcat
(也爲了演示將service寫在yaml文件中)
瀏覽器想要訪問這個tomcat,也就是外部要訪問該tomcat,用之前的Service-NodePort的方式是可以的,比如暴露一個端口,只需要訪問 :即可。
01 創建yaml文件
vim my-tomcat.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: tomcat-deployment
labels:
app: tomcat
spec:
replicas: 1
selector:
matchLabels:
app: tomcat
template:
metadata:
labels:
app: tomcat
spec:
containers:
- name: tomcat
image: tomcat
ports:
- containerPort: 8080
---
apiVersion: v1
kind: Service
metadata:
name: tomcat-service
spec:
ports:
- port: 80
protocol: TCP
targetPort: 8080
selector:
app: tomcat
type: NodePort
02 創建service
`創建pod、service`
[root@henry001 network]# kubectl apply -f my-tomcat.yaml
deployment.apps/tomcat-deployment created
service/tomcat-service created
`查看service`
[root@henry001 network]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 42h
tomcat-service NodePort 10.106.112.183 <none> 80:30747/TCP 31s
whoami-deployment NodePort 10.103.129.91 <none> 8000:31999/TCP 42m
`查看pod`
[root@henry001 network]# kubectl get pods
NAME READY STATUS RESTARTS AGE
tomcat-deployment-6b9d6f8547-6mmh2 1/1 Running 0 69s
tomcat-deployment-6b9d6f8547-79nck 1/1 Running 0 69s
tomcat-deployment-6b9d6f8547-c8bps 1/1 Running 0 69s
`查看deployment`
[root@henry001 network]# kubectl get deploy
NAME READY UP-TO-DATE AVAILABLE AGE
nginx 1/1 1 1 24h
tomcat-deployment 3/3 3 3 97s
顯然,Service-NodePort的方式生產環境不推薦使用,那接下來就基於上述需求,使用Ingress實現訪問tomcat的需求。下面就開始講解使用ingress插件來實現外網訪問集羣pod。
4.2 使用ingress實現
4.2.1架構圖
說明:
-
本文中採用的ingress-controller是nginx-ingress-controller,具體詳情可以參考官網:https://www.nginx.com/products/nginx/kubernetes-ingress-controller;
-
大家也可以根據自己需要採用不同的ingress-controller,可參考https://kubernetes.io/docs/concepts/services-networking/ingress-controllers/
4.2.2 實例
(1)以Deployment方式創建Pod,該Pod爲Ingress Nginx Controller,要想讓外界訪問,可以通過Service的NodePort或者HostPort方式,這裏選擇HostPort,比如指定henry002機器上運行:
# 確保nginx-controller運行到henry002節點上
kubectl label node henry002 name=ingress
`先下載mandatory.yaml文件,下載地址:https://github.com/kubernetes/ingress-nginx/blob/nginx-0.20.0/deploy/mandatory.yaml,並對mandatory.yaml並進行修改,如下:
# 使用HostPort方式運行,需要增加配置
hostNetwork: true #使用hostport
nodeSelector:
name: ingress #指定節點
# 搜索nodeSelector,並且要確保henry002節點上的80和443端口沒有被佔用,鏡像拉取需要較長的時間,這塊要特別注意一下
#運行mandatory.yaml
kubectl apply -f mandatory.yaml
#查看ingress-nginx命名空間下的資源
kubectl get all -n ingress-nginx
(2)查看henry002的80和443端口
lsof -i tcp:80
lsof -i tcp:443
(3)創建tomcat的pod和service
記得將之前的tomcat刪除:kubectl delete -f my-tomcat.yaml
vim tomcat.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: tomcat-deployment
labels:
app: tomcat
spec:
replicas: 3
selector:
matchLabels:
app: tomcat
template:
metadata:
labels:
app: tomcat
spec:
containers:
- name: tomcat
image: tomcat
ports:
- containerPort: 8080
---
apiVersion: v1
kind: Service
metadata:
name: tomcat-service
spec:
ports:
- port: 80
protocol: TCP
targetPort: 8080
selector:
app: tomcat
`執行yaml文件`
[root@henry001 network]# kubectl apply -f tomcat-ingress.yaml
deployment.apps/tomcat-deployment created
service/tomcat-service created
`查看service`
[root@henry001 network]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 43h
tomcat-service ClusterIP 10.101.231.253 <none> 80/TCP 20s
whoami-deployment NodePort 10.103.129.91 <none> 8000:31999/TCP 150m
`查看pod`
[root@henry001 network]# kubectl get pods
NAME READY STATUS RESTARTS AGE
tomcat-deployment-6b9d6f8547-8wxgx 1/1 Running 0 42s
tomcat-deployment-6b9d6f8547-hrhrr 1/1 Running 0 42s
tomcat-deployment-6b9d6f8547-p7zhz 1/1 Running 0 42s
kubectl get svc
kubectl get pods
(4)創建Ingress以及定義轉發規則
1>創建 nginx-ingress.yaml文件
vim nginx-ingress.yaml
#ingress
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: nginx-ingress
spec:
rules:
- host: tomcat.henry.com
http:
paths:
- path: /
backend:
serviceName: tomcat-service
servicePort: 80
2>創建ingress並查看
`創建ingress`
[root@henry001 network]# kubectl apply -f nginx-ingress.yaml
ingress.extensions/nginx-ingress created
`查看ingress`
[root@henry001 network]# kubectl get ingress
NAME HOSTS ADDRESS PORTS AGE
nginx-ingress tomcat.henry.com 80 47s
`查看ingress詳細信息`
[root@henry001 network]# kubectl describe ingress nginx-ingress
Name: nginx-ingress
Namespace: default
Address:
Default backend: default-http-backend:80 (<none>)
Rules:
Host Path Backends
---- ---- --------
tomcat.henry.com
/ tomcat-service:80 (192.168.217.22:8080,192.168.254.215:8080,192.168.254.216:8080)
Annotations:
kubectl.kubernetes.io/last-applied-configuration: {"apiVersion":"extensions/v1beta1","kind":"Ingress","metadata":{"annotations":{},"name":"nginx-ingress","namespace":"default"},"spec":{"rules":[{"host":"tomcat.henry.com","http":{"paths":[{"backend":{"serviceName":"tomcat-service","servicePort":80},"path":"/"}]}}]}}
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal CREATE 53s nginx-ingress-controller Ingress default/nginx-ingress
(5)修改win的hosts文件,添加dns解析
182.92.105.161 tomcat.henry.com
(6)打開瀏覽器,訪問tomcat.henry.com
總結
:如果以後想要使用Ingress網絡,其實只要定義ingress,service和pod即可,前提是要保證nginx ingress controller已經配置好了。