前言:
helm作为kubernetes集群内的专用包管理器还是非常的方便的,只是helm在给我们提供便利的同时又给我们增加了不少的困难,例如,很多新的概念,比如,helm仓库,related版本等等,因此,使用helm也是增加了一部分的学习成本在里面。
本文计划使用helm3快速的离线安装ingress-nginx ,也就是不需要考虑仓库的事情了,本地化的工作也不需要考虑了(本地化指的是部署的时候使用的镜像通常都是国外某些网站的镜像,替换成国内的镜像),组件的问题也不需要考虑了,我都写好了,放到网盘内,需要的朋友直接下载,然后一条命令就可以部署好ingress-nginx了,非常的方便快捷。
相关资料下载地址:
链接:https://pan.baidu.com/s/1SZiXx_XLwt5woKpvgYuLdg?pwd=sdaa
提取码:sdaa
相关资料说明:
helm的版本(任意的三版本都可以):
[root@k8s-master ~]# helm version version.BuildInfo{Version:"v3.2.4", GitCommit:"0ad800ef43d3b826f31a5ad8dfbb4fe05d143688", GitTreeState:"clean", GoVersion:"go1.13.12"}
此次部署使用了三个镜像:
registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-ingress-controller
registry.cnhangzhou.aliyuncs.com_google_containers_defaultbackend_1.4 注意,这个镜像是起保险套的作用,如果ingress清单文件有问题,找不到相对应的资源的时候,这个镜像提供默认的错误页面,例如,ingress的资源清单文件里写错了,访问不到网站了,它就给一个错误页面,省的看到这个页面和管理这个页面的人尴尬!!!!:
jettech_kube-webhook-certgen_v1.5.1
部署方式为DaemonSet,因为是ds模式,因此建议master节点不设置污点。
网络模式为hostNetWork ,因此,请确保宿主机的80和443端口没有被占用。
部署命令:
helm install ingress ingress-nginx-3.25.0.tgz -n ingress
此命令的输出为(不要害怕这么长的输出,里面有使用ingress的示例,应该好好看看的哦。):
[root@k8s-master ~]# helm install ingress ingress-nginx-3.25.0.tgz -n ingress NAME: ingress LAST DEPLOYED: Sun Oct 9 23:00:29 2022 NAMESPACE: ingress STATUS: deployed REVISION: 1 TEST SUITE: None NOTES: The ingress-nginx controller has been installed. Get the application URL by running these commands: export HTTP_NODE_PORT=32080 export HTTPS_NODE_PORT=32443 export NODE_IP=$(kubectl --namespace ingress get nodes -o jsonpath="{.items[0].status.addresses[1].address}") echo "Visit http://$NODE_IP:$HTTP_NODE_PORT to access your application via HTTP." echo "Visit https://$NODE_IP:$HTTPS_NODE_PORT to access your application via HTTPS." An example Ingress that makes use of the controller: apiVersion: networking.k8s.io/v1beta1 kind: Ingress metadata: annotations: kubernetes.io/ingress.class: nginx name: example namespace: foo spec: rules: - host: www.example.com http: paths: - backend: serviceName: exampleService servicePort: 80 path: / # This section is only required if TLS is to be enabled for the Ingress tls: - hosts: - www.example.com secretName: example-tls If TLS is enabled for the Ingress, a Secret containing the certificate and key must also be provided: apiVersion: v1 kind: Secret metadata: name: example-tls namespace: foo data: tls.crt: <base64 encoded cert> tls.key: <base64 encoded key> type: kubernetes.io/tls
稍等pod启动片刻后,可以看到如下输出表示部署成功(这里的ingress的service固定端口了,是32080和32443,如有被占用,请释放这两个端口):
[root@k8s-master ~]# k get po,svc -n ingress NAME READY STATUS RESTARTS AGE pod/ingress-ingress-nginx-controller-87sh8 1/1 Running 0 2m33s pod/ingress-ingress-nginx-controller-bfbzj 1/1 Running 0 2m33s pod/ingress-ingress-nginx-controller-c8xbn 1/1 Running 0 2m33s pod/ingress-ingress-nginx-defaultbackend-7db4678cf7-zzjnd 1/1 Running 0 2m33s NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE service/ingress-ingress-nginx-controller NodePort 10.0.154.40 <none> 80:32080/TCP,443:32443/TCP 2m33s service/ingress-ingress-nginx-controller-admission ClusterIP 10.0.124.47 <none> 443/TCP 2m33s service/ingress-ingress-nginx-defaultbackend ClusterIP 10.0.190.225 <none> 80/TCP 2m33s
卸载命令(如果pod有问题,启动有毛病,需要回退的话):
helm uninstall ingress -n ingress [root@k8s-master ~]# helm uninstall ingress -n ingress release "ingress" uninstalled
测试ingress的功能:
部署两个测试用pod:
apiVersion: apps/v1 kind: Deployment metadata: name: nginx-deployment namespace: dev spec: replicas: 1 selector: matchLabels: app: nginx-pod template: metadata: labels: app: nginx-pod spec: containers: - name: nginx image: nginx:1.17.1 ports: - containerPort: 80 nodeName: k8s-node1 --- apiVersion: apps/v1 kind: Deployment metadata: name: tomcat-deployment namespace: dev spec: replicas: 1 selector: matchLabels: app: tomcat-pod template: metadata: labels: app: tomcat-pod spec: containers: - name: tomcat image: tomcat:8.5-jre10-slim ports: - containerPort: 8080 nodeName: k8s-node2
发布服务:
vim tomcat-nginx-svc.yaml
--- apiVersion: v1 kind: Service metadata: name: nginx-service namespace: dev spec: ports: - port: 80 name: nginx clusterIP: None selector: app: nginx-pod --- apiVersion: v1 kind: Service metadata: name: tomcat-service namespace: dev spec: selector: app: tomcat-pod type: ClusterIP ports: - protocol: TCP port: 80 targetPort: 8080
建立ingress清单文件:
vim ingress-http.yaml
apiVersion: extensions/v1beta1 kind: Ingress metadata: name: ingress-http namespace: dev annotations: nginx.ingress.kubernetes.io/rewrite-target: / kubernetes.io/ingress.class: nginx # nginx.ingress.kubernetes.io/backend-protocol: HTTPS # nginx.ingress.kubernetes.io/ssl-redirect: 'true' # nginx.ingress.kubernetes.io/use-regex: 'true' spec: rules: - host: nginx.test.com http: paths: - path: / backend: serviceName: nginx-service servicePort: 80 - host: tomcat.test.com http: paths: - path: / backend: serviceName: tomcat-service servicePort: 80
打开浏览器,(node节点ip和上面的两个域名要做hosts解析,过于简单就不解释如何hosts了)输入上面定义的域名+32080端口:
那么,OK了,helm3部署ingress-nginx就圆满完成了。
