The main purpose of this practice is to unify the entry, no longer expose the port through LoadBalancer and other ways, but use the reverse proxy load balancing function provided by Ingress as our only entry.
kubernetes version is 1.16.0
Deploying tomcat
Deploy Tomcat but only allow intranet access. We need to route to Tomcat through the reverse proxy function provided by Ingress
apiVersion: apps/v1 kind: Deployment metadata: name: tomcat-app spec: selector: matchLabels: app: tomcat replicas: 2 template: metadata: labels: app: tomcat spec: containers: - name: tomcat image: tomcat:8.5.47 ports: # Default port for container - containerPort: 8080 --- apiVersion: v1 kind: Service metadata: name: tomcat-http spec: ports: # Port of service - port: 8081 # Container default port, that is, mapping servcie8081 to pods8080 targetPort: 8080 # ClusterIP, NodePort, LoadBalancer type: ClusterIP selector: app: tomcat
Install nginx Progress Controller
There are many kinds of Ingress Controller. We choose the most familiar Nginx to process the request. Others can refer to
mkdir -p /usr/local/kubernetes/yaml/ingress cd /usr/local/kubernetes/yaml/ingress # Download profile wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/nginx-0.27.1/deploy/static/mandatory.yaml
Modify the configuration file vim mandatory.yaml, find the following configuration location (search serviceAccountName), and add a sentence hostNetwork: true
191 kind: Deployment 192 metadata: 193 name: nginx-ingress-controller 194 namespace: ingress-nginx 195 labels: 196 app.kubernetes.io/name: ingress-nginx 197 app.kubernetes.io/part-of: ingress-nginx 198 spec: 199 replicas: 1 # Set up to multiple. For example, 3 200 selector: 201 matchLabels: 202 app.kubernetes.io/name: ingress-nginx 203 app.kubernetes.io/part-of: ingress-nginx 204 template: 205 metadata: 206 labels: 207 app.kubernetes.io/name: ingress-nginx 208 app.kubernetes.io/part-of: ingress-nginx 209 annotations: 210 prometheus.io/port: "10254" 211 prometheus.io/scrape: "true" 212 spec: 213 # wait up to five minutes for the drain of connections 214 terminationGracePeriodSeconds: 300 215 serviceAccountName: nginx-ingress-serviceaccount # Add hostNetwork: true, which means to open the host network mode and expose the Nginx service port 80 216 hostNetwork: true 217 nodeSelector: 218 kubernetes.io/os: linux 219 containers: 220 - name: nginx-ingress-controller 221 image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:master 222 args: 223 - /nginx-ingress-controller 224 - --configmap=$(POD_NAMESPACE)/nginx-configuration 225 - --tcp-services-configmap=$(POD_NAMESPACE)/tcp-services 226 - --udp-services-configmap=$(POD_NAMESPACE)/udp-services 227 - --publish-service=$(POD_NAMESPACE)/ingress-nginx 228 - --annotations-prefix=nginx.ingress.kubernetes.io '''''''''
Deploy ingress (Gateway)
cd /usr/local/kubernetes/yaml/ingress
vim ingress.yml
apiVersion: networking.k8s.io/v1beta1 kind: Ingress metadata: name: nginx-web annotations: # Specify the type of Ingress Controller kubernetes.io/ingress.class: "nginx" # Specify that the path of our rules can use regular expressions nginx.ingress.kubernetes.io/use-regex: "true" # Connection timeout, 5s by default nginx.ingress.kubernetes.io/proxy-connect-timeout: "600" # Timeout of data rotation of back-end server, 60s by default nginx.ingress.kubernetes.io/proxy-send-timeout: "600" # Back end server response timeout, default is 60s nginx.ingress.kubernetes.io/proxy-read-timeout: "600" # The maximum size of the file uploaded by the client is 20 m by default nginx.ingress.kubernetes.io/proxy-body-size: "10m" # URL rewrite nginx.ingress.kubernetes.io/rewrite-target: / spec: # Routing rules rules: # Host name, can only be domain name, modify it to your own - host: k8s.test.com http: paths: - path: backend: # The Service Name deployed in the background corresponds to the Tomcat deployed above serviceName: tomcat-http # The Service Port deployed in the background corresponds to the Tomcat deployed above servicePort: 8081
167 original articles published, 20 praised, 30000 visited+