机器:Ubuntu 18.06在VPS(技术上是服务器)上运行。群集是用kubeadm设置的。
问题:我无法通过domain.com/
因此,基本上我只是执行了这两个yml:
kubectl适用-f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/mandatory.yaml
apiVersion: v1
kind: Namespace
metadata:
name: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
---
kind: ConfigMap
apiVersion: v1
metadata:
name: nginx-configuration
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tcp-services
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
---
kind: ConfigMap
apiVersion: v1
metadata:
name: udp-services
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: nginx-ingress-serviceaccount
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
name: nginx-ingress-clusterrole
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
rules:
- apiGroups:
- ""
resources:
- configmaps
- endpoints
- nodes
- pods
- secrets
verbs:
- list
- watch
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- apiGroups:
- ""
resources:
- services
verbs:
- get
- list
- watch
- apiGroups:
- "extensions"
resources:
- ingresses
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
- apiGroups:
- "extensions"
resources:
- ingresses/status
verbs:
- update
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: Role
metadata:
name: nginx-ingress-role
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
rules:
- apiGroups:
- ""
resources:
- configmaps
- pods
- secrets
- namespaces
verbs:
- get
- apiGroups:
- ""
resources:
- configmaps
resourceNames:
# Defaults to "<election-id>-<ingress-class>"
# Here: "<ingress-controller-leader>-<nginx>"
# This has to be adapted if you change either parameter
# when launching the nginx-ingress-controller.
- "ingress-controller-leader-nginx"
verbs:
- get
- update
- apiGroups:
- ""
resources:
- configmaps
verbs:
- create
- apiGroups:
- ""
resources:
- endpoints
verbs:
- get
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: RoleBinding
metadata:
name: nginx-ingress-role-nisa-binding
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: nginx-ingress-role
subjects:
- kind: ServiceAccount
name: nginx-ingress-serviceaccount
namespace: ingress-nginx
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: nginx-ingress-clusterrole-nisa-binding
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: nginx-ingress-clusterrole
subjects:
- kind: ServiceAccount
name: nginx-ingress-serviceaccount
namespace: ingress-nginx
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: nginx-ingress-controller
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
template:
metadata:
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
annotations:
prometheus.io/port: "10254"
prometheus.io/scrape: "true"
spec:
serviceAccountName: nginx-ingress-serviceaccount
containers:
- name: nginx-ingress-controller
image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.21.0
args:
- /nginx-ingress-controller
- --configmap=$(POD_NAMESPACE)/nginx-configuration
- --tcp-services-configmap=$(POD_NAMESPACE)/tcp-services
- --udp-services-configmap=$(POD_NAMESPACE)/udp-services
- --publish-service=$(POD_NAMESPACE)/ingress-nginx
- --annotations-prefix=nginx.ingress.kubernetes.io
securityContext:
capabilities:
drop:
- ALL
add:
- NET_BIND_SERVICE
# www-data -> 33
runAsUser: 33
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
ports:
- name: http
containerPort: 80
- name: https
containerPort: 443
livenessProbe:
failureThreshold: 3
httpGet:
path: /healthz
port: 10254
scheme: HTTP
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
readinessProbe:
failureThreshold: 3
httpGet:
path: /healthz
port: 10254
scheme: HTTP
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
apiVersion: v1
kind: Service
metadata:
name: ingress-nginx
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
spec:
type: NodePort
ports:
- name: http
port: 80
targetPort: 80
protocol: TCP
- name: https
port: 443
targetPort: 443
protocol: TCP
selector:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
---
nginx控制器已启动并正在运行,它需要注意 其他脚本。
NAME READY STATUS RESTARTS AGE
nginx-ingress-controller-766c77b7d4-8sbrh 1/1 Running 0 46m
入口控制器加载入口的日志:
I1225 11:39:43.663283 9 event.go:221] Event(v1.ObjectReference{Kind:"Ingress", Namespace:"default", Name:"articleservice-ingress", UID:"c5d24d09-0839-11e9-a12a-0050563e015b", APIVersion:"extensions/v1beta1", ResourceVersion:"117205", FieldPath:""}): type: 'Normal' reason: 'CREATE' Ingress default/articleservice-ingress
I1225 11:39:43.663499 9 controller.go:172] Configuration changes detected, backend reload required.
I1225 11:39:43.893031 9 event.go:221] Event(v1.ObjectReference{Kind:"Ingress", Namespace:"default", Name:"cartservice-ingress", UID:"c5f6051e-0839-11e9-a12a-0050563e015b", APIVersion:"extensions/v1beta1", ResourceVersion:"117208", FieldPath:""}): type: 'Normal' reason: 'CREATE' Ingress default/cartservice-ingress
I1225 11:39:43.902002 9 controller.go:190] Backend successfully reloaded.
[25/Dec/2018:11:39:43 +0000]TCP200000.000
I1225 11:39:44.169490 9 event.go:221] Event(v1.ObjectReference{Kind:"Ingress", Namespace:"default", Name:"catalogservice-ingress", UID:"c62008a1-0839-11e9-a12a-0050563e015b", APIVersion:"extensions/v1beta1", ResourceVersion:"117211", FieldPath:""}): type: 'Normal' reason: 'CREATE' Ingress default/catalogservice-ingress
I1225 11:39:46.634113 9 event.go:221] Event(v1.ObjectReference{Kind:"Ingress", Namespace:"default", Name:"customerservice-ingress", UID:"c7984c98-0839-11e9-a12a-0050563e015b", APIVersion:"extensions/v1beta1", ResourceVersion:"117215", FieldPath:""}): type: 'Normal' reason: 'CREATE' Ingress default/customerservice-ingress
I1225 11:39:46.997363 9 controller.go:172] Configuration changes detected, backend reload required.
[25/Dec/2018:11:39:47 +0000]TCP200000.000
I1225 11:39:47.242642 9 controller.go:190] Backend successfully reloaded.
现在,我希望我能够通过domain.com/(应返回404)访问其他通过domain.com/ingress注册的入口的控制器
我想我错过了一些非常基本的东西。如果您需要进一步的信息,请告诉我。
kubectl -n ingress-nginx describe service/ingress-nginx的输出
Name: ingress-nginx
Namespace: ingress-nginx
Labels: app.kubernetes.io/name=ingress-nginx
app.kubernetes.io/part-of=ingress-nginx
Annotations: kubectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"labels":{"app.kubernetes.io/name":"ingress-nginx","app.kubernetes.io/par...
Selector: app.kubernetes.io/name=ingress-nginx,app.kubernetes.io/part-of=ingress-nginx
Type: NodePort
IP: 10.100.48.223
Port: http 80/TCP
TargetPort: 80/TCP
NodePort: http 30734/TCP
Endpoints: 192.168.0.8:80
Port: https 443/TCP
TargetPort: 443/TCP
NodePort: https 32609/TCP
Endpoints: 192.168.0.8:443
Session Affinity: None
External Traffic Policy: Cluster
Events: <none>
答案 0 :(得分:0)
@Konstantin Vustin和@rom的所有学分。我注意到我可以通过
NodePort30734访问入口控制器。
答案 1 :(得分:0)
请考虑使用MetalLB。
这样,您可以使用标准端口和预定义的IP地址集来访问资源。它还允许您在Kubernetes集群的裸机安装上使用已发布的LoadBalancer创建ExternalIP的服务类型。