k8s之ingress實戰(zhàn)小栗子-創(chuàng)新互聯(lián)

寫在前面

本文接k8s之ingress 。

創(chuàng)新互聯(lián)公司2013年至今,是專業(yè)互聯(lián)網(wǎng)技術(shù)服務(wù)公司,擁有項目成都網(wǎng)站設(shè)計、成都做網(wǎng)站、外貿(mào)網(wǎng)站建設(shè)網(wǎng)站策劃,項目實施與項目整合能力。我們以讓每一個夢想脫穎而出為使命,1280元臨潁做網(wǎng)站,已為上家服務(wù),為臨潁各地企業(yè)和個人服務(wù),聯(lián)系電話:028-86922220

本文看一個基于ingress作為流量入口的實戰(zhàn)例子,架構(gòu)圖如下:

在這里插入圖片描述

接下來詳細看下。

1:部署MariaDB

首先我們需要定義MariaDB使用的configmap,如下:

apiVersion: v1
kind: ConfigMap
metadata:
  name: maria-cm

data:
  DATABASE: 'db'
  USER: 'wp'
  PASSWORD: '123'
  ROOT_PASSWORD: '123'

然后需要定義后MariaDB的deploy來維持MariaDB的POD數(shù)在一定個數(shù),如下:

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: maria-dep
  name: maria-dep

spec:
  replicas: 1
  selector:
    matchLabels:
      app: maria-dep

  template:
    metadata:
      labels:
        app: maria-dep
    spec:
      containers:
      - image: mariadb:10
        name: mariadb
        ports:
        - containerPort: 3306

        envFrom:
        - prefix: 'MARIADB_'
          configMapRef:
            name: maria-cm

最后定義MariaDB的POD的service,這樣可以域名方式訪問POD,這樣就不用關(guān)心POD的退出和新建而導(dǎo)致的IP地址變化問題,yaml如下:

apiVersion: v1
kind: Service
metadata:
  labels:
    app: maria-dep
  name: maria-svc

spec:
  ports:
  - port: 3306
    protocol: TCP
    targetPort: 3306
  selector:
    app: maria-dep

最后我們使用---將以上3個yaml定義在一個文件中,然后apply如下:

dongyunqi@mongodaddy:~/k8s$ kubectl apply -f wp-maria.yml 
configmap/maria-cm created
deployment.apps/maria-dep created
service/maria-svc created

查看如下:

dongyunqi@mongodaddy:~/k8s$ kubectl get pod
NAME                         READY   STATUS    RESTARTS   AGE
maria-dep-767bbdccb5-dbm2t   1/1     Running   0          41m
dongyunqi@mongodaddy:~/k8s$ kubectl get deployment
NAME        READY   UP-TO-DATE   AVAILABLE   AGE
maria-dep   1/1     1            1           41m
dongyunqi@mongodaddy:~/k8s$ kubectl get service
NAME         TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)    AGE
...
maria-svc    ClusterIP   10.108.87.2403306/TCP   41m
2:部署WordPress

首先我們需要定義WordPress使用的ConfigMap,如下:

apiVersion: v1
kind: ConfigMap
metadata:
  name: wp-cm

data:
  HOST: 'maria-svc'
  USER: 'wp'
  PASSWORD: '123'
  NAME: 'db'

注意HOST: 'maria-svc'配置的是MariaDB的service 域名,這樣就能屏蔽IP地址的變化帶來的影響,然后定義deploy,控制WordPress的個數(shù),這里定義2個POD,envFrom設(shè)置環(huán)境變量,如下:

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: wp-dep
  name: wp-dep

spec:
  replicas: 2
  selector:
    matchLabels:
      app: wp-dep

  template:
    metadata:
      labels:
        app: wp-dep
    spec:
      containers:
      - image: wordpress:5
        name: wordpress
        ports:
        - containerPort: 80

        envFrom:
        - prefix: 'WORDPRESS_DB_'
          configMapRef:
            name: wp-cm

最后設(shè)置service,實現(xiàn)負載均衡以及服務(wù)發(fā)現(xiàn),并通過NodePort暴露端口號30088(必須在30000~32767之間)到宿主機,這樣我們就可以在ingress訪問不正常時通過訪問該service來排查問題。如下:

apiVersion: v1
kind: Service
metadata:
  labels:
    app: wp-dep
  name: wp-svc

spec:
  ports:
  - name: http80
    port: 80
    protocol: TCP
    targetPort: 80
    nodePort: 30088

  selector:
    app: wp-dep
  type: NodePort

接著我們將三個yaml以---放在一個文件中,并apply,如下:

dongyunqi@mongodaddy:~/k8s$ kubectl apply -f  wp-dep.yml 
configmap/wp-cm created
deployment.apps/wp-dep created
service/wp-svc created
dongyunqi@mongodaddy:~/k8s$ kubectl get pod
NAME                         READY   STATUS    RESTARTS   AGE
maria-dep-767bbdccb5-dbm2t   1/1     Running   0          81m
wp-dep-5b5586d79c-fvj86      1/1     Running   0          2m23s
wp-dep-5b5586d79c-qf2zt      1/1     Running   0          2m23s
dongyunqi@mongodaddy:~/k8s$ kubectl get deploy
NAME        READY   UP-TO-DATE   AVAILABLE   AGE
maria-dep   1/1     1            1           81m
wp-dep      2/2     2            2           2m34s
dongyunqi@mongodaddy:~/k8s$ kubectl get service
NAME         TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)        AGE
kubernetes   ClusterIP   10.96.0.1443/TCP        46h
maria-svc    ClusterIP   10.108.87.2403306/TCP       81m
wp-svc       NodePort    10.99.4.11780:30088/TCP   2m48s

接著我們就可以通過任意一個節(jié)點的30088端口來訪問WordPress網(wǎng)站了,如下:

在這里插入圖片描述

最后我們來部署流量真正的入口ingress。

3:部署ingress

首先定義ingress class:

apiVersion: networking.k8s.io/v1
kind: IngressClass
metadata:
  name: wp-ink

spec:
  controller: nginx.org/ingress-controller

然后用kubectl create命令生成ingress樣板文件,指定域名是wp.test,后端Service是wp-svc:80,Ingress Class就是剛定義的wp-ink,如下:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: wp-ing

spec:
  ingressClassName: wp-ink

  rules:
  - host: wp.test
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: wp-svc
            port:
              number: 80

最后定義ingress controller yaml,如下:

dongyunqi@mongodaddy:~/k8s$ cat my-ingress-controller.yml 
apiVersion: apps/v1
kind: Deployment
metadata:
  name: wp-ing
  namespace: nginx-ingress
spec:
  replicas: 1
  selector:
    matchLabels:
      app: ngx-kic-dep
  template:
    metadata:
      labels:
        app: ngx-kic-dep
    spec:
      hostNetwork: true
      serviceAccountName: nginx-ingress
      automountServiceAccountToken: true
      containers:
      - image: nginx/nginx-ingress:2.2-alpine
        imagePullPolicy: IfNotPresent
        name: nginx-ingress
        ports:
        - name: http
          containerPort: 80
        - name: https
          containerPort: 443
        - name: readiness-port
          containerPort: 8081
        - name: prometheus
          containerPort: 9113
        readinessProbe:
          httpGet:
            path: /nginx-ready
            port: readiness-port
          periodSeconds: 1
        resources:
          requests:
            cpu: "100m"
            memory: "128Mi"
        securityContext:
          allowPrivilegeEscalation: true
          runAsUser: 101 #nginx
          runAsNonRoot: true
          capabilities:
            drop:
            - ALL
            add:
            - NET_BIND_SERVICE
        env:
        - name: POD_NAMESPACE
          valueFrom:
            fieldRef:
              fieldPath: metadata.namespace
        - name: POD_NAME
          valueFrom:
            fieldRef:
              fieldPath: metadata.name
        args:
          - -nginx-configmaps=$(POD_NAMESPACE)/nginx-config
          - -default-server-tls-secret=$(POD_NAMESPACE)/default-server-secret
          - -ingress-class=wp-ink

注意Nginx的pod配置了hostNetwork: true即和宿主機共享網(wǎng)絡(luò)。分別apply后還不能直接訪問,還需要配置hosts,將域名wp.test映射到Nginx的pod所在的Node的IP(通過-o wide查看POD會顯示所在Node的IP地址信息),如下:

192.168.64.132 wp.test

測試如下:

在這里插入圖片描述

這里頁面報錯是WordPress的,因為是我本地機器的資源不足,導(dǎo)致MariaDB的POD停止了,不過不影響我們測試,畢竟已經(jīng)訪問到WordPress了。

寫在后面

你是否還在尋找穩(wěn)定的海外服務(wù)器提供商?創(chuàng)新互聯(lián)www.cdcxhl.cn海外機房具備T級流量清洗系統(tǒng)配攻擊溯源,準(zhǔn)確流量調(diào)度確保服務(wù)器高可用性,企業(yè)級服務(wù)器適合批量采購,新人活動首月15元起,快前往官網(wǎng)查看詳情吧

分享文章:k8s之ingress實戰(zhàn)小栗子-創(chuàng)新互聯(lián)
網(wǎng)站路徑:http://bm7419.com/article36/hchpg.html

成都網(wǎng)站建設(shè)公司_創(chuàng)新互聯(lián),為您提供App設(shè)計、網(wǎng)站導(dǎo)航、服務(wù)器托管、網(wǎng)站排名企業(yè)建站、Google

廣告

聲明:本網(wǎng)站發(fā)布的內(nèi)容(圖片、視頻和文字)以用戶投稿、用戶轉(zhuǎn)載內(nèi)容為主,如果涉及侵權(quán)請盡快告知,我們將會在第一時間刪除。文章觀點不代表本網(wǎng)站立場,如需處理請聯(lián)系客服。電話:028-86922220;郵箱:631063699@qq.com。內(nèi)容未經(jīng)允許不得轉(zhuǎn)載,或轉(zhuǎn)載時需注明來源: 創(chuàng)新互聯(lián)

網(wǎng)站建設(shè)網(wǎng)站維護公司