由于K8s搭建时官方提供的镜像不FQ是访问不了的,所以搭建过程中很多时间都耗费在去找镜像去了
下面是我搭建k8s集群用到的镜像 没有采用之前我用的二进制文件搭建(dns没成功),这里采用的Kubeadm方式 https://www.kubernetes.org.cn/3808.html
我导出的镜像下载地址: https://pan.baidu.com/s/1LIAno-aC1cuJLDxFadTrTQ
docker 镜像导出
docker save $(docker images | grep -v REPOSITORY | awk 'BEGIN{OFS=":";ORS=" "}{print $1,$2}') -o k8s-images.tardocker 镜像导入
docker load -i k8s-images.taringree的创建可以参考官方说明(但部分文件已不存在,请通过网盘下载):https://kubernetes.github.io/ingress-nginx/deploy/
另外将创建ingress 和 svc 这几个容易出错的地方的yaml配置也贴一个 同样可以通过 上面的网盘地址下载
with-rbac.yaml 用于创建ingress-controller
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: nginx-ingress-controller
namespace: ingress-nginx
spec:
replicas: 1
selector:
matchLabels:
app: ingress-nginx
template:
metadata:
labels:
app: ingress-nginx
annotations:
prometheus.io/port: '10254'
prometheus.io/scrape: 'true'
spec:
serviceAccountName: nginx-ingress-serviceaccount
hostNetwork: true
containers:
- name: nginx-ingress-controller
image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.14.0
args:
- /nginx-ingress-controller
- --default-backend-service=$(POD_NAMESPACE)/default-http-backend
- --configmap=$(POD_NAMESPACE)/nginx-configuration
- --annotations-prefix=nginx.ingress.kubernetes.io
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
ports:
- name: http
containerPort: 80
- name: https
containerPort: 443
livenessProbe:
failureThreshold: 3
httpGet:
path: /healthz
port: 10254
scheme: HTTP
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
readinessProbe:
failureThreshold: 3
httpGet:
path: /healthz
port: 10254
scheme: HTTP
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
securityContext:
runAsNonRoot: falsedefault-backend.yaml 用于创建ingress默认路由
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: default-http-backend
labels:
app: default-http-backend
namespace: ingress-nginx
spec:
replicas: 1
selector:
matchLabels:
app: default-http-backend
template:
metadata:
labels:
app: default-http-backend
spec:
terminationGracePeriodSeconds: 60
containers:
- name: default-http-backend
# Any image is permissible as long as:
# 1. It serves a 404 page at /
# 2. It serves 200 on a /healthz endpoint
image: lanny/gcr.io_google_containers_defaultbackend_1.4:v1.4
livenessProbe:
httpGet:
path: /healthz
port: 8080
scheme: HTTP
initialDelaySeconds: 30
timeoutSeconds: 5
ports:
- containerPort: 8080
resources:
limits:
cpu: 10m
memory: 20Mi
requests:
cpu: 10m
memory: 20Mi
---
apiVersion: v1
kind: Service
metadata:
name: default-http-backend
namespace: ingress-nginx
labels:
app: default-http-backend
spec:
ports:
- port: 80
targetPort: 8080
selector:
app: default-http-backendtomcat-svc.yaml 用于创建一个Tomcat镜像的service
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: tomcat-test
spec:
replicas: 3
selector:
matchLabels:
app: tomcat
template:
metadata:
labels:
app: tomcat
spec:
containers:
- name: tomcat
image: tomcat
ports:
- containerPort: 8080
---
apiVersion: v1
kind: Service
metadata:
name: tomcat-service
labels:
app: tomcat
spec:
ports:
- port: 9090
targetPort: 8080
selector:
app: tomcattomcat-ingress.yaml 将上面创建好的service配置到ingress上去
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: tomcat-ingress
spec:
rules:
- host: a.com
http:
paths:
- path: /tomcat
backend:
serviceName: tomcat-service
servicePort: 9090
- host: b.com
http:
paths:
- path: /nginx
backend:
serviceName: nginx-service
servicePort: 88
- path: /tomcat
backend:
serviceName: tomcat-service
servicePort: 9090最后一步配置ingress路由需要注意的地方
a.com b.com为ingress controller pod所在的节点地址
[root@k8s-node01 ~]# kubectl get pods --all-namespaces -o wide |grep ingress-controller
ingress-nginx nginx-ingress-controller-cb576c748-j2g2m 1/1 Running 0 33d 192.168.42.19 k8s-node04
[root@k8s-node01 ~]# 我本地ingress controller部署在node04上,所以需要将 a.com b。com都要解析到node04
官方ingress有个很大很深的坑,我在这里被坑了两天 https://mritd.me/2017/03/04/how-to-use-nginx-ingress/