Install Ingress Controller

Ingress Controller runs in the container of the k8s cluster. It allows each node to listen on ports 80 and 443, provides reverse proxy for requests from outside the cluster, and monitors the Ingress configuration in the cluster in real time, and updates the reverse proxy rules automatically.

Deploy default http backend

nginx ingress controller requires a default http service to be tested.
Use the kubectl apply-f command to install Deployment and Service at once; pay attention to replacing the image download path.

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: default-http-backend
  labels:
    k8s-app: default-http-backend
  namespace: kube-system
spec:
  replicas: 1
  template:
    metadata:
      labels:
        k8s-app: default-http-backend
    spec:
      terminationGracePeriodSeconds: 60
      containers:
      - name: default-http-backend
        # Any image is permissable as long as:
        # 1. It serves a 404 page at /
        # 2. It serves 200 on a /healthz endpoint
        image: centos-master:5000/defaultbackend:1.0
        livenessProbe:
          httpGet:
            path: /healthz
            port: 8080
            scheme: HTTP
          initialDelaySeconds: 30
          timeoutSeconds: 5
        ports:
        - containerPort: 8080
        resources:
          limits:
            cpu: 10m
            memory: 20Mi
          requests:
            cpu: 10m
            memory: 20Mi
---
apiVersion: v1
kind: Service
metadata:
  name: default-http-backend
  namespace: kube-system
  labels:
    k8s-app: default-http-backend
spec:
  ports:
  - port: 80
    targetPort: 8080
  selector:
    k8s-app: default-http-backend

Deploy nginx ingress controller

Using DaemonSet, each node runs a reverse proxy, opening ports 80 and 443 to accept requests outside the cluster.

apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
  name: nginx-ingress-controller
  labels:
    k8s-app: nginx-ingress-controller
  namespace: kube-system
spec:
  template:
    metadata:
      labels:
        k8s-app: nginx-ingress-controller
      annotations:
        prometheus.io/port: '10254'
        prometheus.io/scrape: 'true'
    spec:
      # hostNetwork makes it possible to use ipv6 and to preserve the source IP correctly regardless of docker configuration
      # however, it is not a hard dependency of the nginx-ingress-controller itself and it may cause issues if port 10254 already is taken on the host
      # that said, since hostPort is broken on CNI (https://github.com/kubernetes/kubernetes/issues/31307) we have to use hostNetwork where CNI is used
      # like with kubeadm
      # hostNetwork: true
      terminationGracePeriodSeconds: 60
      containers:
      - image: centos-master:5000/nginx-ingress-controller:0.8.3
        name: nginx-ingress-controller
        readinessProbe:
          httpGet:
            path: /healthz
            port: 10254
            scheme: HTTP
        livenessProbe:
          httpGet:
            path: /healthz
            port: 10254
            scheme: HTTP
          initialDelaySeconds: 10
          timeoutSeconds: 1
        ports:
        - containerPort: 80
          hostPort: 80
        - containerPort: 443
          hostPort: 443
        env:
          - name: POD_NAME
            valueFrom:
              fieldRef:
                fieldPath: metadata.name
          - name: POD_NAMESPACE
            valueFrom:
              fieldRef:
                fieldPath: metadata.namespace
        args:
        - /nginx-ingress-controller
        - --default-backend-service=$(POD_NAMESPACE)/default-http-backend

 
 
 

Install and access kubernetes dashboard

dashboard lets administrators view the status of k8s clusters and the logs of containers on web pages.

Deployment of dashboard

It is not necessary to set up NodePort to monitor the configuration of port 30090 of node, because the reverse proxy provided by nginx ingress controller is available.

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: kube-dashboard
  namespace: kube-system
  labels:
    k8s-app: kube-dashboard
    version: v1.6.0
    kubernetes.io/cluster-service: "true"
spec:
  replicas: 1
  template:
    metadata:
      labels:
        k8s-app: kube-dashboard
        version: v1.6.0
        kubernetes.io/cluster-service: "true"
      annotations:
        scheduler.alpha.kubernetes.io/critical-pod: ''
        scheduler.alpha.kubernetes.io/tolerations: '[{"key":"CriticalAddonsOnly", "operator":"Exists"}]'
    spec:
      containers:
      - name: kube-dashboard
        image: centos-master:5000/kubernetes-dashboard-amd64:v1.6.0
        resources:
          limits:
            cpu: 100m
            memory: 50Mi
          requests:
            cpu: 100m
            memory: 50Mi
        ports:
        - containerPort: 9090
        livenessProbe:
          httpGet:
            path: /
            port: 9090
          initialDelaySeconds: 30
          timeoutSeconds: 30
---
apiVersion: v1
kind: Service
metadata:
  name: kube-dashboard
  namespace: kube-system
  labels:
    k8s-app: kube-dashboard
    kubernetes.io/cluster-service: "true"
spec:
  type: NodePort
  selector:
    k8s-app: kube-dashboard
  ports:
  - port: 80
    targetPort: 9090
    nodePort: 30090

Configure ingress

ingress currently provides load balancing configuration in the HTTP layer, which can forward requests to the corresponding services in the cluster according to the host + path in the HTTP request.

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: kube-dashboard-ingress
  namespace: kube-system
spec:
  rules:
    - host: dashboard.wzp.com
      http:
        paths:
          - backend:
              serviceName: kube-dashboard
              servicePort: 80

Visit dashboard website on windows machine

In the hosts file, you can access the dashboard website by configuring the IP of the domain name specified in the ingress as the IP of a node.
In a production environment, it may be necessary to update the subdomain server to parse the subdomain to the node's IP.