Install Ingress Controller
Ingress Controller runs in the container of the k8s cluster. It allows each node to listen on ports 80 and 443, provides reverse proxy for requests from outside the cluster, and monitors the Ingress configuration in the cluster in real time, and updates the reverse proxy rules automatically.
Deploy default http backend
nginx ingress controller requires a default http service to be tested.
Use the kubectl apply-f command to install Deployment and Service at once; pay attention to replacing the image download path.
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: default-http-backend
labels:
k8s-app: default-http-backend
namespace: kube-system
spec:
replicas: 1
template:
metadata:
labels:
k8s-app: default-http-backend
spec:
terminationGracePeriodSeconds: 60
containers:
- name: default-http-backend
# Any image is permissable as long as:
# 1. It serves a 404 page at /
# 2. It serves 200 on a /healthz endpoint
image: centos-master:5000/defaultbackend:1.0
livenessProbe:
httpGet:
path: /healthz
port: 8080
scheme: HTTP
initialDelaySeconds: 30
timeoutSeconds: 5
ports:
- containerPort: 8080
resources:
limits:
cpu: 10m
memory: 20Mi
requests:
cpu: 10m
memory: 20Mi
---
apiVersion: v1
kind: Service
metadata:
name: default-http-backend
namespace: kube-system
labels:
k8s-app: default-http-backend
spec:
ports:
- port: 80
targetPort: 8080
selector:
k8s-app: default-http-backend
Deploy nginx ingress controller
Using DaemonSet, each node runs a reverse proxy, opening ports 80 and 443 to accept requests outside the cluster.
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: nginx-ingress-controller
labels:
k8s-app: nginx-ingress-controller
namespace: kube-system
spec:
template:
metadata:
labels:
k8s-app: nginx-ingress-controller
annotations:
prometheus.io/port: '10254'
prometheus.io/scrape: 'true'
spec:
# hostNetwork makes it possible to use ipv6 and to preserve the source IP correctly regardless of docker configuration
# however, it is not a hard dependency of the nginx-ingress-controller itself and it may cause issues if port 10254 already is taken on the host
# that said, since hostPort is broken on CNI (https://github.com/kubernetes/kubernetes/issues/31307) we have to use hostNetwork where CNI is used
# like with kubeadm
# hostNetwork: true
terminationGracePeriodSeconds: 60
containers:
- image: centos-master:5000/nginx-ingress-controller:0.8.3
name: nginx-ingress-controller
readinessProbe:
httpGet:
path: /healthz
port: 10254
scheme: HTTP
livenessProbe:
httpGet:
path: /healthz
port: 10254
scheme: HTTP
initialDelaySeconds: 10
timeoutSeconds: 1
ports:
- containerPort: 80
hostPort: 80
- containerPort: 443
hostPort: 443
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
args:
- /nginx-ingress-controller
- --default-backend-service=$(POD_NAMESPACE)/default-http-backend
Install and access kubernetes dashboard
dashboard lets administrators view the status of k8s clusters and the logs of containers on web pages.
Deployment of dashboard
It is not necessary to set up NodePort to monitor the configuration of port 30090 of node, because the reverse proxy provided by nginx ingress controller is available.
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: kube-dashboard
namespace: kube-system
labels:
k8s-app: kube-dashboard
version: v1.6.0
kubernetes.io/cluster-service: "true"
spec:
replicas: 1
template:
metadata:
labels:
k8s-app: kube-dashboard
version: v1.6.0
kubernetes.io/cluster-service: "true"
annotations:
scheduler.alpha.kubernetes.io/critical-pod: ''
scheduler.alpha.kubernetes.io/tolerations: '[{"key":"CriticalAddonsOnly", "operator":"Exists"}]'
spec:
containers:
- name: kube-dashboard
image: centos-master:5000/kubernetes-dashboard-amd64:v1.6.0
resources:
limits:
cpu: 100m
memory: 50Mi
requests:
cpu: 100m
memory: 50Mi
ports:
- containerPort: 9090
livenessProbe:
httpGet:
path: /
port: 9090
initialDelaySeconds: 30
timeoutSeconds: 30
---
apiVersion: v1
kind: Service
metadata:
name: kube-dashboard
namespace: kube-system
labels:
k8s-app: kube-dashboard
kubernetes.io/cluster-service: "true"
spec:
type: NodePort
selector:
k8s-app: kube-dashboard
ports:
- port: 80
targetPort: 9090
nodePort: 30090
Configure ingress
ingress currently provides load balancing configuration in the HTTP layer, which can forward requests to the corresponding services in the cluster according to the host + path in the HTTP request.
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: kube-dashboard-ingress
namespace: kube-system
spec:
rules:
- host: dashboard.wzp.com
http:
paths:
- backend:
serviceName: kube-dashboard
servicePort: 80
Visit dashboard website on windows machine
In the hosts file, you can access the dashboard website by configuring the IP of the domain name specified in the ingress as the IP of a node.
In a production environment, it may be necessary to update the subdomain server to parse the subdomain to the node's IP.