ingress-nginx の様子をデモ。WebサービスA、サービスBを起動して、Ingressで振り分け。
- NSX-T LB の代わり
MetalLB の IP レンジを決めておく。(ワーカーの IP レンジで。例: 10.0.3.221-10.0.3.229)
$ cat configmap.yml
apiVersion: v1
kind: ConfigMap
metadata:
namespace: metallb-system
name: config
data:
config: |
address-pools:
- name: default
protocol: layer2
addresses:
- 10.0.3.221-10.0.3.229
metalLB インストール
$ kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.9.3/manifests/namespace.yaml
$ kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.9.3/manifests/metallb.yaml
$ kubectl apply -f configmap.yml
$ kubectl create secret generic -n metallb-system memberlist --from-literal=secretkey="$(openssl rand -base64 128)"
作成されるリソースを見ておく。
$ kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v0.43.0/deploy/static/provider/cloud/deploy.yaml --dry-run=client
作成
$ kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v0.43.0/deploy/static/provider/cloud/deploy.yaml
サービスA
$ cat web-deploy-test-A.yml
---
kind: Service
apiVersion: v1
metadata:
name: web-svc-a
labels:
app: web
site: web-a
spec:
type: LoadBalancer
ports:
- port: 80
protocol: TCP
targetPort: 80
selector:
site: web-a
---
kind: Deployment
apiVersion: apps/v1
metadata:
name: web-a
spec:
replicas: 2
selector:
matchLabels:
app: demo-httpd
template:
metadata:
labels:
app: demo-httpd
site: web-a
spec:
containers:
- name: httpd
image: gowatana/centos7:httpd
ports:
- containerPort: 80
protocol: TCP
command:
- bash
- -c
- |
N=$(uname -n); echo '<h1><font color="red">Site A</font> on TKG</h1>' $N > /var/www/html/index.html; httpd -D FOREGROUND
サービスB
$ cat web-deploy-test-B.yml
---
kind: Service
apiVersion: v1
metadata:
name: web-svc-b
labels:
app: web
site: web-b
spec:
type: LoadBalancer
ports:
- port: 80
protocol: TCP
targetPort: 80
selector:
site: web-b
---
kind: Deployment
apiVersion: apps/v1
metadata:
name: web-b
spec:
replicas: 2
selector:
matchLabels:
app: demo-httpd
template:
metadata:
labels:
app: demo-httpd
site: web-b
spec:
containers:
- name: httpd
image: gowatana/centos7:httpd
ports:
- containerPort: 80
protocol: TCP
command:
- bash
- -c
- |
N=$(uname -n); echo '<h1><font color="blue">Site B</font> on TKG</h1>' $N > /var/www/html/index.html; httpd -D FOREGROUND
サービスAとBの起動
$ kubectl apply -f web-deploy-test-A.yml
$ kubectl apply -f web-deploy-test-B.yml
$ cat test-ingress-01.yml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: test-ingress-01
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- http:
paths:
- path: /site-a
pathType: Prefix
backend:
service:
name: web-svc-a
port:
number: 80
- path: /site-b
pathType: Prefix
backend:
service:
name: web-svc-b
port:
number: 80
Ingress 作成
$ kubectl apply -f test-ingress-01.yml
Service LoadBalancer のIP
$ kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 100.64.0.1 <none> 443/TCP 4d9h
web-svc-a LoadBalancer 100.64.90.133 10.0.3.222 80:32740/TCP 14s
web-svc-b LoadBalancer 100.65.209.202 10.0.3.223 80:30799/TCP 10s
Ingress の IP は 10.0.3.221
$ kubectl get ingress
Warning: extensions/v1beta1 Ingress is deprecated in v1.14+, unavailable in v1.22+; use networking.k8s.io/v1 Ingress
NAME CLASS HOSTS ADDRESS PORTS AGE
test-ingress-01 <none> * 10.0.3.221 80 6m16s
アクセステスト
サービスA、サービスBの Service 直接
Ingress 経由
以上