Created
July 21, 2020 15:01
-
-
Save movii/7a1b14e4a4dbe4f6059e40e9a33e17c5 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apiVersion: v1 | |
kind: Namespace | |
metadata: | |
name: ingress-nginx | |
labels: | |
app.kubernetes.io/name: ingress-nginx | |
app.kubernetes.io/instance: ingress-nginx | |
--- | |
# Source: ingress-nginx/templates/controller-serviceaccount.yaml | |
apiVersion: v1 | |
kind: ServiceAccount | |
metadata: | |
labels: | |
helm.sh/chart: ingress-nginx-2.1.0 | |
app.kubernetes.io/name: ingress-nginx | |
app.kubernetes.io/instance: ingress-nginx | |
app.kubernetes.io/version: 0.32.0 | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/component: controller | |
name: ingress-nginx | |
namespace: ingress-nginx | |
--- | |
# Source: ingress-nginx/templates/controller-configmap.yaml | |
apiVersion: v1 | |
kind: ConfigMap | |
metadata: | |
labels: | |
helm.sh/chart: ingress-nginx-2.1.0 | |
app.kubernetes.io/name: ingress-nginx | |
app.kubernetes.io/instance: ingress-nginx | |
app.kubernetes.io/version: 0.32.0 | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/component: controller | |
name: ingress-nginx-controller | |
namespace: ingress-nginx | |
data: | |
allow-backend-server-header: "true" | |
client-body-buffer-size: 1024k | |
enable-underscores-in-headers: "true" | |
generate-request-id: "true" | |
ignore-invalid-headers: "true" | |
large-client-header-buffers: 4 128k | |
log-format-upstream: $remote_addr - [$remote_addr] - $remote_user [$time_local] | |
"$request" $status $body_bytes_sent "$http_referer" "$http_user_agent" $request_length | |
"$http_x_forwarded_for" $remote_addr $request_time [$proxy_upstream_name] $upstream_addr | |
$upstream_response_length $upstream_response_time $upstream_status $req_id $host | |
max-worker-connections: "65536" | |
proxy-body-size: 8192m | |
proxy-buffer-size: 64k | |
proxy-connect-timeout: "300" | |
proxy-next-upstream-timeout: "10" | |
proxy-read-timeout: "300" | |
proxy-send-timeout: "300" | |
reuse-port: "true" | |
server-tokens: "false" | |
ssl-redirect: "false" | |
upstream-keepalive-connections: "10000" | |
upstream-keepalive-requests: "1000" | |
upstream-keepalive-timeout: "300" | |
worker-cpu-affinity: auto | |
--- | |
apiVersion: v1 | |
kind: ConfigMap | |
metadata: | |
labels: | |
helm.sh/chart: ingress-nginx-2.1.0 | |
app.kubernetes.io/name: ingress-nginx | |
app.kubernetes.io/instance: ingress-nginx | |
app.kubernetes.io/version: 0.32.0 | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/component: controller | |
name: tcp-services | |
namespace: ingress-nginx | |
data: | |
--- | |
apiVersion: v1 | |
kind: ConfigMap | |
metadata: | |
labels: | |
helm.sh/chart: ingress-nginx-2.1.0 | |
app.kubernetes.io/name: ingress-nginx | |
app.kubernetes.io/instance: ingress-nginx | |
app.kubernetes.io/version: 0.32.0 | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/component: controller | |
name: udp-services | |
namespace: ingress-nginx | |
data: | |
--- | |
# Source: ingress-nginx/templates/clusterrole.yaml | |
apiVersion: rbac.authorization.k8s.io/v1 | |
kind: ClusterRole | |
metadata: | |
labels: | |
helm.sh/chart: ingress-nginx-2.1.0 | |
app.kubernetes.io/name: ingress-nginx | |
app.kubernetes.io/instance: ingress-nginx | |
app.kubernetes.io/version: 0.32.0 | |
app.kubernetes.io/managed-by: Helm | |
name: ingress-nginx | |
namespace: ingress-nginx | |
rules: | |
- apiGroups: | |
- '' | |
resources: | |
- configmaps | |
- endpoints | |
- nodes | |
- pods | |
- secrets | |
verbs: | |
- list | |
- watch | |
- apiGroups: | |
- '' | |
resources: | |
- nodes | |
verbs: | |
- get | |
- apiGroups: | |
- '' | |
resources: | |
- services | |
verbs: | |
- get | |
- list | |
- update | |
- watch | |
- apiGroups: | |
- extensions | |
- networking.k8s.io # k8s 1.14+ | |
resources: | |
- ingresses | |
verbs: | |
- get | |
- list | |
- watch | |
- apiGroups: | |
- '' | |
resources: | |
- events | |
verbs: | |
- create | |
- patch | |
- apiGroups: | |
- extensions | |
- networking.k8s.io # k8s 1.14+ | |
resources: | |
- ingresses/status | |
verbs: | |
- update | |
- apiGroups: | |
- networking.k8s.io # k8s 1.14+ | |
resources: | |
- ingressclasses | |
verbs: | |
- get | |
- list | |
- watch | |
--- | |
# Source: ingress-nginx/templates/clusterrolebinding.yaml | |
apiVersion: rbac.authorization.k8s.io/v1 | |
kind: ClusterRoleBinding | |
metadata: | |
labels: | |
helm.sh/chart: ingress-nginx-2.1.0 | |
app.kubernetes.io/name: ingress-nginx | |
app.kubernetes.io/instance: ingress-nginx | |
app.kubernetes.io/version: 0.32.0 | |
app.kubernetes.io/managed-by: Helm | |
name: ingress-nginx | |
namespace: ingress-nginx | |
roleRef: | |
apiGroup: rbac.authorization.k8s.io | |
kind: ClusterRole | |
name: ingress-nginx | |
subjects: | |
- kind: ServiceAccount | |
name: ingress-nginx | |
namespace: ingress-nginx | |
--- | |
# Source: ingress-nginx/templates/controller-role.yaml | |
apiVersion: rbac.authorization.k8s.io/v1 | |
kind: Role | |
metadata: | |
labels: | |
helm.sh/chart: ingress-nginx-2.1.0 | |
app.kubernetes.io/name: ingress-nginx | |
app.kubernetes.io/instance: ingress-nginx | |
app.kubernetes.io/version: 0.32.0 | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/component: controller | |
name: ingress-nginx | |
namespace: ingress-nginx | |
rules: | |
- apiGroups: | |
- '' | |
resources: | |
- namespaces | |
verbs: | |
- get | |
- apiGroups: | |
- '' | |
resources: | |
- configmaps | |
- pods | |
- secrets | |
- endpoints | |
verbs: | |
- get | |
- list | |
- watch | |
- apiGroups: | |
- '' | |
resources: | |
- services | |
verbs: | |
- get | |
- list | |
- update | |
- watch | |
- apiGroups: | |
- extensions | |
- networking.k8s.io # k8s 1.14+ | |
resources: | |
- ingresses | |
verbs: | |
- get | |
- list | |
- watch | |
- apiGroups: | |
- extensions | |
- networking.k8s.io # k8s 1.14+ | |
resources: | |
- ingresses/status | |
verbs: | |
- update | |
- apiGroups: | |
- networking.k8s.io # k8s 1.14+ | |
resources: | |
- ingressclasses | |
verbs: | |
- get | |
- list | |
- watch | |
- apiGroups: | |
- '' | |
resources: | |
- configmaps | |
resourceNames: | |
- ingress-controller-leader-nginx | |
verbs: | |
- get | |
- update | |
- apiGroups: | |
- '' | |
resources: | |
- configmaps | |
verbs: | |
- create | |
- apiGroups: | |
- '' | |
resources: | |
- endpoints | |
verbs: | |
- create | |
- get | |
- update | |
- apiGroups: | |
- '' | |
resources: | |
- events | |
verbs: | |
- create | |
- patch | |
--- | |
# Source: ingress-nginx/templates/controller-rolebinding.yaml | |
apiVersion: rbac.authorization.k8s.io/v1 | |
kind: RoleBinding | |
metadata: | |
labels: | |
helm.sh/chart: ingress-nginx-2.1.0 | |
app.kubernetes.io/name: ingress-nginx | |
app.kubernetes.io/instance: ingress-nginx | |
app.kubernetes.io/version: 0.32.0 | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/component: controller | |
name: ingress-nginx | |
namespace: ingress-nginx | |
roleRef: | |
apiGroup: rbac.authorization.k8s.io | |
kind: Role | |
name: ingress-nginx | |
subjects: | |
- kind: ServiceAccount | |
name: ingress-nginx | |
namespace: ingress-nginx | |
--- | |
# Source: ingress-nginx/templates/controller-service-webhook.yaml | |
apiVersion: v1 | |
kind: Service | |
metadata: | |
labels: | |
helm.sh/chart: ingress-nginx-2.1.0 | |
app.kubernetes.io/name: ingress-nginx | |
app.kubernetes.io/instance: ingress-nginx | |
app.kubernetes.io/version: 0.32.0 | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/component: controller | |
name: ingress-nginx-controller-admission | |
namespace: ingress-nginx | |
spec: | |
type: ClusterIP | |
ipFamily: IPv6 # ipv4 可以不添加 | |
ports: | |
- name: https-webhook | |
port: 443 | |
targetPort: webhook | |
selector: | |
app.kubernetes.io/name: ingress-nginx | |
app.kubernetes.io/instance: ingress-nginx | |
app.kubernetes.io/component: controller | |
--- | |
# Source: ingress-nginx/templates/controller-service.yaml | |
apiVersion: v1 | |
kind: Service | |
metadata: | |
labels: | |
helm.sh/chart: ingress-nginx-2.1.0 | |
app.kubernetes.io/name: ingress-nginx | |
app.kubernetes.io/instance: ingress-nginx | |
app.kubernetes.io/version: 0.32.0 | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/component: controller | |
name: ingress-nginx-controller | |
namespace: ingress-nginx | |
spec: | |
type: ClusterIP | |
ipFamily: IPv6 # ipv4 可以不添加 | |
ports: | |
- name: http | |
port: 80 | |
protocol: TCP | |
targetPort: http | |
- name: https | |
port: 443 | |
protocol: TCP | |
targetPort: https | |
selector: | |
app.kubernetes.io/name: ingress-nginx | |
app.kubernetes.io/instance: ingress-nginx | |
app.kubernetes.io/component: controller | |
--- | |
# Source: ingress-nginx/templates/controller-deployment.yaml | |
apiVersion: apps/v1 | |
kind: DaemonSet | |
metadata: | |
labels: | |
helm.sh/chart: ingress-nginx-2.1.0 | |
app.kubernetes.io/name: ingress-nginx | |
app.kubernetes.io/instance: ingress-nginx | |
app.kubernetes.io/version: 0.32.0 | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/component: controller | |
name: ingress-nginx-controller | |
namespace: ingress-nginx | |
spec: | |
selector: | |
matchLabels: | |
app.kubernetes.io/name: ingress-nginx | |
app.kubernetes.io/instance: ingress-nginx | |
app.kubernetes.io/component: controller | |
revisionHistoryLimit: 10 | |
minReadySeconds: 0 | |
template: | |
metadata: | |
labels: | |
app.kubernetes.io/name: ingress-nginx | |
app.kubernetes.io/instance: ingress-nginx | |
app.kubernetes.io/component: controller | |
annotations: | |
prometheus.io/port: "10254" | |
prometheus.io/scrape: "true" | |
spec: | |
hostNetwork: true | |
dnsPolicy: ClusterFirstWithHostNet | |
containers: | |
- name: controller | |
image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.32.0 | |
imagePullPolicy: IfNotPresent | |
lifecycle: | |
preStop: | |
exec: | |
command: | |
- /wait-shutdown | |
args: | |
- /nginx-ingress-controller | |
- --election-id=ingress-controller-leader | |
- --ingress-class=nginx | |
- --configmap=$(POD_NAMESPACE)/ingress-nginx-controller | |
- --tcp-services-configmap=$(POD_NAMESPACE)/tcp-services | |
- --udp-services-configmap=$(POD_NAMESPACE)/udp-services | |
- --annotations-prefix=nginx.ingress.kubernetes.io | |
- --v=2 | |
- --validating-webhook=:8443 | |
- --validating-webhook-certificate=/usr/local/certificates/cert | |
- --validating-webhook-key=/usr/local/certificates/key | |
securityContext: | |
capabilities: | |
drop: | |
- ALL | |
add: | |
- NET_BIND_SERVICE | |
runAsUser: 101 | |
allowPrivilegeEscalation: true | |
env: | |
- name: POD_NAME | |
valueFrom: | |
fieldRef: | |
fieldPath: metadata.name | |
- name: POD_NAMESPACE | |
valueFrom: | |
fieldRef: | |
fieldPath: metadata.namespace | |
livenessProbe: | |
httpGet: | |
path: /healthz | |
port: 10254 | |
scheme: HTTP | |
initialDelaySeconds: 10 | |
periodSeconds: 10 | |
timeoutSeconds: 1 | |
successThreshold: 1 | |
failureThreshold: 3 | |
readinessProbe: | |
httpGet: | |
path: /healthz | |
port: 10254 | |
scheme: HTTP | |
initialDelaySeconds: 10 | |
periodSeconds: 10 | |
timeoutSeconds: 1 | |
successThreshold: 1 | |
failureThreshold: 3 | |
ports: | |
- name: http | |
containerPort: 80 | |
hostPort: 80 | |
protocol: TCP | |
- name: https | |
containerPort: 443 | |
hostPort: 443 | |
protocol: TCP | |
- name: webhook | |
containerPort: 8443 | |
hostPort: 8443 | |
protocol: TCP | |
volumeMounts: | |
- name: webhook-cert | |
mountPath: /usr/local/certificates/ | |
readOnly: true | |
- name: localtime | |
mountPath: /etc/localtime | |
readOnly: true | |
resources: | |
requests: | |
cpu: 100m | |
memory: 90Mi | |
serviceAccountName: ingress-nginx | |
terminationGracePeriodSeconds: 300 | |
volumes: | |
- name: webhook-cert | |
secret: | |
secretName: ingress-nginx-admission | |
- name: localtime | |
hostPath: | |
path: /etc/localtime | |
type: File | |
updateStrategy: | |
type: RollingUpdate | |
rollingUpdate: | |
maxUnavailable: 1 | |
--- | |
# Source: ingress-nginx/templates/admission-webhooks/validating-webhook.yaml | |
apiVersion: admissionregistration.k8s.io/v1beta1 | |
kind: ValidatingWebhookConfiguration | |
metadata: | |
labels: | |
helm.sh/chart: ingress-nginx-2.1.0 | |
app.kubernetes.io/name: ingress-nginx | |
app.kubernetes.io/instance: ingress-nginx | |
app.kubernetes.io/version: 0.32.0 | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/component: admission-webhook | |
name: ingress-nginx-admission | |
namespace: ingress-nginx | |
webhooks: | |
- name: validate.nginx.ingress.kubernetes.io | |
rules: | |
- apiGroups: | |
- extensions | |
- networking.k8s.io | |
apiVersions: | |
- v1beta1 | |
operations: | |
- CREATE | |
- UPDATE | |
resources: | |
- ingresses | |
failurePolicy: Fail | |
clientConfig: | |
service: | |
namespace: ingress-nginx | |
name: ingress-nginx-controller-admission | |
path: /extensions/v1beta1/ingresses | |
--- | |
# Source: ingress-nginx/templates/admission-webhooks/job-patch/clusterrole.yaml | |
apiVersion: rbac.authorization.k8s.io/v1 | |
kind: ClusterRole | |
metadata: | |
name: ingress-nginx-admission | |
annotations: | |
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade | |
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded | |
labels: | |
helm.sh/chart: ingress-nginx-2.1.0 | |
app.kubernetes.io/name: ingress-nginx | |
app.kubernetes.io/instance: ingress-nginx | |
app.kubernetes.io/version: 0.32.0 | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/component: admission-webhook | |
namespace: ingress-nginx | |
rules: | |
- apiGroups: | |
- admissionregistration.k8s.io | |
resources: | |
- validatingwebhookconfigurations | |
verbs: | |
- get | |
- update | |
--- | |
# Source: ingress-nginx/templates/admission-webhooks/job-patch/clusterrolebinding.yaml | |
apiVersion: rbac.authorization.k8s.io/v1 | |
kind: ClusterRoleBinding | |
metadata: | |
name: ingress-nginx-admission | |
annotations: | |
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade | |
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded | |
labels: | |
helm.sh/chart: ingress-nginx-2.1.0 | |
app.kubernetes.io/name: ingress-nginx | |
app.kubernetes.io/instance: ingress-nginx | |
app.kubernetes.io/version: 0.32.0 | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/component: admission-webhook | |
namespace: ingress-nginx | |
roleRef: | |
apiGroup: rbac.authorization.k8s.io | |
kind: ClusterRole | |
name: ingress-nginx-admission | |
subjects: | |
- kind: ServiceAccount | |
name: ingress-nginx-admission | |
namespace: ingress-nginx | |
--- | |
# Source: ingress-nginx/templates/admission-webhooks/job-patch/job-createSecret.yaml | |
apiVersion: batch/v1 | |
kind: Job | |
metadata: | |
name: ingress-nginx-admission-create | |
annotations: | |
helm.sh/hook: pre-install,pre-upgrade | |
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded | |
labels: | |
helm.sh/chart: ingress-nginx-2.1.0 | |
app.kubernetes.io/name: ingress-nginx | |
app.kubernetes.io/instance: ingress-nginx | |
app.kubernetes.io/version: 0.32.0 | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/component: admission-webhook | |
namespace: ingress-nginx | |
spec: | |
template: | |
metadata: | |
name: ingress-nginx-admission-create | |
labels: | |
helm.sh/chart: ingress-nginx-2.1.0 | |
app.kubernetes.io/name: ingress-nginx | |
app.kubernetes.io/instance: ingress-nginx | |
app.kubernetes.io/version: 0.32.0 | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/component: admission-webhook | |
spec: | |
containers: | |
- name: create | |
image: jettech/kube-webhook-certgen:v1.2.0 | |
imagePullPolicy: IfNotPresent | |
args: | |
- create | |
- --host=ingress-nginx-controller-admission,ingress-nginx-controller-admission.ingress-nginx.svc | |
- --namespace=ingress-nginx | |
- --secret-name=ingress-nginx-admission | |
restartPolicy: OnFailure | |
serviceAccountName: ingress-nginx-admission | |
securityContext: | |
runAsNonRoot: true | |
runAsUser: 2000 | |
--- | |
# Source: ingress-nginx/templates/admission-webhooks/job-patch/job-patchWebhook.yaml | |
apiVersion: batch/v1 | |
kind: Job | |
metadata: | |
name: ingress-nginx-admission-patch | |
annotations: | |
helm.sh/hook: post-install,post-upgrade | |
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded | |
labels: | |
helm.sh/chart: ingress-nginx-2.1.0 | |
app.kubernetes.io/name: ingress-nginx | |
app.kubernetes.io/instance: ingress-nginx | |
app.kubernetes.io/version: 0.32.0 | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/component: admission-webhook | |
namespace: ingress-nginx | |
spec: | |
template: | |
metadata: | |
name: ingress-nginx-admission-patch | |
labels: | |
helm.sh/chart: ingress-nginx-2.1.0 | |
app.kubernetes.io/name: ingress-nginx | |
app.kubernetes.io/instance: ingress-nginx | |
app.kubernetes.io/version: 0.32.0 | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/component: admission-webhook | |
spec: | |
containers: | |
- name: patch | |
image: jettech/kube-webhook-certgen:v1.2.0 | |
imagePullPolicy: IfNotPresent | |
args: | |
- patch | |
- --webhook-name=ingress-nginx-admission | |
- --namespace=ingress-nginx | |
- --patch-mutating=false | |
- --secret-name=ingress-nginx-admission | |
- --patch-failure-policy=Fail | |
restartPolicy: OnFailure | |
serviceAccountName: ingress-nginx-admission | |
securityContext: | |
runAsNonRoot: true | |
runAsUser: 2000 | |
--- | |
# Source: ingress-nginx/templates/admission-webhooks/job-patch/role.yaml | |
apiVersion: rbac.authorization.k8s.io/v1 | |
kind: Role | |
metadata: | |
name: ingress-nginx-admission | |
annotations: | |
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade | |
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded | |
labels: | |
helm.sh/chart: ingress-nginx-2.1.0 | |
app.kubernetes.io/name: ingress-nginx | |
app.kubernetes.io/instance: ingress-nginx | |
app.kubernetes.io/version: 0.32.0 | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/component: admission-webhook | |
namespace: ingress-nginx | |
rules: | |
- apiGroups: | |
- '' | |
resources: | |
- secrets | |
verbs: | |
- get | |
- create | |
--- | |
# Source: ingress-nginx/templates/admission-webhooks/job-patch/rolebinding.yaml | |
apiVersion: rbac.authorization.k8s.io/v1 | |
kind: RoleBinding | |
metadata: | |
name: ingress-nginx-admission | |
annotations: | |
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade | |
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded | |
labels: | |
helm.sh/chart: ingress-nginx-2.1.0 | |
app.kubernetes.io/name: ingress-nginx | |
app.kubernetes.io/instance: ingress-nginx | |
app.kubernetes.io/version: 0.32.0 | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/component: admission-webhook | |
namespace: ingress-nginx | |
roleRef: | |
apiGroup: rbac.authorization.k8s.io | |
kind: Role | |
name: ingress-nginx-admission | |
subjects: | |
- kind: ServiceAccount | |
name: ingress-nginx-admission | |
namespace: ingress-nginx | |
--- | |
# Source: ingress-nginx/templates/admission-webhooks/job-patch/serviceaccount.yaml | |
apiVersion: v1 | |
kind: ServiceAccount | |
metadata: | |
name: ingress-nginx-admission | |
annotations: | |
helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade | |
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded | |
labels: | |
helm.sh/chart: ingress-nginx-2.1.0 | |
app.kubernetes.io/name: ingress-nginx | |
app.kubernetes.io/instance: ingress-nginx | |
app.kubernetes.io/version: 0.32.0 | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/component: admission-webhook | |
namespace: ingress-nginx | |
部署 ingress-nginx | |
root@Qist:/mnt/g/work/ipv6/1# kubectl apply -f deploy.yaml | |
namespace/ingress-nginx created | |
serviceaccount/ingress-nginx created | |
configmap/ingress-nginx-controller created | |
configmap/tcp-services created | |
configmap/udp-services created | |
clusterrole.rbac.authorization.k8s.io/ingress-nginx created | |
clusterrolebinding.rbac.authorization.k8s.io/ingress-nginx created | |
role.rbac.authorization.k8s.io/ingress-nginx created | |
rolebinding.rbac.authorization.k8s.io/ingress-nginx created | |
service/ingress-nginx-controller-admission created | |
service/ingress-nginx-controller created | |
daemonset.apps/ingress-nginx-controller created | |
validatingwebhookconfiguration.admissionregistration.k8s.io/ingress-nginx-admission created | |
clusterrole.rbac.authorization.k8s.io/ingress-nginx-admission created | |
clusterrolebinding.rbac.authorization.k8s.io/ingress-nginx-admission created | |
job.batch/ingress-nginx-admission-create created | |
job.batch/ingress-nginx-admission-patch created | |
role.rbac.authorization.k8s.io/ingress-nginx-admission created | |
rolebinding.rbac.authorization.k8s.io/ingress-nginx-admission created | |
serviceaccount/ingress-nginx-admission created | |
root@Qist:/mnt/g/work/ipv6/1# kubectl get pod | |
NAME READY STATUS RESTARTS AGE | |
ingress-nginx-admission-create-f8hv4 0/1 Completed 0 43m | |
ingress-nginx-admission-patch-6gnrp 0/1 Completed 0 43m | |
ingress-nginx-controller-4rlp6 1/1 Running 7 28m | |
ingress-nginx-controller-bsr9s 1/1 Running 7 28m | |
ingress-nginx-controller-gvgpw 1/1 Running 7 28m | |
ingress-nginx-controller-h8mm2 1/1 Running 4 19m | |
ingress-nginx-controller-v8vhl 0/1 ContainerCreating 0 7m26s | |
# 等待pod runing | |
# 查看endpoints 是否有数据如果kubelet 参数node-ip 为ipv6地址 | |
# service 没添加 ipFamily: IPv6 | |
root@Qist:/mnt/g/work/ipv6/1# kubectl describe endpoints ingress-nginx-controller | |
Name: ingress-nginx-controller | |
Namespace: ingress-nginx | |
Labels: app.kubernetes.io/component=controller | |
app.kubernetes.io/instance=ingress-nginx | |
app.kubernetes.io/managed-by=Helm | |
app.kubernetes.io/name=ingress-nginx | |
app.kubernetes.io/version=0.32.0 | |
helm.sh/chart=ingress-nginx-2.1.0 | |
service.kubernetes.io/headless= | |
Annotations: endpoints.kubernetes.io/last-change-trigger-time: 2020-05-08T17:28:42+08:00 | |
Subsets: | |
Events: <none> | |
root@Qist:/mnt/g/work/ipv6/1# kubectl describe endpoints ingress-nginx-controller | |
Name: ingress-nginx-controller | |
Namespace: ingress-nginx | |
Labels: app.kubernetes.io/component=controller | |
app.kubernetes.io/instance=ingress-nginx | |
app.kubernetes.io/managed-by=Helm | |
app.kubernetes.io/name=ingress-nginx | |
app.kubernetes.io/version=0.32.0 | |
helm.sh/chart=ingress-nginx-2.1.0 | |
service.kubernetes.io/headless= | |
Annotations: endpoints.kubernetes.io/last-change-trigger-time: 2020-05-08T17:28:42+08:00 | |
Subsets: | |
Events: <none> | |
# endpoints 为空 webhook 报错 service 添加ipFamily: IPv6 | |
root@Qist:/mnt/g/work/ipv6/1# kubectl -n ingress-nginx get endpoints | |
NAME ENDPOINTS AGE | |
ingress-nginx-controller [fc00:bd4:efa8:1001:5054:ff:fe47:357b]:443,[fc00:bd4:efa8:1001:5054:ff:fe49:9888]:443,[fc00:bd4:efa8:1001:5054:ff:fe7f:7551]:443 + 7 more... 35m | |
ingress-nginx-controller-admission [fc00:bd4:efa8:1001:5054:ff:fe47:357b]:8443,[fc00:bd4:efa8:1001:5054:ff:fe49:9888]:8443,[fc00:bd4:efa8:1001:5054:ff:fe7f:7551]:8443 + 2 more... 35m | |
# 能正常获取pod 端口及IP |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment