1 apiversion: extensions/v1beta1 2 kind: daemonset 3 metadata: 4 name: nginx-ingress-lb 5 labels: 6 name: nginx-ingress-lb 7 namespace: default 8 spec: 9 template: 10 metadata: 11 labels: 12 name: nginx-ingress-lb 13 spec: 14 terminationgraceperiodseconds: 60 15 containers: 16 - image: gcr.azk8s.cn/google_containers/nginx-ingress-controller:0.9.0-beta.2 17 name: nginx-ingress-lb 18 readinessprobe: 19 httpget: 20 path: /healthz 21 port: 10254 22 scheme: http 23 livenessprobe: 24 httpget: 25 path: /healthz 26 port: 10254 27 scheme: http 28 initialdelayseconds: 10 29 timeoutseconds: 1 30 ports: 31 - containerport: 80 32 hostport: 80 33 - containerport: 443 34 hostport: 443 35 env: 36 - name: pod_name 37 valuefrom: 38 fieldref: 39 fieldpath: metadata.name 40 - name: pod_namespace 41 valuefrom: 42 fieldref: 43 fieldpath: metadata.namespace 44 args: 45 - /nginx-ingress-controller 46 - --default-backend-service=$(pod_namespace)/default-http-backend
1 apiversion: extensions/v1beta1 2 kind: deployment 3 metadata: 4 name: default-http-backend 5 labels: 6 k8s-app: default-http-backend 7 namespace: default 8 spec: 9 replicas: 1 10 template: 11 metadata: 12 labels: 13 k8s-app: default-http-backend 14 spec: 15 terminationgraceperiodseconds: 60 16 containers: 17 - name: default-http-backend 18 image: gcr.azk8s.cn/google_containers/defaultbackend:1.0 19 livenessprobe: 20 httpget: 21 path: /healthz 22 port: 8080 23 scheme: http 24 initialdelayseconds: 30 25 timeoutseconds: 5 26 ports: 27 - containerport: 8080 28 resources: 29 limits: 30 cpu: 10m 31 memory: 20mi 32 requests: 33 cpu: 10m 34 memory: 20mi 35 --- 36 apiversion: v1 37 kind: service 38 metadata: 39 name: default-http-backend 40 namespace: default 41 labels: 42 k8s-app: default-http-backend 43 spec: 44 ports: 45 - port: 80 46 targetport: 8080 47 selector: 48 k8s-app: default-http-backend
1 apiversion: extensions/v1beta1 2 kind: ingress 3 metadata: 4 name: mywebsite-ingress 5 spec: 6 rules: 7 - host: mywebsite.com 8 http: 9 paths: 10 - path: /demo 11 backend: 12 servicename: myweb 13 serviceport: 8080
1 pod 2 name ready status restarts age 3 …… 4 mysql-m652j 1/1 running 0 21m #入门实例中的mysql,用于测试 5 myweb-gnhk4 1/1 running 0 20m 6 myweb-vzg58 1/1 running 0 20m #入门实例中的myweb,用于测试 7 nginx-ingress-lb-6mj49 1/1 running 0 16m 8 nginx-ingress-lb-7z74c 1/1 running 0 16m 9 nginx-ingress-lb-9wlpd 1/1 running 0 16m 10 nginx-ingress-lb-flgvs 1/1 running 0 16m 11 nginx-ingress-lb-gcczc 1/1 running 0 16m 12 nginx-ingress-lb-hcfg6 1/1 running 0 16m #2.1中的ingress-lb
1 svc 2 name type cluster-ip external-ip port(s) 3 default-http-backend clusterip 10.254.236.120 <none> 80/tcp #默认的backend svc 4 …… 5 mysql clusterip 10.254.84.247 <none> 3306/tcp #入门实例中的mysql svc,用于测试 6 myweb nodeport 10.254.119.124 <none> 8080:30001/tcp #入门实例中的myweb svc,用于测试
1 ingress 2 name hosts address ports age 3 mywebsite-ingress mywebsite.com 80 9m12s
1 apiversion: extensions/v1beta1 2 kind: ingress 3 metadata: 4 name: test-ingress 5 spec: 6 backend: 7 servicename: myweb 8 serviceport: 8080
1 apiversion: extensions/v1beta1 2 kind: ingress 3 metadata: 4 name: test-ingress 5 spec: 6 rules: 7 - host: mywebsite.com 8 http: 9 paths: 10 - path: /demo 11 backend: 12 servicename: myweb 13 serviceport: 8080 14 - path: /api 15 backend: 16 servicename: myapi 17 serviceport: 8081
1 apiversion: extensions/v1beta1 2 kind: ingress 3 metadata: 4 name: test-ingress 5 spec: 6 rules: 7 - host: foo.bar.com 8 http: 9 paths: 10 - backend: 11 servicename: service1 12 serviceport: 8080 13 - host: bar.foo.com 14 http: 15 paths: 16 - backend: 17 servicename: service2 18 serviceport: 8080
1 apiversion: extensions/v1beta1 2 kind: ingress 3 metadata: 4 name: test-ingress 5 spec: 6 rules: 7 - http: 8 paths: 9 - path: /demo 10 backend: 11 servicename: myweb 12 serviceport: 8080
1 …… 2 if (%pass_access_scheme = http) { 3 return 301 https://$best_http_host$request_uri; 4 } 5 ……
1 apiversion: extensions/v1beta1 2 kind: ingress 3 metadata: 4 name: test-ingress 5 annotations: 6 ingress.kubernetes.io/ssl-redirect: "false" 7 spec: 8 rules: 9 - http: 10 paths: 11 - path: /demo 12 backend: 13 servicename: myweb 14 serviceport: 8080
1 [root@k8smaster01 study]# openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout tls.key -out tls.crt -subj "/cn=mywebsite.com"
1 apiversion: v1 2 kind: secret 3 metadata: 4 name: mywebsite-ingress-secret 5 namespace: default 6 type: kubernetes.io/tls 7 data: 8 tls.crt: miidazccaeugawibagijap5fwrsnh3mmma0gcsqgsib3dqebcwuambgxfjaubgnvbammdw15d2vic2l0zs5jb20whhcnmtkxmti2mdkxoda2whcnmjkxmtizmdkxoda2wjaymrywfaydvqqdda1texdlynnpdguuy29tmiibijanbgkqhkig9w0baqefaaocaq8amiibcgkcaqeawxh45nxbk3rod1dl6nwa+pggqwcty3mcu57rynftq2mooz0l53kml9culau4ojqk7yvi6rkhtnp5kmnzfrdrsl5cx44wito3xa2gto7r7t7prtwodskgqqiz0ydw0ya1tpkofbca9vphojxhal77s2yug1szrosuu0sl3h0v8xunkiiupzrczbqgfuer7zduatfqbjrkhuwipiq9/7n4yvj35chhhwco4kup4rl6l5lzqegyxx2vksggwcmjor2d+8qiv3t5hprzckrsnwdwvpz9ipa8it6yl9lmk9cmovcb9mxklbhm0fs2/s8vvyrct7go0pyiyq2ugiqibbiz0qidaqabo1awtjadbgnvhq4efgqu/ji8brdqf54yhoxkfxqgpeepupywhwydvr0jbbgwfoau/ji8brdqf54yhoxkfxqgpeepupywdaydvr0tbauwaweb/zanbgkqhkig9w0baqsfaaocaqeaen95smud4mg9zqan7r1/ftt2oktxofj7q9x5ccoldyjmbv8whbs0/of0noywdsljirrf0xuwkswvmfpprjine/4c8nypdpdausxcs2fesvvbl5dw45j6rbiafknyoc9wtwtpr88oes82y7wlrgvml83bc9b5cb+hnjzpowparguvpzezxcqw3vq088axdyozbv27rwnkncfwkve+tf+vt3zd0fedoycty94hrfrzjkimradrnel4+w4j+dymjwuy4cefsww7pb/antwtcjqwbtuwyqvntig9+vchz+yjrzg1p/ainkl4j/qms1cvcn2zkvfyzs5ddlix1wvsi93c3a== 13 tls.key: miievgibadanbgkqhkig9w0baqefaascbkgwggskageaaoibaqddghjmfegtde4puoxo1zr48abbzy3lcxy7nthi0vndyw45nsxneqwv1y4tq7g4mqtvk8jqsqg00/mqw3mwt2uwvlxfjjai07dcdya07uvu3s+tpcgoyqapclptipdrhrvomq4vsid1wmginccavvuzzhqbwxms5jrtrivcfs/zfscoijq/nelmgoyvr5hvmo4bmvbuouqdrai8hd3/ufhhwpfkkeefzyjis4/hevqxmvmp6bjhha+rkazzyymivz37xck/e3kc+tlwqtkdz1a+ln0g8dyjppix2wat1yahvwh2zesvugbr+zb9ly+/ksk3sy7q/ijjda4ajagfshnragmbaaecggeakfayo1gvnmh9kmcgotnykdqtyk/vuijauriaoyq1z8jagagvqx1lvv7zvdct4m5iamhdxgtg6qkagqvb9mg16pgm2nnirg+fbdbts1ljoxqjqykzdgurkuarggfiian6n2f8/zjzm1mxrxl5qffmvscrbhqqnb8nxwvc+rsniecx7uq1ngjhfabfywwvrt8ppjxkn35+bbfuekppf4sh3hf7b7+azzep7y32axutjuh8mkxo98qj22kzja4zzi96o/q2s10cxv13x7fholantxha5qww7lynwm4q7dkvz0gf2yd59/nry3p6oggakbcdtr9t11bbeymoqyx1bydkoqkbgqd+rrbkqq8b24zrppu3jfandg9ikyjmejdxqzpugnjexkdwa/ge37byzgjkf2bwpucjb7gzt6phenyhtxp1zwc1im0r10qrhi5+j+dftalejdzm/sriita5qvluwy+gikfdmbwa1d4frl93divexfj153lrchshjclwk15gwc1ixqkbgqdebe7waepmzotov2xrfrykniev7u7acy8gfxtbt5hrif89gjympyyf8e6+s/k3/hksp2pswdz35k8ax0oqrk2lvae9dxa+sjnwxntam8ormdg9xopd8vvulrivuvxzftcxxgkindznc78f3nzprgckeeq2jlqquvijqlpoc1nwbqkbgcl0odoxza7wc7iqtpw43zbrb69hgh5ldgicwu3zn+rd6vsjx/h0jfobzgdbeiwpzmtz9hiebcrgisistwfm9l/pdwxvzhn+qwkmhlnknxpphmv265pidfo958spxcsbo5vkhbfrjqksffop0g1ae/stqk+v/2d58hsy9or6gcftaogbajevpgiafda46astre/obqylx/esof3thjr8lohpfg7dfkizrdaerp+v5r7wxam/ggvkn6h1mbfeu4pg4010nkpwb8jpjyo7o5d8kbfkylxrr3e9c1lbokzebv7foyomb0vqe36lcczlojw8dgunzh03mprn/+yrvneibvx94rzbaogbaipirteuaxdzwtuh2i0uprbevymjqwzgu4bcqnavcp/wwery2o7tpgusryd5alg0vpmu0tkmawj7wejbs9kyjnnvlfmler771aige/cl4lp3ijvshaqefpob3hkoc0lr2cw0jh6wx1b1mt5ymiilxyn3aamu790hbwyswjrxkmay
1 apiversion: extensions/v1beta1 2 kind: ingress 3 metadata: 4 name: mywebsite-ingress-tls 5 spec: 6 tls: 7 - hosts: 8 - mywebsite.com 9 secretname: mywebsite-ingress-secret 10 rules: 11 - host: mywebsite.com 12 http: 13 paths: 14 - path: /demo 15 backend: 16 servicename: myweb 17 serviceport: 8080
1 [req] 2 req_extensions = v3_req 3 distinguished_name = req_distinguished_name 4 [req_distinguished_name] 5 [ v3_req ] 6 basicconstraints = ca:false 7 keyusage = nonrepudiation, digitalsignature, keyencipherment 8 subjectaltname = @alt_names 9 [alt_names] 10 dns.1 = mywebsite.com 11 dns.2 = mywebsite2.com
如对本文有疑问, 点击进行留言回复!!
linux下文本编辑器vim的使用方法(复制、粘贴、替换、行号、撤销、多文件操作)
网友评论