在ServerlessKubernetes(ASK)集群中使用NginxIngress
ASK: Alibaba Cloud Serverless Kubernetes
导读
不同于阿里云ACK集群默认通过nginx-ingress-controller提供ingress能力,在ASK(Serverless Kubernetes)集群中默认基于SLB七层转发提供ingress能力(请参考文档https://help.aliyun.com/document_detail/86398.html)。这样的优势是Serverless集群开箱即用,用户无需部署任何controller即可创建自己的Ingress资源,更符合Serverless环境的用法。
然而基于SLB七层转发的ingress与nginx-ingress-controller相比,缺少了一些高级Ingress功能,无法满足某些客户场景的需求,比如支持域名path的正则匹配等。
所以ASK集群也提供了与ACK集群同样的nginx-ingress-controller,供用户使用nginx提供的ingress转发能力。用户可以根据自己的需求决定选择两者之一。下面我们一起来尝试在ASK集群中使用nginx-ingress。
部署nginx-ingress-controller
在ASK集群中部署yaml文件:
https://github.com/AliyunContainerService/serverless-k8s-examples/blob/master/ingress-nginx/nginx-ingress-controller.yaml
#kubectl apply -f https://raw.githubusercontent.com/AliyunContainerService/serverless-k8s-examples/master/ingress-nginx/nginx-ingress-controller.yamlservice/nginx-ingress-lb created
configmap/nginx-configuration created
configmap/tcp-services created
configmap/udp-services created
serviceaccount/nginx-ingress-controller created
clusterrole.rbac.authorization.k8s.io/nginx-ingress-controller created
clusterrolebinding.rbac.authorization.k8s.io/nginx-ingress-controller created
deployment.apps/nginx-ingress-controller created
# kubectl -n kube-system get pod
NAME READY STATUS RESTARTS AGE
nginx-ingress-controller-c9d8697f6-n4bzs 0/1 Running 0 52s
nginx-ingress-controller-c9d8697f6-p8p6j 0/1 Running 0 52s
# kubectl -n kube-system get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
metrics-server ClusterIP 172.19.4.171 <none> 443/TCP 72d
nginx-ingress-lb LoadBalancer 172.19.6.118 47.93.131.72 80:32676/TCP,443:30256/TCP 116s
可以看到一个公网slb已经被创建出来(后端是两个nginx-ingress-controller pod),这是集群中所有ingress的入口IP地址。
部署Ingress示例
我们同样提供了简单的Coffee和Tea Ingress示例:https://github.com/AliyunContainerService/serverless-k8s-examples/blob/master/ingress-nginx/ingress-cafe-demo.yaml
需要注意的是Ingress中需要指定如下Annotation,才能保证ingress被nginx-ingress-controller正确处理。
kubernetes.io/ingress.class:nginx
# kubectl apply -f https://raw.githubusercontent.com/AliyunContainerService/serverless-k8s-examples/master/ingress-nginx/ingress-cafe-demo.yamldeployment.extensions/coffee createdservice/coffee-svc created
deployment.extensions/tea created
service/tea-svc created
ingress.extensions/cafe-ingress created
# kubectl get pod
NAME READY STATUS RESTARTS AGE
coffee-56668d6f78-g7g6p 1/1 Running 0 88s
coffee-56668d6f78-x9ktc 1/1 Running 0 88s
tea-85f8bf86fd-477d2 1/1 Running 0 88s
tea-85f8bf86fd-jlq6b 1/1 Running 0 88s
tea-85f8bf86fd-p4ng4 1/1 Running 0 88s
# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
coffee-svc ClusterIP None <none> 80/TCP 102s
kubernetes ClusterIP 172.19.0.1 <none> 443/TCP 72d
tea-svc ClusterIP None <none> 80/TCP 102s
# kubectl get ing
NAME HOSTS ADDRESS PORTS AGE
cafe-ingress cafe.example.com 47.93.131.72 80 2m1s
pod和ingress都已创建成功,下面我们尝试访问Ingress:
# curl -H "Host:cafe.example.com" 47.93.131.72/teaServer address: 192.168.55.159:80
Server name: default-tea-85f8bf86fd-p4ng4
Date: 14/Nov/2019:09:01:46 +0000
URI: /tea
Request ID: 2c3a87eb89130d62664b640fcbabc74b
# curl -H "Host:cafe.example.com" 47.93.131.72/coffee
Server address: 192.168.55.156:80
Server name: default-coffee-56668d6f78-x9ktc
Date: 14/Nov/2019:09:01:49 +0000
URI: /coffee
Request ID: a4f1d84bb5288a260ecfc5d21ecccff6
Ingress链路访问成功,可以看到上述域名转发由nginx ingress controller完成。
当运行上述示例成功后,记得清理集群中的ingress:
kubectl delete -f https://raw.githubusercontent.com/AliyunContainerService/serverless-k8s-examples/master/ingress-nginx/ingress-cafe-demo.yaml
更多ASK集群示例请参考:https://github.com/AliyunContainerService/serverless-k8s-examples
阅读原文
本文为云栖社区原创内容,未经允许不得转载。
以上是 在ServerlessKubernetes(ASK)集群中使用NginxIngress 的全部内容, 来源链接: utcz.com/z/510797.html
