在ServerlessKubernetes(ASK)集群中使用NginxIngress

编程

ASK: Alibaba Cloud Serverless Kubernetes

导读

不同于阿里云ACK集群默认通过nginx-ingress-controller提供ingress能力,在ASK(Serverless Kubernetes)集群中默认基于SLB七层转发提供ingress能力(请参考文档https://help.aliyun.com/document_detail/86398.html)。这样的优势是Serverless集群开箱即用,用户无需部署任何controller即可创建自己的Ingress资源,更符合Serverless环境的用法。

然而基于SLB七层转发的ingress与nginx-ingress-controller相比,缺少了一些高级Ingress功能,无法满足某些客户场景的需求,比如支持域名path的正则匹配等。

所以ASK集群也提供了与ACK集群同样的nginx-ingress-controller,供用户使用nginx提供的ingress转发能力。用户可以根据自己的需求决定选择两者之一。下面我们一起来尝试在ASK集群中使用nginx-ingress。

部署nginx-ingress-controller

在ASK集群中部署yaml文件:
https://github.com/AliyunContainerService/serverless-k8s-examples/blob/master/ingress-nginx/nginx-ingress-controller.yaml

#kubectl apply -f https://raw.githubusercontent.com/AliyunContainerService/serverless-k8s-examples/master/ingress-nginx/nginx-ingress-controller.yaml

service/nginx-ingress-lb created

configmap/nginx-configuration created

configmap/tcp-services created

configmap/udp-services created

serviceaccount/nginx-ingress-controller created

clusterrole.rbac.authorization.k8s.io/nginx-ingress-controller created

clusterrolebinding.rbac.authorization.k8s.io/nginx-ingress-controller created

deployment.apps/nginx-ingress-controller created

# kubectl -n kube-system get pod

NAME READY STATUS RESTARTS AGE

nginx-ingress-controller-c9d8697f6-n4bzs 0/1 Running 0 52s

nginx-ingress-controller-c9d8697f6-p8p6j 0/1 Running 0 52s

# kubectl -n kube-system get svc

NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE

metrics-server ClusterIP 172.19.4.171 <none> 443/TCP 72d

nginx-ingress-lb LoadBalancer 172.19.6.118 47.93.131.72 80:32676/TCP,443:30256/TCP 116s

可以看到一个公网slb已经被创建出来(后端是两个nginx-ingress-controller pod),这是集群中所有ingress的入口IP地址。

部署Ingress示例

我们同样提供了简单的Coffee和Tea Ingress示例:https://github.com/AliyunContainerService/serverless-k8s-examples/blob/master/ingress-nginx/ingress-cafe-demo.yaml

需要注意的是Ingress中需要指定如下Annotation,才能保证ingress被nginx-ingress-controller正确处理。
kubernetes.io/ingress.class:nginx

# kubectl apply -f https://raw.githubusercontent.com/AliyunContainerService/serverless-k8s-examples/master/ingress-nginx/ingress-cafe-demo.yamldeployment.extensions/coffee created

service/coffee-svc created

deployment.extensions/tea created

service/tea-svc created

ingress.extensions/cafe-ingress created

# kubectl get pod

NAME READY STATUS RESTARTS AGE

coffee-56668d6f78-g7g6p 1/1 Running 0 88s

coffee-56668d6f78-x9ktc 1/1 Running 0 88s

tea-85f8bf86fd-477d2 1/1 Running 0 88s

tea-85f8bf86fd-jlq6b 1/1 Running 0 88s

tea-85f8bf86fd-p4ng4 1/1 Running 0 88s

# kubectl get svc

NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE

coffee-svc ClusterIP None <none> 80/TCP 102s

kubernetes ClusterIP 172.19.0.1 <none> 443/TCP 72d

tea-svc ClusterIP None <none> 80/TCP 102s

# kubectl get ing

NAME HOSTS ADDRESS PORTS AGE

cafe-ingress cafe.example.com 47.93.131.72 80 2m1s

pod和ingress都已创建成功,下面我们尝试访问Ingress:

# curl -H "Host:cafe.example.com" 47.93.131.72/tea

Server address: 192.168.55.159:80

Server name: default-tea-85f8bf86fd-p4ng4

Date: 14/Nov/2019:09:01:46 +0000

URI: /tea

Request ID: 2c3a87eb89130d62664b640fcbabc74b

# curl -H "Host:cafe.example.com" 47.93.131.72/coffee

Server address: 192.168.55.156:80

Server name: default-coffee-56668d6f78-x9ktc

Date: 14/Nov/2019:09:01:49 +0000

URI: /coffee

Request ID: a4f1d84bb5288a260ecfc5d21ecccff6

Ingress链路访问成功,可以看到上述域名转发由nginx ingress controller完成。

当运行上述示例成功后,记得清理集群中的ingress:
kubectl delete -f https://raw.githubusercontent.com/AliyunContainerService/serverless-k8s-examples/master/ingress-nginx/ingress-cafe-demo.yaml

更多ASK集群示例请参考:https://github.com/AliyunContainerService/serverless-k8s-examples

 

阅读原文

本文为云栖社区原创内容,未经允许不得转载。

以上是 在ServerlessKubernetes(ASK)集群中使用NginxIngress 的全部内容, 来源链接: utcz.com/z/510797.html

回到顶部