1.Helm安装,可参考:Helm安装
2.下载 Ingress Nginx Controller 安装包
添加一个新的仓库,并且将其命名为ingress-nginx
[root@k8s-master01 ~]# helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
查看仓库列表,观察到新的仓库已添加
[root@k8s-master01 ~]# helm repo list
NAME URL
ingress-nginx https://kubernetes.github.io/ingress-nginx
更新仓库信息
[root@k8s-master01 ~]# helm repo update
下载ingress-nginx版本之前,我们需要先打开ingress-nginx的Github官网确认自身集群版本,这里k8s集群版本为1.23.17,选择ingress-nginx版本是4.3.0
[root@k8s-master01 ~]# helm pull ingress-nginx/ingress-nginx --version 4.3.0
3.修改values.yaml
[root@k8s-master01 ~]# tar xf ingress-nginx-4.3.0.tgz
[root@k8s-master01 ~]# cd ingress-nginx
[root@k8s-master01 ingress-nginx]# vim values.yaml
修改Controller 和 admissionWebhook 的镜像地址,需要将公网镜像同步到国有镜像
#Controller镜像地址
image:
registry: registry.cn-hangzhou.aliyuncs.com
image: abroad_images/controller
tag: "v1.4.0"
#admissionWebhook镜像地址
image:
registry: registry.cn-hangzhou.aliyuncs.com
image: abroad_images/kube-webhook-certgen
tag: v20220916-gd32f8c343
#defaultbackend镜像地址
image:
registry: registry.cn-hangzhou.aliyuncs.com
image: abroad_images/defaultbackend-amd64
tag: "1.5"
将镜像的所有 digest 值注释
#digest: sha256:39c5b2e3310dc4264d638ad28d9d1d96c4cbb2b2dcfb52368fe4e3c63f61e10f
#digest: sha256:34ee929b111ffc7aa426ffd409af44da48e5a0eea1eb2207994d9e0c0882d143
#digestChroot: sha256:b67e889f1db8692de7e41d4d9aef8de56645bf048261f31fa7f8bfc6ea2222a0
hostNetwork 由false设置为 true
hostNetwork: true
dnsPolicy 由ClusterFirst设置为 ClusterFirstWithHostNet
dnsPolicy: ClusterFirstWithHostNet
NodeSelector 处在原来的基础上添加 ingress: "true"部署至指定节点
nodeSelector:
kubernetes.io/os: linux
ingress: "true"
类型由Deployment更改为 DaemonSet,用于确保在Kubernetes集群的每个节点上都部署一个ingress-nginx的副本
kind: DaemonSet
将ingress nginx 设置为默认的 ingressClass,即将default由false设置为true
ingressClassResource:
name: nginx
enabled: true
default: true
controllerValue: "k8s.io/ingress-nginx"
4.给node02节点打上ingress=true的标签
[root@k8s-master01 ingress-nginx]# kubectl label node k8s-node02 ingress=true
5.部署 ingress
[root@k8s-master01 ingress-nginx]# kubectl create ns ingress-nginx
[root@k8s-master01 ingress-nginx]# helm install ingress-nginx -n ingress-nginx .
6.查看pod节点情况
[root@k8s-master01 ingress-nginx]# kubectl get po -n ingress-nginx
NAME READY STATUS RESTARTS AGE
ingress-nginx-controller-n8nxd 1/1 Running 0 2m10s
7.登录node02节点,查看是否开放80端口以及nginx服务
[root@k8s-master01 ingress-nginx]# ssh k8s-node02
[root@k8s-node02 ~]# netstat -lntp | grep 80
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 124330/nginx: maste
tcp6 0 0 :::80 :::* LISTEN 124330/nginx: maste
[root@k8s-node02 ~]# ps -aux | grep nginx
101 124298 0.0 0.0 208 4 ? Ss 15:45 0:00 /usr/bin/dumb-init -- /nginx-ingress-controller --publish-service=ingress-nginx/ingress-nginx-controller --election-id=ingress-controller-leader --controller-class=k8s.io/ingress-nginx --configmap=ingress-nginx/ingress-nginx-controller --validating-webhook=:8443 --validating-webhook-certificate=/usr/local/certificates/cert --validating-webhook-key=/usr/local/certificates/key
101 124309 1.0 1.1 743088 47508 ? Ssl 15:45 0:02 /nginx-ingress-controller --publish-service=ingress-nginx/ingress-nginx-controller --election-id=ingress-controller-leader --controller-class=k8s.io/ingress-nginx --configmap=ingress-nginx/ingress-nginx-controller --validating-webhook=:8443 --validating-webhook-certificate=/usr/local/certificates/cert --validating-webhook-key=/usr/local/certificates/key
101 124330 0.1 0.9 145116 36388 ? S 15:45 0:00 nginx: master process /usr/local/nginx/sbin/nginx -c /etc/nginx/nginx.conf
101 124335 0.0 1.0 156760 40432 ? Sl 15:45 0:00 nginx: worker process
101 124336 0.1 1.0 156760 40432 ? Sl 15:45 0:00 nginx: worker process
101 124337 0.1 1.0 156760 40432 ? Sl 15:45 0:00 nginx: worker process
101 124338 0.1 1.0 156760 40676 ? Sl 15:45 0:00 nginx: worker process
101 124339 0.0 0.7 143092 29116 ? S 15:45 0:00 nginx: cache manager process
root 126580 0.0 0.0 112836 2328 pts/0 S+ 15:49 0:00 grep --color=auto nginx