Ingress API란?
- HTTP나 HTTPS를 통해 클러스터 내부의 서비스를 외부로 노출
- 기능
- Service에 외부 URL을 제공
- 트래픽을 로드밸런싱
- SSL 인증서 처리
- Virtural hosting을 지정
Ingress controller 동작 방식
<이미지 출처 : [따배쿠] 8-1 Kubernetes Ingress 개념과 Ingress Controller 설치! >
Nginx Ingress controller 설치
kubectl apply -f <https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.2.0/deploy/static/provider/baremetal/deploy.yaml>
- 설치 확인
kubectl get pod --namespace ingress-nginx
NAME READY STATUS RESTARTS AGE
ingress-nginx-admission-create-qxcsn 0/1 Completed 0 99s
ingress-nginx-admission-patch-zw5bb 0/1 Completed 1 99s
ingress-nginx-controller-6b864cf6dd-rtr6l 1/1 Running 0 99s
kubectl get service --namespace ingress-nginx
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ingress-nginx-controller NodePort 10.111.64.176 <none> 80:32337/TCP,443:30606/TCP 2m7s
ingress-nginx-controller-admission ClusterIP 10.106.201.197 <none> 443/TCP 2m7s
[ Hands - on ] : 웹페이지 구현하기
- Installation Guide - NGINX Ingress Controller 에서 nginx ingress controller yaml 파일 다운로드
curl <https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.2.0/deploy/static/provider/baremetal/deploy.yaml>
- nodeport 수정
- 외부에서 loadbalancer로 port-forwarding 하기 위해서는 고정된 port를 사용해야 함.
vi depoly.yaml
...
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/component: controller
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
app.kubernetes.io/version: 1.2.0
name: ingress-nginx-controller
namespace: ingress-nginx
spec:
ports:
- appProtocol: http
name: http
port: 80
protocol: TCP
targetPort: http
nodePort: 30100 #nodeport 지정
- appProtocol: https
name: https
port: 443
protocol: TCP
targetPort: https
nodePort: 30200 #nodeport 지정
selector:
app.kubernetes.io/component: controller
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/name: ingress-nginx
type: NodePort
...
- 생성 확인
kubectl get all --namespace ingress-nginx
NAME READY STATUS RESTARTS AGE
pod/ingress-nginx-admission-create-zpn8p 0/1 Completed 0 58s
pod/ingress-nginx-admission-patch-p9cc8 0/1 Completed 1 58s
pod/ingress-nginx-controller-6b864cf6dd-vcssn 1/1 Running 0 58s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/ingress-nginx-controller NodePort 10.98.3.126 <none> 80:30100/TCP,443:30200/TCP 58s
service/ingress-nginx-controller-admission ClusterIP 10.111.157.100 <none> 443/TCP 58s
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/ingress-nginx-controller 1/1 1 1 58s
NAME DESIRED CURRENT READY AGE
replicaset.apps/ingress-nginx-controller-6b864cf6dd 1 1 1 58s
NAME COMPLETIONS DURATION AGE
job.batch/ingress-nginx-admission-create 1/1 7s 58s
job.batch/ingress-nginx-admission-patch 1/1 6s 58s
- default namespace를 변경하기 위한 context 추가
kubectl config set-context ingres-admin@kubernetes --cluster=kubernetes --user=kubernetes-admin --namespace ingress-nginx
- context 확인
kubectl config view
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: DATA+OMITTED
server: <https://10.100.0.104:6443>
name: kubernetes
contexts:
- context:
cluster: kubernetes
namespace: ingress-nginx
user: kubernetes-admin
name: ingres-admin@kubernetes
- context:
cluster: kubernetes
user: kubernetes-admin
name: kubernetes-admin@kubernetes
current-context: kubernetes-admin@kubernetes
kind: Config
preferences: {}
users:
- name: kubernetes-admin
user:
client-certificate-data: REDACTED
client-key-data: REDACTED
- default namespace 변경 및 확인
kubectl config use-context ingres-admin@kubernetes
kubectl get pod
NAME READY STATUS RESTARTS AGE
ingress-nginx-admission-create-zpn8p 0/1 Completed 0 74m
ingress-nginx-admission-patch-p9cc8 0/1 Completed 1 74m
ingress-nginx-controller-6b864cf6dd-vcssn 1/1 Running 0 74m
- web service 실행
vi marvel-home.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: marvel-home
spec:
replicas: 1
selector:
matchLabels:
name: marvel
template:
metadata:
labels:
name: marvel
spec:
containers:
- image: smlinux/marvel-collection
name: marvel-container
ports:
- containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: marvel-service
spec:
ports:
- port: 80
protocol: TCP
targetPort: 80
selector:
name: marvel
vi pay.yaml
apiVersion: v1
kind: ReplicationController
metadata:
name: pay-rc
spec:
replicas: 3
template:
metadata:
labels:
app: pay
spec:
containers:
- image: smlinux/pay
name: pay
ports:
- containerPort: 8080
---
apiVersion: v1
kind: Service
metadata:
name: pay-service
spec:
ports:
- port: 80
targetPort: 8080
selector:
app: pay
kubectl create -f marvel-home.yaml -f pay.yaml
- web service 확인
kubectl get all
NAME READY STATUS RESTARTS AGE
pod/ingress-nginx-admission-create-zpn8p 0/1 Completed 0 87m
pod/ingress-nginx-admission-patch-p9cc8 0/1 Completed 1 87m
pod/ingress-nginx-controller-6b864cf6dd-vcssn 1/1 Running 0 87m
pod/marvel-home-8595d4c47d-wj6t4 1/1 Running 0 34s
pod/pay-rc-5vtzx 1/1 Running 0 34s
pod/pay-rc-8w5dg 1/1 Running 0 34s
pod/pay-rc-nc4ft 1/1 Running 0 34s
NAME DESIRED CURRENT READY AGE
replicationcontroller/pay-rc 3 3 3 34s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/ingress-nginx-controller NodePort 10.98.3.126 <none> 80:30100/TCP,443:30200/TCP 87m
service/ingress-nginx-controller-admission ClusterIP 10.111.157.100 <none> 443/TCP 87m
service/marvel-service ClusterIP 10.99.6.151 <none> 80/TCP 34s
service/pay-service ClusterIP 10.100.200.245 <none> 80/TCP 34s
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/ingress-nginx-controller 1/1 1 1 87m
deployment.apps/marvel-home 1/1 1 1 34s
NAME DESIRED CURRENT READY AGE
replicaset.apps/ingress-nginx-controller-6b864cf6dd 1 1 1 87m
replicaset.apps/marvel-home-8595d4c47d 1 1 1 34s
NAME COMPLETIONS DURATION AGE
job.batch/ingress-nginx-admission-create 1/1 7s 87m
job.batch/ingress-nginx-admission-patch 1/1 6s 87m
- Ingress 구성
vi ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: marvel-ingress
annotations:
kubernetes.io/ingress.class: nginx
spec:
rules:
- http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: marvel-service
port:
number: 80
- pathType: Prefix
path: "/pay"
backend:
service:
name: pay-service
port:
number: 80
kubectl create -f ingress.yaml
- Ingress 확인
kubectl describe ingress marvel-ingress
NAME CLASS HOSTS ADDRESS PORTS AGE
marvel-ingress <none> * 80 66s
root@master:~/Getting-Start-Kubernetes/8/webserver-demo/ingress# kubectl describe ingress marvel-ingress
Name: marvel-ingress
Labels: <none>
Namespace: ingress-nginx
Address:
Ingress Class: <none>
Default backend: <default>
Rules:
Host Path Backends
---- ---- --------
*
/ marvel-service:80 (192.168.11.77:80)
/pay pay-service:80 (192.168.11.78:8080,192.168.11.79:8080,192.168.221.15:8080)
Annotations: <none>
Events: <none>
- web service 접속
curl 10.98.3.126
curl 10.98.3.126/pay
참고 :
'INFRA > DevOps' 카테고리의 다른 글
| SRE란 무엇인가? (0) | 2022.12.19 |
|---|---|
| Devops란 무엇인가? (0) | 2022.12.19 |
| [k8s] Kube-proxy (0) | 2022.12.12 |
| GitOps와 ArgoCD란? (0) | 2022.12.11 |
| Amazon GameLift 란? (0) | 2022.12.11 |
댓글