1 安装

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
var_base=/root/helm
var_app=$var_base/ingress-nginx
var_version=4.5.2

mkdir -p $var_app
cd $var_app

helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
helm pull ingress-nginx/ingress-nginx --version $var_version
tar xf ingress-nginx-$var_version.tgz
helm show values ./ingress-nginx

kubectl label node k8s-node01 hasIngress=true
kubectl get nodes -l hasIngress=true

helm upgrade  --install --dry-run --debug \
  --namespace ingress-nginx \
  --create-namespace \
  --set controller.image.registry='docker.io' \
  --set controller.image.image='peterydd/google-containers.ingress-nginx.controller' \
  --set controller.image.tag='v1.6.4' \
  --set controller.image.digest='sha256:e727015a639975f4fc0808b91f9e88a83c60938b640ee6c2f5606ddd779c858d' \
  --set controller.admissionWebhooks.patch.image.registry='docker.io' \
  --set controller.admissionWebhooks.patch.image.image='peterydd/google-containers.ingress-nginx.kube-webhook-certgen' \
  --set controller.admissionWebhooks.patch.image.tag='v20220916-gd32f8c343' \
  --set controller.admissionWebhooks.patch.image.digest='sha256:c0e3bef270e179a5e4ab373f8ba6d57f596f3683d9d40c33ea900b19ec182ba2' \
  --set controller.opentelemetry.enabled=true \
  --set controller.opentelemetry.image='peterydd/google-containers.ingress-nginx.opentelemetry:v20230107-helm-chart-4.4.2-2-g96b3d2165@sha256:01c51d3c2570f695931e098a3c7529ad8041084e8ac56b12f0c18714bc914fb7' \
  --set controller.hostNetwork=true \
  --set controller.kind=DaemonSet \
  --set-string controller.nodeSelector.hasIngress=true \
  --set controller.service.enabled=false \
  ingress-nginx ./ingress-nginx

helm upgrade --install \
  --namespace ingress-nginx \
  --create-namespace \
  --set controller.image.registry='docker.io' \
  --set controller.image.image='peterydd/google-containers.ingress-nginx.controller' \
  --set controller.image.tag='v1.6.4' \
  --set controller.image.digest='sha256:e727015a639975f4fc0808b91f9e88a83c60938b640ee6c2f5606ddd779c858d' \
  --set controller.admissionWebhooks.patch.image.registry='docker.io' \
  --set controller.admissionWebhooks.patch.image.image='peterydd/google-containers.ingress-nginx.kube-webhook-certgen' \
  --set controller.admissionWebhooks.patch.image.tag='v20220916-gd32f8c343' \
  --set controller.admissionWebhooks.patch.image.digest='sha256:c0e3bef270e179a5e4ab373f8ba6d57f596f3683d9d40c33ea900b19ec182ba2' \
  --set controller.opentelemetry.enabled=true \
  --set controller.opentelemetry.image='peterydd/google-containers.ingress-nginx.opentelemetry:v20230107-helm-chart-4.4.2-2-g96b3d2165@sha256:01c51d3c2570f695931e098a3c7529ad8041084e8ac56b12f0c18714bc914fb7' \
  --set controller.hostNetwork=true \
  --set controller.kind=DaemonSet \
  --set-string controller.nodeSelector.hasIngress=true \
  --set controller.service.enabled=false \
  ingress-nginx ./ingress-nginx


## update
helm upgrade  --install --dry-run --debug \
  --namespace ingress-nginx \
  --create-namespace \
  --set controller.image.registry='docker.io' \
  --set controller.image.image='peterydd/google-containers.ingress-nginx.controller' \
  --set controller.image.tag='v1.6.4' \
  --set controller.image.digest='sha256:e727015a639975f4fc0808b91f9e88a83c60938b640ee6c2f5606ddd779c858d' \
  --set controller.admissionWebhooks.patch.image.registry='docker.io' \
  --set controller.admissionWebhooks.patch.image.image='peterydd/google-containers.ingress-nginx.kube-webhook-certgen' \
  --set controller.admissionWebhooks.patch.image.tag='v20220916-gd32f8c343' \
  --set controller.admissionWebhooks.patch.image.digest='sha256:c0e3bef270e179a5e4ab373f8ba6d57f596f3683d9d40c33ea900b19ec182ba2' \
  --set controller.opentelemetry.enabled=true \
  --set controller.opentelemetry.image='peterydd/google-containers.ingress-nginx.opentelemetry:v20230107-helm-chart-4.4.2-2-g96b3d2165@sha256:01c51d3c2570f695931e098a3c7529ad8041084e8ac56b12f0c18714bc914fb7' \
  --set controller.hostNetwork=true \
  --set controller.kind=DaemonSet \
  --set-string controller.nodeSelector.hasIngress=true \
  --set controller.service.enabled=false \
  --set controller.ingressClassResource.default=true \
  --set tcp.3306="test-prod/mysql-svc-headless:3306" \
  --set tcp.13306="test-dev/mysql-svc-headless:3306" \
  --set tcp.16379="test-dev/redis-svc-headless:6379" \
  ingress-nginx ./ingress-nginx

helm upgrade  --install \
  --namespace ingress-nginx \
  --create-namespace \
  --set controller.image.registry='docker.io' \
  --set controller.image.image='peterydd/google-containers.ingress-nginx.controller' \
  --set controller.image.tag='v1.6.4' \
  --set controller.image.digest='sha256:e727015a639975f4fc0808b91f9e88a83c60938b640ee6c2f5606ddd779c858d' \
  --set controller.admissionWebhooks.patch.image.registry='docker.io' \
  --set controller.admissionWebhooks.patch.image.image='peterydd/google-containers.ingress-nginx.kube-webhook-certgen' \
  --set controller.admissionWebhooks.patch.image.tag='v20220916-gd32f8c343' \
  --set controller.admissionWebhooks.patch.image.digest='sha256:c0e3bef270e179a5e4ab373f8ba6d57f596f3683d9d40c33ea900b19ec182ba2' \
  --set controller.opentelemetry.enabled=true \
  --set controller.opentelemetry.image='peterydd/google-containers.ingress-nginx.opentelemetry:v20230107-helm-chart-4.4.2-2-g96b3d2165@sha256:01c51d3c2570f695931e098a3c7529ad8041084e8ac56b12f0c18714bc914fb7' \
  --set controller.hostNetwork=true \
  --set controller.kind=DaemonSet \
  --set-string controller.nodeSelector.hasIngress=true \
  --set controller.service.enabled=false \
  --set controller.ingressClassResource.default=true \
  --set tcp.3306="test-prod/mysql-svc-headless:3306" \
  --set tcp.13306="test-dev/mysql-svc-headless:3306" \
  --set tcp.16379="test-dev/redis-svc-headless:6379" \
  ingress-nginx ./ingress-nginx

# 配置 default ingressclasses
# kubectl patch ingressclasses nginx -p '{"metadata": {"annotations":{"ingressclass.kubernetes.io/is-default-class":"true"}}}'

# 查看状态
helm -n ingress-nginx list
helm -n ingress-nginx status ingress-nginx
helm -n ingress-nginx get values ingress-nginx

# 卸载
helm -n ingress-nginx uninstall ingress-nginx

--tcp-services-configmap=ingress-nginx/tcp-services

2 Exposing TCP and UDP services

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
kubectl apply -f -<<EOF
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: mysql
  namespace: test-prod
spec:
  ingressClassName: nginx
  rules:
    - host: mysql-test-prod.example.com
      http:
        paths:
          - pathType: Prefix
            path: "/"
            backend:
              service:
                name: mysql-svc-headless
                port:
                  number: 3306
EOF

mysql-test-prod.example.com 192.168.1.211,192.168.1.212,192.168.1.213

kubectl apply -f -<<EOF
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: mysql
  namespace: test-dev
spec:
  ingressClassName: nginx
  rules:
    - host: mysql-test-dev.example.com
      http:
        paths:
          - pathType: Prefix
            path: "/"
            backend:
              service:
                name: mysql-svc-headless
                port:
                  number: 3306
EOF

mysql-test-dev.example.com 192.168.1.211,192.168.1.212,192.168.1.213

kubectl apply -f -<<EOF
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: redis
  namespace: test-dev
spec:
  ingressClassName: nginx
  rules:
    - host: redis-test-dev.example.com
      http:
        paths:
          - pathType: Prefix
            path: "/"
            backend:
              service:
                name: redis-svc-headless
                port:
                  number: 6379
EOF

redis-test-dev.example.com 192.168.1.211,192.168.1.212,192.168.1.213