...
| Code Block |
|---|
| language | yml |
|---|
| title | nginx-ingress.yaml (1) |
|---|
|
spec:
.
.
.
spec:
hostNetwork: true #----- Thanks to this instruction the controller Pod will have the same IP as the node
nodeSelector: #----- The Pod will be created inside the node
kubernetes.io/role: ingress #----- with the role "ingress" |
and uncomment the following lines, present at the end of the file, indicated below (commented by default)
| Code Block |
|---|
| language | yml |
|---|
| title | nginx-ingress.yaml (2) |
|---|
|
args:
- -nginx-configmaps=$(POD_NAMESPACE)/nginx-config
- -default-server-tls-secret=$(POD_NAMESPACE)/default-server-secret
# - -v=3 # Enables extensive logging. Useful for troubleshooting.
- -report-ingress-status #----- Uncommented
# - -external-service=nginx-ingress
#- -enable-prometheus-metrics
#- -global-configuration=$(POD_NAMESPACE)/nginx-configuration
- -enable-leader-election #----- Uncommented
#- -enable-custom-resources |
This last change will come in handy when we create the ingress resource component.
With these changes made, we can continue with the steps presented in the official Nginx guide. If all went well, we should get the input controller pod
| Code Block |
|---|
| language | bash |
|---|
| title | Ingress Controller Pod |
|---|
|
# Note that the Pod is present on the "ingress" node and has its own IP
$ kubectl get pod -n nginx-ingress -o wide
NAME READY STATUS RESTARTS AGE IP NODE
nginx-ingress-68d7b4bfdd-mw479 1/1 Running 0 20h 192.168.100.13 mycentos-ing.novalocal |
Ingress resource
We now present the ingress resource through a complete example, present in the directory downloaded from GitHub (/kubernetes-ingress/examples/complete-example). Let's move inside the complete-example directory and run the commands
| Code Block |
|---|
| language | bash |
|---|
| title | Directory complete-example |
|---|
|
$ ls
cafe-ingress.yaml cafe-secret.yaml cafe.yaml dashboard.png README.md
$ kubectl apply -f cafe.yaml
$ kubectl apply -f cafe-secret.yaml |
At this point we check that the Pods and the associated services have been created
| Code Block |
|---|
| language | bash |
|---|
| title | Cafe Pod&Service |
|---|
|
# Two coffee pods and three tea pods have been created, as required within the "cafe.yaml" file
$ kubectl get pod -n nginx-ingress -o wide
NAME READY STATUS RESTARTS AGE IP NODE
coffee-5f56ff9788-7fv8t 1/1 Running 0 20h 10.10.231.197 mycentos-1.novalocal
coffee-5f56ff9788-l5l9h 1/1 Running 0 20h 10.10.94.70 mycentos-2.novalocal
tea-69c99ff568-68bnr 1/1 Running 0 20h 10.10.94.71 mycentos-2.novalocal
tea-69c99ff568-k457k 1/1 Running 0 20h 10.10.231.198 mycentos-1.novalocal
tea-69c99ff568-pb9wc 1/1 Running 0 20h 10.10.231.199 mycentos-1.novalocal
$ kubectl get svc -n nginx-ingress
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
coffee-svc ClusterIP 10.107.81.22 <none> 80/TCP 20h
tea-svc ClusterIP 10.110.106.241 <none> 80/TCP 20h |
Finally, we create the input resource with the usual command kubectl apply -f <file.yaml>, even if it is better to take a look at the contents of the .yaml file first
| Code Block |
|---|
| language | yml |
|---|
| title | cafe-ingress.yaml |
|---|
|
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: cafe-ingress
spec:
tls:
- hosts:
- cafe.example.com
secretName: cafe-secret
rules:
- host: cafe.example.com
http:
paths:
- path: /tea # Use cafe.example.com/tea to target "tea" services
backend:
serviceName: tea-svc # Enter the service name
servicePort: 80 # Enter the port number on which the service is listening
- path: /coffee # Use cafe.example.com/coffee to target "coffee" services
backend:
serviceName: coffee-svc # Enter the service name
servicePort: 80 # Enter the port number on which the service is listening |
We verify that the ingress resource has been created correctly
| Code Block |
|---|
| language | bash |
|---|
| title | Ingress resource |
|---|
|
# In the ADDRESS column there is the FIP of the ingress node
$ kubectl get ing -n nginx-ingress
NAME CLASS HOSTS ADDRESS PORTS AGE
cafe-ingress <none> cafe.example.com 131.154.97.164 80, 443 20h |