环境信息
- Kubernetes:v1.20.6
- Helm:v3.5.2
- Chart: ingress-nginx-3.34
- ingress-nginx/controller: v0.47.0
部署一个公网 LB 版的 nginx ingress
添加 Helm仓库
这里选用 kubernetes 提供的chart仓库
helm repo add ingress https://kubernetes.github.io/ingress-nginx
helm repo update
同步海外镜像
如果在国内拉取官方镜像导致部署失败,可以将ingress-nginx需要的镜像推送到自有镜像仓库,然后使用自有镜像仓库参考操作如下: 将官方镜像上传到自有镜像仓库, 以仓库地址: uhub.service.ucloud.cn/ucloud_pts为例,需要同步镜像列表如下:
k8s.gcr.io/ingress-nginx/controller:v0.47.0
k8s.gcr.io/defaultbackend-amd64:1.5
docker.io/jettech/kube-webhook-certgen:v1.5.1
关于docker pull tag push 操作可以参考:
- https://docs.docker.com/engine/reference/commandline/pull/
- https://docs.docker.com/engine/reference/commandline/tag/
- https://docs.docker.com/engine/reference/commandline/push/
创建 docker-registry类型的secrets
kubectl create namespace ingress-nginx
kubectl delete secret registry-secret-name -n ingress-nginx
kubectl create secret docker-registry registry-secret-name \
--namespace=ingress-nginx \
--docker-server=uhub.service.ucloud.cn/ucloud_pts \
--docker-username='xxxxxxxxx' \
--docker-password='xxxxxxxxx'
自定义配置,完成ingress-nginx部署
cat > ingress-value.yaml << EOF
imagePullSecrets:
- name: registry-secret-name
defaultBackend:
enabled: true
name: defaultbackend
image:
registry: uhub.service.ucloud.cn/ucloud_pts
image: defaultbackend-amd64
tag: "1.5"
controller:
name: controller
ingressClass: nginx
config:
use-http2: true
image:
repository: uhub.service.ucloud.cn/ucloud_pts/controller
tag: "v0.47.0"
digest: sha256:c892e4e39885a16324d38b213d0dd42f56d183e93836b28d051c5476b1418bc1
admissionWebhooks:
patch:
enabled: true
image:
repository: uhub.service.ucloud.cn/ucloud_pts/kube-webhook-certgen
EOF
helm upgrade --install ingress-nginx ingress/ingress-nginx \
-n ingress-nginx --values=ingress-value.yaml
其它可选配置
- 如果需要开启promethus metrics 可以在 ingress-value.yaml 文件追加如下配置
controller:
metrics:
port: 10254
enabled: true
service:
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "10254"
servicePort: 10254
type: LoadBalancer
然后执行更新即可:
helm upgrade --install ingress-nginx ingress/ingress-nginx \
-n ingress-nginx --values=ingress-value.yaml
- 如果需要开启 TCP/UCP 端口映射,可以在 ingress-value.yaml 文件追加如下配置:
tcp:
8080: "default/example-tcp-svc:9000"
udp:
53: "kube-system/kube-dns:53"
然后执行更新即可:
helm upgrade --install ingress-nginx ingress/ingress-nginx \
-n ingress-nginx --values=ingress-value.yaml
参考
https://github.com/kubernetes/contrib/tree/master/ingress/controllers/nginx/examples/tcp
https://github.com/kubernetes/contrib/tree/master/ingress/controllers/nginx/examples/udp
验证部署
执行命令:helm list -A 返回类似如下部分的结果,说明部署成功
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
ingress-nginx ingress-nginx 1 2021-07-20 11:05:05.317954426 +0800 CST deployed ingress-nginx-3.34.0 0.47.0
