본문 바로가기
IT 잡지식/DevOps

[CKA] KodeKloud - Ingress Networking - 2

by 쯀리♥️ 2024. 8. 15.

안녕하세요, 쯀리입니다. 지난시간에 이어서 ingress에 대해 더 배워볼게요

https://kubernetes.io/docs/concepts/services-networking/ingress/

 

Ingress

Make your HTTP (or HTTPS) network service available using a protocol-aware configuration mechanism, that understands web concepts like URIs, hostnames, paths, and more. The Ingress concept lets you map traffic to different backends based on rules you defin

kubernetes.io

https://funlife-julie.tistory.com/77

 

[CKA] KodeKloud - Ingress Networking - 1

안녕하세요, 쯀리입니다.오늘은 두 강의를 나누어 진행할텐데요 쿠버네티스에서 가장 많이 사용하는  Ingress에 관해 첫번째 과정을 배워볼게요https://kubernetes.io/docs/concepts/services-networking/ingress/

funlife-julie.tistory.com

 

 


 

Quiz

1. We have deployed two applications. Explore the setup.
Note: They are in a different namespace.

controlplane ~ ➜  k get all -A
NAMESPACE      NAME                                       READY   STATUS    RESTARTS   AGE
app-space      pod/default-backend-78f6fb8b4-cnxgs        1/1     Running   0          2m29s
app-space      pod/webapp-video-74bdc86cb8-v2z4m          1/1     Running   0          2m29s
app-space      pod/webapp-wear-6f8947f6cc-pjmgn           1/1     Running   0          2m29s
kube-flannel   pod/kube-flannel-ds-24r78                  1/1     Running   0          5m55s
kube-system    pod/coredns-768b85b76f-92fwn               1/1     Running   0          5m55s
kube-system    pod/coredns-768b85b76f-skf5z               1/1     Running   0          5m55s
kube-system    pod/etcd-controlplane                      1/1     Running   0          6m10s
kube-system    pod/kube-apiserver-controlplane            1/1     Running   0          6m10s
kube-system    pod/kube-controller-manager-controlplane   1/1     Running   0          6m10s
kube-system    pod/kube-proxy-98b5p                       1/1     Running   0          5m55s
kube-system    pod/kube-scheduler-controlplane            1/1     Running   0          6m10s

NAMESPACE     NAME                           TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)                  AGE
app-space     service/default-http-backend   ClusterIP   10.102.156.250   <none>        80/TCP                   2m28s
app-space     service/video-service          ClusterIP   10.102.6.119     <none>        8080/TCP                 2m29s
app-space     service/wear-service           ClusterIP   10.97.214.210    <none>        8080/TCP                 2m29s
default       service/kubernetes             ClusterIP   10.96.0.1        <none>        443/TCP                  6m11s
kube-system   service/kube-dns               ClusterIP   10.96.0.10       <none>        53/UDP,53/TCP,9153/TCP   6m8s

NAMESPACE      NAME                             DESIRED   CURRENT   READY   UP-TO-DATE   AVAILABLE   NODE SELECTOR            AGE
kube-flannel   daemonset.apps/kube-flannel-ds   1         1         1       1            1           <none>                   6m9s
kube-system    daemonset.apps/kube-proxy        1         1         1       1            1           kubernetes.io/os=linux   6m10s

NAMESPACE     NAME                              READY   UP-TO-DATE   AVAILABLE   AGE
app-space     deployment.apps/default-backend   1/1     1            1           2m29s
app-space     deployment.apps/webapp-video      1/1     1            1           2m29s
app-space     deployment.apps/webapp-wear       1/1     1            1           2m29s
kube-system   deployment.apps/coredns           2/2     2            2           6m8s

NAMESPACE     NAME                                        DESIRED   CURRENT   READY   AGE
app-space     replicaset.apps/default-backend-78f6fb8b4   1         1         1       2m29s
app-space     replicaset.apps/webapp-video-74bdc86cb8     1         1         1       2m29s
app-space     replicaset.apps/webapp-wear-6f8947f6cc      1         1         1       2m29s
kube-system   replicaset.apps/coredns-768b85b76f          2         2         2       5m56s

 

2. Let us now deploy an Ingress Controller. First, create a namespace called ingress-nginx.
We will isolate all ingress related objects into its own namespace.

controlplane ~ ➜  k create namespace ingress-nginx
namespace/ingress-nginx created

 

3. The NGINX Ingress Controller requires a ConfigMap object. Create a ConfigMap object with name ingress-nginx-controller in the ingress-nginx namespace.
No data needs to be configured in the ConfigMap.

controlplane ~ ➜  k create configmap ingress-nginx-controller -n ingress-nginx
configmap/ingress-nginx-controller created

controlplane ~ ➜  k get cm -n ingress-nginx
NAME                       DATA   AGE
ingress-nginx-controller   0      13s
kube-root-ca.crt           1      74s

 

4. The NGINX Ingress Controller requires two ServiceAccounts. Create both ServiceAccount with name ingress-nginx and ingress-nginx-admission in the ingress-nginx namespace.
Use the spec provided below.

controlplane ~ ➜  k create serviceaccount ingress-nginx -n ingress-nginx
serviceaccount/ingress-nginx created

controlplane ~ ➜  k create serviceaccount ingress-nginx-admission -n ingress-nginx
serviceaccount/ingress-nginx-admission created

 

5. We have created the Roles, RoleBindings, ClusterRoles, and ClusterRoleBindings for the ServiceAccount. Check it out!!

controlplane ~ ➜  k get role -n ingress-nginx
NAME                      CREATED AT
ingress-nginx             2024-08-15T07:24:49Z
ingress-nginx-admission   2024-08-15T07:24:49Z

controlplane ~ ➜  k get rolebinding -n ingress-nginx
NAME                      ROLE                           AGE
ingress-nginx             Role/ingress-nginx             43s
ingress-nginx-admission   Role/ingress-nginx-admission   43s

controlplane ~ ➜  k get clusterrole -n ingress-nginx | grep ingress
ingress-nginx                                                          2024-08-15T07:24:50Z
ingress-nginx-admission                                                2024-08-15T07:24:50Z

controlplane ~ ➜  k get clusterrolebinding -n ingress-nginx | grep ingress
ingress-nginx                                                   ClusterRole/ingress-nginx                                                          96s
ingress-nginx-admission                                         ClusterRole/ingress-nginx-admission                                                96s

 

6. Let us now deploy the Ingress Controller. Create the Kubernetes objects using the given file.
The Deployment and it's service configuration is given at /root/ingress-controller.yaml. There are several issues with it. Try to fix them.

Note: Do not edit the default image provided in the given file. The image validation check passes when other issues are resolved.

Deployed in the correct namespace.
Replicas: 1
Use the right image
Namespace: ingress-nginx
Service name: ingress-nginx-controller
NodePort: 30080

yaml 수정목록: 

(1)  13번줄  namespace: ingress- ->  namespace: ingress-nginx
(2) 73번줄 띄어쓰기 에러 : 

 - name: http
   containerPort: 80 ## 띄어쓰기 에러 name과 같은선상
   protocol: TCP


(3) 130번줄 Service name변경 name: ingress-controller -> name: ingress-nginx-controller
(4) 137번줄 nodeport -> nodePort:30080

controlplane ~ ➜  k apply -f ingress-controller.yaml 
deployment.apps/ingress-nginx-controller created
service/ingress-nginx-controller created

 

7.  Create the ingress resource to make the applications available at /wear and /watch on the Ingress service.
Also, make use of rewrite-target annotation field: -

nginx.ingress.kubernetes.io/rewrite-target: /

 

Ingress resource comes under the namespace scoped, so don't forget to create the ingress in the app-space namespace.

Ingress Created
Path: /wear
Path: /watch
Configure correct backend service for /wear
Configure correct backend service for /watch
Configure correct backend port for /wear service
Configure correct backend port for /watch service
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: nginx-ingress
  namespace: app-space
  annotations:
    nginx.ingress.kubernetes.io/rewrite-target: /
spec:
  rules:
  - http:
      paths:
      - path: /wear
        pathType: Prefix
        backend:
          service:
            name: wear-service
            port:
              number: 8080
      - path: /watch
        pathType: Prefix
        backend:
          service:
            name: video-service
            port:
              number: 8080

 

8. Access the application using the Ingress tab on top of your terminal.
Make sure you can access the right applications at /wear and /watch paths.


이렇게 Network관련된 단원은 끝났습니다. 

다음 Cluster Installation using Kubeadm을 배워보겠습니다. 


참조

 Udemy Labs - Certified Kubernetes Administrator with Practice Tests