안녕하세요, 쯀리입니다. 지난시간에 이어서 ingress에 대해 더 배워볼게요
https://kubernetes.io/docs/concepts/services-networking/ingress/
https://funlife-julie.tistory.com/77
Quiz
1. We have deployed two applications. Explore the setup.
Note: They are in a different namespace.
controlplane ~ ➜ k get all -A
NAMESPACE NAME READY STATUS RESTARTS AGE
app-space pod/default-backend-78f6fb8b4-cnxgs 1/1 Running 0 2m29s
app-space pod/webapp-video-74bdc86cb8-v2z4m 1/1 Running 0 2m29s
app-space pod/webapp-wear-6f8947f6cc-pjmgn 1/1 Running 0 2m29s
kube-flannel pod/kube-flannel-ds-24r78 1/1 Running 0 5m55s
kube-system pod/coredns-768b85b76f-92fwn 1/1 Running 0 5m55s
kube-system pod/coredns-768b85b76f-skf5z 1/1 Running 0 5m55s
kube-system pod/etcd-controlplane 1/1 Running 0 6m10s
kube-system pod/kube-apiserver-controlplane 1/1 Running 0 6m10s
kube-system pod/kube-controller-manager-controlplane 1/1 Running 0 6m10s
kube-system pod/kube-proxy-98b5p 1/1 Running 0 5m55s
kube-system pod/kube-scheduler-controlplane 1/1 Running 0 6m10s
NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
app-space service/default-http-backend ClusterIP 10.102.156.250 <none> 80/TCP 2m28s
app-space service/video-service ClusterIP 10.102.6.119 <none> 8080/TCP 2m29s
app-space service/wear-service ClusterIP 10.97.214.210 <none> 8080/TCP 2m29s
default service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 6m11s
kube-system service/kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP,9153/TCP 6m8s
NAMESPACE NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
kube-flannel daemonset.apps/kube-flannel-ds 1 1 1 1 1 <none> 6m9s
kube-system daemonset.apps/kube-proxy 1 1 1 1 1 kubernetes.io/os=linux 6m10s
NAMESPACE NAME READY UP-TO-DATE AVAILABLE AGE
app-space deployment.apps/default-backend 1/1 1 1 2m29s
app-space deployment.apps/webapp-video 1/1 1 1 2m29s
app-space deployment.apps/webapp-wear 1/1 1 1 2m29s
kube-system deployment.apps/coredns 2/2 2 2 6m8s
NAMESPACE NAME DESIRED CURRENT READY AGE
app-space replicaset.apps/default-backend-78f6fb8b4 1 1 1 2m29s
app-space replicaset.apps/webapp-video-74bdc86cb8 1 1 1 2m29s
app-space replicaset.apps/webapp-wear-6f8947f6cc 1 1 1 2m29s
kube-system replicaset.apps/coredns-768b85b76f 2 2 2 5m56s
2. Let us now deploy an Ingress Controller. First, create a namespace called ingress-nginx.
We will isolate all ingress related objects into its own namespace.
controlplane ~ ➜ k create namespace ingress-nginx
namespace/ingress-nginx created
3. The NGINX Ingress Controller requires a ConfigMap object. Create a ConfigMap object with name ingress-nginx-controller in the ingress-nginx namespace.
No data needs to be configured in the ConfigMap.
controlplane ~ ➜ k create configmap ingress-nginx-controller -n ingress-nginx
configmap/ingress-nginx-controller created
controlplane ~ ➜ k get cm -n ingress-nginx
NAME DATA AGE
ingress-nginx-controller 0 13s
kube-root-ca.crt 1 74s
4. The NGINX Ingress Controller requires two ServiceAccounts. Create both ServiceAccount with name ingress-nginx and ingress-nginx-admission in the ingress-nginx namespace.
Use the spec provided below.
controlplane ~ ➜ k create serviceaccount ingress-nginx -n ingress-nginx
serviceaccount/ingress-nginx created
controlplane ~ ➜ k create serviceaccount ingress-nginx-admission -n ingress-nginx
serviceaccount/ingress-nginx-admission created
5. We have created the Roles, RoleBindings, ClusterRoles, and ClusterRoleBindings for the ServiceAccount. Check it out!!
controlplane ~ ➜ k get role -n ingress-nginx
NAME CREATED AT
ingress-nginx 2024-08-15T07:24:49Z
ingress-nginx-admission 2024-08-15T07:24:49Z
controlplane ~ ➜ k get rolebinding -n ingress-nginx
NAME ROLE AGE
ingress-nginx Role/ingress-nginx 43s
ingress-nginx-admission Role/ingress-nginx-admission 43s
controlplane ~ ➜ k get clusterrole -n ingress-nginx | grep ingress
ingress-nginx 2024-08-15T07:24:50Z
ingress-nginx-admission 2024-08-15T07:24:50Z
controlplane ~ ➜ k get clusterrolebinding -n ingress-nginx | grep ingress
ingress-nginx ClusterRole/ingress-nginx 96s
ingress-nginx-admission ClusterRole/ingress-nginx-admission 96s
6. Let us now deploy the Ingress Controller. Create the Kubernetes objects using the given file.
The Deployment and it's service configuration is given at /root/ingress-controller.yaml. There are several issues with it. Try to fix them.
Note: Do not edit the default image provided in the given file. The image validation check passes when other issues are resolved.
Deployed in the correct namespace.
Replicas: 1
Use the right image
Namespace: ingress-nginx
Service name: ingress-nginx-controller
NodePort: 30080
yaml 수정목록:
(1) 13번줄 namespace: ingress- -> namespace: ingress-nginx
(2) 73번줄 띄어쓰기 에러 :
- name: http
containerPort: 80 ## 띄어쓰기 에러 name과 같은선상
protocol: TCP
(3) 130번줄 Service name변경 name: ingress-controller -> name: ingress-nginx-controller
(4) 137번줄 nodeport -> nodePort:30080
controlplane ~ ➜ k apply -f ingress-controller.yaml
deployment.apps/ingress-nginx-controller created
service/ingress-nginx-controller created
7. Create the ingress resource to make the applications available at /wear and /watch on the Ingress service.
Also, make use of rewrite-target annotation field: -
nginx.ingress.kubernetes.io/rewrite-target: /
Ingress resource comes under the namespace scoped, so don't forget to create the ingress in the app-space namespace.
Ingress Created
Path: /wear
Path: /watch
Configure correct backend service for /wear
Configure correct backend service for /watch
Configure correct backend port for /wear service
Configure correct backend port for /watch service
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: nginx-ingress
namespace: app-space
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- http:
paths:
- path: /wear
pathType: Prefix
backend:
service:
name: wear-service
port:
number: 8080
- path: /watch
pathType: Prefix
backend:
service:
name: video-service
port:
number: 8080
8. Access the application using the Ingress tab on top of your terminal.
Make sure you can access the right applications at /wear and /watch paths.
이렇게 Network관련된 단원은 끝났습니다.
다음 Cluster Installation using Kubeadm을 배워보겠습니다.
참조
※ Udemy Labs - Certified Kubernetes Administrator with Practice Tests
'IT 잡지식 > DevOps' 카테고리의 다른 글
[CKA] KodeKloud - Application Failure (0) | 2024.08.23 |
---|---|
[CKA] KodeKloud - Cluster Installation using Kubeadm (0) | 2024.08.15 |
[CKA] KodeKloud - Ingress Networking - 1 (0) | 2024.08.15 |
[CKA] KodeKloud - CoreDNS in Kubernetes (0) | 2024.08.15 |
[CKA] KodeKloud - Service Networking (0) | 2024.08.10 |