ㅁ We have deployed two applications. Explore the setup.
$ kubectl get all --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
app-space pod/default-backend-5cf9bfb9d-t777q 1/1 Running 0 42s
app-space pod/webapp-video-84f8655bd8-t75tl 1/1 Running 0 42s
app-space pod/webapp-wear-6ff9445955-c47lj 1/1 Running 0 41s
kube-system pod/coredns-f9fd979d6-9bc25 1/1 Running 0 119s
kube-system pod/coredns-f9fd979d6-s2g8d 1/1 Running 0 119s
kube-system pod/etcd-controlplane 1/1 Running 0 2m8s
kube-system pod/kube-apiserver-controlplane 1/1 Running 0 2m8s
kube-system pod/kube-controller-manager-controlplane 1/1 Running 0 2m8s
kube-system pod/kube-flannel-ds-amd64-h9ff9 1/1 Running 0 119s
kube-system pod/kube-flannel-ds-amd64-hdvm4 1/1 Running 1 109s
kube-system pod/kube-proxy-gc9qn 1/1 Running 1 109s
kube-system pod/kube-proxy-w2gz7 1/1 Running 0 119s
kube-system pod/kube-scheduler-controlplane 1/1 Running 0 2m8s
NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
app-space service/default-http-backend ClusterIP 10.99.106.155 <none> 80/TCP 42s
app-space service/video-service ClusterIP 10.107.155.36 <none> 8080/TCP 42s
app-space service/wear-service ClusterIP 10.101.48.254 <none> 8080/TCP 42s
default service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 2m17s
kube-system service/kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP,9153/TCP 2m15s
NAMESPACE NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
kube-system daemonset.apps/kube-flannel-ds-amd64 2 2 2 2 2 <none> 2m11s
kube-system daemonset.apps/kube-flannel-ds-arm 0 0 0 0 0 <none> 2m11s
kube-system daemonset.apps/kube-flannel-ds-arm64 0 0 0 0 0 <none> 2m11s
kube-system daemonset.apps/kube-flannel-ds-ppc64le 0 0 0 0 0 <none> 2m11s
kube-system daemonset.apps/kube-flannel-ds-s390x 0 0 0 0 0 <none> 2m11s
kube-system daemonset.apps/kube-proxy 2 2 2 2 2 kubernetes.io/os=linux 2m15s
NAMESPACE NAME READY UP-TO-DATE AVAILABLE AGE
app-space deployment.apps/default-backend 1/1 1 1 42s
app-space deployment.apps/webapp-video 1/1 1 1 42s
app-space deployment.apps/webapp-wear 1/1 1 1 42s
kube-system deployment.apps/coredns 2/2 2 2 2m15s
NAMESPACE NAME DESIRED CURRENT READY AGE
app-space replicaset.apps/default-backend-5cf9bfb9d 1 1 1 42s
app-space replicaset.apps/webapp-video-84f8655bd8 1 1 1 42s
app-space replicaset.apps/webapp-wear-6ff9445955 1 1 1 42s
kube-system replicaset.apps/coredns-f9fd979d6 2 2 2 119s
ㅁ Let us now deploy an Ingress Controller.
First, create a namespace called 'ingress-space'
kubectl create namespace ingress-space
- Name: ingress-space
ㅁ The NGINX Ingress Controller requires a ConfigMap object. Create a ConfigMap object in the ingress-space
use the given spec on the right. No data needs to be configured in the ConfigMap
- Name: ingress-configuration
$ kubectl create configmap nginx-configuration -n ingress-space
configmap/nginx-configuration created
ㅁ The NGINX Ingress Controller requires a ServiceAccount. Create a ServiceAccount in the ingress-space.
- Name: ingress-serviceaccount
$ kubectl create serviceaccount ingress-serviceaccount -n ingress-space
serviceaccount/ingress-serviceaccount created
ㅁ We have created the Roles and RoleBinding for the ServiceAccount. Check it out.
kubectl get role,rolebindings --namespace ingress-space
NAME CREATED AT
role.rbac.authorization.k8s.io/ingress-role 2021-03-31T14:08:49Z
NAME ROLE AGE
rolebinding.rbac.authorization.k8s.io/ingress-role-binding Role/ingress-role 65s
ㅁ Let us now deploy the Ingress Controller. Create a deployment using the file given
The deployment configuration is given at /root/ingress-controller.yaml. There are several issues with it. Try to fix them.
- Deployed in the correct namespace
- Replicas: 1
- Use the right image
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: ingress-controller
namespace: ingress-space
spec:
replicas: 1
selector:
matchLabels:
name: nginx-ingress
template:
metadata:
labels:
name: nginx-ingress
spec:
serviceAccountName: ingress-serviceaccount
containers:
- name: nginx-ingress-controller
image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.21.0
args:
- /nginx-ingress-controller
- --configmap=$(POD_NAMESPACE)/nginx-configuration
- --default-backend-service=app-space/default-http-backend
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
ports:
- name: http
containerPort: 80
- name: https
containerPort: 443ㅁ Let us now create a service to make Ingress available to external users.
create a service following the given specs.
- Name: ingress
- Type: NodePort
- Port: 80
- TargetPort: 80
- NodePort: 30080
- Use the right selector
---
apiVersion: v1
kind: Service
metadata:
name: ingress
namespace: ingress-space
spec:
type: NodePort
ports:
- port: 80
targetPort: 80
protocol: TCP
nodePort: 30080
name: http
- port: 443
targetPort: 443
protocol: TCP
name: https
selector:
name: nginx-ingress
~ selector는 service가 바라보는 것이 Deployment 이므로 ingress-controller의 label을 확인하여 정의
ㅁ Create the ingress resource to make the appplication available at /wear and /watch on the Ingress Service
- Ingress Created
- Path: /wear
- Path: /watch
- Configure correct backend service for /wear
- Configure correct backend service for /watch
- Configure correct backend port for /wear service
- Configure correct backend port for /watch service
모법 답안
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: ingress-wear-watch
namespace: app-space
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
nginx.ingress.kubernetes.io/ssl-redirect: "false"
spec:
rules:
- http:
paths:
- path: /wear
backend:
serviceName: wear-service
servicePort: 8080
- path: /watch
backend:
serviceName: video-service
servicePort: 8080내가 한거
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ingress
namespace: app-space
spec:
rules:
- http:
paths:
- path: /wear
pathType: ImplementationSpecific
backend:
service:
name: wear-service
port:
number: 8080
- http:
paths:
- path: /watch
pathType: ImplementationSpecific
backend:
service:
name: video-service
port:
number: 8080
'CKA &. CKAD > Networking' 카테고리의 다른 글
| End to End Section (0) | 2021.04.01 |
|---|---|
| Ingress - Annotations and rewrite-target (0) | 2021.03.31 |
| Practice Test - CKA -Ingress Networking (0) | 2021.03.31 |
| INGRESS (0) | 2021.03.31 |
| Practice Test CoreDNS in Kubernetes (0) | 2021.03.31 |