k8s ingress会创建对应的ingress controller,而ingress controller通过k8s service暴露,外网用户可通过ingress对应的service访问k8s ingress。
nginx ingress controller
[root@master ~]# kubectl get po -n ingress-nginx --show-labels
NAME READY STATUS RESTARTS AGE LABELS
ingress-nginx-controller-6b79d4df7b-hnm6s 1/1 Running 0 5d15h app.kubernetes.io/component=controller,app.kubernetes.io/instance=ingress-nginx,app.kubernetes.io/name=ingress-nginx,pod-template-hash=6b79d4df7b
[root@master ~]# kubectl get svc -n ingress-nginx
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ingress-nginx-controller ClusterIP 10.98.124.199 192.168.90.125 80/TCP,443/TCP 13d
ingress-nginx-controller-admission ClusterIP 10.97.52.8 <none> 443/TCP 20d
ingress-nginx-controller的service selector如下:
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/component: controller
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/version: 1.0.0
helm.sh/chart: ingress-nginx-4.0.1
name: ingress-nginx-controller
namespace: ingress-nginx
spec:
ports:
- appProtocol: http
name: http
port: 80
protocol: TCP
targetPort: http
- appProtocol: https
name: https
port: 443
protocol: TCP
targetPort: https
selector:
app.kubernetes.io/component: controller
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/name: ingress-nginx
通过service可以访问ingress,如果期望从外网访问ingress的话,可以将service配置为nodePort类型或为clusterIp类型service配置externalIP
# NodePort
...
spec:
type: NodePort
...
# externalIP
...
spec:
clusterIP: 10.98.124.199
clusterIPs:
- 10.98.124.199
externalIPs:
- 192.168.0.12
...
