准备
- 电脑环境:MacBook Pro / 13.0 (22A380)
- Docker Desktop版本:4.15.0 (93002)
- Docker Engine版本:v20.10.21
- Kubernetes版本:v1.25.2
步骤
安装 ingress-controller
远程执行:
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.5.1/deploy/static/provider/cloud/deploy.yaml
或者下载 deploy.yaml 到本地执行 kubectl apply -f deploy.yaml
效果图1
效果图2
准备域名 dev.nacos.com (本案例以nacos-k8s安装为例)
-
修改hosts文件,新增域名映射记录(域名自己取)
127.0.0.1 dev.nacos.com -
生成https证书:
mkcert dev.nacos.com 127.0.0.1 ::1生成:dev.nacos.com+2-key.pem、dev.nacos.com+2.pem 这2文件,备用
备注:mkcert工具安装请参考 github.com/FiloSottile…
部署 nacos(deployment、service、ingress) 到 k8s集群
执行 kubectl apply -f deployment.yaml ,其中 deployment.yaml 内容:
apiVersion: apps/v1
kind: Deployment
metadata:
name: nacos-deployment
labels:
app: nacos
spec:
replicas: 1
selector:
matchLabels:
app: nacos
template:
metadata:
labels:
app: nacos
spec:
containers:
- name: nacos
image: nacos/nacos-server:2.0.4-slim
ports:
- containerPort: 8848
env:
- name: MODE
value: "standalone"
volumeMounts:
- name: nacos-storage
mountPath: /home/nacos/data
volumes:
- name: nacos-storage
emptyDir: {}
执行 kubectl apply -f service.yaml ,其中 service.yaml 内容:
apiVersion: v1
kind: Service
metadata:
name: nacos-service
spec:
selector:
app: nacos
type: NodePort
ports:
- port: 8848
targetPort: 8848
nodePort: 30848
protocol: TCP
执行 kubectl create secret tls dev-nacos-secret --key dev.nacos.com+2-key.pem --cert dev.nacos.com+2.pem 生成 secret
执行 kubectl apply -f ingress.yaml, 其中 ingress.yaml内容:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: nacos-ingress
annotations:
kubernetes.io/ingress.class: "nginx"
ingress.kubernetes.io/enable-access-log: "true"
spec:
tls:
- hosts:
- dev.nacos.com
secretName: dev-nacos-secret
rules:
- host: dev.nacos.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: nacos-service
port:
number: 8848
效果
访问 dev.nacos.com/nacos 成功进入:
