使用 Helm 安装 Ingress 控制器是一种方便且灵活的方式,可以通过 Helm Chart 对 Ingress 进行配置和管理。以下是安装 ingress-nginx 控制器的步骤:
添加 ingress-nginx Helm 仓库
1、使用脚本自动安装helm,通过 curl 命令下载并执行该脚本,并安装 Helm 到你的系统
curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash
2、添加 ingress-nginx 仓库
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
3、搜索ingress-nginx安装包
helm search repo ingress-nginx
4、下载ingress-nginx安装包
helm pull ingress-nginx/ingress-nginx
5、解压后编辑values.yaml文件
tar -xf ingress-nginx-4.10.1.tgz
6、修改完后保存退出接着创建ingress-nginx命名空间
kubectl create ns ingress-nginx
7、为需要部署 ingress 的节点上加标签
kubectl label node kmaster ingress=true
创建daemonset-prod.yaml文件用来覆盖 ingress-nginx 默认的Values.yaml值
1、主节点部署方式
# daemonset-prod.yaml
controller:
name: controller
image:
registry: registry.cn-hangzhou.aliyuncs.com
image: google_containers/nginx-ingress-controller
tag: "v1.10.1"
digest:
digestChroot:
dnsPolicy: ClusterFirstWithHostNet
hostNetwork: true
publishService: # hostNetwork 模式下设置为false,通过节点IP地址上报ingress status数据
enabled: false
# 是否需要处理不带 ingressClass 注解或者 ingressClassName 属性的 Ingress 对象
# 设置为 true 会在控制器启动参数中新增一个 --watch-ingress-without-class 标注
watchIngressWithoutClass: false
# -- Use a `DaemonSet` or `Deployment`
kind: DaemonSet
# kubeadm 安装的集群默认情况下master是有污点,需要容忍这个污点才可以部署
tolerations:
- key: "node-role.kubernetes.io/master"
operator: "Exists"
effect: "NoSchedule"
nodeSelector: # 固定到kmaster节点
kubernetes.io/hostname: kmaster
#ingress: "true"
service:
type: ClusterIP #LoadBalancer修改为ClusterIP
# 强烈建议开启 admission webhook
admissionWebhooks:
enabled: true
createSecretJob:
resources:
limits:
cpu: 10m
memory: 20Mi
requests:
cpu: 10m
memory: 20Mi
patchWebhookJob:
resources:
limits:
cpu: 10m
memory: 20Mi
requests:
cpu: 10m
memory: 20Mi
patch:
enabled: true
image:
registry: registry.cn-hangzhou.aliyuncs.com
image: google_containers/kube-webhook-certgen
tag: v1.4.1
digest:
#defaultBackend: # 配置默认后端
# enabled: true
# name: defaultbackend
# image:
# repository: cnych/ingress-nginx-defaultbackend
# tag: "1.5"
保存退出后执行以下脚本
helm upgrade --install ingress-nginx . -f ./daemonset-prod.yaml --create-namespace --namespace ingress-nginx
或者混合方式部署方式
# daemonset-prod-mix.yaml
controller:
name: controller
image:
registry: registry.cn-hangzhou.aliyuncs.com
image: google_containers/nginx-ingress-controller
tag: "v1.10.1"
digest:
digestChroot:
dnsPolicy: ClusterFirstWithHostNet
hostNetwork: true
publishService: # hostNetwork 模式下设置为false,通过节点IP地址上报ingress status数据
enabled: false
# 是否需要处理不带 ingressClass 注解或者 ingressClassName 属性的 Ingress 对象
# 设置为 true 会在控制器启动参数中新增一个 --watch-ingress-without-class 标注
watchIngressWithoutClass: false
# -- Use a `DaemonSet` or `Deployment`
kind: DaemonSet
tolerations: # 容忍主节点和工作节点的污点
- key: "node-role.kubernetes.io/master"
operator: "Exists"
effect: "NoSchedule"
- key: "node-role.kubernetes.io/control-plane"
operator: "Exists"
effect: "NoSchedule"
nodeSelector: # 允许在所有 Linux 节点上部署
kubernetes.io/os: linux
service:
type: ClusterIP #LoadBalancer修改为ClusterIP
admissionWebhooks: # 强烈建议开启 admission webhook
enabled: true
createSecretJob:
resources:
limits:
cpu: 10m
memory: 20Mi
requests:
cpu: 10m
memory: 20Mi
patchWebhookJob:
resources:
limits:
cpu: 10m
memory: 20Mi
requests:
cpu: 10m
memory: 20Mi
patch:
enabled: true
image:
registry: registry.cn-hangzhou.aliyuncs.com
image: google_containers/kube-webhook-certgen
tag: v1.4.1
digest:
保存退出后执行以下脚本
helm upgrade --install ingress-nginx . -f ./daemonset-prod-mix.yaml --create-namespace --namespace ingress-nginx