[Kubernetes] Ingress 실습 - 웹페이지 구현

Kubernetes Ingress 동작

- marvel , pay 서비스를 구성하여 /로 호출되면 marvel, /pay로 호출하면 pay로 접근할 수 있도록 구성

https://www.youtube.com/watch?v=9TMIetXb6Pw&list=PLApuRlvrZKohaBHvXAOhUD-RxD0uQ3z0c&index=29

※ Ingress Controller가 설치된 상태

외부에서 접근하기 위해 고정 Port를 추가 하기 위해서, Ingress Controller 설치시 deploy.yaml 파일 아래 내용 추가
nodePort: 30100

nodePort: 30200

spec:
  ipFamilies:
  - IPv4
  ipFamilyPolicy: SingleStack
  ports:
  - appProtocol: http
    name: http
    port: 80
    protocol: TCP
    targetPort: http
    nodePort: 30100
  - appProtocol: https
    name: https
    port: 443
    protocol: TCP
    targetPort: https
    nodePort: 30200
  selector:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/name: ingress-nginx
  type: NodePort

ingress 및 포트 포워딩(80→30100, 443→30200 ) 확인

# kubectl get namespaces 
NAME              STATUS   AGE
default           Active   20d
ingress-nginx     Active   8s
kube-node-lease   Active   20d
kube-public       Active   20d
kube-system       Active   20d

# kubectl get all -n ingress-nginx 
NAME                                            READY   STATUS      RESTARTS   AGE
pod/ingress-nginx-admission-create-644j6        0/1     Completed   0          27s
pod/ingress-nginx-admission-patch-pxxgl         0/1     Completed   1          27s
pod/ingress-nginx-controller-6c56945c75-cxlqf   1/1     Running     0          27s

NAME                                         TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)                      AGE
service/ingress-nginx-controller             NodePort    10.99.231.132   <none>        80:30100/TCP,443:30200/TCP   27s
service/ingress-nginx-controller-admission   ClusterIP   10.105.47.65    <none>        443/TCP                      27s

NAME                                       READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/ingress-nginx-controller   1/1     1            1           27s

NAME                                                  DESIRED   CURRENT   READY   AGE
replicaset.apps/ingress-nginx-controller-6c56945c75   1         1         1       27s

NAME                                       COMPLETIONS   DURATION   AGE
job.batch/ingress-nginx-admission-create   1/1           6s         27s
job.batch/ingress-nginx-admission-patch    1/1           7s         27s

실습 파일들은 아래 링크 참고

https://github.com/237summit/Getting-Start-Kubernetes/tree/main/8/webserver-demo

Ingress를 이용한 웹서비스 운영: namespce 치환

default 네임스페이스를 ingress-nginx 네임스페이스로 변경하는 작업

# kubectl get namespaces 
NAME              STATUS   AGE
default           Active   20d
ingress-nginx     Active   9m42s
kube-node-lease   Active   20d
kube-public       Active   20d
kube-system       Active   20d

# kubectl config --help
Modify kubeconfig files using subcommands like "kubectl config set current-context my-context"

 The loading order follows these rules:

  1.  If the --kubeconfig flag is set, then only that file is loaded. The flag may only be set once and no merging takes
place.
  2.  If $KUBECONFIG environment variable is set, then it is used as a list of paths (normal path delimiting rules for
your system). These paths are merged. When a value is modified, it is modified in the file that defines the stanza. When
a value is created, it is created in the first file that exists. If no files in the chain exist, then it creates the
last file in the list.
  3.  Otherwise, ${HOME}/.kube/config is used and no merging takes place.

Available Commands:
  current-context   Display the current-context
  delete-cluster    kubeconfig에서 지정된 클러스터를 삭제합니다
  delete-context    kubeconfig에서 지정된 컨텍스트를 삭제합니다
  delete-user       Delete the specified user from the kubeconfig
  get-clusters      kubeconfig에 정의된 클러스터를 표시합니다
  get-contexts      하나 또는 여러 컨텍스트를 설명합니다
  get-users         Display users defined in the kubeconfig
  rename-context    Rename a context from the kubeconfig file
  set               Set an individual value in a kubeconfig file
  set-cluster       Set a cluster entry in kubeconfig
  set-context       Set a context entry in kubeconfig
  set-credentials   Set a user entry in kubeconfig
  unset             Unset an individual value in a kubeconfig file
  use-context       Set the current-context in a kubeconfig file
  view              병합된 kubeconfig 설정 또는 지정된 kubeconfig 파일을 표시합니다

Usage:
  kubectl config SUBCOMMAND [options]

Use "kubectl <command> --help" for more information about a given command.
Use "kubectl options" for a list of global command-line options (applies to all commands).

현재 context 확인(current-context: kubernetes-admin@kubernetes)

# kubectl config view
apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: DATA+OMITTED
    server: https://10.100.0.104:6443
  name: kubernetes
contexts:
- context:
    cluster: kubernetes
    user: kubernetes-admin
  name: kubernetes-admin@kubernetes
current-context: kubernetes-admin@kubernetes
kind: Config
preferences: {}
users:
- name: kubernetes-admin
  user:
    client-certificate-data: REDACTED
    client-key-data: REDACTED

새로운 context 만든 후 스위칭 작업 진행

# kubectl config set-context ingress-admin@kubernetes --cluster=kubernetes --user=kubernetes-admin --namespace ingress-nginx
Context "ingress-admin@kubernetes" created.
# kubectl config view
apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: DATA+OMITTED
    server: https://10.100.0.104:6443
  name: kubernetes
contexts:
- context:
    cluster: kubernetes
    namespace: ingress-nginx
    user: kubernetes-admin
  name: ingress-admin@kubernetes
- context:
    cluster: kubernetes
    user: kubernetes-admin
  name: kubernetes-admin@kubernetes
current-context: kubernetes-admin@kubernetes
kind: Config
preferences: {}
users:
- name: kubernetes-admin
  user:
    client-certificate-data: REDACTED
    client-key-data: REDACTED
    
# kubectl config use-context ingress-admin@kubernetes
Switched to context "ingress-admin@kubernetes".

# kubectl get pods
NAME                                        READY   STATUS      RESTARTS   AGE
ingress-nginx-admission-create-644j6        0/1     Completed   0          15m
ingress-nginx-admission-patch-pxxgl         0/1     Completed   1          15m
ingress-nginx-controller-6c56945c75-cxlqf   1/1     Running     0          15m

# kubectl get svc
NAME                                 TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)                      AGE
ingress-nginx-controller             NodePort    10.99.231.132   <none>        80:30100/TCP,443:30200/TCP   15m
ingress-nginx-controller-admission   ClusterIP   10.105.47.65    <none>        443/TCP                      15m

만약 default 에서 운영중인 서비스를 확인하기 위해서는 아래와 같이 명령 실행

# kubectl get svc -n default 
NAME                TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)   AGE
clusterip-service   ClusterIP   10.100.100.100   <none>        80/TCP    127m
headless-service    ClusterIP   None             <none>        80/TCP    127m
kubernetes          ClusterIP   10.96.0.1        <none>        443/TCP   7h3m

Ingress를 이용한 웹서비스 운영: Ingress rule

ingress.yaml

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: marvel-heroes-ingress
  namespace: ingress-nginx
  annotations:
    kubernetes.io/ingress.class: nginx
spec:
  defaultBackend:
    service:
      name: nginx
      port:
        number: 80
  rules:
  - host: node1.example.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: marvel-service
            port:
              number: 80
  - host: node2.example.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: thor-service
            port:
              number: 80

Ingress를 이용한 웹서비스 운영(2)

1. 웹서비스 동작

marvel-home.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: marvel-home
spec:
  replicas: 1
  selector:
    matchLabels:
      name: marvel
  template:
    metadata:
      labels:
        name: marvel
    spec:
      containers:
      - image: smlinux/marvel-collection
        name: marvel-container
        ports:
        - containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
  name: marvel-service
spec:
  ports:
  - port: 80
    protocol: TCP
    targetPort: 80
  selector:
    name: marvel

pay.yaml

apiVersion: v1
kind: ReplicationController
metadata:
  name: pay-rc
spec:
  replicas: 3
  template:
    metadata:
      labels:
        app: pay
    spec:
      containers:
      - image: smlinux/pay
        name: pay
        ports:
        - containerPort: 8080
---
apiVersion: v1
kind: Service
metadata:
  name: pay-service
spec:
  ports:
  - port: 80
    targetPort: 8080
  selector:
    app: pay

yaml 실행 후 서비스 확인

# kubectl create -f marvel-home.yaml -f pay.yaml
deployment.apps/marvel-home created
service/marvel-service created
replicationcontroller/pay-rc created
service/pay-service created

# kubectl get all
NAME                                            READY   STATUS      RESTARTS   AGE
pod/ingress-nginx-admission-create-644j6        0/1     Completed   0          26m
pod/ingress-nginx-admission-patch-pxxgl         0/1     Completed   1          26m
pod/ingress-nginx-controller-6c56945c75-cxlqf   1/1     Running     0          26m
pod/marvel-home-8cbfd8fb5-gdkns                 1/1     Running     0          2m3s
pod/pay-rc-7c9sp                                1/1     Running     0          2m3s
pod/pay-rc-qt6jf                                1/1     Running     0          2m3s
pod/pay-rc-r526j                                1/1     Running     0          2m3s

NAME                           DESIRED   CURRENT   READY   AGE
replicationcontroller/pay-rc   3         3         3       2m3s

NAME                                         TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)                      AGE
service/ingress-nginx-controller             NodePort    10.99.231.132   <none>        80:30100/TCP,443:30200/TCP   26m
service/ingress-nginx-controller-admission   ClusterIP   10.105.47.65    <none>        443/TCP                      26m
service/marvel-service                       ClusterIP   10.96.1.175     <none>        80/TCP                       2m3s
service/pay-service                          ClusterIP   10.111.68.248   <none>        80/TCP                       2m3s

NAME                                       READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/ingress-nginx-controller   1/1     1            1           26m
deployment.apps/marvel-home                1/1     1            1           2m3s

NAME                                                  DESIRED   CURRENT   READY   AGE
replicaset.apps/ingress-nginx-controller-6c56945c75   1         1         1       26m
replicaset.apps/marvel-home-8cbfd8fb5                 1         1         1       2m3s

NAME                                       COMPLETIONS   DURATION   AGE
job.batch/ingress-nginx-admission-create   1/1           6s         26m
job.batch/ingress-nginx-admission-patch    1/1           7s         26m

ingress 구성

# kubectl create -f ingress.yaml 
ingress.networking.k8s.io/marvel-heroes-ingress created

# kubectl get ingress
NAME                    CLASS    HOSTS                                 ADDRESS        PORTS   AGE
marvel-heroes-ingress   <none>   node1.example.com,node2.example.com   10.100.0.101   80      27s

# kubectl describe ingress marvel-heroes-ingress 
Name:             marvel-heroes-ingress
Labels:           <none>
Namespace:        ingress-nginx
Address:          10.100.0.101
Ingress Class:    <none>
Default backend:  nginx:80 (<error: endpoints "nginx" not found>)
Rules:
  Host               Path  Backends
  ----               ----  --------
  node1.example.com  
                     /   marvel-service:80 (10.44.0.3:80)
  node2.example.com  
                     /   thor-service:80 (<error: endpoints "thor-service" not found>)
Annotations:         kubernetes.io/ingress.class: nginx
Events:
  Type    Reason  Age                From                      Message
  ----    ------  ----               ----                      -------
  Normal  Sync    43s (x2 over 46s)  nginx-ingress-controller  Scheduled for sync

서비스 확인 후 curl 명령어를 이용하여 호출 테스트 진행

ingress.yaml 파일에 marvel 쪽만 수정하여서 /pay 호출시 에러가 뜬다. (ingress.yaml 파일은 추후에 수정 예정)

# kubectl get svc
NAME                                 TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)                      AGE
ingress-nginx-controller             NodePort    10.99.231.132   <none>        80:30100/TCP,443:30200/TCP   35m
ingress-nginx-controller-admission   ClusterIP   10.105.47.65    <none>        443/TCP                      35m
marvel-service                       ClusterIP   10.96.1.175     <none>        80/TCP                       10m
pay-service                          ClusterIP   10.111.68.248   <none>        80/TCP                       10m

# curl node1.example.com:30100/
<html>
<head>
  <title>marvel heroes</title>
</head>
<body>
  <center>
  <img src="images/marvel_logo.png"><br>
  <p style="color:red;">Marvel Entertainment/Marvel Studios</p><br>
  <img src="images/category.png"><br>
  <a href="http://211.253.8.13/pay">[payment]</a></center>

  </center>
</body>
</html>

# curl node1.example.com:30100/pay
<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.14.2</center>
</body>
</html>

[참고]

- https://www.youtube.com/watch?v=9TMIetXb6Pw&list=PLApuRlvrZKohaBHvXAOhUD-RxD0uQ3z0c&index=29

'Kubernetes' 카테고리의 다른 글

[Kubernetes] kubernetes node label (0)	2022.12.17
[Kubernetes] kubernetes label 쿠버네티스 레이블 (0)	2022.12.16
[Kubernetes] Ingress 개념과 Ingress Controller 설치 (0)	2022.12.14
[Kubernetes] Headless Service와 Kube Proxy (0)	2022.12.14
[Kubernetes] Service 4가지 종류 실습 (0)	2022.12.14

Infra&DevOps&Security

[Kubernetes] Ingress 실습 - 웹페이지 구현

Kubernetes Ingress 동작

'Kubernetes' 카테고리의 다른 글

티스토리툴바

[Kubernetes] Ingress 실습 - 웹페이지 구현

Kubernetes Ingress 동작

'Kubernetes' 카테고리의 다른 글

'Kubernetes' Related Articles

티스토리툴바