原文作者:賢維
原文連結:
https://developer.aliyun.com/article/727019ASK: Alibaba Cloud Serverless Kubernetes
導讀
不同于阿裡雲 ACK 叢集預設通過 nginx-ingress-controller 提供 ingress 能力,在 ASK(Serverless Kubernetes) 叢集中預設基于 SLB 七層轉發提供ingress能力(請參考文檔
https://help.aliyun.com/document_detail/86398.html)。
這樣的優勢是Serverless叢集開箱即用,使用者無需部署任何controller即可建立自己的Ingress資源,更符合Serverless環境的用法。
然而基于SLB七層轉發的ingress與nginx-ingress-controller相比,缺少了一些進階Ingress功能,無法滿足某些客戶場景的需求,比如支援域名path的正則比對等。
是以ASK叢集也提供了與ACK叢集同樣的 nginx-ingress-controller,供使用者使用 nginx 提供的 ingress 轉發能力。使用者可以根據自己的需求決定選擇兩者之一。下面我們一起來嘗試在 ASK 叢集中使用 nginx-ingress。
部署 nginx-ingress-controller
在 ASK 叢集中部署 yaml 檔案:
https://github.com/AliyunContainerService/serverless-k8s-examples/blob/master/ingress-nginx/nginx-ingress-controller.yaml#kubectl apply -f https://raw.githubusercontent.com/AliyunContainerService/serverless-k8s-examples/master/ingress-nginx/nginx-ingress-controller.yaml
service/nginx-ingress-lb created
configmap/nginx-configuration created
configmap/tcp-services created
configmap/udp-services created
serviceaccount/nginx-ingress-controller created
clusterrole.rbac.authorization.k8s.io/nginx-ingress-controller created
clusterrolebinding.rbac.authorization.k8s.io/nginx-ingress-controller created
deployment.apps/nginx-ingress-controller created
# kubectl -n kube-system get pod
NAME READY STATUS RESTARTS AGE
nginx-ingress-controller-c9d8697f6-n4bzs 0/1 Running 0 52s
nginx-ingress-controller-c9d8697f6-p8p6j 0/1 Running 0 52s
# kubectl -n kube-system get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
metrics-server ClusterIP 172.19.4.171 <none> 443/TCP 72d
nginx-ingress-lb LoadBalancer 172.19.6.118 47.93.131.72 80:32676/TCP,443:30256/TCP 116s 可以看到一個公網slb已經被建立出來(後端是兩個nginx-ingress-controller pod),這是叢集中所有ingress的入口IP位址。
部署Ingress示例
我們同樣提供了簡單的Coffee和Tea Ingress示例:
https://github.com/AliyunContainerService/serverless-k8s-examples/blob/master/ingress-nginx/ingress-cafe-demo.yaml需要注意的是Ingress中需要指定如下Annotation,才能保證ingress被nginx-ingress-controller正确處理。
kubernetes.io/ingress.class:nginx
# kubectl apply -f https://raw.githubusercontent.com/AliyunContainerService/serverless-k8s-examples/master/ingress-nginx/ingress-cafe-demo.yamldeployment.extensions/coffee created
service/coffee-svc created
deployment.extensions/tea created
service/tea-svc created
ingress.extensions/cafe-ingress created
# kubectl get pod
NAME READY STATUS RESTARTS AGE
coffee-56668d6f78-g7g6p 1/1 Running 0 88s
coffee-56668d6f78-x9ktc 1/1 Running 0 88s
tea-85f8bf86fd-477d2 1/1 Running 0 88s
tea-85f8bf86fd-jlq6b 1/1 Running 0 88s
tea-85f8bf86fd-p4ng4 1/1 Running 0 88s
# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
coffee-svc ClusterIP None <none> 80/TCP 102s
kubernetes ClusterIP 172.19.0.1 <none> 443/TCP 72d
tea-svc ClusterIP None <none> 80/TCP 102s
# kubectl get ing
NAME HOSTS ADDRESS PORTS AGE
cafe-ingress cafe.example.com 47.93.131.72 80 2m1s pod 和 ingress 都已建立成功,下面我們嘗試通路 Ingress:
# curl -H "Host:cafe.example.com" 47.93.131.72/tea
Server address: 192.168.55.159:80
Server name: default-tea-85f8bf86fd-p4ng4
Date: 14/Nov/2019:09:01:46 +0000
URI: /tea
Request ID: 2c3a87eb89130d62664b640fcbabc74b
# curl -H "Host:cafe.example.com" 47.93.131.72/coffee
Server address: 192.168.55.156:80
Server name: default-coffee-56668d6f78-x9ktc
Date: 14/Nov/2019:09:01:49 +0000
URI: /coffee
Request ID: a4f1d84bb5288a260ecfc5d21ecccff6 Ingress 鍊路通路成功,可以看到上述域名轉發由 nginx ingress controller 完成。
當運作上述示例成功後,記得清理叢集中的 ingress:
kubectl delete -f
https://raw.githubusercontent.com/AliyunContainerService/serverless-k8s-examples/master/ingress-nginx/ingress-cafe-demo.yaml更多 ASK 叢集示例請參考:
https://github.com/AliyunContainerService/serverless-k8s-examples“阿裡巴巴雲原生微信公衆号(ID:Alicloudnative)關注微服務、Serverless、容器、Service Mesh 等技術領域、聚焦雲原生流行技術趨勢、雲原生大規模的落地實踐,做最懂雲原生開發者的技術公衆号。”
![修改or隐藏nginx版本号[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)