1 摘要

本文主要介绍如何安装和配置 Kong k8s Ingress。重点介绍了如何部署 Kong 并结合 Hello World 应用的例子,介绍如何定义和应用 k8s Ingress。

2 部署 Kong

2.1 环境准备

  • 已经安装并配置 Kubernetes 集群,可以是 Minikube 环境;
  • 已经安装 HTTPie 或者 curl 工具;

2.2 安装 Kong

1
2

curl https://raw.githubusercontent.com/Kong/kubernetes-ingress-controller/master/deploy/manifests/dummy-application.yaml \
  | kubectl create -f -

输出:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15

namespace "kong" created
customresourcedefinition "kongplugins.configuration.konghq.com" created
customresourcedefinition "kongconsumers.configuration.konghq.com" created
customresourcedefinition "kongcredentials.configuration.konghq.com" created
service "postgres" created
statefulset "postgres" created
serviceaccount "kong-serviceaccount" created
clusterrole "kong-ingress-clusterrole" created
role "kong-ingress-role" created
rolebinding "kong-ingress-role-nisa-binding" created
clusterrolebinding "kong-ingress-clusterrole-nisa-binding" created
service "kong-ingress-controller" created
deployment "kong-ingress-controller" created
service "kong-proxy" created
deployment "kong" created

注意:安装需要等待一段时间才能够完成。要查看安装状况,可以运行 kubectl get pods -n kong 命令查看 Pod 的启动情况:

1
2
3
4
5

NAME                                       READY   STATUS      RESTARTS   AGE
kong-55fc577899-7277l                      1/1     Running     0          13h
kong-ingress-controller-79965c5cf6-tsvj5   2/2     Running     1          13h
kong-migrations-hdz6p                      0/1     Completed   0          13h
postgres-0                                 1/1     Running     0          13h

2.3 设置环境变量

运行如下命令设置环境变量:

1
2
3
4
5
6

export KONG_ADMIN_PORT=$(minikube service -n kong kong-ingress-controller --url --format "{{ .Port }}")
export KONG_ADMIN_IP=$(minikube service   -n kong kong-ingress-controller --url --format "{{ .IP }}")

export PROXY_IP=$(minikube   service -n kong kong-proxy --url --format "{{ .IP }}" | head -1)
export HTTP_PORT=$(minikube  service -n kong kong-proxy --url --format "{{ .Port }}" | head -1)
export HTTPS_PORT=$(minikube service -n kong kong-proxy --url --format "{{ .Port }}" | tail -1)
  • PROXY_IP - 是 Kong Proxy 的访问 IP
  • HTTP_PORT - 是 Kong Proxy HTTP 端口
  • HTTPS_PORT - 是 Kong Proxy HTTPS 端口

2.4 验证

1

http ${PROXY_IP}:${HTTP_PORT}

输出:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10

HTTP/1.1 404 Not Found
Connection: keep-alive
Content-Length: 48
Content-Type: application/json; charset=utf-8
Date: Thu, 06 Jun 2019 01:10:24 GMT
Server: kong/1.1.2

{
    "message": "no Route matched with those values"
}

2.5 清理

如不再需要 Kong,可以运行如下命令清理 Kong 相关资源:

1
2
3
4
5
6
7
8

kubectl delete crd KongPlugin
kubectl delete crd KongConsumer
kubectl delete crd KongCredential
kubectl delete crd KongIngress
kubectl delete ing foo-bar
Kubectl delete ing secure-foo-bar
kubectl delete secret tls-secret
kubectl delete namespace kong

3 部署 Hello 应用

3.1 创建一个 Hello 应用的 deployment

1

kubectl run web --image=gcr.azk8s.cn/google-samples/hello-app:1.0 --port=8080

输出如下:

1

deployment.apps/web created

注意:这里使用 gcr.azk8s.cn proxy 以顺利的下载 gcr.io 仓库包。

3.2 披露 web 服务

1

kubectl expose deployment web --target-port=8080 --type=NodePort

输出如下:

1

service/web exposed

3.3 检验服务已经被创建

1

kubectl get service web

输出如下:

1
2

NAME   TYPE       CLUSTER-IP       EXTERNAL-IP   PORT(S)          AGE
web    NodePort   10.107.200.229   <none>        8080:31597/TCP   18s

3.4 通过 NodePort 访问 Hello 服务

1

minikube service web --url

输出如下:

1

http://192.168.99.113:31579

运行:

1

http 192.168.99.113:31597

输出:

1
2
3
4
5
6
7
8

HTTP/1.1 200 OK
Content-Length: 60
Content-Type: text/plain; charset=utf-8
Date: Fri, 07 Jun 2019 09:09:19 GMT

Hello, world!
Version: 1.0.0
Hostname: web-77f97c6cc7-ztsln

4 创建 Ingress 资源

如下文件是一个 Ingress 资源定义 - 通过 hello-world 发送流量到 Hello Service。

4.1 创建 example-ingress.yaml, 内容如下:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: example-ingress
  annotations:
    ingress.kubernetes.io/rewrite-target: /
spec:
 rules:
 - host: hello-world
   http:
     paths:
     - path: /v1/
       backend:
         serviceName: web
         servicePort: 8080

4.2 创建 Ingress 资源:

1

kubectl apply -f example-ingress.yaml

输出:

1

ingress.extensions/example-ingress created

4.3 验证 IP 地址分配:

1

kubectl get ingress

输出:

1
2

NAME              HOSTS              ADDRESS     PORTS   AGE
example-ingress   hello-world        10.0.2.15   80      23m

4.4 检验 Ingress Controller 定向流量:

1

http ${PROXY_IP}:${HTTP_PORT}/v1 Host:hello-world
  • PROXY_IP - Kong Proxy IP 地址
  • HTTP_PORT - Kong Proxy HTTP 端口

输出:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 60
Content-Type: text/plain; charset=utf-8
Date: Sun, 02 Jun 2019 14:25:23 GMT
Proxy-Connection: keep-alive
Via: kong/1.1.2
X-Kong-Proxy-Latency: 0
X-Kong-Upstream-Latency: 0

Hello, world!
Version: 1.0.0
Hostname: web-77f97c6cc7-ztsln

5 创建第二个 Deployment

5.1 创建 v2 Deployment:

1

kubectl run web2 --image=gcr.azk8s.cn/google-samples/hello-app:2.0 --port=8080

输出:

1

deployment.apps/web2 created

5.2 Expose 第二个 Deployment:

1

kubectl expose deployment web2 --target-port=8080 --type=NodePort

输出:

1

service/web2 exposed

6 修改 Ingress

6.1 修改 example-ingress.yaml 并添加如下几行:

1
2
3
4

- path: /v2/
  backend:
    serviceName: web2
    servicePort: 8080

6.2 应用改变

1

kubectl apply -f example-ingress.yaml

输出:

1

ingress.extensions/example-ingress configured

7 测试 Ingress

7.1 访问第一个版本的 Hello 应用:

1

http ${PROXY_IP}:${HTTP_PORT}/v1 Host:hello-world.info

输出:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 60
Content-Type: text/plain; charset=utf-8
Date: Sun, 02 Jun 2019 14:56:22 GMT
Proxy-Connection: keep-alive
Via: kong/1.1.2
X-Kong-Proxy-Latency: 10
X-Kong-Upstream-Latency: 1

Hello, world!
Version: 1.0.0
Hostname: web-77f97c6cc7-ztsln

7.2 访问第二个版本的 Hello 应用:

1

http ${PROXY_IP}:${HTTP_PORT}/v2 Host:hello-world.info

输出:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 60
Content-Type: text/plain; charset=utf-8
Date: Sun, 02 Jun 2019 15:05:57 GMT
Proxy-Connection: keep-alive
Via: kong/1.1.2
X-Kong-Proxy-Latency: 12
X-Kong-Upstream-Latency: 0

Hello, world!
Version: 2.0.0
Hostname: web2-bffcbf764-fdxqh

8 不同命名空间 Ingress

8.1 创建 test 命名空间

1

kubectl create namespace test

输出:

1

namespace/test created

8.2 创建 Echo 服务于 test 命名空间

1

kubectl run echo --image=jmalloc/echo-server --port=8080 --namespace test

输出:

1

deployment.apps/echo created

8.3 披露 Echo 服务

通过 Node Port 披露 Echo 服务:

1

kubectl expose deployment echo --target-port=8080 --type=NodePort -n test

输出:

1

service/echo exposed

查看 Echo 服务 URL:

1

minikube service echo --url -n test

输出:

1

http://192.168.99.113:31833

通过 Node Port 访问 Echo 服务:

1

http 192.168.99.113:31833

输出:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14

HTTP/1.1 200 OK
Content-Length: 176
Content-Type: text/plain
Date: Fri, 07 Jun 2019 09:21:57 GMT

Request served by echo-77bc6b5f49-ktcjz

HTTP/1.1 GET /

Host: 192.168.99.113:31833
Accept-Encoding: gzip, deflate
Accept: */*
Connection: keep-alive
User-Agent: HTTPie/1.0.2

8.4 创建 echo-ingress.yaml, 内容如下:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: echo-ingress
  namespace: test
  annotations:
    ingress.kubernetes.io/rewrite-target: /
spec:
 rules:
 - host: echo.test
   http:
     paths:
     - path: /
       backend:
         serviceName: echo
         servicePort: 8080

8.5 创建 Ingress 资源:

1

kubectl apply -f echo-ingress.yaml

输出:

1

ingress.extensions/echo-ingress created

8.6 验证 IP 地址分配:

1

kubectl get ingress -n test

输出:

1
2

NAME           HOSTS       ADDRESS     PORTS   AGE
echo-ingress   echo.test   10.0.2.15   80      11m

8.7 访问 Echo 服务

1

http ${PROXY_IP}:${HTTP_PORT}/ Host:echo.test

输出:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 290
Content-Type: text/plain; charset=UTF-8
Date: Fri, 07 Jun 2019 09:23:57 GMT
Via: kong/1.1.2
X-Kong-Proxy-Latency: 0
X-Kong-Upstream-Latency: 1

Request served by echo-77bc6b5f49-ktcjz

HTTP/1.1 GET /

Host: echo.test
X-Forwarded-Proto: http
X-Forwarded-Host: echo.test
X-Forwarded-Port: 8000
X-Real-Ip: 172.17.0.1
Connection: keep-alive
X-Forwarded-For: 172.17.0.1
User-Agent: HTTPie/1.0.2
Accept-Encoding: gzip, deflate
Accept: */*

9 参考文献

  1. Kong kubernetes ingress controller, https://github.com/Kong/kubernetes-ingress-controller.
  2. Kong Ingress on Minikube, https://github.com/Kong/kubernetes-ingress-controller/blob/master/docs/deployment/minikube.md
  3. Kong 与 Kubernetes 集成(Ingress), https://www.jianshu.com/p/520570bc171c
  4. Set up Ingress on Minikube with the NGINX Ingress Controller, https://kubernetes.io/docs/tasks/access-application-cluster/ingress-minikube/
  5. Asure gcr proxy, http://mirror.azk8s.cn/help/gcr-proxy-cache.html
  6. HTTPie, https://httpie.org/