情報
- EKS環境
- 3つのPodへ異なるインデックスファイルを持たせて、パスごとのルーティングができているか見てみたい
- Kubernetes完全ガイドをほぼそのままやっています
- https://www.amazon.co.jp/Kubernetes%E5%AE%8C%E5%85%A8%E3%82%AC%E3%82%A4%E3%83%89-impress-top-gear-%E9%9D%92%E5%B1%B1/dp/4295004804/ref=sr_1_1?adgrpid=53646006376&gclid=EAIaIQobChMIrLuFp6uA5gIVVKqWCh1NNwklEAAYASAAEgIQKPD_BwE&hvadid=338518197003&hvdev=c&hvlocphy=1009312&hvnetw=g&hvpos=1t1&hvqmt=e&hvrand=15805667209912776023&hvtargid=kwd-485736389953&hydadcr=27268_11561170&jp-ad-ap=0&keywords=kubernetes%E5%AE%8C%E5%85%A8%E3%82%AC%E3%82%A4%E3%83%89&qid=1574512278&sr=8-1
操作手順
Ingress用のアプリケーションを起動
sample-ingress-apps.yaml
---
apiVersion: v1
kind: Service
metadata:
name: sample-ingress-svc-1
spec:
type: NodePort
ports:
- name: "http-port"
protocol: "TCP"
port: 8888
targetPort: 80
selector:
ingress-app: sample1
---
apiVersion: v1
kind: Pod
metadata:
name: sample-ingress-apps-1
labels:
ingress-app: sample1
spec:
containers:
- name: nginx-container
image: nginx:1.12
ports:
- containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: sample-ingress-svc-2
spec:
type: NodePort
ports:
- name: "http-port"
protocol: "TCP"
port: 8888
targetPort: 80
selector:
ingress-app: sample2
---
apiVersion: v1
kind: Pod
metadata:
name: sample-ingress-apps-2
labels:
ingress-app: sample2
spec:
containers:
- name: nginx-container
image: nginx:1.12
ports:
- containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: sample-ingress-default
spec:
type: NodePort
ports:
- name: "http-port"
protocol: "TCP"
port: 8888
targetPort: 80
selector:
ingress-app: default
---
apiVersion: v1
kind: Pod
metadata:
name: sample-ingress-default
labels:
ingress-app: default
spec:
containers:
- name: nginx-container
image: nginx:1.12
ports:
- containerPort: 80
アプリケーションをデプロイ
kubectl apply -f sample-ingress-apps.yaml
出力結果
service/sample-ingress-svc-1 created
pod/sample-ingress-apps-1 created
service/sample-ingress-svc-2 created
pod/sample-ingress-apps-2 created
service/sample-ingress-default created
pod/sample-ingress-default created
各Podへのホスト名を返すindex.htmlを作成
1系
kubectl exec -it sample-ingress-apps-1 -- mkdir /usr/share/nginx/html
/path1/
kubectl exec -it sample-ingress-apps-1 -- cp /etc/hostname /usr/share
/nginx/html/path1/index.html
2系
kubectl exec -it sample-ingress-apps-2 -- mkdir /usr/share/nginx/html
/path2/
kubectl exec -it sample-ingress-apps-2 -- cp /etc/hostname /usr/share
/nginx/html/path2/index.html
3系
kubectl exec -it sample-ingress-default -- cp /etc/hostname /usr/share
/nginx/html/index.html
Secretリソースを作成
自己証明書作成
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout ~/tls.key
-out ~/tls.crt -subj "/CN=sample.example.com"
secretの作成
kubectl create secret tls --save-config tls-sample --key ~/tls.key
--cert ~/tls.crt
出力結果
secret/tls-sample created
Ingressリソース作成
annotationsのところはEKS用でIngressを使う場合につける識別子
sample-ingress.yaml
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: sample-ingress
annotations:
kubernetes.io/ingress.class: alb
alb.ingress.kubernetes.io/scheme: internet-facing
spec:
rules:
- host: sample.example.com
http:
paths:
- path: /path1/*
backend:
serviceName: sample-ingress-svc-1
servicePort: 8888
- path: /path2/*
backend:
serviceName: sample-ingress-svc-2
servicePort: 8888
backend:
serviceName: sample-ingress-default
servicePort: 8888
tls:
- hosts:
- sample.example.com
secretName: tls-sample
デプロイ
kubectl apply -f sample-ingress.yaml
出力結果
ingress.extensions/sample-ingress created
動作確認
1系
curl http://<ELBのDNS名>/path1/index.html -H "Host: sample.example.com"
出力結果
sample-ingress-apps-1
2系
curl http://<ELBのDNS名>/path2/index.html -H "Host: sample.example.com"
出力結果
sample-ingress-apps-2
3系
curl http://<ELBのDNS名>/index.html -H "Host: sample.example.com"
出力結果
sample-ingress-default