情報
- EKS環境
- 3つのPodへ異なるインデックスファイルを持たせて、パスごとのルーティングができているか見てみたい
- Kubernetes完全ガイドをほぼそのままやっています
- https://www.amazon.co.jp/Kubernetes%E5%AE%8C%E5%85%A8%E3%82%AC%E3%82%A4%E3%83%89-impress-top-gear-%E9%9D%92%E5%B1%B1/dp/4295004804/ref=sr_1_1?adgrpid=53646006376&gclid=EAIaIQobChMIrLuFp6uA5gIVVKqWCh1NNwklEAAYASAAEgIQKPD_BwE&hvadid=338518197003&hvdev=c&hvlocphy=1009312&hvnetw=g&hvpos=1t1&hvqmt=e&hvrand=15805667209912776023&hvtargid=kwd-485736389953&hydadcr=27268_11561170&jp-ad-ap=0&keywords=kubernetes%E5%AE%8C%E5%85%A8%E3%82%AC%E3%82%A4%E3%83%89&qid=1574512278&sr=8-1
操作手順
Ingress用のアプリケーションを起動
sample-ingress-apps.yaml
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 |
<span class="nn">---</span> <span class="na">apiVersion</span><span class="pi">:</span> <span class="s">v1</span> <span class="na">kind</span><span class="pi">:</span> <span class="s">Service</span> <span class="na">metadata</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">sample-ingress-svc-1</span> <span class="na">spec</span><span class="pi">:</span> <span class="na">type</span><span class="pi">:</span> <span class="s">NodePort</span> <span class="na">ports</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s2">"</span><span class="s">http-port"</span> <span class="na">protocol</span><span class="pi">:</span> <span class="s2">"</span><span class="s">TCP"</span> <span class="na">port</span><span class="pi">:</span> <span class="m">8888</span> <span class="na">targetPort</span><span class="pi">:</span> <span class="m">80</span> <span class="na">selector</span><span class="pi">:</span> <span class="na">ingress-app</span><span class="pi">:</span> <span class="s">sample1</span> <span class="nn">---</span> <span class="na">apiVersion</span><span class="pi">:</span> <span class="s">v1</span> <span class="na">kind</span><span class="pi">:</span> <span class="s">Pod</span> <span class="na">metadata</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">sample-ingress-apps-1</span> <span class="na">labels</span><span class="pi">:</span> <span class="na">ingress-app</span><span class="pi">:</span> <span class="s">sample1</span> <span class="na">spec</span><span class="pi">:</span> <span class="na">containers</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">nginx-container</span> <span class="na">image</span><span class="pi">:</span> <span class="s">nginx:1.12</span> <span class="na">ports</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">containerPort</span><span class="pi">:</span> <span class="m">80</span> <span class="nn">---</span> <span class="na">apiVersion</span><span class="pi">:</span> <span class="s">v1</span> <span class="na">kind</span><span class="pi">:</span> <span class="s">Service</span> <span class="na">metadata</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">sample-ingress-svc-2</span> <span class="na">spec</span><span class="pi">:</span> <span class="na">type</span><span class="pi">:</span> <span class="s">NodePort</span> <span class="na">ports</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s2">"</span><span class="s">http-port"</span> <span class="na">protocol</span><span class="pi">:</span> <span class="s2">"</span><span class="s">TCP"</span> <span class="na">port</span><span class="pi">:</span> <span class="m">8888</span> <span class="na">targetPort</span><span class="pi">:</span> <span class="m">80</span> <span class="na">selector</span><span class="pi">:</span> <span class="na">ingress-app</span><span class="pi">:</span> <span class="s">sample2</span> <span class="nn">---</span> <span class="na">apiVersion</span><span class="pi">:</span> <span class="s">v1</span> <span class="na">kind</span><span class="pi">:</span> <span class="s">Pod</span> <span class="na">metadata</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">sample-ingress-apps-2</span> <span class="na">labels</span><span class="pi">:</span> <span class="na">ingress-app</span><span class="pi">:</span> <span class="s">sample2</span> <span class="na">spec</span><span class="pi">:</span> <span class="na">containers</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">nginx-container</span> <span class="na">image</span><span class="pi">:</span> <span class="s">nginx:1.12</span> <span class="na">ports</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">containerPort</span><span class="pi">:</span> <span class="m">80</span> <span class="nn">---</span> <span class="na">apiVersion</span><span class="pi">:</span> <span class="s">v1</span> <span class="na">kind</span><span class="pi">:</span> <span class="s">Service</span> <span class="na">metadata</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">sample-ingress-default</span> <span class="na">spec</span><span class="pi">:</span> <span class="na">type</span><span class="pi">:</span> <span class="s">NodePort</span> <span class="na">ports</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s2">"</span><span class="s">http-port"</span> <span class="na">protocol</span><span class="pi">:</span> <span class="s2">"</span><span class="s">TCP"</span> <span class="na">port</span><span class="pi">:</span> <span class="m">8888</span> <span class="na">targetPort</span><span class="pi">:</span> <span class="m">80</span> <span class="na">selector</span><span class="pi">:</span> <span class="na">ingress-app</span><span class="pi">:</span> <span class="s">default</span> <span class="nn">---</span> <span class="na">apiVersion</span><span class="pi">:</span> <span class="s">v1</span> <span class="na">kind</span><span class="pi">:</span> <span class="s">Pod</span> <span class="na">metadata</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">sample-ingress-default</span> <span class="na">labels</span><span class="pi">:</span> <span class="na">ingress-app</span><span class="pi">:</span> <span class="s">default</span> <span class="na">spec</span><span class="pi">:</span> <span class="na">containers</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">nginx-container</span> <span class="na">image</span><span class="pi">:</span> <span class="s">nginx:1.12</span> <span class="na">ports</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">containerPort</span><span class="pi">:</span> <span class="m">80</span> |
アプリケーションをデプロイ
|
1 |
kubectl apply -f sample-ingress-apps.yaml |
出力結果
|
1 2 3 4 5 6 |
service/sample-ingress-svc-1 created pod/sample-ingress-apps-1 created service/sample-ingress-svc-2 created pod/sample-ingress-apps-2 created service/sample-ingress-default created pod/sample-ingress-default created |
各Podへのホスト名を返すindex.htmlを作成
1系
|
1 2 3 4 |
kubectl exec -it sample-ingress-apps-1 -- mkdir /usr/share/nginx/html /path1/ kubectl exec -it sample-ingress-apps-1 -- cp /etc/hostname /usr/share /nginx/html/path1/index.html |
2系
|
1 2 3 4 |
kubectl exec -it sample-ingress-apps-2 -- mkdir /usr/share/nginx/html /path2/ kubectl exec -it sample-ingress-apps-2 -- cp /etc/hostname /usr/share /nginx/html/path2/index.html |
3系
|
1 2 |
kubectl exec -it sample-ingress-default -- cp /etc/hostname /usr/share /nginx/html/index.html |
Secretリソースを作成
自己証明書作成
|
1 2 |
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout ~/tls.key -out ~/tls.crt -subj "/CN=sample.example.com" |
secretの作成
|
1 2 |
kubectl create secret tls --save-config tls-sample --key ~/tls.key --cert ~/tls.crt |
出力結果
|
1 |
secret/tls-sample created |
Ingressリソース作成
annotationsのところはEKS用でIngressを使う場合につける識別子
sample-ingress.yaml
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 |
<span class="na">apiVersion</span><span class="pi">:</span> <span class="s">extensions/v1beta1</span> <span class="na">kind</span><span class="pi">:</span> <span class="s">Ingress</span> <span class="na">metadata</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">sample-ingress</span> <span class="na">annotations</span><span class="pi">:</span> <span class="s">kubernetes.io/ingress.class</span><span class="pi">:</span> <span class="s">alb</span> <span class="s">alb.ingress.kubernetes.io/scheme</span><span class="pi">:</span> <span class="s">internet-facing</span> <span class="na">spec</span><span class="pi">:</span> <span class="na">rules</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">host</span><span class="pi">:</span> <span class="s">sample.example.com</span> <span class="na">http</span><span class="pi">:</span> <span class="na">paths</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">path</span><span class="pi">:</span> <span class="s">/path1/*</span> <span class="na">backend</span><span class="pi">:</span> <span class="na">serviceName</span><span class="pi">:</span> <span class="s">sample-ingress-svc-1</span> <span class="na">servicePort</span><span class="pi">:</span> <span class="m">8888</span> <span class="pi">-</span> <span class="na">path</span><span class="pi">:</span> <span class="s">/path2/*</span> <span class="na">backend</span><span class="pi">:</span> <span class="na">serviceName</span><span class="pi">:</span> <span class="s">sample-ingress-svc-2</span> <span class="na">servicePort</span><span class="pi">:</span> <span class="m">8888</span> <span class="na">backend</span><span class="pi">:</span> <span class="na">serviceName</span><span class="pi">:</span> <span class="s">sample-ingress-default</span> <span class="na">servicePort</span><span class="pi">:</span> <span class="m">8888</span> <span class="na">tls</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">hosts</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">sample.example.com</span> <span class="na">secretName</span><span class="pi">:</span> <span class="s">tls-sample</span> |
デプロイ
|
1 |
kubectl apply -f sample-ingress.yaml |
出力結果
|
1 |
ingress.extensions/sample-ingress created |
動作確認
1系
|
1 |
curl http://<ELBのDNS名>/path1/index.html -H "Host: sample.example.com" |
出力結果
|
1 |
sample-ingress-apps-1 |
2系
|
1 |
curl http://<ELBのDNS名>/path2/index.html -H "Host: sample.example.com" |
出力結果
|
1 |
sample-ingress-apps-2 |
3系
|
1 |
curl http://<ELBのDNS名>/index.html -H "Host: sample.example.com" |
出力結果
|
1 |
sample-ingress-default |