๐ ํ๋ก๋น์ ๋ - Nginx Ingress Controller
๐ณ๏ธโ๐ [๊ถ๊ธํ์ ]
- Bitnami ์ฐจํธ๋ฅผ ์ด์ฉํ Nginx ์ค์น ๋ฐฉ๋ฒ
๋ฌธ์ ์ฐ๊ฒฐ
- (์ ํ) Nginx ๊ฐ ์๋น์ค๋ก ์ค์น ๋ฐ ์คํ๋์ด์ผ ํจ- Provisioning - Nginx
๐[๋ชฉ์ฐจ]
Nginx Ingress Controller ์ค์น
1๏ธโฃ ์ค๋น
Nginx Web Server ์ค์น ( Ingress ๋์ ํ์ธ ์ฉ)
ํฌ๋ฆ ์ฐจํธ ๋ค์ด๋ก๋
helm pull oci://registry-1.docker.io/bitnamicharts/nginx-ingress-controller --untar
Pulled: registry-1.docker.io/bitnamicharts/nginx-ingress-controller:11.6.21
Digest: sha256:56867b254ee8150c39b4444d455e909fec1508b2f3d45ba856496d1e492be371cd nginx-ingress-controller์ฌ์ฉ์ ๋๋ฉ์ธ ์ค์
- C:\Windows\System32\drivers\etc\hosts ํ์ผ ํธ์ง
- 192.168.56.10 ์ K8s master node IP
- example.local ๋ ์ฌ์ฉ์ ์ง์ ๋๋ฉ์ธ ๋ช
192.168.56.10 example.localPing test
ping example.local
Ping example.local [192.168.56.10] 32๋ฐ์ดํธ ๋ฐ์ดํฐ ์ฌ์ฉ:
192.168.56.10์ ์๋ต: ๋ฐ์ดํธ=32 ์๊ฐ<1ms TTL=64
192.168.56.10์ ์๋ต: ๋ฐ์ดํธ=32 ์๊ฐ<1ms TTL=64
## 2๏ธโฃ ์ค์ - ์ฌ์ฉ์ Values ํ์ผ ์์ฑ
``` bash
cp values.yaml dev-values.yaml- dev-values.yaml ํ์ผ ํธ์ง
- ์๋ ๋ด์ฉ ๋จ๊ธฐ๊ณ ์ญ์
service:
type: NodePort3๏ธโฃ ์ค์น - Nginx Ingress Controller ์ค์น
helm install nginx-ingress . -n nginx-ingress --create-namespace -f dev-values.yaml
helm install nginx-ingress . -n nginx-ingress --create-namespace -f dev-values.yaml
NAME: nginx-ingress
LAST DEPLOYED: Fri May 30 15:59:47 2025
NAMESPACE: nginx-ingress
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
CHART NAME: nginx-ingress-controller
CHART VERSION: 11.6.21
APP VERSION: 1.12.2
Did you know there are enterprise versions of the Bitnami catalog? For enhanced secure software supply chain features, unlimited pulls from Docker, LTS support, or application customization, see Bitnami Premium or Tanzu Application Catalog. See https://www.arrow.com/globalecs/na/vendors/bitnami for more information.
** Please be patient while the chart is being deployed **
The nginx-ingress controller has been installed.
Get the application URL by running these commands:
export HTTP_NODE_PORT=$(kubectl --namespace nginx-ingress get services -o jsonpath="{.spec.ports[0].nodePort}" nginx-ingress-nginx-ingress-controller)
export HTTPS_NODE_PORT=$(kubectl --namespace nginx-ingress get services -o jsonpath="{.spec.ports[1].nodePort}" nginx-ingress-nginx-ingress-controller)
export NODE_IP=$(kubectl --namespace nginx-ingress get nodes -o jsonpath="{.items[0].status.addresses[1].address}")
echo "Visit http://$NODE_IP:$HTTP_NODE_PORT to access your application via HTTP."
echo "Visit https://$NODE_IP:$HTTPS_NODE_PORT to access your application via HTTPS."
An example Ingress that makes use of the controller:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: example
namespace: nginx-ingress
spec:
ingressClassName: nginx
rules:
- host: www.example.com
http:
paths:
- backend:
service:
name: example-service
port:
number: 80
path: /
pathType: Prefix
# This section is only required if TLS is to be enabled for the Ingress
tls:
- hosts:
- www.example.com
secretName: example-tls
If TLS is enabled for the Ingress, a Secret containing the certificate and key must also be provided:
apiVersion: v1
kind: Secret
metadata:
name: example-tls
namespace: nginx-ingress
data:
tls.crt: <base64 encoded cert>
tls.key: <base64 encoded key>
type: kubernetes.io/tls
WARNING: There are "resources" sections in the chart not set. Using "resourcesPreset" is not recommended for production. For production installations, please set the following values according to your workload needs:
- defaultBackend.resources
- resources
+info https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/๋ฆฌ์์ค ํ์ธ
k get all -n nginx-ingress
NAME READY STATUS RESTARTS AGE
pod/nginx-ingress-nginx-ingress-controller-85794f8d67-k8tns 1/1 Running 0 2m12s
pod/nginx-ingress-nginx-ingress-controller-default-backend-76fltg4k 1/1 Running 0 2m12s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/nginx-ingress-nginx-ingress-controller NodePort 10.102.94.244 80:31158/TCP,443:30291/TCP 2m12s
service/nginx-ingress-nginx-ingress-controller-default-backend ClusterIP 10.102.220.112 80/TCP 2m12s
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/nginx-ingress-nginx-ingress-controller 1/1 1 1 2m12s
deployment.apps/nginx-ingress-nginx-ingress-controller-default-backend 1/1 1 1 2m12s
NAME DESIRED CURRENT READY AGE
replicaset.apps/nginx-ingress-nginx-ingress-controller-85794f8d67 1 1 1 2m12s
replicaset.apps/nginx-ingress-nginx-ingress-controller-default-backend-76f6b46974 1 1 1 2m12s
## 4๏ธโฃ Ingress ์์ฑ
- ์๋น์ค ๋ช
์ ํ์ฌ ๊ธฐ๋์ค์ธ nginx ์ ์๋น์ค๋ช
- [Nginx ์ค์น ์ฐธ๊ณ ](provisioning-nginx.md)
- ํ์ผ๋ช
myingress.yaml
- `k apply -f myingress.yaml` ๋ก ์ ์ฉ
``` yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: myingress
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
nginx.ingress.kubernetes.io/use-regex: "true"
spec:
kubernetes.io/ingress.class: "nginx"
namespace: mydev
spec:
ingressClassName: nginx
rules:
- host: example.local
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: mynginx
port:
number: 80
- path: /sky(/|$)(.*)
pathType: Prefix
backend:
service:
name: mynginx
port:
number: 80
Ingress ์ ์ฉ ํ์ธ
k get ing -n mydev
NAME CLASS HOSTS ADDRESS PORTS AGE
myingress nginx example.local 80 62s
> ### Nginx Ingress Controller ๋ก๊ทธ ํ์ธ
- myingress๊ฐ ์ถ๊ฐ๋์๋ค๋ ๋ก๊ทธ ํ์ธ
``` bash
k get po -n nginx-ingress
NAME READY STATUS RESTARTS AGE
nginx-ingress-controller-6d9bd896cf-5g972 1/1 Running 0 25m
k logs --tail=100 -f nginx-ingress-controller-6d9bd896cf-5g972 -n nginx-ingressI20250528 12:05:00.018569 1 main.go:107] Event(v1.ObjectReferenceI20250530 04:14:19.510787 1 main.go:107] Event(v1.ObjectReference{Kind:"Ingress", Namespace:"mydev", Name:"myingress", UID:"b83408fe-36f3-4301-b03f-68fb18b504f5", APIVersion:"networking.k8s.io/v1", ResourceVersion:"440697", FieldPath:""}): type: 'Normal' reason: 'AddedOrUpdated' Configuration for mydev/myingress was added or updated5๏ธโฃ ๊ฒ์ฆ - ๋ผ์ฐํ
Nginx Ingress Controller ์๋น์ค ๋ ธ๋ ํฌํธ ํ์ธ
k get svc -n nginx-ingress
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
nginx-ingress-controller NodePort 10.96.15.136 80:31346/TCP,443:31113/TCP 57m
### Path ๊ธฐ๋ฐ ๋ผ์ฐํ
``` bash
curl -k -H "Host: example.local" http://192.168.56.10:31158/
curl -k -H "Host: example.local" http://192.168.56.10:31158/sky
curl -k http://example.local:31158/๋๋ฒ๊น
๋ก๊ทธ ๋ณด๊ธฐ
kubectl logs --tail=100 -f <pod-name> -n <namespace>์ปจํธ๋กค๋ฌ, ์๋น์ค ๊ฐ ์ฐ๊ฒฐ ํ์ธ
kubectl exec -n nginx-ingress -it nginx-ingress-nginx-ingress-controller-85794f8d67-k8tns -- curl -s http://mynginx.mydev.svc.cluster.local:80/CURL ํ ์คํธ
vagrant@master:~$ curl -v -k -H "Host: example.local" http://192.168.56.10:31158/
* Trying 192.168.56.10:31158...
* Connected to 192.168.56.10 (192.168.56.10) port 31158
> GET / HTTP/1.1
> Host: example.local
> User-Agent: curl/8.5.0
> Accept: */*
>
< HTTP/1.1 200 OK
< Date: Fri, 30 May 2025 07:06:50 GMT
< Content-Type: text/html
< Content-Length: 615
< Connection: keep-alive
< Last-Modified: Thu, 24 Apr 2025 14:31:11 GMT
< ETag: "680a4b2f-267"
< X-Frame-Options: SAMEORIGIN
< Accept-Ranges: bytes
<
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
* Connection #0 to host 192.168.56.10 left intactIngress Controller ์ฌ์์
kubectl rollout restart deployment nginx-ingress-controller -n nginx-ingress
deployment.apps/nginx-ingress-controller restartedExternal Traffic ์ ์ฑ ๋ณ๊ฒฝ (Bitnami ๋ ๊ธฐ๋ณธ๊ฐ์ด Cluter)
kubectl patch svc nginx-ingress-controller -n nginx-ingress \
-p '{"spec": {"externalTrafficPolicy": "Cluster"}}'
service/nginx-ingress-controller patched 