AWS EKS使用NLB安装Nginx Ingress Controller, 部署ACM免费使用SSL

参考视频： https://youtu.be/gvKi7wZHbLU?si=H3C11xlhe4UoCdpF&t=1385
（直接跳到Nginx controller使用ACM的教程）

【普通Nginx Controller】

文档：https://kubernetes.github.io/ingress-nginx/deploy/#network-load-balancer-nlb

执行以下这个命令即可

【在Nginx controller 使用ACM】

创建ACM, 由于在Nginx Controller 当中只能添加一个ACM的ARN地址，所以如果你有多个domain的话，如下图，必须在创建的时候添加多个domain，然后使用cname进行验证

2. 根据文档执行以下的步骤就能创建完成了
参考文档： https://kubernetes.github.io/ingress-nginx/deploy/#tls-termination-in-aws-load-balancer-nlb

【IPv6部署方法】

参考AWS Load Balancer Annotation文档：https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.7/guide/service/annotations/#load-balancer-attributes

1. CIDR 改成IPv6的版本

2. ipFamilies改成IPv6 和添加dualstack语句

service.beta.kubernetes.io/aws-load-balancer-ip-address-type: 'dualstack'

3. 根据annotation文档写着，cross zone的写法将会淘汰，所以我们改成以下写法，NLB使用CrossZone是需要为跨AZ的流量付费的详情参考这里

service.beta.kubernetes.io/aws-load-balancer-attributes: load_balancing.cross_zone.enabled=true

【部署Phpmyadmin】
以下的yaml文件是创建phpmymind, 无需在ingress做任何配置，就能直接使用https了
注意：旧版需要在ingress annotation指定使用NGINX，但是新版本使用了ingressClassName
参考文档：https://stackoverflow.com/questions/73915526/kubernetes-ingress-kubernetes-io-ingress-class-vs-ingressclassname

apiVersion: v1
kind: Namespace
metadata:
    name: phpmyadmin2
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  namespace: phpmyadmin2
  name: phpmyadmin-ingress
  annotations:
      nginx.ingress.kubernetes.io/proxy-body-size: '0'
      nginx.ingress.kubernetes.io/proxy-read-timeout: '600'
      nginx.ingress.kubernetes.io/proxy-send-timeout: '600'
      nginx.ingress.kubernetes.io/rewrite-target: /$2
      nginx.ingress.kubernetes.io/ssl-redirect: 'true'
spec:
  ingressClassName: nginx
  rules:
    - host: rds.pangzai.win
      http:
        paths:
          - backend:
              service:
                name: phpmyadmin-service
                port:
                  number: 80
            path: /database(/|$)(.*)
            pathType: ImplementationSpecific
---
apiVersion: v1
kind: Service
metadata:
  namespace: phpmyadmin2
  name: phpmyadmin-service
spec:
  selector:
    app: phpmyadmin_app
  ports:
    - name: "phpmyadmin80"
      protocol: TCP
      port: 80
      targetPort: 80
  clusterIP: None
---
apiVersion: apps/v1
kind: Deployment
metadata:
  namespace: phpmyadmin2
  name: phpmyadmin-deployment
  labels:
    app: phpmyadmin
spec:
  replicas: 1
  selector:
    matchLabels:
      app: phpmyadmin_app
  template:
    metadata:
      labels:
        app: phpmyadmin_app
    spec:
      containers:
        - name: phpmyadmin
          image: phpmyadmin:latest
          imagePullPolicy: Always
          ports:
            - containerPort: 80
          env:
            - name: PMA_HOST
              value: database-1.c10866eoyd4v.ap-southeast-1.rds.amazonaws.com
            - name: PMA_PORT
              value: "3306"
            - name: UPLOAD_LIMIT
              value: 500M
            - name: PMA_ABSOLUTE_URI
              value: https://rds.pangzai.win/database/

Facebook评论

Related Posts

AWS – Serverless解决方案

AWS – API Gateway 简单介绍

AWS – DynamoDB 简单介绍