From 3706f3263969ae5ae60fcf610125fe9aef3a2621 Mon Sep 17 00:00:00 2001 From: Nick Sardo Date: Mon, 20 Mar 2017 16:36:18 -0700 Subject: [PATCH 1/5] git ignore glbc --- controllers/gce/.gitignore | 1 + 1 file changed, 1 insertion(+) create mode 100644 controllers/gce/.gitignore diff --git a/controllers/gce/.gitignore b/controllers/gce/.gitignore new file mode 100644 index 000000000..f83466729 --- /dev/null +++ b/controllers/gce/.gitignore @@ -0,0 +1 @@ +glbc From 6a38a1ac3744a597b2934167bf749f6885ae3bc5 Mon Sep 17 00:00:00 2001 From: Danny Kulchinsky Date: Mon, 20 Mar 2017 18:22:06 -0400 Subject: [PATCH 2/5] Adding Prometheus metrics scrape annotations Allow Prometheus automatic discovery of nginx metrics endpoint Fixed https://github.com/kubernetes/ingress/issues/464 --- examples/daemonset/nginx/nginx-ingress-daemonset.yaml | 3 +++ examples/deployment/nginx/nginx-ingress-controller.yaml | 3 +++ 2 files changed, 6 insertions(+) diff --git a/examples/daemonset/nginx/nginx-ingress-daemonset.yaml b/examples/daemonset/nginx/nginx-ingress-daemonset.yaml index 0db798c30..f785ff4ec 100644 --- a/examples/daemonset/nginx/nginx-ingress-daemonset.yaml +++ b/examples/daemonset/nginx/nginx-ingress-daemonset.yaml @@ -10,6 +10,9 @@ spec: metadata: labels: name: nginx-ingress-lb + annotations: + prometheus.io/port: '10254' + prometheus.io/scrape: 'true' spec: terminationGracePeriodSeconds: 60 containers: diff --git a/examples/deployment/nginx/nginx-ingress-controller.yaml b/examples/deployment/nginx/nginx-ingress-controller.yaml index 9ed25ad7f..63705a6ee 100644 --- a/examples/deployment/nginx/nginx-ingress-controller.yaml +++ b/examples/deployment/nginx/nginx-ingress-controller.yaml @@ -11,6 +11,9 @@ spec: metadata: labels: k8s-app: nginx-ingress-controller + annotations: + prometheus.io/port: '10254' + prometheus.io/scrape: 'true' spec: # hostNetwork makes it possible to use ipv6 and to preserve the source IP correctly regardless of docker configuration # however, it is not a hard dependency of the nginx-ingress-controller itself and it may cause issues if port 10254 already is taken on the host From 1f1829f42bf18ef433f585efc5cbd8fba4597416 Mon Sep 17 00:00:00 2001 From: zoues Date: Tue, 21 Mar 2017 23:29:57 +0800 Subject: [PATCH 3/5] add custom vts metrics example --- .../custom-vts-metrics/nginx/README.md | 74 +++++++++++++++++++ .../nginx/default-backend.yaml | 51 +++++++++++++ .../nginx/nginx-ingress-controller.yaml | 56 ++++++++++++++ .../nginx/nginx-vts-metrics-conf.yaml | 7 ++ 4 files changed, 188 insertions(+) create mode 100644 examples/customization/custom-vts-metrics/nginx/README.md create mode 100644 examples/customization/custom-vts-metrics/nginx/default-backend.yaml create mode 100644 examples/customization/custom-vts-metrics/nginx/nginx-ingress-controller.yaml create mode 100644 examples/customization/custom-vts-metrics/nginx/nginx-vts-metrics-conf.yaml diff --git a/examples/customization/custom-vts-metrics/nginx/README.md b/examples/customization/custom-vts-metrics/nginx/README.md new file mode 100644 index 000000000..485a7eadf --- /dev/null +++ b/examples/customization/custom-vts-metrics/nginx/README.md @@ -0,0 +1,74 @@ +# Deploying the Nginx Ingress controller + +This example aims to demonstrate the deployment of an nginx ingress controller and +use a ConfigMap to enable nginx vts module and export metrics for prometheus. + +## Default Backend + +The default backend is a Service capable of handling all url paths and hosts the +nginx controller doesn't understand. This most basic implementation just returns +a 404 page: + +```console +$ kubectl apply -f default-backend.yaml +deployment "default-http-backend" created +service "default-http-backend" created + +$ kubectl -n kube-system get po +NAME READY STATUS RESTARTS AGE +default-http-backend-2657704409-qgwdd 1/1 Running 0 28s +``` + +## Custom configuration + +```console +$ cat nginx-vts-metrics-conf.yaml +apiVersion: v1 +data: + enable-vts-status: "true" +kind: ConfigMap +metadata: + name: nginx-vts-metrics-conf + namespace: kube-system +``` + +```console +$ kubectl create -f nginx-vts-metrics-conf.yaml +``` + +## Custom DH parameters secret + +```console +$> openssl dhparam 1024 2> /dev/null | base64 +LS0tLS1CRUdJTiBESCBQQVJBTUVURVJ... +``` + +```console +$ cat ssl-dh-param.yaml +apiVersion: v1 +data: + dhparam.pem: "LS0tLS1CRUdJTiBESCBQQVJBTUVURVJ..." +kind: Secret +type: Opaque +metadata: + name: lb-dhparam + namespace: kube-system +``` +## Controller + +You can deploy the controller as follows: + +```console +$ kubectl apply -f nginx-ingress-controller.yaml +deployment "nginx-ingress-controller" created + +$ kubectl -n kube-system get po +NAME READY STATUS RESTARTS AGE +default-http-backend-2657704409-qgwdd 1/1 Running 0 2m +nginx-ingress-controller-873061567-4n3k2 1/1 Running 0 42s +``` + +## Test + +Check the contents of the configmap is present in the nginx.conf file using: +`kubectl exec nginx-ingress-controller-873061567-4n3k2 -n kube-system cat /etc/nginx/nginx.conf` diff --git a/examples/customization/custom-vts-metrics/nginx/default-backend.yaml b/examples/customization/custom-vts-metrics/nginx/default-backend.yaml new file mode 100644 index 000000000..3c40989a3 --- /dev/null +++ b/examples/customization/custom-vts-metrics/nginx/default-backend.yaml @@ -0,0 +1,51 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: default-http-backend + labels: + k8s-app: default-http-backend + namespace: kube-system +spec: + replicas: 1 + template: + metadata: + labels: + k8s-app: default-http-backend + spec: + terminationGracePeriodSeconds: 60 + containers: + - name: default-http-backend + # Any image is permissable as long as: + # 1. It serves a 404 page at / + # 2. It serves 200 on a /healthz endpoint + image: gcr.io/google_containers/defaultbackend:1.0 + livenessProbe: + httpGet: + path: /healthz + port: 8080 + scheme: HTTP + initialDelaySeconds: 30 + timeoutSeconds: 5 + ports: + - containerPort: 8080 + resources: + limits: + cpu: 10m + memory: 20Mi + requests: + cpu: 10m + memory: 20Mi +--- +apiVersion: v1 +kind: Service +metadata: + name: default-http-backend + namespace: kube-system + labels: + k8s-app: default-http-backend +spec: + ports: + - port: 80 + targetPort: 8080 + selector: + k8s-app: default-http-backend diff --git a/examples/customization/custom-vts-metrics/nginx/nginx-ingress-controller.yaml b/examples/customization/custom-vts-metrics/nginx/nginx-ingress-controller.yaml new file mode 100644 index 000000000..55c6ec4fd --- /dev/null +++ b/examples/customization/custom-vts-metrics/nginx/nginx-ingress-controller.yaml @@ -0,0 +1,56 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: nginx-ingress-controller + labels: + k8s-app: nginx-ingress-controller + namespace: kube-system + annotations: + prometheus.io/port: "10254" + prometheus.io/scrape: "true" +spec: + replicas: 1 + template: + metadata: + labels: + k8s-app: nginx-ingress-controller + spec: + # hostNetwork makes it possible to use ipv6 and to preserve the source IP correctly regardless of docker configuration + # however, it is not a hard dependency of the nginx-ingress-controller itself and it may cause issues if port 10254 already is taken on the host + # that said, since hostPort is broken on CNI (https://github.com/kubernetes/kubernetes/issues/31307) we have to use hostNetwork where CNI is used + # like with kubeadm + # hostNetwork: true + terminationGracePeriodSeconds: 60 + containers: + - image: gcr.io/google_containers/nginx-ingress-controller:0.9.0-beta.3 + name: nginx-ingress-controller + readinessProbe: + httpGet: + path: /healthz + port: 10254 + scheme: HTTP + livenessProbe: + httpGet: + path: /healthz + port: 10254 + scheme: HTTP + initialDelaySeconds: 10 + timeoutSeconds: 1 + ports: + - containerPort: 80 + hostPort: 80 + - containerPort: 443 + hostPort: 443 + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + args: + - /nginx-ingress-controller + - --default-backend-service=$(POD_NAMESPACE)/default-http-backend + - --configmap=$(POD_NAMESPACE)/nginx-vts-metrics-conf diff --git a/examples/customization/custom-vts-metrics/nginx/nginx-vts-metrics-conf.yaml b/examples/customization/custom-vts-metrics/nginx/nginx-vts-metrics-conf.yaml new file mode 100644 index 000000000..345f19a9a --- /dev/null +++ b/examples/customization/custom-vts-metrics/nginx/nginx-vts-metrics-conf.yaml @@ -0,0 +1,7 @@ +piVersion: v1 +data: + enable-vts-status: "true" +kind: ConfigMap +metadata: + name: nginx-vts-metrics-conf + namespace: kube-system From be05d403ac473545fdfdaf656bc2f7ae856fb159 Mon Sep 17 00:00:00 2001 From: zoues Date: Tue, 21 Mar 2017 23:35:43 +0800 Subject: [PATCH 4/5] fix vts readme --- .../custom-vts-metrics/nginx/README.md | 22 ++----------------- 1 file changed, 2 insertions(+), 20 deletions(-) diff --git a/examples/customization/custom-vts-metrics/nginx/README.md b/examples/customization/custom-vts-metrics/nginx/README.md index 485a7eadf..df2c4c68b 100644 --- a/examples/customization/custom-vts-metrics/nginx/README.md +++ b/examples/customization/custom-vts-metrics/nginx/README.md @@ -36,24 +36,6 @@ metadata: $ kubectl create -f nginx-vts-metrics-conf.yaml ``` -## Custom DH parameters secret - -```console -$> openssl dhparam 1024 2> /dev/null | base64 -LS0tLS1CRUdJTiBESCBQQVJBTUVURVJ... -``` - -```console -$ cat ssl-dh-param.yaml -apiVersion: v1 -data: - dhparam.pem: "LS0tLS1CRUdJTiBESCBQQVJBTUVURVJ..." -kind: Secret -type: Opaque -metadata: - name: lb-dhparam - namespace: kube-system -``` ## Controller You can deploy the controller as follows: @@ -68,7 +50,7 @@ default-http-backend-2657704409-qgwdd 1/1 Running 0 2m nginx-ingress-controller-873061567-4n3k2 1/1 Running 0 42s ``` -## Test +## Result Check the contents of the configmap is present in the nginx.conf file using: -`kubectl exec nginx-ingress-controller-873061567-4n3k2 -n kube-system cat /etc/nginx/nginx.conf` +`kubectl exec nginx-ingress-controller-873061567-4n3k2 -n kube-system curl localhost:10254/metrics` From 5446208d5fbfaabaa0641d99b349fa144fa2ec1b Mon Sep 17 00:00:00 2001 From: zoues Date: Wed, 22 Mar 2017 09:38:21 +0800 Subject: [PATCH 5/5] Update README.md --- .../customization/custom-vts-metrics/nginx/README.md | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/examples/customization/custom-vts-metrics/nginx/README.md b/examples/customization/custom-vts-metrics/nginx/README.md index df2c4c68b..ca65f3025 100644 --- a/examples/customization/custom-vts-metrics/nginx/README.md +++ b/examples/customization/custom-vts-metrics/nginx/README.md @@ -51,6 +51,9 @@ nginx-ingress-controller-873061567-4n3k2 1/1 Running 0 42s ``` ## Result - -Check the contents of the configmap is present in the nginx.conf file using: -`kubectl exec nginx-ingress-controller-873061567-4n3k2 -n kube-system curl localhost:10254/metrics` +Check wether to open the vts status: +```console +$ kubectl exec nginx-ingress-controller-873061567-4n3k2 -n kube-system cat /etc/nginx/nginx.conf|grep vhost_traffic_status_display + vhost_traffic_status_display; + vhost_traffic_status_display_format html; +```