guangzhengli
diff --git a/‎README.md‎
Lines changed: 66 additions & 45 deletions b/‎README.md‎
Lines changed: 66 additions & 45 deletions
@@ -852,7 +852,7 @@ kubectl exec -it nginx-pod /bin/bash
 
 可以看到，我们多次 `curl 10.104.96.153:3000` 访问 `hellok8s` Service IP 地址，返回的 `hellok8s:v3` `hostname` 不一样，说明 Service 可以接收请求并将它们传递给它后面的所有 pod，还可以自动负载均衡。你也可以试试增加或者减少 `hellok8s:v3` pod 副本数量，观察 Service 的请求是否会动态变更。调用过程如下图所示：
 
-![service-clusterip](/Users/guangzheng.li/Downloads/service-clusterip.png)
+![service-clusterip-fix](https://cdn.jsdelivr.net/gh/guangzhengli/PicURL@master/uPic/service-clusterip-fix.png)
 
 除了上述的 `ClusterIp` 的方式外，Kubernetes `ServiceTypes` 允许指定你所需要的 Service 类型，默认是 `ClusterIP`。`Type` 的值包括如下：
 
@@ -924,32 +924,47 @@ curl http://192.168.59.100:30000
 
 ## ingress
 
+[Ingress](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.25/#ingress-v1beta1-networking-k8s-io) 公开从集群外部到集群内[服务](https://kubernetes.io/docs/concepts/services-networking/service/)的 HTTP 和 HTTPS 路由。 流量路由由 Ingress 资源上定义的规则控制。Ingress 可为 Service 提供外部可访问的 URL、负载均衡流量、 SSL/TLS，以及基于名称的虚拟托管。你必须拥有一个 [Ingress 控制器](https://kubernetes.io/zh-cn/docs/concepts/services-networking/ingress-controllers) 才能满足 Ingress 的要求。 仅创建 Ingress 资源本身没有任何效果。 [Ingress 控制器](https://kubernetes.io/docs/concepts/services-networking/ingress-controllers) 通常负责通过负载均衡器来实现 Ingress，例如 `minikube` 默认使用的是 [nginx-ingress](https://minikube.sigs.k8s.io/docs/tutorials/nginx_tcp_udp_ingress/)，目前  `minikube` 也支持 [Kong-Ingress](https://minikube.sigs.k8s.io/docs/handbook/addons/kong-ingress/)。
+
+Ingress 可以“简单理解”为服务的网关 Gateway，它是所有流量的入口，经过配置的路由规则，将流量重定向到后端的服务。
+
+在   `minikube` 中，可以通过下面命令开启 Ingress-Controller 的功能。默认使用的是 [nginx-ingress](https://minikube.sigs.k8s.io/docs/tutorials/nginx_tcp_udp_ingress/)。
+
 ```shell
 minikube addons enable ingress
+```
+
+接着删除之前创建的所有 `pod`, `deployment`, `service` 资源。
 
+``` shell
 kubectl delete deployment,service --all
 ```
 
+接着根据之前的教程，创建 `hellok8s:v3` 和 `nginx` 的`deployment`与 `service` 资源。Service 的 type 为 ClusterIP 即可。
+
+`hellok8s:v3` 的端口映射为 `3000:3000`，`nginx` 的端口映射为 `4000:80`，这里后续写 Ingress Route 规则时会用到。
+
 ```yaml
 apiVersion: v1
 kind: Service
 metadata:
-  name: hellok8s-svc
+  name: service-hellok8s-clusterip
 spec:
+  type: ClusterIP
   selector:
     app: hellok8s
   ports:
-  - port: 4567
-    targetPort: 4567
+  - port: 3000
+    targetPort: 3000
 
 ---
 
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: hellok8s
+  name: hellok8s-deployment
 spec:
-  replicas: 2
+  replicas: 3
   selector:
     matchLabels:
       app: hellok8s
@@ -959,29 +974,29 @@ spec:
         app: hellok8s
     spec:
       containers:
-      - image: guangzhengli/hellok8s:v3
-        name: hellok8s-container
+        - image: guangzhengli/hellok8s:v3
+          name: hellok8s-container
 ```
 
 ```yaml
-# nginx.yaml
 apiVersion: v1
 kind: Service
 metadata:
-  name: nginx-svc
+  name: service-nginx-clusterip
 spec:
+  type: ClusterIP
   selector:
     app: nginx
   ports:
-  - port: 1234
+  - port: 4000
     targetPort: 80
 
 ---
 
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: nginx
+  name: nginx-deployment
 spec:
   replicas: 2
   selector:
@@ -998,27 +1013,32 @@ spec:
 ```
 
 ```shell
-kubectl apply -f hellok8s.yaml
-# service/hellok8s-svc created
-# deployment.apps/hellok8s created
+kubectl apply -f hellok8s.yaml                 
+# service/service-hellok8s-clusterip created
+# deployment.apps/hellok8s-deployment created
 
-kubectl apply -f nginx.yaml
-# service/nginx-svc created
-# deployment.apps/nginx created
+kubectl apply -f nginx.yaml   
+# service/service-nginx-clusterip created
+# deployment.apps/nginx-deployment created
 
-kubectl get pods
-# NAME                        READY   STATUS    RESTARTS 
-# hellok8s-7f4c57d446-6c8b8   1/1     Running   0        
-# hellok8s-7f4c57d446-jkqbl   1/1     Running   0        
-# nginx-77c5c66899-dgkk2      1/1     Running   0        
-# nginx-77c5c66899-w9srw      1/1     Running   0        
+kubectl get pods            
+# NAME                                   READY   STATUS    RESTARTS   AGE
+# hellok8s-deployment-5d5545b69c-4wvmf   1/1     Running   0          55s
+# hellok8s-deployment-5d5545b69c-qcszp   1/1     Running   0          55s
+# hellok8s-deployment-5d5545b69c-sn7mn   1/1     Running   0          55s
+# nginx-deployment-d47fd7f66-d9r7x       1/1     Running   0          34s
+# nginx-deployment-d47fd7f66-hp5nf       1/1     Running   0          34s
 
 kubectl get service
-# NAME           TYPE        CLUSTER-IP       PORT(S)   
-# hellok8s-svc   ClusterIP   10.102.242.233   4567/TCP  
-# nginx-svc      ClusterIP   10.96.19.78      1234/TCP
+# NAME                         TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)    AGE
+# service-hellok8s-clusterip   ClusterIP   10.97.88.18      <none>        3000/TCP   77s
+# service-nginx-clusterip      ClusterIP   10.103.161.247   <none>        4000/TCP   56s
 ```
 
+这样在 k8s 集群中，就有 3 个 `hellok8s:v3` 的 pod，2 个 `nginx` 的 pod。并且`hellok8s:v3` 的端口映射为 `3000:3000`，`nginx` 的端口映射为 `4000:80`。在这个基础上，接下来编写 Ingress 资源的定义，`nginx.ingress.kubernetes.io/ssl-redirect: "false"` 的意思是这里关闭 `https` 连接，只使用 `http` 连接。
+
+匹配前缀为 `/hello` 的路由规则，重定向到 `hellok8s:v3` 服务，匹配前缀为 `/` 的跟路径重定向到 `nginx`。
+
 ```yaml
 apiVersion: networking.k8s.io/v1
 kind: Ingress
@@ -1032,42 +1052,43 @@ spec:
   rules:
     - http:
         paths:
-          - path: /
+          - path: /hello
             pathType: Prefix
             backend:
               service:
-                name: nginx-svc
+                name: service-hellok8s-clusterip
                 port:
-                  number: 1234
-          - path: /hello
+                  number: 3000
+          - path: /
             pathType: Prefix
             backend:
               service:
-                name: hellok8s-svc
+                name: service-nginx-clusterip
                 port:
-                  number: 4567
+                  number: 4000
+
 ```
 
 ```shell
 kubectl apply -f ingress.yaml
 # ingress.extensions/hello-ingress created
 
-kubectl get ingress
-# NAME            HOSTS   ADDRESS     PORTS   AGE
-# hello-ingress   *       localhost   80      1m
-```
-
-```shell
-kubectl apply -f ingress.yaml
-# ingress.extensions/hello-ingress configured
+kubectl get ingress          
+# NAME            CLASS   HOSTS   ADDRESS   PORTS   AGE
+# hello-ingress   nginx   *                 80      16s
 
-curl http://localhost/hello
-# [v3] Hello, Kubernetes, from hellok8s-7f4c57d446-qth54!
+# replace 192.168.59.100 by your minikube ip
+curl http://192.168.59.100/hello
+# [v3] Hello, Kubernetes!, From host: hellok8s-deployment-5d5545b69c-sn7mn
 
-curl http://localhost
-# (nginx welcome page)
+curl http://192.168.59.100/
+# (....Thank you for using nginx.....)
 ```
 
+上面的教程中将所有流量都发送到 Ingress 的架构如下图所示：
+
+![ingress](https://cdn.jsdelivr.net/gh/guangzhengli/PicURL@master/uPic/ingress.png)
+
 ## Configmap
 
 ### env var