K8s部署Nginx(以自定义启动文件的方式)之配置文件配置+挂
2023-10-25 本文已影响0人
sexy_cyber
- 1、准备下面的配置文件,将该配置保存为文件名为:
nginx.conf
的文件
/etc/nginx/certs/fullchain.pem 中的 /etc/nginx/certs/路径可以随便定义,目前没有什么其他的依赖,会在部署Nginx服务(Kind:Deployment)过程中通过挂载设置的方式指向 该处
worker_processes auto;
events {
worker_connections 1024;
}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 4096;
default_type application/octet-stream;
server {
listen 443 ssl;
server_name www.siquanzhuanxiang.top siquanzhuanxiang.top;
ssl_certificate /etc/nginx/certs/fullchain.pem;
ssl_certificate_key /etc/nginx/certs/key.pem;
root /usr/share/nginx/html;
error_page 404 /404.html;
location = /404.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;
proxy_pass http://spiders-service.default.svc.cluster.local:83;
}
location /lark {
# 保留代理之前的host 包含客户端真实的域名和端口号
proxy_set_header Host $host;
# 保留代理之前的真实客户端ip
proxy_set_header X-Real-IP $remote_addr;
# 这个Header和X-Real-IP类似,但它在多级代理时会包含真实客户端及中间每个代理服务器的IP
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# 表示客户端真实的协议(http还是https)
proxy_set_header X-Forwarded-Proto $scheme;
# 指定修改被代理服务器返回的响应头中的location头域跟refresh头域数值
# 如果使用"default"参数,将根据location和proxy_pass参数的设置来决定。
# proxy_redirect [ default|off|redirect replacement ];
proxy_redirect off;
proxy_pass http://spiders-service.default.svc.cluster.local:84;
}
location /dappradar {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;
proxy_pass http://spiders-service.default.svc.cluster.local:87;
}
location /similarweb {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;
proxy_pass http://spiders-service.default.svc.cluster.local:88;
}
}
server {
listen 443 ssl;
server_name kibana.siquanzhuanxiang.top;
location / {
proxy_pass http://kibana.default.svc.cluster.local:5601;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
server {
listen 443 ssl;
server_name k8s.siquanzhuanxiang.top;
location / {
proxy_pass https://kubernetes-dashboard.kubernetes-dashboard.svc.cluster.local:443;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
}
路由地址解析 https://kubernetes-dashboard.kubernetes-dashboard.svc.cluster.local:443
表示:https://servicename.namespace.svc.cluster.local:暴露在命名空间内的端口
- 2、基于原始配置文件,在配置文件的目录执行下面的命令
kubectl create configmap nginx-config --from-file=nginx.conf
- 3、configmap格式化(第二步命令执行后的结果)
转发地址是通过服务名和命名空间、端口号进行拼接
kind: ConfigMap
apiVersion: v1
metadata:
name: nginx-config
namespace: default
uid: 087fed9c-573b-4a64-82e1-437b0c83dff1
resourceVersion: '4519138'
creationTimestamp: '2023-10-24T09:22:24Z'
managedFields:
- manager: kubectl-create
operation: Update
apiVersion: v1
time: '2023-10-24T09:22:24Z'
fieldsType: FieldsV1
fieldsV1:
f:data: {}
- manager: kubectl-edit
operation: Update
apiVersion: v1
time: '2023-10-24T11:21:32Z'
fieldsType: FieldsV1
fieldsV1:
f:data:
f:nginx.conf: {}
data:
nginx.conf: |
worker_processes auto;
events {
worker_connections 1024;
}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 4096;
default_type application/octet-stream;
server {
listen 443 ssl;
server_name www.siquanzhuanxiang.top siquanzhuanxiang.top;
ssl_certificate /etc/nginx/certs/fullchain.pem;
ssl_certificate_key /etc/nginx/certs/key.pem;
root /usr/share/nginx/html;
error_page 404 /404.html;
location = /404.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;
proxy_pass http://spiders-service.default.svc.cluster.local:83;
}
location /lark {
# 保留代理之前的host 包含客户端真实的域名和端口号
proxy_set_header Host $host;
# 保留代理之前的真实客户端ip
proxy_set_header X-Real-IP $remote_addr;
# 这个Header和X-Real-IP类似,但它在多级代理时会包含真实客户端及中间每个代理服务器的IP
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# 表示客户端真实的协议(http还是https)
proxy_set_header X-Forwarded-Proto $scheme;
# 指定修改被代理服务器返回的响应头中的location头域跟refresh头域数值
# 如果使用"default"参数,将根据location和proxy_pass参数的设置来决定。
# proxy_redirect [ default|off|redirect replacement ];
proxy_redirect off;
proxy_pass http://spiders-service.default.svc.cluster.local:84;
}
location /dappradar {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;
proxy_pass http://spiders-service.default.svc.cluster.local:87;
}
location /similarweb {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;
proxy_pass http://spiders-service.default.svc.cluster.local:88;
}
}
server {
listen 443 ssl;
server_name kibana.siquanzhuanxiang.top;
location / {
proxy_pass http://kibana.default.svc.cluster.local:5601;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
server {
listen 443 ssl;
server_name k8s.siquanzhuanxiang.top;
location / {
proxy_pass https://kubernetes-dashboard.kubernetes-dashboard.svc.cluster.local:443;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
}
- 4、修改配置文件(可选)
- 一共有两种方式,二选一
- 1、通过K8s dashboard面板进行修改
- 2、通过命令kubectl edit cm nginx-config 进行修改
- 一共有两种方式,二选一