K8s部署Nginx(以自定义启动文件的方式)之配置文件配置+挂

2023-10-25  本文已影响0人  sexy_cyber

/etc/nginx/certs/fullchain.pem 中的 /etc/nginx/certs/路径可以随便定义,目前没有什么其他的依赖,会在部署Nginx服务(Kind:Deployment)过程中通过挂载设置的方式指向 该处

worker_processes auto;

events {
    worker_connections 1024;
}

http {
    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 4096;

    default_type        application/octet-stream;

    server {
        listen 443 ssl;
        server_name www.siquanzhuanxiang.top siquanzhuanxiang.top;
        ssl_certificate      /etc/nginx/certs/fullchain.pem;
        ssl_certificate_key  /etc/nginx/certs/key.pem;

        root         /usr/share/nginx/html;

        error_page 404 /404.html;
        location = /404.html {
            }

        error_page 500 502 503 504 /50x.html;
        location = /50x.html {
            }

        location / {
            proxy_set_header    Host  $host;
            proxy_set_header    X-Real-IP  $remote_addr;
            proxy_set_header    X-Forwarded-For  $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_redirect off;
            proxy_pass http://spiders-service.default.svc.cluster.local:83;
            }
        location /lark {
            # 保留代理之前的host 包含客户端真实的域名和端口号
            proxy_set_header    Host  $host;
            # 保留代理之前的真实客户端ip
            proxy_set_header    X-Real-IP  $remote_addr;
            # 这个Header和X-Real-IP类似,但它在多级代理时会包含真实客户端及中间每个代理服务器的IP
            proxy_set_header    X-Forwarded-For  $proxy_add_x_forwarded_for;
            # 表示客户端真实的协议(http还是https)
            proxy_set_header X-Forwarded-Proto $scheme;
            # 指定修改被代理服务器返回的响应头中的location头域跟refresh头域数值
            # 如果使用"default"参数,将根据location和proxy_pass参数的设置来决定。
            # proxy_redirect [ default|off|redirect replacement ];
            proxy_redirect off;
            proxy_pass http://spiders-service.default.svc.cluster.local:84;
            }
        location /dappradar {
            proxy_set_header    Host  $host;
            proxy_set_header    X-Real-IP  $remote_addr;
            proxy_set_header    X-Forwarded-For  $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_redirect off;
            proxy_pass http://spiders-service.default.svc.cluster.local:87;
        }
        location /similarweb {
            proxy_set_header    Host  $host;
            proxy_set_header    X-Real-IP  $remote_addr;
            proxy_set_header    X-Forwarded-For  $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_redirect off;
            proxy_pass http://spiders-service.default.svc.cluster.local:88;
        }
    }
    server {
        listen 443 ssl;
        server_name kibana.siquanzhuanxiang.top;
        location / {
            proxy_pass http://kibana.default.svc.cluster.local:5601;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            }
    }
    server {
        listen 443 ssl;
        server_name k8s.siquanzhuanxiang.top;
        location / {
            proxy_pass https://kubernetes-dashboard.kubernetes-dashboard.svc.cluster.local:443;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            }
    }
}

路由地址解析 https://kubernetes-dashboard.kubernetes-dashboard.svc.cluster.local:443
表示:https://servicename.namespace.svc.cluster.local:暴露在命名空间内的端口

kubectl create configmap nginx-config --from-file=nginx.conf

转发地址是通过服务名和命名空间、端口号进行拼接

kind: ConfigMap
apiVersion: v1
metadata:
  name: nginx-config
  namespace: default
  uid: 087fed9c-573b-4a64-82e1-437b0c83dff1
  resourceVersion: '4519138'
  creationTimestamp: '2023-10-24T09:22:24Z'
  managedFields:
    - manager: kubectl-create
      operation: Update
      apiVersion: v1
      time: '2023-10-24T09:22:24Z'
      fieldsType: FieldsV1
      fieldsV1:
        f:data: {}
    - manager: kubectl-edit
      operation: Update
      apiVersion: v1
      time: '2023-10-24T11:21:32Z'
      fieldsType: FieldsV1
      fieldsV1:
        f:data:
          f:nginx.conf: {}
data:
  nginx.conf: |
    worker_processes auto;
    events {
        worker_connections 1024;
    }
    http {
        sendfile            on;
        tcp_nopush          on;
        tcp_nodelay         on;
        keepalive_timeout   65;
        types_hash_max_size 4096;

        default_type        application/octet-stream;

        server {
            listen 443 ssl;
            server_name www.siquanzhuanxiang.top siquanzhuanxiang.top;
            ssl_certificate      /etc/nginx/certs/fullchain.pem;
            ssl_certificate_key  /etc/nginx/certs/key.pem;

            root         /usr/share/nginx/html;

            error_page 404 /404.html;
            location = /404.html {
                }

            error_page 500 502 503 504 /50x.html;
            location = /50x.html {
                }

            location / {
                proxy_set_header    Host  $host;
                proxy_set_header    X-Real-IP  $remote_addr;
                proxy_set_header    X-Forwarded-For  $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto $scheme;
                proxy_redirect off;
                proxy_pass http://spiders-service.default.svc.cluster.local:83;
                }
            location /lark {
                # 保留代理之前的host 包含客户端真实的域名和端口号
                proxy_set_header    Host  $host;
                # 保留代理之前的真实客户端ip
                proxy_set_header    X-Real-IP  $remote_addr;
                # 这个Header和X-Real-IP类似,但它在多级代理时会包含真实客户端及中间每个代理服务器的IP
                proxy_set_header    X-Forwarded-For  $proxy_add_x_forwarded_for;
                # 表示客户端真实的协议(http还是https)
                proxy_set_header X-Forwarded-Proto $scheme;
                # 指定修改被代理服务器返回的响应头中的location头域跟refresh头域数值
                # 如果使用"default"参数,将根据location和proxy_pass参数的设置来决定。
                # proxy_redirect [ default|off|redirect replacement ];
                proxy_redirect off;
                proxy_pass http://spiders-service.default.svc.cluster.local:84;
                }
            location /dappradar {
                proxy_set_header    Host  $host;
                proxy_set_header    X-Real-IP  $remote_addr;
                proxy_set_header    X-Forwarded-For  $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto $scheme;
                proxy_redirect off;
                proxy_pass http://spiders-service.default.svc.cluster.local:87;
            }
            location /similarweb {
                proxy_set_header    Host  $host;
                proxy_set_header    X-Real-IP  $remote_addr;
                proxy_set_header    X-Forwarded-For  $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto $scheme;
                proxy_redirect off;
                proxy_pass http://spiders-service.default.svc.cluster.local:88;
            }
        }
        server {
            listen 443 ssl;
            server_name kibana.siquanzhuanxiang.top;
            location / {
                proxy_pass http://kibana.default.svc.cluster.local:5601;
                proxy_set_header Host $host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto $scheme;
                }
        }
        server {
            listen 443 ssl;
            server_name k8s.siquanzhuanxiang.top;
            location / {
                proxy_pass https://kubernetes-dashboard.kubernetes-dashboard.svc.cluster.local:443;
                proxy_set_header Host $host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto $scheme;
                }
        }
    }
上一篇下一篇

猜你喜欢

热点阅读