首页 > 网站技巧 > 服务器 > nginx > nginx ingress controller部署配置

nginx-ingress-controller部署配置详解

2023-11-22 08:49:54 作者：moon

这篇文章主要为大家介绍了nginx ingress controller的部署配置,有需要的朋友可以借鉴参考下,希望能够有所帮助,祝大家多多进步,早日升职加薪

引言

开源 Nginx Ingress Controller(k8s 官网推荐)、Nginx Incorporaton (nginx inc，nginx官网) 和 Nginx Incorporaton Plus
当多个ingress对象资源配置同一个主机时，就会发生主机冲突。 Ingress Controller 支持两种处理主机冲突的选项:

Choosing the Winner

If multiple resources contend for the same host, the Ingress Controller will pick the winner based on the creationTimestamp of the resources: the oldest resource will win. In case there are more than one oldest resources (their creationTimestamp is the same), the Ingress Controller will choose the resource with the lexicographically smallest uid.

Merging Configuration for the Same Host

It is possible to merge configuration for multiple Ingress resources for the same host. One common use case for this approach is distributing resources across multiple namespaces.

所以最好一个域名，对应一个ingress对象

# describe ingress 报错
  Warning  Rejected  17m (x2 over 6d23h)  nginx-ingress-controller  All hosts are taken by other resources
  Warning  Rejected  17m (x2 over 3d17h)  nginx-ingress-controller  All hosts are taken by other resources

一. 部署

wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.2.1/deploy/static/provider/cloud/deploy.yaml
# 选择版本
https://github.com/kubernetes/ingress-nginx/blob/controller-v1.4.0/deploy/static/provider/cloud/deploy.yaml
# 修改yaml中的image,改为自己的
    # 可用国内源： registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-ingress-controller:v1.2.1
registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-ingress-controller:v1.8.1
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-webhook-certgen:v20230407

二. 配置

1. 跨域

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: front-web
  namespace: web
  annotations:
    kubernetes.io/ingress.class: "nginx"
    nginx.ingress.kubernetes.io/enable-cors: "true"
    nginx.ingress.kubernetes.io/cors-allow-methods: "PUT, GET, POST, OPTIONS"
    nginx.ingress.kubernetes.io/cors-allow-headers: "Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control"
    nginx.ingress.kubernetes.io/cors-expose-headers: "*, X-CustomResponseHeader"
    nginx.ingress.kubernetes.io/cors-max-age: 600

2. 白名单

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: ingress-myapp
  namespace: default
  annotations:
    kubernetes.io/ingress.class: "nginx"
    # 白名单
    nginx.ingress.kubernetes.io/whitelist-source-range: 120.176.65.13,120.79.18.35

# 设置从代理服务器读取响应的超时时间（以秒为单位，默认值60）
nginx.ingress.kubernetes.io/proxy-read-timeout: "300"

# 强制重定向到 HTTPS（即使 Ingress 未启用 TLS)
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"

3. 强制https

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: test-ingress
  annotations:
    nginx.ingress.kubernetes.io/rewrite-target: /
    nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
    nginx.ingress.kubernetes.io/ssl-redirect: "true"
    nginx.ingress.kubernetes.io/preserve-trailing-slash: "true"
spec:
  rules:
  - http:
      paths:
      - path: /testpath
        backend:
          serviceName: test
          servicePort: 80

4. 跳转

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: test-ingress
  namespace: uf
  annotations:
    nginx.ingress.kubernetes.io/rewrite-target: /$1
spec:
  ingressClassName: nginx-ingress
  rules:
  - host: dev-gf.uf.net.cn
    http:
      paths:
      - backend:
          service:
            name: uf-epi-html
            port:
              number: 80
        path: /epi/(.*)
        pathType: ImplementationSpecific

以上就是nginx-ingress-controller部署配置详解的详细内容，更多关于nginx ingress controller部署配置的资料请关注脚本之家其它相关文章！