Nginx自動代理

解決多個內部Web服務的使用一個域名訪問的問題

  1. k8sService name,port代理轉發(fā)
    通過指定url模板 /proxyk8s/servicename.namespace:port/....的方式實現

  2. 非K8s 請求代理轉發(fā)
    通過指定url模板 /proxy/host:port/....的方式實現

apiVersion: v1
kind: ConfigMap
metadata:
    name: auxo-proxy-config
    namespace: manage
data:
    endpoints.conf: |
        server
        {
            if ( $request_uri ~* \/proxyk8s\/([A-Za-z0-9|-]+)\.([A-Za-z0-9|-]+)\:([0-9|-]+)(\/*[\s\S]*) ) {
                set $subk8s "$1.$2";
                set $portk8s "$3";
                set $parmk8s "$4";
            }

            if ( $request_uri ~* \/proxy\/([A-Za-z0-9|.]+)\:([0-9|-]+)(\/*[\s\S]*) ) {
                set $sub "$1:$2";
                set $parm "$3";
            }
            listen 80;
            location ~* \/proxyk8s\/([A-Za-z0-9|-]+)\.([A-Za-z0-9|-]+)\:([0-9|-]+)(\/*[\s\S]*) {
                rewrite ^\/proxyk8s\/([A-Za-z0-9|-]+)\.([A-Za-z0-9|-]+)\:([0-9|-]+)(\/*[\s\S]*) $parmk8s break;
                resolver kube-dns.kube-system.svc.cluster.local valid=5s;
                proxy_pass http://$subk8s.svc.cluster.local:$portk8s;
#                auth_basic "Restricted";
#                auth_basic_user_file /etc/nginx/conf.d/.htpasswd;
            }

            location ~* \/proxy\/([0-9|-]+)(\/*[\s\S]*) {
                rewrite ^\/proxy\/([0-9|-]+)(\/*[\s\S]*) $parm break;
#                resolver kube-dns.kube-system.svc.cluster.local valid=5s;
                proxy_pass $sub;
#                auth_basic "Restricted";
#                auth_basic_user_file /etc/nginx/conf.d/.htpasswd;
            }
        }
    .htpasswd: |
        admin:$apr1$pP5p9B37$R9tFUko/sCvm4fjAKzri.0
---
apiVersion: apps/v1
kind: Deployment
metadata:
    name: auxo-proxy
    namespace: manage
spec:
    replicas: 1
    selector:
        matchLabels:
            app: auxo-proxy
    template:
        metadata:
            labels:
                app: auxo-proxy
        spec:
            imagePullSecrets:
                - name: harborkey
            containers:
                - name: auxo-proxy
                  image: nginx:1.17.0
                  ports:
                      - containerPort: 80
                  volumeMounts:
                      - mountPath: /etc/nginx/conf.d/
                        readOnly: true
                        name: auxo-proxy-config
                      - mountPath: /var/log/nginx
                        name: log
            volumes:
                - name: auxo-proxy-config
                  configMap:
                      name: auxo-proxy-config
                      items:
                          - key: endpoints.conf
                            path: endpoints.conf
                          - key: .htpasswd
                            path: .htpasswd
                - name: log
                  emptyDir: {}

---
apiVersion: v1
kind: Service
metadata:
    name: auxo-proxy
    namespace: manage
spec:
    type: ClusterIP
    ports:
        - port: 80
          targetPort: 80
    selector:
        app: auxo-proxy

---
最后編輯于
?著作權歸作者所有,轉載或內容合作請聯(lián)系作者
【社區(qū)內容提示】社區(qū)部分內容疑似由AI輔助生成,瀏覽時請結合常識與多方信息審慎甄別。
平臺聲明:文章內容(如有圖片或視頻亦包括在內)由作者上傳并發(fā)布,文章內容僅代表作者本人觀點,簡書系信息發(fā)布平臺,僅提供信息存儲服務。

友情鏈接更多精彩內容