内部pod是Https
apiVersion: networking.k8s.io/v1
kind: Ingress
Metadata:
namespace: xxx
name: xxx-web
annotations:
# 文件上传限制
Nginx.ingress.kubernetes.io/proxy-body-size: "200M"
Nginx.ingress.kubernetes.io/backend-protocol: HTTPS
spec:
ingressClassName: Nginx
rules:
- host: www.xxx.net
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: xxx-web
port:
number: 443
Ingress配置Https
https://kubernetes.io/zh-cn/docs/concepts/services-networking/ingress/
- 创建secret
kubectl create secret tls xxx-secret --cert=xxx.crt --key=xxx.key
- 配置
apiVersion: networking.k8s.io/v1
kind: Ingress
Metadata:
namespace: xxx
name: xxx-web
annotations:
# 文件上传限制
Nginx.ingress.kubernetes.io/proxy-body-size: "200M"
Nginx.ingress.kubernetes.io/backend-protocol: HTTPS
spec:
ingressClassName: Nginx
tls:
- hosts:
- www.xxx.net
secretName: xxx-secret
rules:
- host: www.xxx.net
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: xxx-web
port:
number: 443
Websocket配置
apiVersion: networking.k8s.io/v1
kind: Ingress
Metadata:
namespace: xxx
name: xxx-web
annotations:
# 代理发送超时
Nginx.ingress.kubernetes.io/proxy-send-timeout: "3600"
# 代理读取超时
Nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
# 代理连接超时
Nginx.ingress.kubernetes.io/proxy-connect-timeout: "3600"
# 基于客户端出口ip哈希
Nginx.ingress.kubernetes.io/upstream-hash-by: "$http_x_forwarded_for"
spec:
ingressClassName: Nginx
rules:
- host: www.xxx.net
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: xxx-web
port:
number: 443
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 [email protected] 举报,一经查实,本站将立刻删除。
