kubernetes-Ingress nginx
内部pod是Https
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: xxx
name: xxx-web
annotations:
# 文件上传限制
nginx.ingress.kubernetes.io/proxy-body-size: "200M"
nginx.ingress.kubernetes.io/backend-protocol: HTTPS
spec:
ingressClassName: nginx
rules:
- host: www.xxx.net
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: xxx-web
port:
number: 443
Ingress配置Https
https://kubernetes.io/zh-cn/docs/concepts/services-networking/ingress/
- 创建secret
kubectl create secret tls xxx-secret --cert=xxx.crt --key=xxx.key
- 配置
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: xxx
name: xxx-web
annotations:
# 文件上传限制
nginx.ingress.kubernetes.io/proxy-body-size: "200M"
nginx.ingress.kubernetes.io/backend-protocol: HTTPS
spec:
ingressClassName: nginx
tls:
- hosts:
- www.xxx.net
secretName: xxx-secret
rules:
- host: www.xxx.net
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: xxx-web
port:
number: 443
Websocket配置
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: xxx
name: xxx-web
annotations:
# 代理发送超时
nginx.ingress.kubernetes.io/proxy-send-timeout: "3600"
# 代理读取超时
nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
# 代理连接超时
nginx.ingress.kubernetes.io/proxy-connect-timeout: "3600"
# 基于客户端出口ip哈希
nginx.ingress.kubernetes.io/upstream-hash-by: "$http_x_forwarded_for"
spec:
ingressClassName: nginx
rules:
- host: www.xxx.net
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: xxx-web
port:
number: 443
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 分享一个免费、快速、无限量使用的满血 DeepSeek R1 模型,支持深度思考和联网搜索!
· 25岁的心里话
· 基于 Docker 搭建 FRP 内网穿透开源项目(很简单哒)
· 闲置电脑爆改个人服务器(超详细) #公网映射 #Vmware虚拟网络编辑器
· ollama系列01:轻松3步本地部署deepseek,普通电脑可用