You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

1117 lines
75 KiB

<!DOCTYPE html><html><head>
<title>ingress-config</title>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" href="file:///c:\Users\liter\.vscode\extensions\shd101wyy.markdown-preview-enhanced-0.6.1\node_modules\@shd101wyy\mume\dependencies\katex\katex.min.css">
<style>
/**
* prism.js Github theme based on GitHub's theme.
* @author Sam Clarke
*/
code[class*="language-"],
pre[class*="language-"] {
color: #333;
background: none;
font-family: Consolas, "Liberation Mono", Menlo, Courier, monospace;
text-align: left;
white-space: pre;
word-spacing: normal;
word-break: normal;
word-wrap: normal;
line-height: 1.4;
-moz-tab-size: 8;
-o-tab-size: 8;
tab-size: 8;
-webkit-hyphens: none;
-moz-hyphens: none;
-ms-hyphens: none;
hyphens: none;
}
/* Code blocks */
pre[class*="language-"] {
padding: .8em;
overflow: auto;
/* border: 1px solid #ddd; */
border-radius: 3px;
/* background: #fff; */
background: #f5f5f5;
}
/* Inline code */
:not(pre) > code[class*="language-"] {
padding: .1em;
border-radius: .3em;
white-space: normal;
background: #f5f5f5;
}
.token.comment,
.token.blockquote {
color: #969896;
}
.token.cdata {
color: #183691;
}
.token.doctype,
.token.punctuation,
.token.variable,
.token.macro.property {
color: #333;
}
.token.operator,
.token.important,
.token.keyword,
.token.rule,
.token.builtin {
color: #a71d5d;
}
.token.string,
.token.url,
.token.regex,
.token.attr-value {
color: #183691;
}
.token.property,
.token.number,
.token.boolean,
.token.entity,
.token.atrule,
.token.constant,
.token.symbol,
.token.command,
.token.code {
color: #0086b3;
}
.token.tag,
.token.selector,
.token.prolog {
color: #63a35c;
}
.token.function,
.token.namespace,
.token.pseudo-element,
.token.class,
.token.class-name,
.token.pseudo-class,
.token.id,
.token.url-reference .token.variable,
.token.attr-name {
color: #795da3;
}
.token.entity {
cursor: help;
}
.token.title,
.token.title .token.punctuation {
font-weight: bold;
color: #1d3e81;
}
.token.list {
color: #ed6a43;
}
.token.inserted {
background-color: #eaffea;
color: #55a532;
}
.token.deleted {
background-color: #ffecec;
color: #bd2c00;
}
.token.bold {
font-weight: bold;
}
.token.italic {
font-style: italic;
}
/* JSON */
.language-json .token.property {
color: #183691;
}
.language-markup .token.tag .token.punctuation {
color: #333;
}
/* CSS */
code.language-css,
.language-css .token.function {
color: #0086b3;
}
/* YAML */
.language-yaml .token.atrule {
color: #63a35c;
}
code.language-yaml {
color: #183691;
}
/* Ruby */
.language-ruby .token.function {
color: #333;
}
/* Markdown */
.language-markdown .token.url {
color: #795da3;
}
/* Makefile */
.language-makefile .token.symbol {
color: #795da3;
}
.language-makefile .token.variable {
color: #183691;
}
.language-makefile .token.builtin {
color: #0086b3;
}
/* Bash */
.language-bash .token.keyword {
color: #0086b3;
}
/* highlight */
pre[data-line] {
position: relative;
padding: 1em 0 1em 3em;
}
pre[data-line] .line-highlight-wrapper {
position: absolute;
top: 0;
left: 0;
background-color: transparent;
display: block;
width: 100%;
}
pre[data-line] .line-highlight {
position: absolute;
left: 0;
right: 0;
padding: inherit 0;
margin-top: 1em;
background: hsla(24, 20%, 50%,.08);
background: linear-gradient(to right, hsla(24, 20%, 50%,.1) 70%, hsla(24, 20%, 50%,0));
pointer-events: none;
line-height: inherit;
white-space: pre;
}
pre[data-line] .line-highlight:before,
pre[data-line] .line-highlight[data-end]:after {
content: attr(data-start);
position: absolute;
top: .4em;
left: .6em;
min-width: 1em;
padding: 0 .5em;
background-color: hsla(24, 20%, 50%,.4);
color: hsl(24, 20%, 95%);
font: bold 65%/1.5 sans-serif;
text-align: center;
vertical-align: .3em;
border-radius: 999px;
text-shadow: none;
box-shadow: 0 1px white;
}
pre[data-line] .line-highlight[data-end]:after {
content: attr(data-end);
top: auto;
bottom: .4em;
}html body{font-family:"Helvetica Neue",Helvetica,"Segoe UI",Arial,freesans,sans-serif;font-size:16px;line-height:1.6;color:#333;background-color:#fff;overflow:initial;box-sizing:border-box;word-wrap:break-word}html body>:first-child{margin-top:0}html body h1,html body h2,html body h3,html body h4,html body h5,html body h6{line-height:1.2;margin-top:1em;margin-bottom:16px;color:#000}html body h1{font-size:2.25em;font-weight:300;padding-bottom:.3em}html body h2{font-size:1.75em;font-weight:400;padding-bottom:.3em}html body h3{font-size:1.5em;font-weight:500}html body h4{font-size:1.25em;font-weight:600}html body h5{font-size:1.1em;font-weight:600}html body h6{font-size:1em;font-weight:600}html body h1,html body h2,html body h3,html body h4,html body h5{font-weight:600}html body h5{font-size:1em}html body h6{color:#5c5c5c}html body strong{color:#000}html body del{color:#5c5c5c}html body a:not([href]){color:inherit;text-decoration:none}html body a{color:#08c;text-decoration:none}html body a:hover{color:#00a3f5;text-decoration:none}html body img{max-width:100%}html body>p{margin-top:0;margin-bottom:16px;word-wrap:break-word}html body>ul,html body>ol{margin-bottom:16px}html body ul,html body ol{padding-left:2em}html body ul.no-list,html body ol.no-list{padding:0;list-style-type:none}html body ul ul,html body ul ol,html body ol ol,html body ol ul{margin-top:0;margin-bottom:0}html body li{margin-bottom:0}html body li.task-list-item{list-style:none}html body li>p{margin-top:0;margin-bottom:0}html body .task-list-item-checkbox{margin:0 .2em .25em -1.8em;vertical-align:middle}html body .task-list-item-checkbox:hover{cursor:pointer}html body blockquote{margin:16px 0;font-size:inherit;padding:0 15px;color:#5c5c5c;background-color:#f0f0f0;border-left:4px solid #d6d6d6}html body blockquote>:first-child{margin-top:0}html body blockquote>:last-child{margin-bottom:0}html body hr{height:4px;margin:32px 0;background-color:#d6d6d6;border:0 none}html body table{margin:10px 0 15px 0;border-collapse:collapse;border-spacing:0;display:block;width:100%;overflow:auto;word-break:normal;word-break:keep-all}html body table th{font-weight:bold;color:#000}html body table td,html body table th{border:1px solid #d6d6d6;padding:6px 13px}html body dl{padding:0}html body dl dt{padding:0;margin-top:16px;font-size:1em;font-style:italic;font-weight:bold}html body dl dd{padding:0 16px;margin-bottom:16px}html body code{font-family:Menlo,Monaco,Consolas,'Courier New',monospace;font-size:.85em !important;color:#000;background-color:#f0f0f0;border-radius:3px;padding:.2em 0}html body code::before,html body code::after{letter-spacing:-0.2em;content:"\00a0"}html body pre>code{padding:0;margin:0;font-size:.85em !important;word-break:normal;white-space:pre;background:transparent;border:0}html body .highlight{margin-bottom:16px}html body .highlight pre,html body pre{padding:1em;overflow:auto;font-size:.85em !important;line-height:1.45;border:#d6d6d6;border-radius:3px}html body .highlight pre{margin-bottom:0;word-break:normal}html body pre code,html body pre tt{display:inline;max-width:initial;padding:0;margin:0;overflow:initial;line-height:inherit;word-wrap:normal;background-color:transparent;border:0}html body pre code:before,html body pre tt:before,html body pre code:after,html body pre tt:after{content:normal}html body p,html body blockquote,html body ul,html body ol,html body dl,html body pre{margin-top:0;margin-bottom:16px}html body kbd{color:#000;border:1px solid #d6d6d6;border-bottom:2px solid #c7c7c7;padding:2px 4px;background-color:#f0f0f0;border-radius:3px}@media print{html body{background-color:#fff}html body h1,html body h2,html body h3,html body h4,html body h5,html body h6{color:#000;page-break-after:avoid}html body blockquote{color:#5c5c5c}html body pre{page-break-inside:avoid}html body table{display:table}html body img{display:block;max-width:100%;max-height:100%}html body pre,html body code{word-wrap:break-word;white-space:pre}}.markdown-preview{width:100%;height:100%;box-sizing:border-box}.markdown-preview .pagebreak,.markdown-preview .newpage{page-break-before:always}.markdown-preview pre.line-numbers{position:relative;padding-left:3.8em;counter-reset:linenumber}.markdown-preview pre.line-numbers>code{position:relative}.markdown-preview pre.line-numbers .line-numbers-rows{position:absolute;pointer-events:none;top:1em;font-size:100%;left:0;width:3em;letter-spacing:-1px;border-right:1px solid #999;-webkit-user-select:none;-moz-user-select:none;-ms-user-select:none;user-select:none}.markdown-preview pre.line-numbers .line-numbers-rows>span{pointer-events:none;display:block;counter-increment:linenumber}.markdown-preview pre.line-numbers .line-numbers-rows>span:before{content:counter(linenumber);color:#999;display:block;padding-right:.8em;text-align:right}.markdown-preview .mathjax-exps .MathJax_Display{text-align:center !important}.markdown-preview:not([for="preview"]) .code-chunk .btn-group{display:none}.markdown-preview:not([for="preview"]) .code-chunk .status{display:none}.markdown-preview:not([for="preview"]) .code-chunk .output-div{margin-bottom:16px}.scrollbar-style::-webkit-scrollbar{width:8px}.scrollbar-style::-webkit-scrollbar-track{border-radius:10px;background-color:transparent}.scrollbar-style::-webkit-scrollbar-thumb{border-radius:5px;background-color:rgba(150,150,150,0.66);border:4px solid rgba(150,150,150,0.66);background-clip:content-box}html body[for="html-export"]:not([data-presentation-mode]){position:relative;width:100%;height:100%;top:0;left:0;margin:0;padding:0;overflow:auto}html body[for="html-export"]:not([data-presentation-mode]) .markdown-preview{position:relative;top:0}@media screen and (min-width:914px){html body[for="html-export"]:not([data-presentation-mode]) .markdown-preview{padding:2em calc(50% - 457px + 2em)}}@media screen and (max-width:914px){html body[for="html-export"]:not([data-presentation-mode]) .markdown-preview{padding:2em}}@media screen and (max-width:450px){html body[for="html-export"]:not([data-presentation-mode]) .markdown-preview{font-size:14px !important;padding:1em}}@media print{html body[for="html-export"]:not([data-presentation-mode]) #sidebar-toc-btn{display:none}}html body[for="html-export"]:not([data-presentation-mode]) #sidebar-toc-btn{position:fixed;bottom:8px;left:8px;font-size:28px;cursor:pointer;color:inherit;z-index:99;width:32px;text-align:center;opacity:.4}html body[for="html-export"]:not([data-presentation-mode])[html-show-sidebar-toc] #sidebar-toc-btn{opacity:1}html body[for="html-export"]:not([data-presentation-mode])[html-show-sidebar-toc] .md-sidebar-toc{position:fixed;top:0;left:0;width:300px;height:100%;padding:32px 0 48px 0;font-size:14px;box-shadow:0 0 4px rgba(150,150,150,0.33);box-sizing:border-box;overflow:auto;background-color:inherit}html body[for="html-export"]:not([data-presentation-mode])[html-show-sidebar-toc] .md-sidebar-toc::-webkit-scrollbar{width:8px}html body[for="html-export"]:not([data-presentation-mode])[html-show-sidebar-toc] .md-sidebar-toc::-webkit-scrollbar-track{border-radius:10px;background-color:transparent}html body[for="html-export"]:not([data-presentation-mode])[html-show-sidebar-toc] .md-sidebar-toc::-webkit-scrollbar-thumb{border-radius:5px;background-color:rgba(150,150,150,0.66);border:4px solid rgba(150,150,150,0.66);background-clip:content-box}html body[for="html-export"]:not([data-presentation-mode])[html-show-sidebar-toc] .md-sidebar-toc a{text-decoration:none}html body[for="html-export"]:not([data-presentation-mode])[html-show-sidebar-toc] .md-sidebar-toc ul{padding:0 1.6em;margin-top:.8em}html body[for="html-export"]:not([data-presentation-mode])[html-show-sidebar-toc] .md-sidebar-toc li{margin-bottom:.8em}html body[for="html-export"]:not([data-presentation-mode])[html-show-sidebar-toc] .md-sidebar-toc ul{list-style-type:none}html body[for="html-export"]:not([data-presentation-mode])[html-show-sidebar-toc] .markdown-preview{left:300px;width:calc(100% - 300px);padding:2em calc(50% - 457px - 150px);margin:0;box-sizing:border-box}@media screen and (max-width:1274px){html body[for="html-export"]:not([data-presentation-mode])[html-show-sidebar-toc] .markdown-preview{padding:2em}}@media screen and (max-width:450px){html body[for="html-export"]:not([data-presentation-mode])[html-show-sidebar-toc] .markdown-preview{width:100%}}html body[for="html-export"]:not([data-presentation-mode]):not([html-show-sidebar-toc]) .markdown-preview{left:50%;transform:translateX(-50%)}html body[for="html-export"]:not([data-presentation-mode]):not([html-show-sidebar-toc]) .md-sidebar-toc{display:none}
/* Please visit the URL below for more information: */
/* https://shd101wyy.github.io/markdown-preview-enhanced/#/customize-css */
</style>
</head>
<body for="html-export">
<div class="mume markdown-preview ">
<ul>
<li><a href="#before">Before</a>
<ul>
<li><a href="#terminology">Terminology</a></li>
<li><a href="#%E5%87%86%E5%A4%87">&#x51C6;&#x5907;</a></li>
</ul>
</li>
<li><a href="#%E7%AE%80%E4%BB%8B">&#x7B80;&#x4ECB;</a>
<ul>
<li><a href="#%E5%9F%BA%E6%9C%AC%E7%94%A8%E6%B3%95">&#x57FA;&#x672C;&#x7528;&#x6CD5;</a>
<ul>
<li><a href="#%E9%85%8D%E7%BD%AE%E8%AF%B4%E6%98%8E">&#x914D;&#x7F6E;&#x8BF4;&#x660E;</a></li>
<li><a href="#defaultbackend">DefaultBackend</a></li>
<li><a href="#pathtype">PathType</a></li>
<li><a href="#%E4%B8%BB%E6%9C%BA%E5%90%8D%E5%8C%B9%E9%85%8D">&#x4E3B;&#x673A;&#x540D;&#x5339;&#x914D;</a></li>
</ul>
</li>
</ul>
</li>
<li><a href="#%E9%85%8D%E7%BD%AE">&#x914D;&#x7F6E;</a>
<ul>
<li><a href="#%E5%85%A8%E5%B1%80%E8%AE%BE%E7%BD%AE">&#x5168;&#x5C40;&#x8BBE;&#x7F6E;</a></li>
<li><a href="#%E6%B3%A8%E8%A7%A3">&#x6CE8;&#x89E3;</a>
<ul>
<li><a href="#%E8%BA%AB%E4%BB%BD%E9%AA%8C%E8%AF%81">&#x8EAB;&#x4EFD;&#x9A8C;&#x8BC1;</a></li>
<li><a href="#%E9%87%91%E4%B8%9D%E9%9B%80">&#x91D1;&#x4E1D;&#x96C0;</a></li>
<li><a href="#rewrite">Rewrite</a></li>
<li><a href="#configuration-snippet">Configuration snippet</a></li>
<li><a href="#server-snippet">Server snippet</a></li>
<li><a href="#client-body-buffer-size">Client Body Buffer Size</a></li>
<li><a href="#redirect-fromto-www">Redirect from/to www&#xB6;</a></li>
<li><a href="#custom-timeouts">Custom timeouts</a></li>
<li><a href="#custom-max-body-size">Custom max body size</a></li>
</ul>
</li>
<li><a href="#%E6%9A%B4%E9%9C%B2tcpudp-%E6%9C%8D%E5%8A%A1">&#x66B4;&#x9732;TCP/UDP &#x670D;&#x52A1;</a></li>
</ul>
</li>
<li><a href="#%E4%B8%BE%E4%B8%AA%E6%A0%97%E5%AD%90">&#x4E3E;&#x4E2A;&#x6817;&#x5B50;</a>
<ul>
<li><a href="#%E4%B8%80%E4%B8%AA%E7%AE%80%E5%8D%95%E7%9A%84%E6%A0%97%E5%AD%90">&#x4E00;&#x4E2A;&#x7B80;&#x5355;&#x7684;&#x6817;&#x5B50;</a></li>
<li><a href="#%E5%8A%A0%E8%BA%AB%E4%BB%BD%E9%AA%8C%E8%AF%81">&#x52A0;&#x8EAB;&#x4EFD;&#x9A8C;&#x8BC1;</a>
<ul>
<li><a href="#%E5%88%9B%E5%BB%BA%E7%94%A8%E6%88%B7%E5%90%8D%E5%92%8C%E5%AF%86%E7%A0%81">&#x521B;&#x5EFA;&#x7528;&#x6237;&#x540D;&#x548C;&#x5BC6;&#x7801;</a></li>
<li><a href="#%E5%88%9B%E5%BB%BA-k8s-secret-%E6%9D%A5%E5%AD%98%E5%82%A8-%E7%94%A8%E6%88%B7%E5%AF%86%E7%A0%81">&#x521B;&#x5EFA; k8s secret &#x6765;&#x5B58;&#x50A8; &#x7528;&#x6237;/&#x5BC6;&#x7801;</a></li>
<li><a href="#%E5%88%9B%E5%BB%BA-ingress">&#x521B;&#x5EFA; ingress</a></li>
<li><a href="#%E9%AA%8C%E8%AF%81">&#x9A8C;&#x8BC1;</a></li>
</ul>
</li>
</ul>
</li>
</ul>
<h1 class="mume-header" id="before">Before</h1>
<h2 class="mume-header" id="terminology">Terminology</h2>
<ul>
<li>
<p><code>&#x8282;&#x70B9;(Node)</code>: Kubernetes &#x96C6;&#x7FA4;&#x4E2D;&#x5176;&#x4E2D;&#x4E00;&#x53F0;&#x5DE5;&#x4F5C;&#x673A;&#x5668;&#xFF0C;&#x662F;&#x96C6;&#x7FA4;&#x7684;&#x4E00;&#x90E8;&#x5206;&#x3002;</p>
</li>
<li>
<p><code>&#x96C6;&#x7FA4;(Cluster)</code>: &#x4E00;&#x7EC4;&#x8FD0;&#x884C;&#x7531; Kubernetes &#x7BA1;&#x7406;&#x7684;&#x5BB9;&#x5668;&#x5316;&#x5E94;&#x7528;&#x7A0B;&#x5E8F;&#x7684;&#x8282;&#x70B9;&#x3002; &#x5728;&#x6B64;&#x793A;&#x4F8B;&#x548C;&#x5728;&#x5927;&#x591A;&#x6570;&#x5E38;&#x89C1;&#x7684; Kubernetes &#x90E8;&#x7F72;&#x73AF;&#x5883;&#x4E2D;&#xFF0C;&#x96C6;&#x7FA4;&#x4E2D;&#x7684;&#x8282;&#x70B9;&#x90FD;&#x4E0D;&#x5728;&#x516C;&#x5171;&#x7F51;&#x7EDC;&#x4E2D;&#x3002;</p>
</li>
<li>
<p><code>&#x8FB9;&#x7F18;&#x8DEF;&#x7531;&#x5668;(Edge router)</code>: &#x5728;&#x96C6;&#x7FA4;&#x4E2D;&#x5F3A;&#x5236;&#x6267;&#x884C;&#x9632;&#x706B;&#x5899;&#x7B56;&#x7565;&#x7684;&#x8DEF;&#x7531;&#x5668;&#xFF08;router&#xFF09;&#x3002; &#x53EF;&#x4EE5;&#x662F;&#x7531;&#x4E91;&#x63D0;&#x4F9B;&#x5546;&#x7BA1;&#x7406;&#x7684;&#x7F51;&#x5173;&#xFF0C;&#x4E5F;&#x53EF;&#x4EE5;&#x662F;&#x7269;&#x7406;&#x786C;&#x4EF6;&#x3002;</p>
</li>
<li>
<p><code>&#x96C6;&#x7FA4;&#x7F51;&#x7EDC;(Cluster network)</code>: &#x4E00;&#x7EC4;&#x903B;&#x8F91;&#x7684;&#x6216;&#x7269;&#x7406;&#x7684;&#x8FDE;&#x63A5;&#xFF0C;&#x6839;&#x636E; Kubernetes &#x7F51;&#x7EDC;&#x6A21;&#x578B; &#x5728;&#x96C6;&#x7FA4;&#x5185;&#x5B9E;&#x73B0;&#x901A;&#x4FE1;&#x3002;</p>
</li>
<li>
<p><code>&#x670D;&#x52A1;(Service)</code>&#xFF1A;Kubernetes &#x670D;&#x52A1;&#x4F7F;&#x7528; &#x6807;&#x7B7E;&#x9009;&#x62E9;&#x7B97;&#x7B26;&#xFF08;selectors&#xFF09;&#x6807;&#x8BC6;&#x7684;&#x4E00;&#x7EC4; Pod&#x3002; &#x9664;&#x975E;&#x53E6;&#x6709;&#x8BF4;&#x660E;&#xFF0C;&#x5426;&#x5219;&#x5047;&#x5B9A;&#x670D;&#x52A1;&#x53EA;&#x5177;&#x6709;&#x5728;&#x96C6;&#x7FA4;&#x7F51;&#x7EDC;&#x4E2D;&#x53EF;&#x8DEF;&#x7531;&#x7684;&#x865A;&#x62DF; IP&#x3002;</p>
</li>
<li>
<p><code>k8s</code>: &#x6307;kubernetes, k&#x6839;s&#x4E4B;&#x95F4;&#x6B63;&#x597D;&#x662F;8&#x4E2A;&#x5B57;&#x6BCD;</p>
</li>
<li>
<p><code>k8s&#x96C6;&#x7FA4;&#x5916;&#x90E8;&#x4E3B;&#x673A;</code>: &#x6CA1;&#x6709;&#x52A0;&#x5165;k8s&#x96C6;&#x7FA4;&#x7684;&#x4E3B;&#x673A;&#xFF0C;&#x4E0D;&#x7BA1;&#x662F;&#x4E0D;&#x662F;&#x6839;k8s&#x96C6;&#x7FA4;&#x4E3B;&#x673A;&#x5728;&#x540C;&#x4E00;&#x4E2A;&#x7F51;&#x6BB5;&#x5185;&#xFF0C;&#x90FD;&#x53EB;k8s&#x96C6;&#x7FA4;&#x5916;&#x90E8;&#x4E3B;&#x673A;</p>
</li>
<li>
<p><code>Load Balancer</code> : &#x8D1F;&#x8F7D;&#x5747;&#x8861;&#x5668;</p>
</li>
</ul>
<h2 class="mume-header" id="%E5%87%86%E5%A4%87">&#x51C6;&#x5907;</h2>
<ul>
<li><code>k8s</code> : 1.18+</li>
</ul>
<h1 class="mume-header" id="%E7%AE%80%E4%BB%8B">&#x7B80;&#x4ECB;</h1>
<p>Kubernetes &#x63D0;&#x4F9B;&#x7684;&#x53D1;&#x5E03;&#x670D;&#x52A1;&#x7684;&#x65B9;&#x5F0F;&#xFF1A;</p>
<ul>
<li>
<p><code>ClusterIP</code>&#xFF1A;&#x901A;&#x8FC7;&#x96C6;&#x7FA4;&#x7684;&#x5185;&#x90E8; IP &#x66B4;&#x9732;&#x670D;&#x52A1;&#xFF0C;&#x9009;&#x62E9;&#x8BE5;&#x503C;&#x65F6;&#x670D;&#x52A1;&#x53EA;&#x80FD;&#x591F;&#x5728;&#x96C6;&#x7FA4;&#x5185;&#x90E8;&#x8BBF;&#x95EE;&#x3002; &#x8FD9;&#x4E5F;&#x662F;&#x9ED8;&#x8BA4;&#x7684; ServiceType&#x3002;</p>
</li>
<li>
<p><code>NodePort</code>&#xFF1A;&#x901A;&#x8FC7;&#x6BCF;&#x4E2A;&#x8282;&#x70B9;&#x4E0A;&#x7684; IP &#x548C;&#x9759;&#x6001;&#x7AEF;&#x53E3;&#xFF08;NodePort&#xFF09;&#x66B4;&#x9732;&#x670D;&#x52A1;&#x3002; NodePort &#x670D;&#x52A1;&#x4F1A;&#x8DEF;&#x7531;&#x5230;&#x81EA;&#x52A8;&#x521B;&#x5EFA;&#x7684; ClusterIP &#x670D;&#x52A1;&#x3002; &#x901A;&#x8FC7;&#x8BF7;&#x6C42; &lt;&#x8282;&#x70B9; IP&gt;:&lt;&#x8282;&#x70B9;&#x7AEF;&#x53E3; 30000-32767&gt;&#xFF0C;&#x4F60;&#x53EF;&#x4EE5;&#x4ECE;&#x96C6;&#x7FA4;&#x7684;&#x5916;&#x90E8;&#x8BBF;&#x95EE;&#x4E00;&#x4E2A; NodePort &#x670D;&#x52A1;&#x3002;</p>
</li>
<li>
<p><code>LoadBalancer</code>&#xFF1A;&#x4F7F;&#x7528;&#x4E91;&#x63D0;&#x4F9B;&#x5546;&#x7684;&#x8D1F;&#x8F7D;&#x5747;&#x8861;&#x5668;&#x5411;&#x5916;&#x90E8;&#x66B4;&#x9732;&#x670D;&#x52A1;&#x3002; &#x5916;&#x90E8;&#x8D1F;&#x8F7D;&#x5747;&#x8861;&#x5668;&#x53EF;&#x4EE5;&#x5C06;&#x6D41;&#x91CF;&#x8DEF;&#x7531;&#x5230;&#x81EA;&#x52A8;&#x521B;&#x5EFA;&#x7684; NodePort &#x670D;&#x52A1;&#x548C; ClusterIP &#x670D;&#x52A1;&#x4E0A;&#x3002;</p>
</li>
<li>
<p><code>ExternalName</code>&#xFF1A;&#x901A;&#x8FC7;&#x8FD4;&#x56DE; CNAME &#x548C;&#x5BF9;&#x5E94;&#x503C;&#xFF0C;&#x53EF;&#x4EE5;&#x5C06;&#x670D;&#x52A1;&#x6620;&#x5C04;&#x5230; externalName &#x5B57;&#x6BB5;&#x7684;&#x5185;&#x5BB9;&#xFF08;&#x4F8B;&#x5982;&#xFF0C;<a href="http://foo.bar.example.com">foo.bar.example.com</a>&#xFF09;&#x3002; &#x65E0;&#x9700;&#x521B;&#x5EFA;&#x4EFB;&#x4F55;&#x7C7B;&#x578B;&#x4EE3;&#x7406;&#x3002;</p>
</li>
<li>
<p><code>externalIPs</code> : &#x5982;&#x679C;&#x5916;&#x90E8;&#x7684; IP &#x8DEF;&#x7531;&#x5230;&#x96C6;&#x7FA4;&#x4E2D;&#x4E00;&#x4E2A;&#x6216;&#x591A;&#x4E2A; Node &#x4E0A;&#xFF0C;Kubernetes Service &#x4F1A;&#x88AB;&#x66B4;&#x9732;&#x7ED9;&#x8FD9;&#x4E9B; externalIPs, <code>externalIPs</code> &#x4E0D;&#x4F1A;&#x88AB; Kubernetes &#x7BA1;&#x7406;</p>
</li>
</ul>
<pre data-role="codeBlock" data-info="yaml" class="language-yaml"><span class="token key atrule">apiVersion</span><span class="token punctuation">:</span> v1
<span class="token key atrule">kind</span><span class="token punctuation">:</span> Service
<span class="token key atrule">metadata</span><span class="token punctuation">:</span>
<span class="token key atrule">name</span><span class="token punctuation">:</span> my<span class="token punctuation">-</span>service
<span class="token key atrule">spec</span><span class="token punctuation">:</span>
<span class="token key atrule">type</span><span class="token punctuation">:</span> NodePort
<span class="token key atrule">selector</span><span class="token punctuation">:</span>
<span class="token key atrule">app</span><span class="token punctuation">:</span> MyApp
<span class="token key atrule">ports</span><span class="token punctuation">:</span>
<span class="token comment"># &#x9ED8;&#x8BA4;&#x60C5;&#x51B5;&#x4E0B;,`targetPort` &#x88AB;&#x8BBE;&#x7F6E;&#x4E3A;&#x4E0E; `port` &#x5B57;&#x6BB5;&#x76F8;&#x540C;&#x7684;&#x503C;&#x3002;</span>
<span class="token punctuation">-</span> <span class="token key atrule">port</span><span class="token punctuation">:</span> <span class="token number">80</span>
<span class="token key atrule">targetPort</span><span class="token punctuation">:</span> <span class="token number">80</span>
<span class="token comment"># &#x53EF;&#x9009;&#x5B57;&#x6BB5;</span>
<span class="token comment"># &#x9ED8;&#x8BA4;&#x60C5;&#x51B5;&#x4E0B;&#xFF0C;Kubernetes &#x4F1A;&#x4ECE;30000-32767&#x8303;&#x56F4;&#x5185;&#x5206;&#x914D;&#x4E00;&#x4E2A;&#x7AEF;&#x53E3;&#x53F7;</span>
<span class="token key atrule">nodePort</span><span class="token punctuation">:</span> <span class="token number">30007</span>
</pre><p>&#x4E0A;&#x9762;&#x53EF;&#x4EE5;&#x66B4;&#x9732;&#x7ED9;&#x5916;&#x9762;&#x7528;&#x7684;&#xFF1A;<code>NodePort</code> &#x3001;<code>LoadBalancer</code> &#x3001;<code>externalIPs</code></p>
<p><code>Ingress</code> &#x662F; k8s &#x4E3A;&#x670D;&#x52A1;&#x63D0;&#x4F9B;&#x5916;&#x90E8;&#x53EF;&#x8BBF;&#x95EE;&#x7684;&#x53E6;&#x4E00;&#x79CD;&#x65B9;&#x5F0F;&#x3002;Ingress &#x4E0D;&#x662F;&#x4E00;&#x79CD;&#x670D;&#x52A1;&#x7C7B;&#x578B;&#xFF0C;&#x4F46;&#x5B83;&#x5145;&#x5F53;&#x96C6;&#x7FA4;&#x7684;&#x5165;&#x53E3;&#x70B9;&#x3002; &#x5B83;&#x53EF;&#x4EE5;&#x5C06;&#x8DEF;&#x7531;&#x89C4;&#x5219;&#x6574;&#x5408;&#x5230;&#x4E00;&#x4E2A;&#x8D44;&#x6E90;&#x4E2D;&#xFF0C;&#x56E0;&#x4E3A;&#x5B83;&#x53EF;&#x4EE5;&#x5728;&#x540C;&#x4E00;IP&#x5730;&#x5740;&#x4E0B;&#x516C;&#x5F00;&#x591A;&#x4E2A;&#x670D;&#x52A1;&#x3002;</p>
<h2 class="mume-header" id="%E5%9F%BA%E6%9C%AC%E7%94%A8%E6%B3%95">&#x57FA;&#x672C;&#x7528;&#x6CD5;</h2>
<p>&#x4E0B;&#x9762;&#x901A;&#x8FC7;&#x4E00;&#x4E2A;&#x6700;&#x7B80;&#x5355;&#x7684;&#x793A;&#x4F8B;&#x6765;&#x5BF9;&#x914D;&#x7F6E;&#x505A;&#x4E2A;&#x7B80;&#x5355;&#x7684;&#x8BF4;&#x660E;&#xFF1A;</p>
<p><code>test-ingress.yaml</code></p>
<pre data-role="codeBlock" data-info="yaml" class="language-yaml"><span class="token key atrule">apiVersion</span><span class="token punctuation">:</span> networking.k8s.io/v1
<span class="token key atrule">kind</span><span class="token punctuation">:</span> Ingress
<span class="token key atrule">metadata</span><span class="token punctuation">:</span>
<span class="token key atrule">name</span><span class="token punctuation">:</span> minimal<span class="token punctuation">-</span>ingress
<span class="token key atrule">annotations</span><span class="token punctuation">:</span>
<span class="token comment"># k8s 1.18 &#x7248;&#x672C;&#x4EE5;&#x540E;&#x7528; `ingressClassName` &#x66FF;&#x4EE3;</span>
<span class="token comment"># kubernetes.io/ingress.class: nginx</span>
<span class="token key atrule">nginx.ingress.kubernetes.io/rewrite-target</span><span class="token punctuation">:</span> /
<span class="token comment"># &#x6700;&#x591A;&#x53EA;&#x80FD;&#x6709;&#x4E00;&#x4E2A; IngressClass &#x88AB;&#x6807;&#x8BB0;&#x4E3A;&#x9ED8;&#x8BA4;</span>
<span class="token key atrule">ingressclass.kubernetes.io/is-default-class</span><span class="token punctuation">:</span> <span class="token boolean important">true</span>
<span class="token key atrule">spec</span><span class="token punctuation">:</span>
<span class="token key atrule">ingressClassName</span><span class="token punctuation">:</span> nginx
<span class="token key atrule">rules</span><span class="token punctuation">:</span>
<span class="token punctuation">-</span> <span class="token key atrule">http</span><span class="token punctuation">:</span>
<span class="token key atrule">paths</span><span class="token punctuation">:</span>
<span class="token punctuation">-</span> <span class="token key atrule">path</span><span class="token punctuation">:</span> /testpath
<span class="token key atrule">pathType</span><span class="token punctuation">:</span> Prefix
<span class="token key atrule">backend</span><span class="token punctuation">:</span>
<span class="token key atrule">service</span><span class="token punctuation">:</span>
<span class="token key atrule">name</span><span class="token punctuation">:</span> test
<span class="token key atrule">port</span><span class="token punctuation">:</span>
<span class="token key atrule">number</span><span class="token punctuation">:</span> <span class="token number">80</span>
</pre><pre data-role="codeBlock" data-info="bash" class="language-bash">kubectl apply -f test-ingress.yaml
</pre><p>&#x4E0E;&#x5176;&#x4ED6; k8s &#x8D44;&#x6E90;&#x4E00;&#x6837;&#xFF0C;<code>ingress</code> &#x4E5F;&#x662F;&#x5177;&#x5907; <code>apiVersion</code> <code>kind</code> &#x548C; <code>metadata</code> &#x7B49;&#x5B57;&#x6BB5;&#x3002;</p>
<h3 class="mume-header" id="%E9%85%8D%E7%BD%AE%E8%AF%B4%E6%98%8E">&#x914D;&#x7F6E;&#x8BF4;&#x660E;</h3>
<ul>
<li><code>host</code>: &#x4E0A;&#x9762;&#x793A;&#x4F8B;&#x6CA1;&#x6709;&#x6307;&#x5B9A;host,&#x56E0;&#x6B64;&#x4E0A;&#x8FF0;&#x914D;&#x7F6E;&#x662F;&#x9002;&#x7528;&#x4E8E;&#x901A;&#x8FC7;&#x6307;&#x5B9A;IP&#x5730;&#x5740;&#x6765;&#x8BBF;&#x95EE;&#x670D;&#x52A1;&#x7684;&#x3002;</li>
<li><code>paths</code>: &#x6BCF;&#x4E2A; <code>path</code> &#x90FD;&#x662F;&#x7531;&#x4E00;&#x4E2A; service &#x6765;&#x5173;&#x8054;&#x6307;&#x5B9A;&#x7684;&#x670D;&#x52A1;&#x7684;&#x3002;</li>
<li><code>backend</code> : &#x662F;&#x7531; service &#x7EC4;&#x6210;&#x7684;&#x3002;&#x7528;&#x6765;&#x7ED1;&#x5B9A; service</li>
</ul>
<h3 class="mume-header" id="defaultbackend">DefaultBackend</h3>
<p>&#x901A;&#x5E38;&#x6CA1;&#x6709; <code>rules</code> &#x6216; &#x914D;&#x7F6E;&#x7684; <code>hosts</code> &#x3001;<code>paths</code> &#x6CA1;&#x6709;&#x4E0E; <code>ingress</code> &#x4E2D;&#x7684; http &#x8BF7;&#x6C42;&#x5339;&#x914D;&#x7684;&#xFF0C;&#x5219;&#x4F1A;&#x628A;&#x6D41;&#x91CF;&#x53D1;&#x9001;&#x5230; <code>defaultBackend</code>&#x3002;</p>
<h3 class="mume-header" id="pathtype">PathType</h3>
<p>Ingress &#x4E2D;&#x7684;&#x6BCF;&#x4E2A;<code>path</code> &#x90FD;&#x8981;&#x914D;&#x7F6E;&#x76F8;&#x5E94;&#x7684;<code>Path Type</code> &#x3002;<br>
&#x76EE;&#x524D;&#x652F;&#x6301;&#x7684;&#x7C7B;&#x578B;&#x6709;&#x4E09;&#x79CD;&#xFF1A;</p>
<ul>
<li>
<p><code>ImplementationSpecific</code><br>
&#x8FD9;&#x4E2A;&#x7C7B;&#x578B;&#x5339;&#x914D;&#x65B9;&#x5F0F;&#x53D6;&#x51B3;&#x4E8E; <code>IngressClass</code></p>
</li>
<li>
<p><code>Exact</code><br>
&#x7CBE;&#x786E;&#x5339;&#x914D; <code>URL</code> ,&#x4E14;&#x533A;&#x5206;&#x5927;&#x5C0F;&#x5199;</p>
</li>
<li>
<p><code>Prefix</code><br>
&#x57FA;&#x4E8E;&#x4EE5; <code>/</code> &#x5206;&#x9694;&#x7684; URL &#x8DEF;&#x5F84;&#x524D;&#x7F00;&#x5339;&#x914D;&#x3002;&#x533A;&#x5206;&#x5927;&#x5C0F;&#x5199;&#x3002;<br>
<code>/foo/bar</code> &#x5339;&#x914D; <code>/foo/bar/baz</code>, &#x4F46;&#x4E0D;&#x5339;&#x914D; <code>/foo/barbaz</code></p>
</li>
</ul>
<p>&#x914D;&#x7F6E;&#x793A;&#x4F8B;&#x53C2;&#x8003;&#xFF1A;</p>
<table>
<thead>
<tr>
<th>&#x7C7B;&#x578B;</th>
<th>&#x8DEF;&#x5F84;</th>
<th>&#x8BF7;&#x6C42;&#x8DEF;&#x5F84;</th>
<th>&#x5339;&#x914D;&#x4E0E;&#x5426;&#xFF1F;</th>
</tr>
</thead>
<tbody>
<tr>
<td>Prefix</td>
<td><code>/</code></td>
<td>&#xFF08;&#x6240;&#x6709;&#x8DEF;&#x5F84;&#xFF09;</td>
<td>&#x2714;</td>
</tr>
<tr>
<td>Exact</td>
<td><code>/foo</code></td>
<td><code>/foo</code></td>
<td>&#x2714;</td>
</tr>
<tr>
<td>Exact</td>
<td><code>/foo</code></td>
<td><code>/bar</code></td>
<td>&#x274C;</td>
</tr>
<tr>
<td>Exact</td>
<td><code>/foo</code></td>
<td><code>/foo/</code></td>
<td>&#x274C;</td>
</tr>
<tr>
<td>Exact</td>
<td><code>/foo/</code></td>
<td><code>/foo</code></td>
<td>&#x274C;</td>
</tr>
<tr>
<td>Prefix</td>
<td><code>/foo</code></td>
<td><code>/foo</code>, <code>/foo/</code></td>
<td>&#x2714;</td>
</tr>
<tr>
<td>Prefix</td>
<td><code>/foo/</code></td>
<td><code>/foo</code>, <code>/foo/</code></td>
<td>&#x2714;</td>
</tr>
<tr>
<td>Prefix</td>
<td><code>/aaa/bb</code></td>
<td><code>/aaa/bbb</code></td>
<td>&#x274C;</td>
</tr>
<tr>
<td>Prefix</td>
<td><code>/aaa/bbb</code></td>
<td><code>/aaa/bbb</code></td>
<td>&#x2714;</td>
</tr>
<tr>
<td>Prefix</td>
<td><code>/aaa/bbb/</code></td>
<td><code>/aaa/bbb</code></td>
<td>&#x2714;&#xFF0C;&#x5FFD;&#x7565;&#x5C3E;&#x90E8;&#x659C;&#x7EBF;</td>
</tr>
<tr>
<td>Prefix</td>
<td><code>/aaa/bbb</code></td>
<td><code>/aaa/bbb/</code></td>
<td>&#x2714;&#xFF0C;&#x5339;&#x914D;&#x5C3E;&#x90E8;&#x659C;&#x7EBF;</td>
</tr>
<tr>
<td>Prefix</td>
<td><code>/aaa/bbb</code></td>
<td><code>/aaa/bbb/ccc</code></td>
<td>&#x2714;&#xFF0C;&#x5339;&#x914D;&#x5B50;&#x8DEF;&#x5F84;</td>
</tr>
<tr>
<td>Prefix</td>
<td><code>/aaa/bbb</code></td>
<td><code>/aaa/bbbxyz</code></td>
<td>&#x274C;&#xFF0C;&#x5B57;&#x7B26;&#x4E32;&#x524D;&#x7F00;&#x4E0D;&#x5339;&#x914D;</td>
</tr>
<tr>
<td>Prefix</td>
<td><code>/</code>, <code>/aaa</code></td>
<td><code>/aaa/ccc</code></td>
<td>&#x2714;&#xFF0C;&#x5339;&#x914D; <code>/aaa</code> &#x524D;&#x7F00;</td>
</tr>
<tr>
<td>Prefix</td>
<td><code>/</code>, <code>/aaa</code>, <code>/aaa/bbb</code></td>
<td><code>/aaa/bbb</code></td>
<td>&#x2714;&#xFF0C;&#x5339;&#x914D; <code>/aaa/bbb</code> &#x524D;&#x7F00;</td>
</tr>
<tr>
<td>Prefix</td>
<td><code>/</code>, <code>/aaa</code>, <code>/aaa/bbb</code></td>
<td><code>/ccc</code></td>
<td>&#x2714;&#xFF0C;&#x5339;&#x914D; <code>/</code> &#x524D;&#x7F00;</td>
</tr>
<tr>
<td>Prefix</td>
<td><code>/aaa</code></td>
<td><code>/ccc</code></td>
<td>&#x274C;&#xFF0C;&#x4F7F;&#x7528;&#x9ED8;&#x8BA4;&#x540E;&#x7AEF;</td>
</tr>
<tr>
<td>&#x6DF7;&#x5408;</td>
<td><code>/foo</code> (Prefix), <code>/foo</code> (Exact)</td>
<td><code>/foo</code></td>
<td>&#x2714;&#xFF0C;&#x4F18;&#x9009; Exact &#x7C7B;&#x578B;</td>
</tr>
</tbody>
</table>
<h3 class="mume-header" id="%E4%B8%BB%E6%9C%BA%E5%90%8D%E5%8C%B9%E9%85%8D">&#x4E3B;&#x673A;&#x540D;&#x5339;&#x914D;</h3>
<table>
<thead>
<tr>
<th>&#x4E3B;&#x673A;</th>
<th>host &#x5934;&#x90E8;</th>
<th>&#x5339;&#x914D;&#x4E0E;&#x5426;&#xFF1F;</th>
</tr>
</thead>
<tbody>
<tr>
<td><code>*.foo.com</code></td>
<td><code>bar.foo.com</code></td>
<td>&#x57FA;&#x4E8E;&#x76F8;&#x540C;&#x7684;&#x540E;&#x7F00;&#x5339;&#x914D;</td>
</tr>
<tr>
<td><code>*.foo.com</code></td>
<td><code>baz.bar.foo.com</code></td>
<td>&#x4E0D;&#x5339;&#x914D;&#xFF0C;&#x901A;&#x914D;&#x7B26;&#x4EC5;&#x8986;&#x76D6;&#x4E86;&#x4E00;&#x4E2A; DNS &#x6807;&#x7B7E;</td>
</tr>
<tr>
<td><code>*.foo.com</code></td>
<td><code>foo.com</code></td>
<td>&#x4E0D;&#x5339;&#x914D;&#xFF0C;&#x901A;&#x914D;&#x7B26;&#x4EC5;&#x8986;&#x76D6;&#x4E86;&#x4E00;&#x4E2A; DNS &#x6807;&#x7B7E;</td>
</tr>
</tbody>
</table>
<h1 class="mume-header" id="%E9%85%8D%E7%BD%AE">&#x914D;&#x7F6E;</h1>
<p>&#x5728; <code>ingress</code> &#x4E2D;&#x914D;&#x7F6E;&#x5206;&#x4E3A;&#x4E86;&#x4E09;&#x90E8;&#x5206;&#xFF1A;</p>
<ul>
<li><code>configmap</code> : &#x8BBE;&#x7F6E; ingress-nginx &#x7684;&#x5168;&#x5C40;&#x8BBE;&#x7F6E;</li>
<li><code>annotations</code> &#xFF1A;ingress &#x7279;&#x5B9A;&#x7684;&#x8BBE;&#x7F6E;</li>
<li><code>custom template</code> &#xFF1A;</li>
</ul>
<h2 class="mume-header" id="%E5%85%A8%E5%B1%80%E8%AE%BE%E7%BD%AE">&#x5168;&#x5C40;&#x8BBE;&#x7F6E;</h2>
<p>&#x5168;&#x5C40;&#x914D;&#x7F6E;&#x4E00;&#x822C;&#x662F;&#x4F7F;&#x7528; configmap &#x3002;<br>
&#x4E0B;&#x9762;&#x662F;&#x4E00;&#x4E2A; ingress-controller &#x7684;&#x914D;&#x7F6E;</p>
<pre data-role="codeBlock" data-info="yaml" class="language-yaml"><span class="token key atrule">kind</span><span class="token punctuation">:</span> ConfigMap
<span class="token key atrule">apiVersion</span><span class="token punctuation">:</span> v1
<span class="token key atrule">metadata</span><span class="token punctuation">:</span>
<span class="token key atrule">name</span><span class="token punctuation">:</span> ingress<span class="token punctuation">-</span>nginx<span class="token punctuation">-</span>controller
<span class="token key atrule">namespace</span><span class="token punctuation">:</span> ingress<span class="token punctuation">-</span>nginx
<span class="token key atrule">labels</span><span class="token punctuation">:</span>
<span class="token key atrule">app.kubernetes.io/component</span><span class="token punctuation">:</span> controller
<span class="token key atrule">app.kubernetes.io/instance</span><span class="token punctuation">:</span> ingress<span class="token punctuation">-</span>nginx
<span class="token key atrule">app.kubernetes.io/managed-by</span><span class="token punctuation">:</span> Helm
<span class="token key atrule">app.kubernetes.io/name</span><span class="token punctuation">:</span> ingress<span class="token punctuation">-</span>nginx
<span class="token key atrule">app.kubernetes.io/version</span><span class="token punctuation">:</span> 0.40.2
<span class="token key atrule">helm.sh/chart</span><span class="token punctuation">:</span> ingress<span class="token punctuation">-</span>nginx<span class="token punctuation">-</span>3.6.0
<span class="token key atrule">annotations</span><span class="token punctuation">:</span>
<span class="token key atrule">data</span><span class="token punctuation">:</span>
<span class="token key atrule">allow-backend-server-header</span><span class="token punctuation">:</span> <span class="token string">&apos;true&apos;</span>
<span class="token key atrule">client-body-buffer-size</span><span class="token punctuation">:</span> 20m
<span class="token key atrule">enable-underscores-in-headers</span><span class="token punctuation">:</span> <span class="token string">&apos;true&apos;</span>
<span class="token key atrule">generate-request-id</span><span class="token punctuation">:</span> <span class="token string">&apos;true&apos;</span>
<span class="token key atrule">gzip-level</span><span class="token punctuation">:</span> <span class="token string">&apos;6&apos;</span>
<span class="token key atrule">gzip-types</span><span class="token punctuation">:</span> <span class="token punctuation">&gt;</span><span class="token punctuation">-</span>
application/atom+xml application/javascript application/x<span class="token punctuation">-</span>javascript
application/json application/rss+xml application/vnd.ms<span class="token punctuation">-</span>fontobject
application/x<span class="token punctuation">-</span>font<span class="token punctuation">-</span>ttf application/x<span class="token punctuation">-</span>web<span class="token punctuation">-</span>app<span class="token punctuation">-</span>manifest+json
application/xhtml+xml application/xml font/opentype image/svg+xml
image/x<span class="token punctuation">-</span>icon text/css text/javascript text/plain text/x<span class="token punctuation">-</span>component
<span class="token key atrule">ignore-invalid-headers</span><span class="token punctuation">:</span> <span class="token string">&apos;true&apos;</span>
<span class="token key atrule">keep-alive</span><span class="token punctuation">:</span> <span class="token string">&apos;75&apos;</span>
<span class="token key atrule">large-client-header-buffers</span><span class="token punctuation">:</span> 4 128k
<span class="token key atrule">log-format-upstream</span><span class="token punctuation">:</span> <span class="token punctuation">&gt;</span><span class="token punctuation">-</span>
$remote_addr <span class="token punctuation">-</span> <span class="token punctuation">[</span>$remote_addr<span class="token punctuation">]</span> <span class="token punctuation">-</span> $remote_user <span class="token punctuation">[</span>$time_local<span class="token punctuation">]</span> &quot;$request&quot;
$status $body_bytes_sent &quot;$http_referer&quot; &quot;$http_user_agent&quot; $request_length
&quot;$http_x_forwarded_for&quot; $remote_addr $request_time <span class="token punctuation">[</span>$proxy_upstream_name<span class="token punctuation">]</span>
$upstream_addr $upstream_response_length $upstream_response_time
$upstream_status $req_id $host
<span class="token key atrule">max-worker-connections</span><span class="token punctuation">:</span> <span class="token string">&apos;65536&apos;</span>
<span class="token key atrule">proxy-body-size</span><span class="token punctuation">:</span> 20m
<span class="token key atrule">proxy-buffer-size</span><span class="token punctuation">:</span> 64k
<span class="token key atrule">proxy-connect-timeout</span><span class="token punctuation">:</span> <span class="token string">&apos;300&apos;</span>
<span class="token key atrule">proxy-next-upstream-timeout</span><span class="token punctuation">:</span> <span class="token string">&apos;10&apos;</span>
<span class="token key atrule">proxy-read-timeout</span><span class="token punctuation">:</span> <span class="token string">&apos;300&apos;</span>
<span class="token key atrule">proxy-send-timeout</span><span class="token punctuation">:</span> <span class="token string">&apos;300&apos;</span>
<span class="token key atrule">reuse-port</span><span class="token punctuation">:</span> <span class="token string">&apos;true&apos;</span>
<span class="token key atrule">server-tokens</span><span class="token punctuation">:</span> <span class="token string">&apos;false&apos;</span>
<span class="token key atrule">upstream-keepalive-connections</span><span class="token punctuation">:</span> <span class="token string">&apos;20000&apos;</span>
<span class="token key atrule">upstream-keepalive-requests</span><span class="token punctuation">:</span> <span class="token string">&apos;100000&apos;</span>
<span class="token key atrule">upstream-keepalive-timeout</span><span class="token punctuation">:</span> <span class="token string">&apos;3000&apos;</span>
<span class="token key atrule">use-forwarded-headers</span><span class="token punctuation">:</span> <span class="token string">&apos;true&apos;</span>
<span class="token key atrule">use-gzip</span><span class="token punctuation">:</span> <span class="token string">&apos;true&apos;</span>
<span class="token key atrule">worker-cpu-affinity</span><span class="token punctuation">:</span> auto
</pre><p>&#x8FD9;&#x4E2A;&#x5C31;&#x76F8;&#x5F53;&#x4E8E; <code>nginx</code> &#x7684; <code>nginx.conf</code> &#x914D;&#x7F6E;&#x6587;&#x4EF6;</p>
<pre data-role="codeBlock" data-info class="language-"><code>user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# body size
##
client_max_body_size 10m;
proxy_read_timeout 300;
##
# Gzip Settings
##
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
</code></pre><p>&#x5E38;&#x7528;&#x914D;&#x7F6E;&#x5BF9;&#x7167;&#x8868;&#xFF1A;</p>
<table>
<thead>
<tr>
<th style="text-align:left">&#x540D;&#x79F0;</th>
<th style="text-align:left">nginx &#x540D;&#x79F0;</th>
<th>&#x8BF4;&#x660E;</th>
<th>&#x7C7B;&#x578B;</th>
<th>&#x9ED8;&#x8BA4;&#x503C;</th>
</tr>
</thead>
<tbody>
<tr>
<td style="text-align:left"><code>worker-processes</code></td>
<td style="text-align:left"><code>worker_processes</code></td>
<td>&#x8BBE;&#x7F6E; <code>worker processes</code> &#x6570;&#x91CF;, &#x9ED8;&#x8BA4;&#x503C;&quot;auto&quot;&#x8868;&#x793A;&#x53EF;&#x7528;&#x7684;CPU&#x5185;&#x6838;&#x6570;</td>
<td>string</td>
<td><code>auto</code></td>
</tr>
<tr>
<td style="text-align:left"><code>max-worker-connections</code></td>
<td style="text-align:left"><code>worker_connections</code></td>
<td>&#x8BBE;&#x7F6E; &#x5355;&#x4E2A; <code>worker</code> &#x6253;&#x5F00;&#x7684;&#x6700;&#x5927;&#x540C;&#x65F6;&#x8FDE;&#x63A5;&#x6570;</td>
<td>int</td>
<td><code>16384</code></td>
</tr>
<tr>
<td style="text-align:left"><code>enable-multi-accept</code></td>
<td style="text-align:left"><code>multi_accept</code></td>
<td>&#x5982;&#x679C;&#x7981;&#x7528;&#xFF0C;worker&#x8FDB;&#x7A0B;&#x5C06;&#x4E00;&#x6B21;&#x63A5;&#x53D7;&#x4E00;&#x4E2A;&#x65B0;&#x8FDE;&#x63A5;&#x3002; &#x5426;&#x5219;&#xFF0C;&#x5DE5;&#x4F5C;&#x8FDB;&#x7A0B;&#x5C06;&#x4E00;&#x6B21;&#x63A5;&#x53D7;&#x6240;&#x6709;&#x65B0;&#x8FDE;&#x63A5;</td>
<td>bool</td>
<td><code>true</code></td>
</tr>
<tr>
<td style="text-align:left"><code>keep-alive</code></td>
<td style="text-align:left"><code>keepalive_timeout</code></td>
<td>&#x8BBE;&#x7F6E;&#x4FDD;&#x6301;&#x6D3B;&#x52A8;&#x7684;&#x5BA2;&#x6237;&#x7AEF;&#x8FDE;&#x63A5;&#x5728;&#x670D;&#x52A1;&#x5668;&#x7AEF;&#x4FDD;&#x6301;&#x6253;&#x5F00;&#x72B6;&#x6001;&#x7684;&#x65F6;&#x95F4;&#x3002; &#x96F6;&#x503C;&#x5C06;&#x7981;&#x7528;&#x4FDD;&#x6301;&#x6D3B;&#x52A8;&#x72B6;&#x6001;&#x7684;&#x5BA2;&#x6237;&#x7AEF;&#x8FDE;&#x63A5;&#x3002;</td>
<td>int</td>
<td><code>75</code></td>
</tr>
<tr>
<td style="text-align:left"><code>upstream-keepalive-timeout</code></td>
<td style="text-align:left"><code>keepalive_timeout</code></td>
<td>&#x8BBE;&#x7F6E;&#x4E00;&#x4E2A;&#x8D85;&#x65F6;&#xFF0C;&#x5728;&#x6B64;&#x8D85;&#x65F6;&#x671F;&#x95F4;&#xFF0C;&#x4E0E;&#x4E0A;&#x6E38;&#x670D;&#x52A1;&#x5668;&#x7684;&#x7A7A;&#x95F2;<code>keepalive</code>&#x8FDE;&#x63A5;&#x5C06;&#x4FDD;&#x6301;&#x6253;&#x5F00;&#x72B6;&#x6001;</td>
<td>int</td>
<td><code>60</code></td>
</tr>
<tr>
<td style="text-align:left"><code>server-tokens</code></td>
<td style="text-align:left"><code>server_tokens</code></td>
<td>&#x5728;&#x54CD;&#x5E94;&#x4E2D;&#x53D1;&#x9001;nginx Server&#x6807;&#x5934;&#xFF0C;&#x5E76;&#x5728;&#x9519;&#x8BEF;&#x9875;&#x9762;&#x4E2D;&#x663E;&#x793A;NGINX&#x7248;&#x672C;</td>
<td>bool</td>
<td><code>true</code></td>
</tr>
<tr>
<td style="text-align:left"><code>server-name-hash-bucket-size</code></td>
<td style="text-align:left"><code>server_names_hash_bucket_size</code></td>
<td>int</td>
<td>``</td>
<td></td>
</tr>
<tr>
<td style="text-align:left"><code>proxy-body-size</code></td>
<td style="text-align:left"><code>client_max_body_size</code></td>
<td>&#x8BBE;&#x7F6E;&#x5BA2;&#x6237;&#x7AEF;&#x8BF7;&#x6C42;&#x6B63;&#x6587;&#x7684;&#x6700;&#x5927;&#x5141;&#x8BB8;&#x5927;&#x5C0F;</td>
<td>string</td>
<td><code>1m</code></td>
</tr>
<tr>
<td style="text-align:left"><code>proxy-read-timeout</code></td>
<td style="text-align:left"><code>proxy-read-timeout</code></td>
<td>&#x4EE5;&#x79D2;&#x4E3A;&#x5355;&#x4F4D;&#x4E3A;&#x4ECE;&#x4EE3;&#x7406;&#x670D;&#x52A1;&#x5668;&#x8BFB;&#x53D6;&#x76F8;&#x5E94;&#x8BBE;&#x7F6E;&#x8D85;&#x65F6;</td>
<td>int</td>
<td><code>60</code></td>
</tr>
<tr>
<td style="text-align:left"><code>use-gzip</code></td>
<td style="text-align:left"><code>gzip</code></td>
<td>&#x542F;&#x7528;&#x6216;&#x7981;&#x7528;HTTP&#x54CD;&#x5E94;&#x7684;&#x538B;&#x7F29;</td>
<td>bool</td>
<td><code>true</code></td>
</tr>
<tr>
<td style="text-align:left"><code>gzip-types</code></td>
<td style="text-align:left"><code>gzip_types</code></td>
<td>&#x8BBE;&#x7F6E;&#x9664;&quot;text/html&quot;&#x4E4B;&#x5916;&#x7684;MIME&#x7C7B;&#x578B;&#x4EE5;&#x8FDB;&#x884C;&#x538B;&#x7F29;&#x3002; &#x7279;&#x6B8A;&#x503C;&quot;*&quot;&#x4E0E;&#x4EFB;&#x4F55;MIME&#x7C7B;&#x578B;&#x5339;&#x914D;</td>
<td>string</td>
<td>&quot;application/atom+xml application/javascript <br>application/x-javascript application/json <br>application/rss+xml <br>application/vnd.ms-fontobject <br>application/x-font-ttf <br>application/x-web-app-manifest+json <br>application/xhtml+xml application/xml <br>font/opentype image/svg+xml <br>image/x-icon text/css <br>text/javascript text/plain <br>text/x-component&quot;</td>
</tr>
<tr>
<td style="text-align:left"><code>gzip-level</code></td>
<td style="text-align:left"><code>gzip_comp_level</code></td>
<td>&#x8BBE;&#x7F6E;&#x5C06;&#x4F7F;&#x7528;&#x7684;gzip&#x538B;&#x7F29;&#x7EA7;&#x522B;</td>
<td>int</td>
<td><code>1</code></td>
</tr>
</tbody>
</table>
<h2 class="mume-header" id="%E6%B3%A8%E8%A7%A3">&#x6CE8;&#x89E3;</h2>
<p>&#x6CE8;&#x89E3;&#x90FD;&#x662F;&#x4EE5; <code>nginx.ingress.kubernetes.io</code> &#x4F5C;&#x4E3A;&#x524D;&#x7F00;&#x7684;,&#x6DFB;&#x52A0;&#x5230;&#x7279;&#x5B9A;&#x7684;ingress&#x5B9E;&#x4F8B;&#x4E0A;&#x7684;&#x3002;</p>
<h3 class="mume-header" id="%E8%BA%AB%E4%BB%BD%E9%AA%8C%E8%AF%81">&#x8EAB;&#x4EFD;&#x9A8C;&#x8BC1;</h3>
<pre data-role="codeBlock" data-info="yaml" class="language-yaml"><span class="token comment"># http &#x8EAB;&#x4EFD;&#x9A8C;&#x8BC1;&#x7684;&#x7C7B;&#x578B;</span>
<span class="token key atrule">nginx.ingress.kubernetes.io/auth-type</span><span class="token punctuation">:</span> <span class="token punctuation">[</span>basic<span class="token punctuation">|</span>digest<span class="token punctuation">]</span>
<span class="token comment"># Secret&#x7684;&#x540D;&#x79F0;&#xFF0C;&#x5176;&#x4E2D;&#x5305;&#x542B;&#x7528;&#x6237;&#x540D;&#x548C;&#x5BC6;&#x7801;</span>
<span class="token key atrule">nginx.ingress.kubernetes.io/auth-secret</span><span class="token punctuation">:</span> secretName
<span class="token comment"># auth-secret &#x6709;&#x4E24;&#x79CD;&#x683C;&#x5F0F;&#xFF1A;</span>
<span class="token comment"># auth-file &#x9ED8;&#x8BA4;&#x60C5;&#x51B5;&#x4E0B;&#xFF0C;&#x5BC6;&#x94A5;&apos;auth&apos;&#x4E2D;&#x7684;htpasswd&#x6587;&#x4EF6;&#x5728;&#x5BC6;&#x94A5;&#x5185;</span>
<span class="token comment"># auth-map &#x5BC6;&#x94A5;&#x7684;&#x5BC6;&#x94A5;&#x662F;&#x7528;&#x6237;&#x540D;&#xFF0C;&#x503C;&#x662F;&#x54C8;&#x5E0C;&#x5BC6;&#x7801;</span>
<span class="token key atrule">nginx.ingress.kubernetes.io/auth-secret-type</span><span class="token punctuation">:</span> <span class="token punctuation">[</span>auth<span class="token punctuation">-</span>file<span class="token punctuation">|</span>auth<span class="token punctuation">-</span>map<span class="token punctuation">]</span>
<span class="token key atrule">nginx.ingress.kubernetes.io/auth-realm</span><span class="token punctuation">:</span> <span class="token string">&quot;realm string&quot;</span>
</pre><h3 class="mume-header" id="%E9%87%91%E4%B8%9D%E9%9B%80">&#x91D1;&#x4E1D;&#x96C0;</h3>
<p>&#x8FD9;&#x4E2A;&#x4E4B;&#x524D;&#x6709;&#x4E13;&#x95E8;&#x7684;&#x4ECB;&#x7ECD;&#xFF0C;&#x8FD9;&#x91CC;&#x5C31;&#x4E0D;&#x5E9F;&#x8BDD;&#x4E86;</p>
<pre data-role="codeBlock" data-info="yaml" class="language-yaml">nginx.ingress.kubernetes.io/canary<span class="token punctuation">-</span>by<span class="token punctuation">-</span>header
nginx.ingress.kubernetes.io/canary<span class="token punctuation">-</span>by<span class="token punctuation">-</span>header<span class="token punctuation">-</span>value
nginx.ingress.kubernetes.io/canary<span class="token punctuation">-</span>by<span class="token punctuation">-</span>cookie
nginx.ingress.kubernetes.io/canary<span class="token punctuation">-</span>by<span class="token punctuation">-</span>cookie
</pre><h3 class="mume-header" id="rewrite">Rewrite</h3>
<p>&#x5728;&#x67D0;&#x4E9B;&#x60C5;&#x51B5;&#x4E0B;&#xFF0C;&#x540E;&#x7AEF;&#x670D;&#x52A1;&#x4E2D;&#x516C;&#x5F00;&#x7684;URL&#x4E0E;Ingress&#x89C4;&#x5219;&#x4E2D;&#x6307;&#x5B9A;&#x7684;&#x8DEF;&#x5F84;&#x4E0D;&#x540C;.<br>
&#x6CA1;&#x6709;&#x91CD;&#x5199;&#xFF0C;&#x4EFB;&#x4F55;&#x8BF7;&#x6C42;&#x90FD;&#x5C06;&#x8FD4;&#x56DE;404.<br>
&#x8BBE;&#x7F6E; <code>nginx.ingress.kubernetes.io/rewrite-target</code> &#x6CE8;&#x89E3;&#x5230;&#x670D;&#x52A1;&#x671F;&#x671B;&#x7684;&#x8DEF;&#x5F84;.</p>
<p>&#x5982;&#x679C;&#x5E94;&#x7528;&#x7A0B;&#x5E8F;&#x6839;&#x76EE;&#x5F55;&#x66B4;&#x9732;&#x5728;&#x5176;&#x4ED6;&#x8DEF;&#x5F84;&#x4E2D;&#xFF0C;&#x5E76;&#x4E14;&#x9700;&#x8981;&#x91CD;&#x5B9A;&#x5411;&#xFF0C;&#x8BF7;&#x8BBE;&#x7F6E;&#x6CE8;&#x91CA;<br>
<code>nginx.ingress.kubernetes.io/app-root</code> &#x91CD;&#x5B9A;&#x5411;&#x8BF7;&#x6C42;&#x5230; <code>/</code>.</p>
<h3 class="mume-header" id="configuration-snippet">Configuration snippet</h3>
<p>&#x4F7F;&#x7528;&#x6B64;&#x6CE8;&#x91CA;&#xFF0C;&#x60A8;&#x53EF;&#x4EE5;&#x5C06;&#x5176;&#x4ED6;&#x914D;&#x7F6E;&#x6DFB;&#x52A0;&#x5230;NGINX&#x4F4D;&#x7F6E;&#x3002; &#x4F8B;&#x5982;:</p>
<pre data-role="codeBlock" data-info="yaml" class="language-yaml"><span class="token key atrule">nginx.ingress.kubernetes.io/configuration-snippet</span><span class="token punctuation">:</span> <span class="token punctuation">|</span><span class="token scalar string">
more_set_headers &quot;Request-Id: $req_id&quot;;</span>
</pre><h3 class="mume-header" id="server-snippet">Server snippet</h3>
<p>&#x4F7F;&#x7528;&#x6CE8;&#x89E3; <code>nginx.ingress.kubernetes.io/server-snippet</code> &#x53EF;&#x4EE5;&#x5728;&#x670D;&#x52A1;&#x5668;&#x914D;&#x7F6E;&#x5757;&#x4E2D;&#x6DFB;&#x52A0;&#x81EA;&#x5B9A;&#x4E49;&#x914D;&#x7F6E;.</p>
<pre data-role="codeBlock" data-info="yaml" class="language-yaml"><span class="token key atrule">apiVersion</span><span class="token punctuation">:</span> extensions/v1beta1
<span class="token key atrule">kind</span><span class="token punctuation">:</span> Ingress
<span class="token key atrule">metadata</span><span class="token punctuation">:</span>
<span class="token key atrule">annotations</span><span class="token punctuation">:</span>
<span class="token key atrule">nginx.ingress.kubernetes.io/server-snippet</span><span class="token punctuation">:</span> <span class="token punctuation">|</span><span class="token scalar string">
set $agentflag 0;</span>
if ($http_user_agent ~* &quot;(Mobile)&quot; )<span class="token punctuation">{</span>
set $agentflag 1;
<span class="token punctuation">}</span>
if ( $agentflag = 1 ) <span class="token punctuation">{</span>
return 301 https<span class="token punctuation">:</span>//m.example.com;
<span class="token punctuation">}</span>
</pre><h3 class="mume-header" id="client-body-buffer-size">Client Body Buffer Size</h3>
<p>&#x8BBE;&#x7F6E;&#x7F13;&#x51B2;&#x533A;&#x5927;&#x5C0F;&#xFF0C;&#x4EE5;&#x8BFB;&#x53D6;&#x6BCF;&#x4E2A;&#x4F4D;&#x7F6E;&#x7684;&#x5BA2;&#x6237;&#x7AEF;&#x8BF7;&#x6C42;&#x6B63;&#x6587;&#x3002; &#x5982;&#x679C;&#x8BF7;&#x6C42;&#x4E3B;&#x4F53;&#x5927;&#x4E8E;&#x7F13;&#x51B2;&#x533A;&#xFF0C; &#x6574;&#x4E2A;&#x8EAB;&#x4F53;&#x6216;&#x53EA;&#x5C06;&#x5176;&#x4E00;&#x90E8;&#x5206;&#x5199;&#x5165;&#x4E00;&#x4E2A;&#x4E34;&#x65F6;&#x6587;&#x4EF6;&#x3002; &#x9ED8;&#x8BA4;&#x60C5;&#x51B5;&#x4E0B;&#xFF0C;&#x7F13;&#x51B2;&#x533A;&#x5927;&#x5C0F;&#x7B49;&#x4E8E;&#x4E24;&#x4E2A;&#x5185;&#x5B58;&#x9875;&#x3002; &#x5728;x86&#xFF0C;&#x5176;&#x4ED6;32&#x4F4D;&#x5E73;&#x53F0;&#x548C;x86-64&#x4E0A;&#x4E3A;8K&#x3002; &#x5728;&#x5176;&#x4ED6;64&#x4F4D;&#x5E73;&#x53F0;&#x4E0A;&#xFF0C;&#x901A;&#x5E38;&#x4E3A;16K&#x3002; &#x8BE5;&#x6CE8;&#x89E3;&#x662F; &#x5E94;&#x7528;&#x4E8E;&#x5165;&#x53E3;&#x89C4;&#x5219;&#x4E2D;&#x63D0;&#x4F9B;&#x7684;&#x6BCF;&#x4E2A;&#x4F4D;&#x7F6E;</p>
<pre data-role="codeBlock" data-info="yaml" class="language-yaml"><span class="token key atrule">nginx.ingress.kubernetes.io/client-body-buffer-size</span><span class="token punctuation">:</span> <span class="token string">&quot;1000&quot;</span> <span class="token comment"># 1000 bytes</span>
<span class="token key atrule">nginx.ingress.kubernetes.io/client-body-buffer-size</span><span class="token punctuation">:</span> 1k <span class="token comment"># 1 kilobyte</span>
<span class="token key atrule">nginx.ingress.kubernetes.io/client-body-buffer-size</span><span class="token punctuation">:</span> 1K <span class="token comment"># 1 kilobyte</span>
<span class="token key atrule">nginx.ingress.kubernetes.io/client-body-buffer-size</span><span class="token punctuation">:</span> 1m <span class="token comment"># 1 megabyte</span>
<span class="token key atrule">nginx.ingress.kubernetes.io/client-body-buffer-size</span><span class="token punctuation">:</span> 1M <span class="token comment"># 1 megabyte</span>
</pre><h3 class="mume-header" id="redirect-fromto-www">Redirect from/to www&#xB6;</h3>
<p>&#x5728;&#x67D0;&#x4E9B;&#x60C5;&#x51B5;&#x4E0B;&#xFF0C;<a href="http://xn--www-8p9dk79xj6q.domain.com">&#x9700;&#x8981;&#x4ECE;www.domain.com</a> &#x91CD;&#x5B9A;&#x5411;&#x5230; <a href="http://domain.com">domain.com</a> &#xFF0C;&#x53CD;&#x4E4B;&#x4EA6;&#x7136;. &#x4F7F;&#x7528; <code>nginx.ingress.kubernetes.io/from-to-www-redirect</code>: &quot;true&quot;&#x6CE8;&#x89E3;&#x5F00;&#x542F;&#x6B64;&#x529F;&#x80FD;</p>
<h3 class="mume-header" id="custom-timeouts">Custom timeouts</h3>
<p>&#x4F7F;&#x7528;&#x914D;&#x7F6E;configmap&#x53EF;&#x4EE5;&#x4E3A;<code>ingress-nginx</code> &#x8BBE;&#x7F6E;&#x9ED8;&#x8BA4;&#x7684;&#x5168;&#x5C40;&#x8D85;&#x65F6;&#x3002; &#x5728;&#x67D0;&#x4E9B;&#x60C5;&#x51B5;&#x4E0B;&#xFF0C;&#x8981;&#x6C42;&#x5177;&#x6709;&#x4E0D;&#x540C;&#x7684;&#x503C;&#x3002; &#x4E3A;&#x6B64;&#xFF0C;&#x6211;&#x4EEC;&#x63D0;&#x4F9B;&#x4E86;&#x5141;&#x8BB8;&#x8FDB;&#x884C;&#x6B64;&#x81EA;&#x5B9A;&#x4E49;&#x7684;&#x6CE8;&#x91CA;:</p>
<pre data-role="codeBlock" data-info class="language-"><code>nginx.ingress.kubernetes.io/proxy-connect-timeout
nginx.ingress.kubernetes.io/proxy-send-timeout
nginx.ingress.kubernetes.io/proxy-read-timeout
nginx.ingress.kubernetes.io/proxy-next-upstream
nginx.ingress.kubernetes.io/proxy-next-upstream-timeout
nginx.ingress.kubernetes.io/proxy-next-upstream-tries
nginx.ingress.kubernetes.io/proxy-request-buffering
</code></pre><h3 class="mume-header" id="custom-max-body-size">Custom max body size</h3>
<p>&#x5F53;&#x8BF7;&#x6C42;&#x4E2D;&#x7684;&#x5927;&#x5C0F;&#x8D85;&#x8FC7;&#x5BA2;&#x6237;&#x7AEF;&#x8BF7;&#x6C42;&#x6B63;&#x6587;&#x7684;&#x6700;&#x5927;&#x5141;&#x8BB8;&#x5927;&#x5C0F;&#x65F6;&#xFF0C;&#x5C06;&#x5411;&#x5BA2;&#x6237;&#x7AEF;&#x8FD4;&#x56DE;413&#x9519;&#x8BEF;. &#x5927;&#x5C0F;&#x53EF;&#x4EE5;&#x901A;&#x8FC7; <code>client_max_body_size</code>&#x53C2;&#x6570;&#x914D;&#x7F6E;.<br>
&#x4E0E;&#x4E0A;&#x9762;&#x7C7B;&#x4F3C;,&#x60F3;&#x8981;&#x5BF9;&#x6240;&#x6709;ingress&#x89C4;&#x5219;&#x8FDB;&#x884C;&#x5168;&#x5C40;&#x8BBE;&#x7F6E;, proxy-body-size &#x53EF;&#x4EE5;&#x5728; nginx ConfigMap&#x4E2D;&#x8BBE;&#x7F6E;. &#x8981;&#x5728;Ingress&#x89C4;&#x5219;&#x4E2D;&#x4F7F;&#x7528;&#x81EA;&#x5B9A;&#x4E49;&#x503C;&#xFF0C;&#x8BF7;&#x5B9A;&#x4E49;&#x4EE5;&#x4E0B;&#x6CE8;&#x89E3;:</p>
<pre data-role="codeBlock" data-info="yaml" class="language-yaml"><span class="token key atrule">nginx.ingress.kubernetes.io/proxy-body-size</span><span class="token punctuation">:</span> 8m
</pre><h2 class="mume-header" id="%E6%9A%B4%E9%9C%B2tcpudp-%E6%9C%8D%E5%8A%A1">&#x66B4;&#x9732;TCP/UDP &#x670D;&#x52A1;</h2>
<p>ingress&#x4E0D;&#x652F;&#x6301;TCP&#x6216;UDP&#x670D;&#x52A1;&#x3002;<br>
&#x56E0;&#x6B64;&#xFF0C;&#x9700;&#x8981;&#x5728; Ingress Controller &#x4F7F;&#x7528;&#x6807;&#x5FD7; --tcp-services-configmap and --udp-services-configmap &#x6307;&#x5411;&#x73B0;&#x6709;&#x7684;&#x914D;&#x7F6E;&#x6620;&#x5C04;&#xFF0C;&#x5176;&#x4E2D;&#x7684;&#x952E;&#x662F;&#x8981;&#x4F7F;&#x7528;&#x7684;&#x5916;&#x90E8;&#x7AEF;&#x53E3;&#xFF0C;&#x5E76;&#x4E14;&#x8BE5;&#x503C;&#x6307;&#x793A;&#x4F7F;&#x7528;&#x4EE5;&#x4E0B;&#x683C;&#x5F0F;&#x516C;&#x5F00;&#x7684;&#x670D;&#x52A1;:</p>
<pre data-role="codeBlock" data-info class="language-"><code>&lt;namespace/service name&gt;:&lt;service port&gt;:[PROXY]:[PROXY]
</code></pre><pre data-role="codeBlock" data-info="yaml" class="language-yaml"><span class="token key atrule">apiVersion</span><span class="token punctuation">:</span> v1
<span class="token key atrule">kind</span><span class="token punctuation">:</span> ConfigMap
<span class="token key atrule">metadata</span><span class="token punctuation">:</span>
<span class="token key atrule">name</span><span class="token punctuation">:</span> tcp<span class="token punctuation">-</span>services
<span class="token key atrule">namespace</span><span class="token punctuation">:</span> ingress<span class="token punctuation">-</span>nginx
<span class="token key atrule">data</span><span class="token punctuation">:</span>
<span class="token key atrule">9000</span><span class="token punctuation">:</span> <span class="token string">&quot;default/example-go:8080&quot;</span>
<span class="token punctuation">---</span>
<span class="token key atrule">kind</span><span class="token punctuation">:</span> ConfigMap
<span class="token key atrule">apiVersion</span><span class="token punctuation">:</span> v1
<span class="token key atrule">metadata</span><span class="token punctuation">:</span>
<span class="token key atrule">name</span><span class="token punctuation">:</span> tcp<span class="token punctuation">-</span>services
<span class="token key atrule">namespace</span><span class="token punctuation">:</span> ingress<span class="token punctuation">-</span>nginx
<span class="token key atrule">labels</span><span class="token punctuation">:</span>
<span class="token key atrule">app.kubernetes.io/component</span><span class="token punctuation">:</span> controller
<span class="token key atrule">app.kubernetes.io/instance</span><span class="token punctuation">:</span> ingress<span class="token punctuation">-</span>nginx
<span class="token key atrule">app.kubernetes.io/managed-by</span><span class="token punctuation">:</span> Helm
<span class="token key atrule">app.kubernetes.io/name</span><span class="token punctuation">:</span> ingress<span class="token punctuation">-</span>nginx
<span class="token key atrule">app.kubernetes.io/version</span><span class="token punctuation">:</span> 0.33.0
<span class="token key atrule">helm.sh/chart</span><span class="token punctuation">:</span> ingress<span class="token punctuation">-</span>nginx<span class="token punctuation">-</span>2.10.0
<span class="token key atrule">data</span><span class="token punctuation">:</span>
<span class="token key atrule">&apos;5200&apos;</span><span class="token punctuation">:</span> <span class="token string">&apos;anxincloud/et-upload:15200&apos;</span>
<span class="token key atrule">&apos;8888&apos;</span><span class="token punctuation">:</span> <span class="token string">&apos;smart-xxx/comfortablehome-datapush:18081&apos;</span>
<span class="token key atrule">&apos;19005&apos;</span><span class="token punctuation">:</span> <span class="token string">&apos;free-sun/broadcast-server:19003&apos;</span>
</pre><h1 class="mume-header" id="%E4%B8%BE%E4%B8%AA%E6%A0%97%E5%AD%90">&#x4E3E;&#x4E2A;&#x6817;&#x5B50;</h1>
<h2 class="mume-header" id="%E4%B8%80%E4%B8%AA%E7%AE%80%E5%8D%95%E7%9A%84%E6%A0%97%E5%AD%90">&#x4E00;&#x4E2A;&#x7B80;&#x5355;&#x7684;&#x6817;&#x5B50;</h2>
<pre data-role="codeBlock" data-info="yaml" class="language-yaml"><span class="token comment"># deploy.yaml</span>
<span class="token key atrule">apiVersion</span><span class="token punctuation">:</span> apps/v1
<span class="token key atrule">kind</span><span class="token punctuation">:</span> Deployment
<span class="token key atrule">metadata</span><span class="token punctuation">:</span>
<span class="token key atrule">name</span><span class="token punctuation">:</span> http<span class="token punctuation">-</span>svc
<span class="token key atrule">namespace</span><span class="token punctuation">:</span> dragon
<span class="token key atrule">spec</span><span class="token punctuation">:</span>
<span class="token key atrule">replicas</span><span class="token punctuation">:</span> <span class="token number">1</span>
<span class="token key atrule">selector</span><span class="token punctuation">:</span>
<span class="token key atrule">matchLabels</span><span class="token punctuation">:</span>
<span class="token key atrule">app</span><span class="token punctuation">:</span> http<span class="token punctuation">-</span>svc
<span class="token key atrule">template</span><span class="token punctuation">:</span>
<span class="token key atrule">metadata</span><span class="token punctuation">:</span>
<span class="token key atrule">labels</span><span class="token punctuation">:</span>
<span class="token key atrule">app</span><span class="token punctuation">:</span> http<span class="token punctuation">-</span>svc
<span class="token key atrule">spec</span><span class="token punctuation">:</span>
<span class="token key atrule">volumes</span><span class="token punctuation">:</span>
<span class="token punctuation">-</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> myvolume
<span class="token key atrule">persistentVolumeClaim</span><span class="token punctuation">:</span>
<span class="token key atrule">claimName</span><span class="token punctuation">:</span> myclaim
<span class="token key atrule">containers</span><span class="token punctuation">:</span>
<span class="token punctuation">-</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> http<span class="token punctuation">-</span>svc
<span class="token key atrule">image</span><span class="token punctuation">:</span> repository.anxinyun.cn/devops/nginx<span class="token punctuation">-</span>test<span class="token punctuation">:</span><span class="token number">0.01</span>
<span class="token key atrule">ports</span><span class="token punctuation">:</span>
<span class="token punctuation">-</span> <span class="token key atrule">containerPort</span><span class="token punctuation">:</span> <span class="token number">80</span>
<span class="token punctuation">---</span>
<span class="token key atrule">apiVersion</span><span class="token punctuation">:</span> v1
<span class="token key atrule">kind</span><span class="token punctuation">:</span> Service
<span class="token key atrule">metadata</span><span class="token punctuation">:</span>
<span class="token key atrule">name</span><span class="token punctuation">:</span> http<span class="token punctuation">-</span>svc
<span class="token key atrule">namespace</span><span class="token punctuation">:</span> dragon
<span class="token key atrule">labels</span><span class="token punctuation">:</span>
<span class="token key atrule">app</span><span class="token punctuation">:</span> http<span class="token punctuation">-</span>svc
<span class="token key atrule">spec</span><span class="token punctuation">:</span>
<span class="token key atrule">ports</span><span class="token punctuation">:</span>
<span class="token punctuation">-</span> <span class="token key atrule">port</span><span class="token punctuation">:</span> <span class="token number">8080</span>
<span class="token key atrule">targetPort</span><span class="token punctuation">:</span> <span class="token number">80</span>
<span class="token key atrule">protocol</span><span class="token punctuation">:</span> TCP
<span class="token key atrule">name</span><span class="token punctuation">:</span> http
<span class="token key atrule">nodePort</span><span class="token punctuation">:</span> <span class="token number">30000</span>
<span class="token key atrule">type</span><span class="token punctuation">:</span> NodePort
<span class="token key atrule">selector</span><span class="token punctuation">:</span>
<span class="token key atrule">app</span><span class="token punctuation">:</span> http<span class="token punctuation">-</span>svc
</pre><pre data-role="codeBlock" data-info="yaml" class="language-yaml"><span class="token comment"># ingress-demo.yaml</span>
<span class="token key atrule">apiVersion</span><span class="token punctuation">:</span> networking.k8s.io/v1
<span class="token key atrule">kind</span><span class="token punctuation">:</span> Ingress
<span class="token key atrule">metadata</span><span class="token punctuation">:</span>
<span class="token key atrule">name</span><span class="token punctuation">:</span> ingress<span class="token punctuation">-</span>demo
<span class="token key atrule">namespace</span><span class="token punctuation">:</span> dragon
<span class="token key atrule">annotations</span><span class="token punctuation">:</span>
<span class="token key atrule">nginx.ingress.kubernetes.io/rewrite-target</span><span class="token punctuation">:</span> /
<span class="token key atrule">spec</span><span class="token punctuation">:</span>
<span class="token key atrule">rules</span><span class="token punctuation">:</span>
<span class="token punctuation">-</span> <span class="token key atrule">http</span><span class="token punctuation">:</span>
<span class="token key atrule">paths</span><span class="token punctuation">:</span>
<span class="token punctuation">-</span> <span class="token key atrule">path</span><span class="token punctuation">:</span> /
<span class="token key atrule">pathType</span><span class="token punctuation">:</span> Prefix
<span class="token key atrule">backend</span><span class="token punctuation">:</span>
<span class="token key atrule">service</span><span class="token punctuation">:</span>
<span class="token key atrule">name</span><span class="token punctuation">:</span> http<span class="token punctuation">-</span>svc
<span class="token key atrule">port</span><span class="token punctuation">:</span>
<span class="token key atrule">number</span><span class="token punctuation">:</span> <span class="token number">8080</span>
</pre><pre data-role="codeBlock" data-info="bash" class="language-bash">kubectl apply -f deploy.yaml
</pre><pre data-role="codeBlock" data-info class="language-"><code>$ kubectl get po -n dragon
NAME READY STATUS RESTARTS AGE
http-svc-7f994b6445-ff59j 1/1 Running 0 26h
</code></pre><pre data-role="codeBlock" data-info="bash" class="language-bash">kubectl apply -f ingress-demo.yaml
</pre><pre data-role="codeBlock" data-info class="language-"><code>$ kubectl get ingress -n dragon
NAME CLASS HOSTS ADDRESS PORTS AGE
ingress-demo public * 80 3d6h
</code></pre><p><img src="http://resources.lingwenlong.com/note-img/20211119085922.png" alt></p>
<p><img src="http://resources.lingwenlong.com/note-img/20211119085958.png" alt></p>
<h2 class="mume-header" id="%E5%8A%A0%E8%BA%AB%E4%BB%BD%E9%AA%8C%E8%AF%81">&#x52A0;&#x8EAB;&#x4EFD;&#x9A8C;&#x8BC1;</h2>
<h3 class="mume-header" id="%E5%88%9B%E5%BB%BA%E7%94%A8%E6%88%B7%E5%90%8D%E5%92%8C%E5%AF%86%E7%A0%81">&#x521B;&#x5EFA;&#x7528;&#x6237;&#x540D;&#x548C;&#x5BC6;&#x7801;</h3>
<p>&#x9700;&#x8981;&#x901A;&#x8FC7; htpasswd &#x6765;&#x751F;&#x6210;&#x4E00;&#x4E2A;auth &#x6587;&#x4EF6;&#x7528;&#x6765;&#x5B58;&#x53D6;&#x6211;&#x4EEC;&#x521B;&#x5EFA;&#x7684;&#x7528;&#x6237;&#x548C;&#x52A0;&#x5BC6;&#x540E;&#x7684;&#x5BC6;&#x7801;&#x3002;<br>
&#x5148;&#x8981;&#x5B89;&#x88C5; htpasswd</p>
<pre data-role="codeBlock" data-info="bash" class="language-bash">$ <span class="token function">sudo</span> <span class="token function">apt</span> -y <span class="token function">install</span> apache2-utils
</pre><p>&#x4E0B;&#x9762;&#x751F;&#x6210;<code>auth</code>&#x6587;&#x4EF6;</p>
<pre data-role="codeBlock" data-info="bash" class="language-bash">$ htpasswd -c auth admin
New password:
Re-type new password:
Adding password <span class="token keyword keyword-for">for</span> user admin
$ htpasswd auth <span class="token builtin class-name">test</span>
New password:
Re-type new password:
Adding password <span class="token keyword keyword-for">for</span> user <span class="token builtin class-name">test</span>
</pre><h3 class="mume-header" id="%E5%88%9B%E5%BB%BA-k8s-secret-%E6%9D%A5%E5%AD%98%E5%82%A8-%E7%94%A8%E6%88%B7%E5%AF%86%E7%A0%81">&#x521B;&#x5EFA; k8s secret &#x6765;&#x5B58;&#x50A8; &#x7528;&#x6237;/&#x5BC6;&#x7801;</h3>
<pre data-role="codeBlock" data-info="bash" class="language-bash">$ kubectl -n dragon create secret generic basic-auth --from-file<span class="token operator">=</span>auth
secret/basic-auth created
$ kubectl get secret basic-auth -n dragon -o yaml
apiVersion: v1
data:
auth: YWRtaW46JGFwcjEkMmlzL21oMkskbXlNb0VmSzJoQVRsUmV2RDNGSmdLLgp0ZXN0OiRhcHIxJC9yYUllQjVYJGJROHcxOVhFMkU2ZTlFSTZLb1JScC8K
kind: Secret
metadata:
creationTimestamp: <span class="token string">&quot;2021-11-18T09:34:13Z&quot;</span>
name: basic-auth
namespace: dragon
resourceVersion: <span class="token string">&quot;826578&quot;</span>
selfLink: /api/v1/namespaces/dragon/secrets/basic-auth
uid: 05b06023-6cab-428f-819e-1bc152db5bbb
type: Opaque
</pre><h3 class="mume-header" id="%E5%88%9B%E5%BB%BA-ingress">&#x521B;&#x5EFA; ingress</h3>
<pre data-role="codeBlock" data-info="yaml" class="language-yaml"><span class="token comment"># ingress-demo.yaml</span>
<span class="token key atrule">apiVersion</span><span class="token punctuation">:</span> networking.k8s.io/v1
<span class="token key atrule">kind</span><span class="token punctuation">:</span> Ingress
<span class="token key atrule">metadata</span><span class="token punctuation">:</span>
<span class="token key atrule">name</span><span class="token punctuation">:</span> ingress<span class="token punctuation">-</span>demo
<span class="token key atrule">namespace</span><span class="token punctuation">:</span> dragon
<span class="token key atrule">annotations</span><span class="token punctuation">:</span>
<span class="token key atrule">nginx.ingress.kubernetes.io/rewrite-target</span><span class="token punctuation">:</span> /
<span class="token key atrule">nginx.ingress.kubernetes.io/auth-type</span><span class="token punctuation">:</span> basic
<span class="token key atrule">nginx.ingress.kubernetes.io/auth-secret</span><span class="token punctuation">:</span> basic<span class="token punctuation">-</span>auth
<span class="token key atrule">nginx.ingress.kubernetes.io/auth-realm</span><span class="token punctuation">:</span> <span class="token string">&quot;Authentication Required - admin&quot;</span>
<span class="token key atrule">spec</span><span class="token punctuation">:</span>
<span class="token key atrule">rules</span><span class="token punctuation">:</span>
<span class="token punctuation">-</span> <span class="token key atrule">http</span><span class="token punctuation">:</span>
<span class="token key atrule">paths</span><span class="token punctuation">:</span>
<span class="token punctuation">-</span> <span class="token key atrule">path</span><span class="token punctuation">:</span> /
<span class="token key atrule">pathType</span><span class="token punctuation">:</span> Prefix
<span class="token key atrule">backend</span><span class="token punctuation">:</span>
<span class="token key atrule">service</span><span class="token punctuation">:</span>
<span class="token key atrule">name</span><span class="token punctuation">:</span> http<span class="token punctuation">-</span>svc
<span class="token key atrule">port</span><span class="token punctuation">:</span>
<span class="token key atrule">number</span><span class="token punctuation">:</span> <span class="token number">8080</span>
</pre><pre data-role="codeBlock" data-info="bash" class="language-bash">$ kubectl apply -f ingress-demo.yaml
ingress.networking.k8s.io/ingress-demo configured
</pre><h3 class="mume-header" id="%E9%AA%8C%E8%AF%81">&#x9A8C;&#x8BC1;</h3>
<p><img src="http://resources.lingwenlong.com/note-img/20211119085833.png" alt></p>
<h2>&#x5B9A;&#x5236;&#x914D;&#x7F6E;</h2>
<pre data-role="codeBlock" data-info="yaml" class="language-yaml"><span class="token comment"># ingress-demo.yaml</span>
<span class="token key atrule">apiVersion</span><span class="token punctuation">:</span> networking.k8s.io/v1
<span class="token key atrule">kind</span><span class="token punctuation">:</span> Ingress
<span class="token key atrule">metadata</span><span class="token punctuation">:</span>
<span class="token key atrule">name</span><span class="token punctuation">:</span> ingress<span class="token punctuation">-</span>demo
<span class="token key atrule">namespace</span><span class="token punctuation">:</span> dragon
<span class="token key atrule">annotations</span><span class="token punctuation">:</span>
<span class="token key atrule">nginx.ingress.kubernetes.io/rewrite-target</span><span class="token punctuation">:</span> /
<span class="token key atrule">nginx.ingress.kubernetes.io/auth-type</span><span class="token punctuation">:</span> basic
<span class="token key atrule">nginx.ingress.kubernetes.io/auth-secret</span><span class="token punctuation">:</span> basic<span class="token punctuation">-</span>auth
<span class="token key atrule">nginx.ingress.kubernetes.io/auth-realm</span><span class="token punctuation">:</span> <span class="token string">&quot;Authentication Required - admin&quot;</span>
<span class="token key atrule">nginx.ingress.kubernetes.io/proxy-body-size</span><span class="token punctuation">:</span> 8m
<span class="token key atrule">spec</span><span class="token punctuation">:</span>
<span class="token key atrule">rules</span><span class="token punctuation">:</span>
<span class="token punctuation">-</span> <span class="token key atrule">http</span><span class="token punctuation">:</span>
<span class="token key atrule">paths</span><span class="token punctuation">:</span>
<span class="token punctuation">-</span> <span class="token key atrule">path</span><span class="token punctuation">:</span> /
<span class="token key atrule">pathType</span><span class="token punctuation">:</span> Prefix
<span class="token key atrule">backend</span><span class="token punctuation">:</span>
<span class="token key atrule">service</span><span class="token punctuation">:</span>
<span class="token key atrule">name</span><span class="token punctuation">:</span> http<span class="token punctuation">-</span>svc
<span class="token key atrule">port</span><span class="token punctuation">:</span>
<span class="token key atrule">number</span><span class="token punctuation">:</span> <span class="token number">8080</span>
</pre>
</div>
</body></html>