NGINX Ingress Controller 配置代理外部服务
背景说明
前端工程,在开发环境配置了本地代理

上线后需要服务端设置代理;
传统的nginx环境则直接配置如下即可
location /tencent-mapapi/ {
proxy_redirect http:// $scheme://; #做https跳转;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass https://apis.map.qq.com;
}
在K8s中,则需要结合 NGINX Ingress Controller 进行配置;
NGINX Ingress Controller 基于域名的外部服务访问
定义外部域名的服务
apiVersion: v1
kind: Service
metadata:
name: tencent-map-test
namespace: test
spec:
externalName: apis.map.qq.com
ports:
- name: https
port: 443
protocol: TCP
targetPort: 443
sessionAffinity: None
type: ExternalName
定义ingress
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
annotations:
cert-manager.io/issuer: letsencrypt-prod
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/backend-protocol: HTTPS
nginx.ingress.kubernetes.io/rewrite-target: $1
nginx.ingress.kubernetes.io/upstream-vhost: apis.map.qq.com
name: my-external-proxy
namespace: test
spec:
rules:
- host: 'app.domain.com'
http:
paths:
- backend:
serviceName: tencent-map-test
servicePort: 443
path: /tencent-mapapi(.+)$
tls:
- hosts:
- '*.domain.com'
secretName: domain-com-tls
本文介绍了如何在Kubernetes环境中使用NGINX Ingress Controller代理外部服务,通过创建ExternalName Service和Ingress资源,实现对apis.map.qq.com的访问。配置包括设置proxy_pass、rewrite-target和upstream-vhost等参数,确保服务在上线后能正确转发请求。
1554

被折叠的 条评论
为什么被折叠?



