Nginx Ingress和Nginx

2025-04-23 22:34:09
丁国栋
原创 29
摘要:本文介绍一下Nginx Ingress和Nginx的区别和部分应用。

If you can't beat them, join them. 打不过就加入。

一般来说,一个安装了Kubernetes+Nginx Ingress的主机会使用80、443端口,因此如果还想在这台服务器上使用Nginx反向代理其他服务就不能像以前那样了。

但我们可以使用Nginx Ingress来代替Nginx实现,要想使用Nginx Ingress必须要有Service。

因此有下面两种常见的方式来实现:


  1. Ingress + Service。在没有Endpoint时,Service支持的类型有ExternalName
  2. Ingress + Service + Endpoint。在有Endpoint 时,Service类型可以是ClusterIP。

Ingress + Service

---
apiVersion: v1
kind: Service
metadata:
  name: gitfox-service
  namespace: default
spec:
  externalName: gitfox.thedf.cc
  ports:
  - port: 443
    protocol: TCP
    targetPort: 443
  sessionAffinity: None
  type: ExternalName
status:
  loadBalancer: {}
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  annotations:
    nginx.ingress.kubernetes.io/backend-protocol: HTTPS
    nginx.ingress.kubernetes.io/configuration-snippet: |
      if ($request_uri ~* "/(spaces/zentao|zentao|git/zentao)(/|$)") {
        return 404;
      }
  name: g.thedf.cc
  namespace: default
spec:
  ingressClassName: nginx
  rules:
  - host: g.thedf.cc
    http:
      paths:
      - backend:
          service:
            name: gitfox-service
            port:
              number: 443
        path: /
        pathType: Prefix
  tls:
  - hosts:
    - g.thedf.cc
    secretName: tls-thedf-cc
status:
  loadBalancer: {}
Ingress + Service + Endpoint

---
apiVersion: v1
kind: Endpoints
metadata:
  labels:
    app: example-app
  name: example-app
  namespace: default
subsets:
- addresses:
  - ip: 1.0.1.1
  ports:
  - name: http
    port: 40000
    protocol: TCP
---
apiVersion: v1
kind: Service
metadata:
  labels:
    app: example-app
  name: example-app
  namespace: default
spec:
  internalTrafficPolicy: Cluster
  ipFamilies:
  - IPv4
  ipFamilyPolicy: SingleStack
  ports:
  - name: http
    port: 40000
    protocol: TCP
    targetPort: 40000
  sessionAffinity: None
  type: ClusterIP
status:
  loadBalancer: {}
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  annotations:
    nginx.ingress.kubernetes.io/proxy-connect-timeout: "300"
    nginx.ingress.kubernetes.io/proxy-read-timeout: "300"
    nginx.ingress.kubernetes.io/proxy-send-timeout: "300"
  name: example-app
  namespace: default
spec:
  ingressClassName: nginx
  rules:
  - host: v.thedf.cc
    http:
      paths:
      - backend:
          service:
            name: example-app
            port:
              number: 40000
        path: /
        pathType: Prefix
  tls:
  - hosts:
    - v.thedf.cc
    secretName: tls-thedf-cc
status:
  loadBalancer: {}
---

--


发表评论
博客分类