转载

K8S|运行第二个微服务nginx

Sommaire de cet article :

K8S|运行第二个微服务nginx

前面我们运行了kubernets dashboard,也运行了一个nginx自动转发token实现dashboard的免密登陆,上一节,也通过hostPath实现了redis的持久化.本节就将这些内存串起来,将nginx放入k8s,自动转发token,并持久化

备份nginx配置

nginx的配置文件在容器的/etc/nginx/conf.d我们将这个目录备份出来,并干掉nginx

docker cp nginx:/etc/nginx/conf.d .
docker rm -f nginx

default.conf

需要注意proxy_pass 我们使用了 服务名.命名空间 .之前有提到过这是跨命名空间访问的方式,当然也可以直接写svc对应的ClusterIP,那样的话要承受svc意外删除IP有变化的风险.当然如果我们也将nginx放在kubernetes-dashboard的命名空间下的话,也可以少写一个空间名

server {
    listen       80;
    server_name  localhost;
    location / {
        proxy_pass   https://kubernetes-dashboard.kubernetes-dashboard;
        proxy_set_header Authorization "Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6ImRrU0NhSmNMb25sNXg1dnlZVDczaUlrMHBxaW83dzVtLVR2NllFbEFQaUkifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkZWZhdWx0LXRva2VuLWZic254Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImRlZmF1bHQiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiIxNThjOWQxOC04MjkxLTQwNmMtOTk2Ni03Njc2OTJlM2ZmMjEiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZS1zeXN0ZW06ZGVmYXVsdCJ9.uTKDRx-yiR-2HF_1-xfLrDFGgarq7kK8gmb8fhb7MX58ds0BAh9Ml7EUWIK5D4GymRYxB1JY3E3n3H3a3XKPFlSZvS1oa6GL08Vdq9Byws4QEqSejt3uy-TtzaDN5JwJux9dvxZNHLi1CiRAIBpNk5UlsoR9xh9VlLb6ejz_TFEhnyelcriyM5O34vZ0k_Ze1QitZBn9NhetV6vrgeh7StnMEEQjjxur8puq6vTDMUxArl8aCMD8alh72ZIdNH7z53jQ2SNzRfK9EByIJd3_DygFTWUumSQyVYwk8JhtfKpVVnBmvEZzbME5YBG6n45YqJa34oDqgUiFg_PBpEXFcw";
    }
}

K8S配置

服务

直接使用了NodePort,方便访问

kind: Service
apiVersion: v1
metadata:
  name: nginx
  namespace: default
  labels:
    k8s-app: nginx
spec:
  ports:
    - name: tcp-80-80-vzrjh
      protocol: TCP
      port: 80
      targetPort: 80
      nodePort: 80
  selector:
    k8s-app: nginx
  type: NodePort
  sessionAffinity: None
  externalTrafficPolicy: Cluster

Deployment

注意修改一下本机的conf.d的目录

kind: Deployment
apiVersion: apps/v1
metadata:
  name: nginx
  namespace: default
spec:
  replicas: 1
  selector:
    matchLabels:
      k8s-app: nginx
  template:
    metadata:
      name: nginx
      labels:
        k8s-app: nginx
    spec:
      volumes:
        - name: nginx-conf
          hostPath:
            path: /Users/rainbird/docker/nginx/conf.d
            type: ''
      containers:
        - name: nginx
          image: nginx
          resources: {}
          volumeMounts:
            - name: nginx-conf
              mountPath: /etc/nginx/conf.d

yaml文件的内容有了,至于是直接拷贝到k8s dashboard里创建,还是保存成文件 kubectl apply -f 随各位心意了.

一切正常的话,随便用一个浏览器打开http://localhost应该顺利打开k8s dashboard仪表盘了.

转载请注明: 转自Rainbird的个人博客 本文链接: K8S|运行第二个微服务nginx

原文 https://blog.cnrainbird.com/index.php/2020/05/14/k8s_yun_xing_di_er_ge_wei_fu_wu_nginx/

正文到此结束