Sommaire de cet article :
前面我们运行了kubernets dashboard,也运行了一个nginx自动转发token实现dashboard的免密登陆,上一节,也通过hostPath实现了redis的持久化.本节就将这些内存串起来,将nginx放入k8s,自动转发token,并持久化
nginx的配置文件在容器的/etc/nginx/conf.d我们将这个目录备份出来,并干掉nginx
docker cp nginx:/etc/nginx/conf.d . docker rm -f nginx
default.conf
需要注意proxy_pass 我们使用了 服务名.命名空间
.之前有提到过这是跨命名空间访问的方式,当然也可以直接写svc对应的ClusterIP,那样的话要承受svc意外删除IP有变化的风险.当然如果我们也将nginx放在kubernetes-dashboard的命名空间下的话,也可以少写一个空间名
server { listen 80; server_name localhost; location / { proxy_pass https://kubernetes-dashboard.kubernetes-dashboard; proxy_set_header Authorization "Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6ImRrU0NhSmNMb25sNXg1dnlZVDczaUlrMHBxaW83dzVtLVR2NllFbEFQaUkifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkZWZhdWx0LXRva2VuLWZic254Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImRlZmF1bHQiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiIxNThjOWQxOC04MjkxLTQwNmMtOTk2Ni03Njc2OTJlM2ZmMjEiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZS1zeXN0ZW06ZGVmYXVsdCJ9.uTKDRx-yiR-2HF_1-xfLrDFGgarq7kK8gmb8fhb7MX58ds0BAh9Ml7EUWIK5D4GymRYxB1JY3E3n3H3a3XKPFlSZvS1oa6GL08Vdq9Byws4QEqSejt3uy-TtzaDN5JwJux9dvxZNHLi1CiRAIBpNk5UlsoR9xh9VlLb6ejz_TFEhnyelcriyM5O34vZ0k_Ze1QitZBn9NhetV6vrgeh7StnMEEQjjxur8puq6vTDMUxArl8aCMD8alh72ZIdNH7z53jQ2SNzRfK9EByIJd3_DygFTWUumSQyVYwk8JhtfKpVVnBmvEZzbME5YBG6n45YqJa34oDqgUiFg_PBpEXFcw"; } }
直接使用了NodePort,方便访问
kind: Service apiVersion: v1 metadata: name: nginx namespace: default labels: k8s-app: nginx spec: ports: - name: tcp-80-80-vzrjh protocol: TCP port: 80 targetPort: 80 nodePort: 80 selector: k8s-app: nginx type: NodePort sessionAffinity: None externalTrafficPolicy: Cluster
注意修改一下本机的conf.d的目录
kind: Deployment apiVersion: apps/v1 metadata: name: nginx namespace: default spec: replicas: 1 selector: matchLabels: k8s-app: nginx template: metadata: name: nginx labels: k8s-app: nginx spec: volumes: - name: nginx-conf hostPath: path: /Users/rainbird/docker/nginx/conf.d type: '' containers: - name: nginx image: nginx resources: {} volumeMounts: - name: nginx-conf mountPath: /etc/nginx/conf.d
yaml文件的内容有了,至于是直接拷贝到k8s dashboard里创建,还是保存成文件 kubectl apply -f
随各位心意了.
一切正常的话,随便用一个浏览器打开http://localhost应该顺利打开k8s dashboard仪表盘了.
转载请注明: 转自Rainbird的个人博客 本文链接: K8S|运行第二个微服务nginx