Benutzerdefinierte nginx.conf in GKE verwenden

Wenn Sie eine benutzerdefinierte nginx.conf in Google Kubernetes Engine verwenden möchten, erweitern Sie diese Beispiel-nginx.conf, um die Datei vorzubereiten. Dies ist ein Snippet aus der Konfiguration, die für Cloud Endpoints benötigt wird:

http {
      include /etc/nginx/mime.types;
      server_tokens off;
      client_max_body_size 32m;

      upstream app_server {
        server localhost:8081;
        keepalive 128;
      }

      endpoints {
        metadata_server;
      }

      server {
        # Running port
        listen 8080;

        # Running ssl port
        listen 443 ssl;
        ssl_certificate /etc/nginx/ssl/nginx.crt;
        ssl_certificate_key /etc/nginx/ssl/nginx.key;

        # Logging to stdout enables better integration with Docker and GKE/Kubernetes.
        access_log /dev/stdout;

        location / {
          # Begin Endpoints v2 Support
          endpoints {
            on;
            # After ESP 1.7.0, "server_config" field is required.
            # It has to be /etc/nginx/server_config.pb.txt exactly.
            # If not present, some new features will not work.
            server_config /etc/nginx/server_config.pb.txt;

            # After ESP 1.7.0, "api" field is not required.
            # If added, it has to be /etc/nginx/endpoints/service.json exactly.
            # api /etc/nginx/endpoints/service.json;

            # Uncomment the line below if you are not using Google Container Engine.
            # The path should be set to the “-k” path specified in the ESP container’s
            # args section in the Kubernetes yaml config.
            # google_authentication_secret /etc/nginx/creds/service-account-creds.json;
          }
          # End Endpoints v2 Support

          proxy_pass http://app_server;
          proxy_redirect off;
          proxy_set_header Host $host;
          proxy_set_header X-Real-IP $remote_addr;
          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
          proxy_set_header X-Forwarded-Host $server_name;
          proxy_set_header X-Google-Real-IP $remote_addr;

          # 86400 seconds (24 hours) is the maximum a server is allowed.
          proxy_send_timeout 86400s;
          proxy_read_timeout 86400s;
        }

        include /var/lib/nginx/extra/*.conf;
      }

      server {
        # expose /nginx_status but on a different port to avoid
        # external visibility / conflicts with the app.
        listen 8090;
        location /nginx_status {
          stub_status on;
          access_log off;
        }
        location / {
          root /dev/null;
        }
      }
    }

Nun erstellen Sie mit Ihrer benutzerdefinierten nginx.conf eine Kubernetes-Configmap. Dazu führen Sie kubectl aus:

    kubectl create configmap nginx-config --from-file=nginx.conf
    

Bearbeiten Sie die Kubernetes-Konfigurationsdatei, z. B. esp_echo_custom_config_gke.yaml und ersetzen Sie SERVICE_NAME durch den Namen Ihres Endpoints-Dienstes.

template:
      metadata:
        labels:
          app: esp-echo
      spec:
        volumes:
        - name: nginx-config
          configMap:
            name: nginx-config
        - name: nginx-ssl
          secret:
            secretName: nginx-ssl
        containers:
        - name: esp
          image: gcr.io/endpoints-release/endpoints-runtime:1
          args: [
            "-n", "/etc/nginx/custom/nginx.conf",
            "-s", "SERVICE_NAME",
            "--rollout_strategy", "managed",
          ]
          ports:
            - containerPort: 8080
            - containerPort: 443
          volumeMounts:
          - mountPath: /etc/nginx/ssl
            name: nginx-ssl
            readOnly: true
          - mountPath: /etc/nginx/custom
            name: nginx-config
            readOnly: true
        - name: echo
          image: gcr.io/endpoints-release/echo:latest
          ports:
            - containerPort: 8081

Starten Sie schließlich den Dienst mit der aktualisierten Kubernetes-Konfigurationsdatei über kubectl.

kubectl create -f esp_echo_custom_config_gke.yaml