如果您想要在 Google Kubernetes Engine 上使用自定义 nginx.conf
,请通过扩展此示例 nginx.conf 准备一个。以下是 Cloud Endpoints 所需配置的代码段:
http {
include /etc/nginx/mime.types;
server_tokens off;
client_max_body_size 32m;
upstream app_server {
server localhost:8081;
keepalive 128;
}
endpoints {
metadata_server;
}
server {
# Running port
listen 8080;
# Running ssl port
listen 443 ssl;
ssl_certificate /etc/nginx/ssl/nginx.crt;
ssl_certificate_key /etc/nginx/ssl/nginx.key;
# Logging to stdout enables better integration with Docker and GKE/Kubernetes.
access_log /dev/stdout;
location / {
# Begin Endpoints v2 Support
endpoints {
on;
# After ESP 1.7.0, "server_config" field is required.
# It has to be /etc/nginx/server_config.pb.txt exactly.
# If not present, some new features will not work.
server_config /etc/nginx/server_config.pb.txt;
# After ESP 1.7.0, "api" field is not required.
# If added, it has to be /etc/nginx/endpoints/service.json exactly.
# api /etc/nginx/endpoints/service.json;
# Uncomment the line below if you are not using Google Container Engine.
# The path should be set to the “-k” path specified in the ESP container’s
# args section in the Kubernetes yaml config.
# google_authentication_secret /etc/nginx/creds/service-account-creds.json;
}
# End Endpoints v2 Support
proxy_pass http://app_server;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Google-Real-IP $remote_addr;
# 86400 seconds (24 hours) is the maximum a server is allowed.
proxy_send_timeout 86400s;
proxy_read_timeout 86400s;
}
include /var/lib/nginx/extra/*.conf;
}
server {
# expose /nginx_status but on a different port to avoid
# external visibility / conflicts with the app.
listen 8090;
location /nginx_status {
stub_status on;
access_log off;
}
location / {
root /dev/null;
}
}
}
现在,使用 kubectl
创建包含自定义 nginx.conf
的 Kubernetes Configmap:
kubectl create configmap nginx-config --from-file=nginx.conf
修改 Kubernetes 配置文件(例如 esp_echo_custom_config_gke.yaml
),并将 SERVICE_NAME
替换为您的 Endpoints 服务的名称。
template:
metadata:
labels:
app: esp-echo
spec:
volumes:
- name: nginx-config
configMap:
name: nginx-config
- name: nginx-ssl
secret:
secretName: nginx-ssl
containers:
- name: esp
image: gcr.io/endpoints-release/endpoints-runtime:1
args: [
"-n", "/etc/nginx/custom/nginx.conf",
"-s", "SERVICE_NAME",
"--rollout_strategy", "managed",
]
ports:
- containerPort: 8080
- containerPort: 443
volumeMounts:
- mountPath: /etc/nginx/ssl
name: nginx-ssl
readOnly: true
- mountPath: /etc/nginx/custom
name: nginx-config
readOnly: true
- name: echo
image: gcr.io/endpoints-release/echo:latest
ports:
- containerPort: 8081
最后,运行 kubectl
命令,使用更新后的 Kubernetes 配置文件来启动服务。
kubectl create -f esp_echo_custom_config_gke.yaml