更新时间:2024-12-04 GMT+08:00
Nginx Ingress对接HTTPS协议的后端服务
Ingress可以代理不同协议的后端服务,在默认情况下Ingress的后端代理通道是HTTP协议的,若需要建立HTTPS协议的通道,可在annotation字段中加入如下配置:
nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
Ingress配置示例如下:
1.23及以上版本集群:
apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: ingress-test namespace: default annotations: nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" spec: tls: - secretName: ingress-test-secret #替换为您的TLS密钥证书 rules: - host: '' http: paths: - path: '/' backend: service: name: <your_service_name> #替换为您的目标服务名称 port: number: <your_service_port> #替换为您的目标服务端口 property: ingress.beta.kubernetes.io/url-match-mode: STARTS_WITH pathType: ImplementationSpecific ingressClassName: nginx
1.21及以下版本集群:
apiVersion: networking.k8s.io/v1beta1 kind: Ingress metadata: name: ingress-test namespace: default annotations: kubernetes.io/ingress.class: nginx nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" spec: tls: - secretName: ingress-test-secret #替换为您的TLS密钥证书 rules: - host: '' http: paths: - path: '/' backend: serviceName: <your_service_name> #替换为您的目标服务名称 servicePort: <your_service_port> #替换为您的目标服务端口
父主题: Nginx Ingress管理