如何在Kubernetes中将nginx用作IIS的边车容器?

huangapple
go评论91阅读模式
英文:

How to use nginx as a sidecar container for IIS in Kubernetes?

问题

我在使用nginx和IIS服务器一起在单个Kubernetes pod中时,遇到了奇怪的结果。看起来与nginx.conf有关。如果我绕过nginx直接访问IIS,我看到标准的起始页面 -

然而,当我尝试通过反向代理访问时,我看到这个部分结果 -

以下是文件:

nginx.conf:

  1. events {
  2.   worker_connections  4096;  ## 默认: 1024
  3. }
  5. http {
  6.     server {
  7.        listen 81;
  8. 	   #使用变量防止nginx在启动时检查主机名,这会导致容器失败/重启循环,因为nginx启动比IIS服务器更快。
  9. 	   set $target "http://127.0.0.1:80/";
  10. 	   location / {
  11. 	      proxy_pass $target;
  12. 	   }
  13.      }
  14. }

deployment.yaml:

  1. apiVersion: apps/v1
  2. kind: Deployment
  3. metadata:
  4.   labels:
  5.     ...
  6.   name: ...
  7. spec:
  8.   replicas: 1
  9.   selector:
  10.     matchLabels:
  11.       pod: ...
  12.   template:
  13.     metadata:
  14.       labels:
  15.         pod: ...
  16.       name: ...
  17.     spec:
  18.       containers:
  19.         - image: claudiubelu/nginx:1.15-1-windows-amd64-1809
  20.           name: nginx-reverse-proxy
  21.           volumeMounts:
  22.             - mountPath: "C:/usr/share/nginx/conf"
  23.               name: nginx-conf
  24.           imagePullPolicy: Always
  25.         - image: some-repo/proprietary-server-including-iis
  26.           name: ...
  27.           imagePullPolicy: Always
  28.       nodeSelector:
  29.         kubernetes.io/os: windows
  30.       imagePullSecrets:
  31.         - name: secret1
  32.       volumes:
  33.         - name: nginx-conf
  34.           persistentVolumeClaim:
  35.             claimName: pvc-nginx

从卷映射nginx.conf文件只是一种方便快速测试不同配置的方法。可以使用kubectl cp ./nginx/conf nginx-busybox-pod:/mnt/nginx/来替换新配置。

Busybox pod(用于访问PVC):

  1. apiVersion: v1
  2. kind: Pod
  3. metadata:
  4.   name: nginx-busybox-pod
  5.   namespace: default
  6. spec:
  7.   containers:
  8.     - image: busybox
  9.       command:
  10.         - sleep
  11.         - "360000"
  12.       imagePullPolicy: Always
  13.       name: busybox
  14.       volumeMounts:
  15.        - name: nginx-conf
  16.          mountPath: "/mnt/nginx/conf"
  17.   restartPolicy: Always
  18.   volumes:
  19.     - name: nginx-conf
  20.       persistentVolumeClaim:
  21.         claimName: pvc-nginx
  22.   nodeSelector:
  23.     kubernetes.io/os: linux

最后是PVC:

  1. apiVersion: v1
  2. kind: PersistentVolumeClaim
  3. metadata:
  4.   name: pvc-nginx
  5. spec:
  6.   accessModes:
  7.     - ReadWriteMany
  8.   resources:
  9.     requests:
  10.       storage: 100Mi
  11.   storageClassName: azurefile

有任何想法吗?

英文:

I have a strange result from using nginx and IIS server together in single Kubernetes pod. It seems to be an issue with nginx.conf. If I bypass nginx and go directly to IIS, I see the standard landing page -
如何在Kubernetes中将nginx用作IIS的边车容器?

However when I try to go through the reverse proxy I see this partial result -
如何在Kubernetes中将nginx用作IIS的边车容器?

Here are the files:

nginx.conf:

  1. events {
  2.   worker_connections  4096;  ## Default: 1024
  3. }
  5. http{
  6.     server {
  7.        listen 81;
  8. 	   #Using variable to prevent nginx from checking hostname at startup, which leads to a container failure / restart loop, due to nginx starting faster than IIS server. 
  9. 	   set $target "http://127.0.0.1:80/"; 
  10. 	   location / { 
  11. 	      proxy_pass $target; 
  12. 	   }
  13.      }
  14. }

deployment.yaml:

  1. apiVersion: apps/v1
  2. kind: Deployment
  3. metadata:
  4.   labels:
  5.     ...
  6.   name: ...
  7. spec:
  8.   replicas: 1
  9.   selector:
  10.     matchLabels:
  11.       pod: ...
  12.   template:
  13.     metadata:
  14.       labels:
  15.         pod: ...
  16.       name: ...
  17.     spec:
  18.       containers:
  19.         - image: claudiubelu/nginx:1.15-1-windows-amd64-1809
  20.           name: nginx-reverse-proxy
  21.           volumeMounts:
  22.             - mountPath: "C:/usr/share/nginx/conf" 
  23.               name: nginx-conf
  24.           imagePullPolicy: Always
  25.         - image: some-repo/proprietary-server-including-iis
  26.           name: ...
  27.           imagePullPolicy: Always
  28.       nodeSelector:
  29.         kubernetes.io/os: windows
  30.       imagePullSecrets:
  31.         - name: secret1
  32.       volumes:
  33.         - name: nginx-conf
  34.           persistentVolumeClaim:
  35.             claimName: pvc-nginx

Mapping the nginx.conf file from a volume is just a convenient way to rapidly test different configs. New configs can be swapped in using kubectl cp ./nginx/conf nginx-busybox-pod:/mnt/nginx/.

Busybox pod (used to access the PVC):

  1. apiVersion: v1
  2. kind: Pod
  3. metadata:
  4.   name: nginx-busybox-pod
  5.   namespace: default
  6. spec:
  7.   containers:
  8.     - image: busybox
  9.       command:
  10.         - sleep
  11.         - "360000"
  12.       imagePullPolicy: Always
  13.       name: busybox
  14.       volumeMounts:
  15.        - name: nginx-conf
  16.          mountPath: "/mnt/nginx/conf"
  17.   restartPolicy: Always
  18.   volumes:
  19.     - name: nginx-conf
  20.       persistentVolumeClaim:
  21.         claimName: pvc-nginx
  22.   nodeSelector:
  23.     kubernetes.io/os: linux

And lastly the PVC:

  1. apiVersion: v1
  2. kind: PersistentVolumeClaim
  3. metadata:
  4.   name: pvc-nginx
  5. spec:
  6.   accessModes:
  7.     - ReadWriteMany
  8.   resources:
  9.     requests:
  10.       storage: 100Mi
  11.   storageClassName: azurefile

Any ideas why?

答案1

得分: 1

以下是翻译好的部分:

  • 新的指令 - proxy_set_header Host $host;
  • proxy_pass指令使用的target变量中删除了尾随斜杠。
  • (特定于我的应用程序)服务器上的其他端点更好地使用$host:$server_port代替$host来访问。这是由于应用服务器重定向传入请求到不同的URI,导致代理的端口(81)丢失。
英文:

After some testing, here is a working nginx.conf -

  1. http{  
  2.     server {  
  3.        listen 81;  
  4.        set $target "http://127.0.0.1:80"; 
  5.        location / { 
  6.           proxy_pass $target; 
  7.           proxy_set_header Host $host;
  8.        }
  9.      }
  10. }
  • New directive - proxy_set_header Host $host;
  • Trailing slash removed from the target variable used by the proxy_pass directive.
  • (Specific to my application) Other endpoints on the server are better reachable using $host:$server_port in place of $host. This is caused by the app server redirecting incoming requests to different URIs, losing the proxy's port (81) in the process.

huangapple
  • 本文由 发表于 2023年2月10日 10:23:45
  • 转载请务必保留本文链接:https://go.coder-hub.com/75406367.html
  • azure-aks
  • iis
  • kubernetes
  • nginx
  • reverse-proxy
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定