116 lines
2.8 KiB
YAML
116 lines
2.8 KiB
YAML
# 03-02 TLS: M1 控制节点 + Ingress,路径 /(根路径),域名 test01.jackadam.top
|
||
# ConfigMap:首页 + default.conf(单文件 subPath 挂载,与 M2~M4 一致)
|
||
---
|
||
apiVersion: v1
|
||
kind: ConfigMap
|
||
metadata:
|
||
name: nginx-m1-html
|
||
namespace: default
|
||
data:
|
||
index.html: |
|
||
<!DOCTYPE html>
|
||
<html><head><meta charset="utf-8"><title>M1</title></head>
|
||
<body><h1>M1</h1><p>控制节点 + Ingress</p><p><strong>Backend: M1</strong></p></body></html>
|
||
default.conf: |
|
||
server { listen 80 default_server; server_name _; root /usr/share/nginx/html; index index.html; location / { add_header X-Backend "M1"; try_files $uri $uri/ /index.html; } }
|
||
---
|
||
apiVersion: apps/v1
|
||
kind: Deployment
|
||
metadata:
|
||
name: nginx-m1
|
||
namespace: default
|
||
labels:
|
||
app: nginx-m1
|
||
matrix: "03-02-m1"
|
||
spec:
|
||
replicas: 1
|
||
selector:
|
||
matchLabels:
|
||
app: nginx-m1
|
||
template:
|
||
metadata:
|
||
labels:
|
||
app: nginx-m1
|
||
spec:
|
||
nodeSelector:
|
||
node-role.kubernetes.io/control-plane: ""
|
||
tolerations:
|
||
- key: node-role.kubernetes.io/control-plane
|
||
operator: Exists
|
||
effect: NoSchedule
|
||
volumes:
|
||
- name: html
|
||
configMap:
|
||
name: nginx-m1-html
|
||
containers:
|
||
- name: nginx
|
||
image: nginx:alpine
|
||
ports:
|
||
- containerPort: 80
|
||
volumeMounts:
|
||
- name: html
|
||
mountPath: /usr/share/nginx/html/index.html
|
||
subPath: index.html
|
||
readOnly: true
|
||
- name: html
|
||
mountPath: /etc/nginx/conf.d/default.conf
|
||
subPath: default.conf
|
||
readOnly: true
|
||
---
|
||
apiVersion: v1
|
||
kind: Service
|
||
metadata:
|
||
name: nginx-m1
|
||
namespace: default
|
||
spec:
|
||
selector:
|
||
app: nginx-m1
|
||
ports:
|
||
- port: 80
|
||
targetPort: 80
|
||
---
|
||
apiVersion: networking.k8s.io/v1
|
||
kind: Ingress
|
||
metadata:
|
||
name: nginx-m1
|
||
namespace: default
|
||
annotations:
|
||
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
||
traefik.ingress.kubernetes.io/router.tls.certresolver: cloudflare
|
||
spec:
|
||
tls:
|
||
- hosts:
|
||
- test01.jackadam.top
|
||
rules:
|
||
- host: test01.jackadam.top
|
||
http:
|
||
paths:
|
||
- path: /
|
||
pathType: Prefix
|
||
backend:
|
||
service:
|
||
name: nginx-m1
|
||
port:
|
||
number: 80
|
||
---
|
||
# 03-02 HTTP-only:M1 路由(仅 web,无 TLS),与 nginx-m1 共用 Service
|
||
apiVersion: networking.k8s.io/v1
|
||
kind: Ingress
|
||
metadata:
|
||
name: nginx-m1-http
|
||
namespace: default
|
||
annotations:
|
||
traefik.ingress.kubernetes.io/router.entrypoints: web
|
||
spec:
|
||
rules:
|
||
- host: test01.jackadam.top
|
||
http:
|
||
paths:
|
||
- path: /
|
||
pathType: Prefix
|
||
backend:
|
||
service:
|
||
name: nginx-m1
|
||
port:
|
||
number: 80
|