[英]How to use kube-proxy to forward https serivce in k8s?
众所周知,kube-proxy用于代理可以通过apiserver从外部网络访问的服务,kube-proxy是否支持k8s或任何其他解决方案中的代理https服务,以便我们可以通过apiserver访问它?
You need to expose your https pods via a service of type Nodeport, then you can access the https via the defined port on any node in the cluster (master or worker) because kube-proxy will forward the requests to your pods that are part of the service. 您需要通过Nodeport类型的服务公开https容器,然后才能通过集群中任何节点(主节点或工作节点)上定义的端口访问https,因为kube-proxy会将请求转发到属于该容器的容器服务。 NodePorts can be in the range of 30000-32767 by default.
默认情况下,NodePorts的范围可以在30000-32767之间。
Example configuration for an https service and deployment with nginx: https服务和使用nginx部署的示例配置:
apiVersion: v1
kind: Service
metadata:
annotations:
service.alpha.kubernetes.io/tolerate-unready-endpoints: "true"
name: nginx
labels:
app: nginx
spec:
type: NodePort
ports:
- port: 443
name: nginx
targetPort: 443
nodePort: 32756
selector:
app: nginx
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: nginxdeployment
spec:
replicas: 1
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:latest
imagePullPolicy: Always
ports:
- containerPort: 443
kube-proxy
iptables模式适用于IP层(网络层),它不在乎数据包是http
还是https
。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.