有两中方式第一种是用external name 第二种是用 head less的方式
service
apiVersion: v1
kind: Service
metadata:
namespace: malema-reverse
name: pipeline
spec:
externalName: blob.azure.com #某个外部的资源
type: ExternalName
ingress
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: malema-reverse
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
nginx.ingress.kubernetes.io/backend-protocol: HTTPS #https 得要这个 http的话这行可以注释掉
nginx.ingress.kubernetes.io/upstream-vhost: blob.azure.com
name: pipeline-ingress
spec:
ingressClassName: nginx
tls:
- hosts:
- a.malema.net
secretName: test-ingress-tls
rules:
- host: a.malema.net
http:
paths:
- pathType: Prefix
path: /
backend:
service:
name: pipeline
port:
number: 443 # https得要这个 http的话用80
当访问a.malema.net的时候。它会请求blob.azure.com的资源
某些ingress controller可能没有支持External Name 的 service。 需要改成Headless service 并且配置 endpoints
我们需要创建一个Headless 的servcie
apiVersion: v1
kind: Service
metadata:
name: e1
spec:
ports:
- name: app2
port: 80
#protocol: TCP #不重要。因为endpoints是自己建的
#targetPort: 443
clusterIP: None
type: ClusterIP
---
apiVersion: v1
kind: Endpoints
metadata:
name: e1
subsets:
- addresses:
- ip: 81.68.82.142 #你要反向代理的IP地址。
ports:
- name: app2
port: 443
protocol: TCP
创建一个 ingress 需要 指定两个 额外的 annotations
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: test
namespace: malema-test
annotations:
nginx.ingress.kubernetes.io/backend-protocol: HTTPS #变成了https
nginx.ingress.kubernetes.io/rewrite-target: /
nginx.ingress.kubernetes.io/upstream-vhost: www.google.com
spec:
ingressClassName: nginx
tls: # 没有证书 tls这段可以不用
- hosts:
- g.malema.net
secretName: accp-ingress-tls
rules:
- host: g.malema.net
http:
paths:
- pathType: Prefix
path: /
backend:
service:
name: e1
port:
number: 80
```