问题描述
我正在使用Azure Kubernetes通过Docker Container到主机Angular Web应用程序。 我已经使用OpenSSL命令创建了SSL证书。现在,我需要为Web应用程序配置HTTPS和SSL证书。
请帮助我如何设置这些?
这是我的 Docker 文件
FROM Nginx:latest as Nginx
RUN rm -rf /usr/share/Nginx/html/*
copY /dist/merch-insight/Nginx.conf /etc/Nginx/conf.d/Nginx.conf
copY /dist/merch-insight /usr/share/Nginx/html
EXPOSE 80
CMD ["Nginx","-g","daemon off;"]
server {
server_name my-app;
charset utf-8;
sendfile on;
root /usr/share/Nginx/html;
#Caches static assets
location ~ ^/(assets|bower_components|scripts|styles|views) {
expires 31d;
add_header Cache-Control public;
}
#Caches Bundles created by angular cli
location ~* \.(?:bundle.js|bundle.css)$ {
expires 1M;
access_log off;
add_header Cache-Control "public";
}
##
# Main file index.html sending not found locations to the main
##
location / {
expires -1;
add_header Pragma "no-cache";
add_header Cache-Control "no-store,no-cache,must-revalidate,post-check=0,pre-check=0";
index index.html index.htm;
try_files $uri $uri/ /index.html;
}
}
这是我的 yaml 文件
apiVersion: apps/v1
kind: Deployment
Metadata:
labels:
app: apweb
version: v1
name: apweb
namespace: default
spec:
selector:
matchLabels:
run: apweb
replicas: 2
template:
Metadata:
labels:
run: apweb
spec:
containers:
- name: apweb
image: mycontainerregistry.azurecr.io/apweb:dev
imagePullPolicy: Always
ports:
- containerPort: 80
---
apiVersion: v1
kind: Service
Metadata:
labels:
app: apweb
version: v1
name: apweb-service
namespace: default
spec:
type: LoadBalancer
ports:
- port: 80
protocol: TCP
targetPort: 80
name: http-web
selector:
run: apweb
解决方法
在k8s中,您可以使用nginx入口控制器(或其他入口选项)来配置TLS termination。
请从nginx入口documentation看这个示例。
Here说明了如何为您的TLS证书生成k8s机密。
Here,您可以找到完整的安装指南。