2022-11-23 379
版本信息如下:
a、操作系统:centos 7.6
b、kubernetes版本:v1.15.0
c、ingress nginx版本:0.47.0
nginx ingress 默认支持websocket协议,因此ingress实例不需要额外配置。
值得注意的是,proxy-read-timeout和proxy-send-timeout的默认值是60秒,应该根据实际情况增加此两个参数的值。如果使用默认值60,则websocket客户端超过60秒没有给websocket服务端发送信息,再次发送数据时是无效的,例如使用websocat命令时,出现WebSocketError: I/O failure。
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
# 根据实际情况调整超时时间,默认值为60
nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
name: ws
namespace: default
spec:
rules:
- host: apigateway
http:
paths:
- backend:
serviceName: ws
servicePort: 3000
path: /
将以下文件进行kubectl apply,本案例中是以daemonset形式部署nginx controller,使用host网络。
apiVersion: v1
kind: Namespace
metadata:
name: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-ngin
---
kind: ConfigMap
name: nginx-configuration
namespace: ingress-nginx
name: tcp-services
name: udp-services
data:
resolv.conf: |
nameserver 10.96.0.10
search default.svc.cluster.local svc.cluster.local cluster.local lj.io
options ndots:5
name: resolver
kind: ServiceAccount
name: nginx-ingress-serviceaccount
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
name: nginx-ingress-clusterrole
rules:
- apiGroups:
- ""
resources:
- configmaps
- endpoints
- nodes
- pods
- secrets
verbs:
- list
- watch
- get
- services
- "extensions"
- "networking.k8s.io"
- ingresses
- update
- events
- create
- patch
- ingresses/status
kind: Role
name: nginx-ingress-role
- namespaces
resourceNames:
# Defaults to "<election-id>-<ingress-class>"
# Here: "<ingress-controller-leader>-<nginx>"
# This has to be adapted if you change either parameter
# when launching the nginx-ingress-controller.
- "ingress-controller-leader-nginx"
kind: RoleBinding
name: nginx-ingress-role-nisa-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
subjects:
- kind: ServiceAccount
name: nginx-ingress-serviceaccount
namespace: ingress-nginx
kind: ClusterRoleBinding
name: nginx-ingress-clusterrole-nisa-binding
kind: ClusterRole
kind: Service
spec:
ports:
- port: 80
protocol: TCP
targetPort: 80
selector:
sessionAffinity: None
type: ClusterIP
apiVersion: apps/v1
kind: DaemonSet
name: nginx-ingress-controller
matchLabels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
template:
metadata:
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
annotations:
prometheus.io/port: "10254"
prometheus.io/scrape: "true"
spec:
serviceAccountName: nginx-ingress-serviceaccount
hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet
containers:
- name: nginx-ingress-controller
image: bitnami/nginx-ingress-controller:0.47.0
args:
- /nginx-ingress-controller
- --configmap=$(POD_NAMESPACE)/nginx-configuration
- --tcp-services-configmap=$(POD_NAMESPACE)/tcp-services
- --udp-services-configmap=$(POD_NAMESPACE)/udp-services
- --publish-service=$(POD_NAMESPACE)/ingress-nginx
- --annotations-prefix=nginx.ingress.kubernetes.io
securityContext:
allowPrivilegeEscalation: true
capabilities:
drop:
- ALL
add:
- NET_BIND_SERVICE
# www-data -> 33
runAsUser: 33
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
fieldPath: metadata.namespace
ports:
- name: http
containerPort: 80
- name: https
containerPort: 443
livenessProbe:
failureThreshold: 3
httpGet:
path: /healthz
port: 10254
scheme: HTTP
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 10
readinessProbe:部署效果如下,
在本案例中使用/etc/hosts文件解析域名,本机机器IP是192.168.0.70。
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.0.70 apigateway
服务端进程监听的端口是3000,是简单的echo server。
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: ws
name: ws
namespace: default
spec:
replicas: 1
selector:
matchLabels:
app: ws
template:
metadata:
labels:
app: ws
spec:
containers:
- image: elegantmonkeys/websockets-demo:latest
imagePullPolicy: IfNotPresent
name: echo
ports:
- containerPort: 3000
protocol: TCP
resources:
limits:
cpu: "0.2"
memory: 100Mi
requests:
cpu: 100m
memory: 100Mi
---
apiVersion: v1
kind: Service
metadata:
labels:
app: ws
name: ws
namespace: default
spec:
ports:
- name: ws
port: 3000
protocol: TCP
targetPort: 3000
selector:
app: ws
type: NodePort
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
# 根据实际情况调整超时时间,默认值为60
nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
name: ws
namespace: default
spec:
rules:
- host: apigateway
http:
paths:
- backend:
serviceName: ws
servicePort: 3000
path: /
cd /tmp
wget -O websocat https://github.com/vi/websocat/releases/download/v1.9.0/websocat_linux64
chmod 755 websocat
mv websocat /usr/bin/
使用websocat命令通过ingress nginx连接echo server。
ingress nginx默认支持websocket协议,使用长连接协议时需要注意连接超时的设置,读取和发送超时的注解参数分别是:nginx.ingress.kubernetes.io/proxy-read-timeout和nginx.ingress.kubernetes.io/proxy-send-timeout。
以上所述是小编给大家介绍的nginx ingress代理websocket流量的配置方法,希望对大家有所帮助,如果大家有任何疑问请给我留言,小编会及时回复大家的。在此也非常感谢大家对77isp云服务器技术网的支持!
原文链接:https://77isp.com/post/15871.html
=========================================
https://77isp.com/ 为 “云服务器技术网” 唯一官方服务平台,请勿相信其他任何渠道。
数据库技术 2022-03-28
网站技术 2022-11-26
网站技术 2023-01-07
网站技术 2022-11-17
Windows相关 2022-02-23
网站技术 2023-01-14
Windows相关 2022-02-16
Windows相关 2022-02-16
Linux相关 2022-02-27
数据库技术 2022-02-20
抠敌 2023年10月23日
嚼餐 2023年10月23日
男忌 2023年10月22日
瓮仆 2023年10月22日
簿偌 2023年10月22日
扫码二维码
获取最新动态
