问题
In the past, I have used the following configuration file for nginx
on Ubuntu. It does the following:
- SSL termination
- Load balancer
- Inserts a custom header
X-Nginx-header
- Logs the invocations
events { }
http {
log_format main '$time_iso8601 - $remote_addr - "$http_user_agent" - "$request" - $request_id '
'- $status - $body_bytes_sent - $request_time ';
access_log /home/ubuntu/project-demo/logs/access.log main;
error_log /home/ubuntu/project-demo/logs/error.log error;
proxy_cache_path /data/nginx/cache keys_zone=one:10m;
upstream demoapp {
least_conn;
server localhost:3001;
server localhost:3002;
server localhost:3003;
server localhost:3004;
}
server {
listen 443 ssl;
ssl_certificate /home/ubuntu/project-demo/certs/server.crt;
ssl_certificate_key /home/ubuntu/project-demo/certs/server.pem;
ssl_protocols TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_session_cache shared:SSL:20m;
ssl_session_timeout 4h;
location / {
proxy_set_header X-Nginx-header $request_id;
proxy_pass http://demoapp/;
}
}
}
I want to replicate the same with nginx
deployed as a pod in an OpenShift cluster. I can see nginx
as listed in the catalog of OpenShift cluster. When I try to launch one, it shows a field for GitHub repository with a sample repository - https://github.com/sclorg/nginx-ex.git
How do I utilize this repository for the configuration file shown above?
回答1:
The documentation for the nginx 1.14 version of this image can be found here
This is an s2i image. s2i is a build mechanism that takes source code (in your case the nginx configuration) and a base s2i image (in your case the sclorg nginx contianer image) and produces a runtime image (in your case an nginx image with configuration).
Based on the above documentation for that nginx s2i image if you point the s2i build process at a VCS repository (or local directory) with any of the following files inside it, they will automatically be consumed by the nginx s2i builder image to produce a configured runtime container image.
./nginx.conf-- The main nginx configuration file
./nginx-cfg/*.conf
Should contain all nginx configuration we want to include into image
./nginx-default-cfg/*.conf
Contains any nginx config snippets to include in the default server block
./nginx-start/*.sh
Contains shell scripts that are sourced right before nginx is launched
./
Should contain nginx application source code
In your case that means you can either put your configuration in a nginx.conf
file to overwrite the entire nginx configuration or in a ./nginx-cfg/*.conf
file to just add your configuration to the default nginx.conf file.
来源:https://stackoverflow.com/questions/58096616/openshift-nginx-pod-as-ssl-termination-and-load-balancer