nginx-host
下载nginx镜像
docker pull docker.io/nginx:latest
由于calico网络不支持http协议,所以即使你在iptables中配置了nat路由,将访问宿主机80端口的请求都转发到nginx-consul-template,外部也无法访问nginx-ingress。于是我们需要额外启动一个nginx(docker host网络),来做反向代理到nginx-ingress。
另如果你需要不同网卡下面的网络通讯的话,你只需要在iptables中添加NAT条目即可:
配置nginx
mkdir -p /opt/platform/nginx-host && cd /opt/platform/nginx-host && mkdir -p conf/conf.d modules html logs
vim /opt/platform/nginx-host/conf/conf.d/default.conf
upstream nginx-calico {
server 10.233.2.1:80;
server 10.233.3.1:80;
server 10.233.4.1:80;
}
server {
listen 80;
charset utf-8;
server_name *.test.com;
location / {
proxy_pass http://nginx-calico;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 10s;
proxy_send_timeout 150s;
proxy_read_timeout 150s;
proxy_next_upstream error timeout invalid_header http_404 http_502 http_504 http_500;
}
}
上传nginx.conf文件到/opt/platform/nginx-host/conf
#user ops;
worker_processes auto;
worker_cpu_affinity auto; error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid; worker_rlimit_nofile 65535; events {
use epoll;
worker_connections 65535;
} http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"'; log_format json '{"@timestamp":"$time_iso8601",'
'"remote_addr":"$remote_addr",'
'"remote_user":"$remote_user",'
'"http_host":"$http_host",'
'"request":"$request",'
'"status":"$status",'
'"body_bytes_sent":$body_bytes_sent,'
'"http_referer":"$http_referer",'
'"http_user_agent":"$http_user_agent",'
'"http_x_frowarded_for":"$http_x_forwarded_for",'
'"upstream_status":"$upstream_status",'
'"upstream_addr":"$upstream_addr",'
'"upstream_response_time":"$upstream_response_time",'
'"request_time":$request_time}'; access_log /var/log/nginx/access.log main; sendfile on;
#tcp_nopush on; keepalive_timeout 65; client_header_buffer_size 20m;
large_client_header_buffers 4 2048k;
client_max_body_size 20m;
proxy_buffer_size 64k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k; proxy_ignore_client_abort on; #让代理服务端不要主动关闭客户端的连接。 gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.1;
gzip_comp_level 2;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript image/jpeg image/gif image/png application/javascript;
gzip_proxied any;
gzip_disable "MSIE [1-6]\."; server {
listen 80 default;
server_name _;
return 499;
} include /etc/nginx/conf.d/*.conf;
}
以及上传mime.types文件到/opt/platform/nginx-host/conf
types {
text/html html htm shtml;
text/css css;
text/xml xml;
image/gif gif;
image/jpeg jpeg jpg;
application/javascript js;
application/atom+xml atom;
application/rss+xml rss;
text/mathml mml;
text/plain txt;
text/vnd.sun.j2me.app-descriptor jad;
text/vnd.wap.wml wml;
text/x-component htc;
image/png png;
image/svg+xml svg svgz;
image/tiff tif tiff;
image/vnd.wap.wbmp wbmp;
image/webp webp;
image/x-icon ico;
image/x-jng jng;
image/x-ms-bmp bmp;
application/font-woff woff;
application/java-archive jar war ear;
application/json json;
application/mac-binhex40 hqx;
application/msword doc;
application/pdf pdf;
application/postscript ps eps ai;
application/rtf rtf;
application/vnd.apple.mpegurl m3u8;
application/vnd.google-earth.kml+xml kml;
application/vnd.google-earth.kmz kmz;
application/vnd.ms-excel xls;
application/vnd.ms-fontobject eot;
application/vnd.ms-powerpoint ppt;
application/vnd.oasis.opendocument.graphics odg;
application/vnd.oasis.opendocument.presentation odp;
application/vnd.oasis.opendocument.spreadsheet ods;
application/vnd.oasis.opendocument.text odt;
application/vnd.openxmlformats-officedocument.presentationml.presentation
pptx;
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
xlsx;
application/vnd.openxmlformats-officedocument.wordprocessingml.document
docx;
application/vnd.wap.wmlc wmlc;
application/x-7z-compressed 7z;
application/x-cocoa cco;
application/x-java-archive-diff jardiff;
application/x-java-jnlp-file jnlp;
application/x-makeself run;
application/x-perl pl pm;
application/x-pilot prc pdb;
application/x-rar-compressed rar;
application/x-redhat-package-manager rpm;
application/x-sea sea;
application/x-shockwave-flash swf;
application/x-stuffit sit;
application/x-tcl tcl tk;
application/x-x509-ca-cert der pem crt;
application/x-xpinstall xpi;
application/xhtml+xml xhtml;
application/xspf+xml xspf;
application/zip zip;
application/octet-stream bin exe dll;
application/octet-stream deb;
application/octet-stream dmg;
application/octet-stream iso img;
application/octet-stream msi msp msm;
audio/midi mid midi kar;
audio/mpeg mp3;
audio/ogg ogg;
audio/x-m4a m4a;
audio/x-realaudio ra;
video/3gpp 3gpp 3gp;
video/mp2t ts;
video/mp4 mp4;
video/mpeg mpeg mpg;
video/quicktime mov;
video/webm webm;
video/x-flv flv;
video/x-m4v m4v;
video/x-mng mng;
video/x-ms-asf asx asf;
video/x-ms-wmv wmv;
video/x-msvideo avi;
}
运行nginx-host
docker run -d \
--net=host \
-v /opt/platform/nginx-host/conf:/etc/nginx \
-v /opt/platform/nginx-host/modules:/usr/lib/nginx/modules \
-v /opt/platform/nginx-host/html:/usr/share/nginx/html \
-v /opt/platform/nginx-host/logs:/var/log/nginx \
--name=nginx-host nginx
nginx-host的更多相关文章
- nginx 虚拟主机基于端口的搭建
首先配置nginx.conf [root@localhost conf]# cat nginx.confworker_processes 1;user nginx nginx;error_log /a ...
- certbot+nginx (仅用作个人纪录)
https://certbot.eff.org/#centos6-nginx https://github.com/kshcherban/acme-nginx server { listen 80; ...
- ecshop在nginx下实现负载均衡
ecshop在负载方面的功能是十分弱小的.当你的IP每个小时到达了一万IP.如果在带宽和服务器硬件有限的情况下.你的服务器很快就会崩溃的.网站直接挂掉.为了增强ecshop在负载均衡方面的能力.我们可 ...
- WordPress 4.8 安装配置教程 (基于 centos 7.3, php 7.0, mysql 5.7.19, nginx 1.12.1)
最近想要整个 blog,记录自己工作.学习中的点滴.Wordpress 自然是首选,因为内容才是关键,所以也就不怕别人说太 low.网上大部份都是讲 wordpress 配合 apache 的安装教程 ...
- Nginx 原理解析和配置摘要
前言 Nginx 作为高性能的 http 服务器,知名度不必多言,相似产品中无出其右.本篇随笔记录我认为较为重要的原理和配置. 1. 原理解析 1.1 结构 以上是 Nginx 的结构图,其包含一个 ...
- 初探nginx
nginx nginx是俄罗斯人写的轻量级http服务器,Nginx 以事件驱动的方式编写,有非常好的性能,同时也是一个非常高效的反向代理.负载均衡. Nginx 稳定性高,模块库丰富,配置灵活,系统 ...
- nginx模块,模块的配置使用
nginx模块官方模块(默认支持的)第三方模块 1. --with-http_stub_status_module nginx的客户端状态 配置syntax: sub_status;default:- ...
- Nginx 配置HTTPS 与Node.js 配置HTTPS方法
前段时间公司网站要求加上HTTPS安全CA证书,公司服务器全是阿里云服务器,并且配有负载均衡,所以选择直接在阿里云购买CA证书,阿里云有一种证书可以免费试用一年,决定申请此证书,阿里云证书需要验证,阿 ...
- nginx + lua 限制ip地址访问
实验环境:docker + openresty 我限制的5秒钟内允许访问两次效果图: default.conf 代码如下: lua_shared_dict my_limit_count_store ...
- [Linux] 一个前端必会的 Nginx 免费教程-在虚拟机中用deepin测试
原文技术胖的 nginx 技术胖 专注于前端开发 deepin Linux Deepin 是一个基于 DEB 包管理的一个独立操作系统,和那些 Ubuntu(下个大版本是基于 debian 开发) 的 ...
随机推荐
- myeclipse使用SVN分支与合并详解
此博文主要内容来源地址:https://blog.csdn.net/liuyifeng1920/article/details/53118183,感谢原创博主: 先介绍一下svn的两种开发和发布的规范 ...
- python之json读写
#将字典转json并写入文件 import json i=3 j=5 a={'a':i,'b':j} js=json.dumps(a) print(js) with open("/Users ...
- webstorm设置babel,使用es6
原文链接:https://blog.csdn.net/peade/article/details/76522177 网上有很多关于如何设置babel的.我学习着设置,但总差那么几步,没能满足我的需求. ...
- Linux: Block Port With IPtables
由Internet和其他网络协议识别端口号,使计算机能够与其他人进行交互.每个Linux服务器都有一个端口号(参见/ etc / services文件) Block Incoming Port The ...
- lavarel数据库查找别名操作
lavarel数据库查找别名操作 一.总结 一句话总结: 当有表前缀的时候:DB::table('users as table1')->select(DB::raw('table1.id'))- ...
- VS2015编译cef3-2357
1.会遇到把警告当错误的情况 按照如下设置即可 2. 错误 C2334 “:”的前面有意外标记:跳过明显的函数体 (编译源文件 E:\cef_binary_3.2357.1271.g8e0674e_w ...
- 禁用显示GC 会有什么问题?-XX:+DisableExplicitGC
-XX:+DisableExplicitGC
- 服务器开启FTP功能
介绍几个比较完整的教程链接 Windows Server 2012 之文件服务器(FTP)
- SpringCloud(五)之Spring Cloud 中 Feign结合Hystrix断路器开发实战
1.先讲hystrx(断路器) 在springcloub 中的使用 1.1 加入依赖 注意:网上新旧版本问题,所以要以官网为主,不然部分注解会丢失最新版本 2.0 <dependency> ...
- Android:通过systrace进行性能分析
一.Systrace 简介 Systrace 允许您在系统级别(如SurfaceFlinger.WindowManagerService等Framework部分关键模块.服务.View系统等)收集和检 ...