nginx-host
下载nginx镜像
docker pull docker.io/nginx:latest
由于calico网络不支持http协议,所以即使你在iptables中配置了nat路由,将访问宿主机80端口的请求都转发到nginx-consul-template,外部也无法访问nginx-ingress。于是我们需要额外启动一个nginx(docker host网络),来做反向代理到nginx-ingress。
另如果你需要不同网卡下面的网络通讯的话,你只需要在iptables中添加NAT条目即可:
配置nginx
mkdir -p /opt/platform/nginx-host && cd /opt/platform/nginx-host && mkdir -p conf/conf.d modules html logs
vim /opt/platform/nginx-host/conf/conf.d/default.conf
upstream nginx-calico {
server 10.233.2.1:80;
server 10.233.3.1:80;
server 10.233.4.1:80;
}
server {
listen 80;
charset utf-8;
server_name *.test.com;
location / {
proxy_pass http://nginx-calico;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 10s;
proxy_send_timeout 150s;
proxy_read_timeout 150s;
proxy_next_upstream error timeout invalid_header http_404 http_502 http_504 http_500;
}
}
上传nginx.conf文件到/opt/platform/nginx-host/conf
#user ops;
worker_processes auto;
worker_cpu_affinity auto; error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid; worker_rlimit_nofile 65535; events {
use epoll;
worker_connections 65535;
} http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"'; log_format json '{"@timestamp":"$time_iso8601",'
'"remote_addr":"$remote_addr",'
'"remote_user":"$remote_user",'
'"http_host":"$http_host",'
'"request":"$request",'
'"status":"$status",'
'"body_bytes_sent":$body_bytes_sent,'
'"http_referer":"$http_referer",'
'"http_user_agent":"$http_user_agent",'
'"http_x_frowarded_for":"$http_x_forwarded_for",'
'"upstream_status":"$upstream_status",'
'"upstream_addr":"$upstream_addr",'
'"upstream_response_time":"$upstream_response_time",'
'"request_time":$request_time}'; access_log /var/log/nginx/access.log main; sendfile on;
#tcp_nopush on; keepalive_timeout 65; client_header_buffer_size 20m;
large_client_header_buffers 4 2048k;
client_max_body_size 20m;
proxy_buffer_size 64k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k; proxy_ignore_client_abort on; #让代理服务端不要主动关闭客户端的连接。 gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.1;
gzip_comp_level 2;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript image/jpeg image/gif image/png application/javascript;
gzip_proxied any;
gzip_disable "MSIE [1-6]\."; server {
listen 80 default;
server_name _;
return 499;
} include /etc/nginx/conf.d/*.conf;
}
以及上传mime.types文件到/opt/platform/nginx-host/conf
types {
text/html html htm shtml;
text/css css;
text/xml xml;
image/gif gif;
image/jpeg jpeg jpg;
application/javascript js;
application/atom+xml atom;
application/rss+xml rss;
text/mathml mml;
text/plain txt;
text/vnd.sun.j2me.app-descriptor jad;
text/vnd.wap.wml wml;
text/x-component htc;
image/png png;
image/svg+xml svg svgz;
image/tiff tif tiff;
image/vnd.wap.wbmp wbmp;
image/webp webp;
image/x-icon ico;
image/x-jng jng;
image/x-ms-bmp bmp;
application/font-woff woff;
application/java-archive jar war ear;
application/json json;
application/mac-binhex40 hqx;
application/msword doc;
application/pdf pdf;
application/postscript ps eps ai;
application/rtf rtf;
application/vnd.apple.mpegurl m3u8;
application/vnd.google-earth.kml+xml kml;
application/vnd.google-earth.kmz kmz;
application/vnd.ms-excel xls;
application/vnd.ms-fontobject eot;
application/vnd.ms-powerpoint ppt;
application/vnd.oasis.opendocument.graphics odg;
application/vnd.oasis.opendocument.presentation odp;
application/vnd.oasis.opendocument.spreadsheet ods;
application/vnd.oasis.opendocument.text odt;
application/vnd.openxmlformats-officedocument.presentationml.presentation
pptx;
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
xlsx;
application/vnd.openxmlformats-officedocument.wordprocessingml.document
docx;
application/vnd.wap.wmlc wmlc;
application/x-7z-compressed 7z;
application/x-cocoa cco;
application/x-java-archive-diff jardiff;
application/x-java-jnlp-file jnlp;
application/x-makeself run;
application/x-perl pl pm;
application/x-pilot prc pdb;
application/x-rar-compressed rar;
application/x-redhat-package-manager rpm;
application/x-sea sea;
application/x-shockwave-flash swf;
application/x-stuffit sit;
application/x-tcl tcl tk;
application/x-x509-ca-cert der pem crt;
application/x-xpinstall xpi;
application/xhtml+xml xhtml;
application/xspf+xml xspf;
application/zip zip;
application/octet-stream bin exe dll;
application/octet-stream deb;
application/octet-stream dmg;
application/octet-stream iso img;
application/octet-stream msi msp msm;
audio/midi mid midi kar;
audio/mpeg mp3;
audio/ogg ogg;
audio/x-m4a m4a;
audio/x-realaudio ra;
video/3gpp 3gpp 3gp;
video/mp2t ts;
video/mp4 mp4;
video/mpeg mpeg mpg;
video/quicktime mov;
video/webm webm;
video/x-flv flv;
video/x-m4v m4v;
video/x-mng mng;
video/x-ms-asf asx asf;
video/x-ms-wmv wmv;
video/x-msvideo avi;
}
运行nginx-host
docker run -d \
--net=host \
-v /opt/platform/nginx-host/conf:/etc/nginx \
-v /opt/platform/nginx-host/modules:/usr/lib/nginx/modules \
-v /opt/platform/nginx-host/html:/usr/share/nginx/html \
-v /opt/platform/nginx-host/logs:/var/log/nginx \
--name=nginx-host nginx
nginx-host的更多相关文章
- nginx 虚拟主机基于端口的搭建
首先配置nginx.conf [root@localhost conf]# cat nginx.confworker_processes 1;user nginx nginx;error_log /a ...
- certbot+nginx (仅用作个人纪录)
https://certbot.eff.org/#centos6-nginx https://github.com/kshcherban/acme-nginx server { listen 80; ...
- ecshop在nginx下实现负载均衡
ecshop在负载方面的功能是十分弱小的.当你的IP每个小时到达了一万IP.如果在带宽和服务器硬件有限的情况下.你的服务器很快就会崩溃的.网站直接挂掉.为了增强ecshop在负载均衡方面的能力.我们可 ...
- WordPress 4.8 安装配置教程 (基于 centos 7.3, php 7.0, mysql 5.7.19, nginx 1.12.1)
最近想要整个 blog,记录自己工作.学习中的点滴.Wordpress 自然是首选,因为内容才是关键,所以也就不怕别人说太 low.网上大部份都是讲 wordpress 配合 apache 的安装教程 ...
- Nginx 原理解析和配置摘要
前言 Nginx 作为高性能的 http 服务器,知名度不必多言,相似产品中无出其右.本篇随笔记录我认为较为重要的原理和配置. 1. 原理解析 1.1 结构 以上是 Nginx 的结构图,其包含一个 ...
- 初探nginx
nginx nginx是俄罗斯人写的轻量级http服务器,Nginx 以事件驱动的方式编写,有非常好的性能,同时也是一个非常高效的反向代理.负载均衡. Nginx 稳定性高,模块库丰富,配置灵活,系统 ...
- nginx模块,模块的配置使用
nginx模块官方模块(默认支持的)第三方模块 1. --with-http_stub_status_module nginx的客户端状态 配置syntax: sub_status;default:- ...
- Nginx 配置HTTPS 与Node.js 配置HTTPS方法
前段时间公司网站要求加上HTTPS安全CA证书,公司服务器全是阿里云服务器,并且配有负载均衡,所以选择直接在阿里云购买CA证书,阿里云有一种证书可以免费试用一年,决定申请此证书,阿里云证书需要验证,阿 ...
- nginx + lua 限制ip地址访问
实验环境:docker + openresty 我限制的5秒钟内允许访问两次效果图: default.conf 代码如下: lua_shared_dict my_limit_count_store ...
- [Linux] 一个前端必会的 Nginx 免费教程-在虚拟机中用deepin测试
原文技术胖的 nginx 技术胖 专注于前端开发 deepin Linux Deepin 是一个基于 DEB 包管理的一个独立操作系统,和那些 Ubuntu(下个大版本是基于 debian 开发) 的 ...
随机推荐
- 使用Spring基于应用层实现读写分离(一)基础版
背景 我们一般应用对数据库而言都是“读多写少”,也就说对数据库读取数据的压力比较大,有一个思路就是说采用数据库集群的方案, 其中一个是主库,负责写入数据,我们称之为:写库: 其它都是从库,负责读取数据 ...
- tomcat在浏览器输入用户名和密码后报错Tomcat Manager App--403 Access Denied You are not authorized to view this page
报错截图:Tomcat Manager App--403 Access Denied You are not authorized to view this page 解决办法: 1.关闭Tomcat ...
- 从JMS到KafKa
从JMS到KafKa JMS (1)JMS概念 JMS(Java Message Service,java消息服务)API是一个消息服务的标准或者说是规范,允许应用程序组件基于JavaEE平台创建.发 ...
- SpringMVC 理论
应用系统三层架构: C/S:客户端/服务器 B/S:浏览器/服务器 标准分层: 表现层:WEB 层,接受结果,响应结果,分发请求:通常客户端使用 http 协议请求 web 层,web 层需要接受 h ...
- 安装wget 、 wget命令
今天给服务器安装新LNMP环境时,wget 时提示 -bash:wget command not found,很明显没有安装wget软件包.一般linux最小化安装时,wget不会默认被安装. 可以通 ...
- [Java]字符串数组 与 字符串链表 之间的相互转化
代码: package com.hy; import java.util.Arrays; import java.util.Collections; import java.util.List; pu ...
- outlier异常值检验算法之_箱型图(附python代码)
python机器学习-乳腺癌细胞挖掘(博主亲自录制视频) https://study.163.com/course/introduction.htm?courseId=1005269003&u ...
- LC 275. H-Index II
Given an array of citations sorted in ascending order (each citation is a non-negative integer) of a ...
- 软件-设计-Adobe-Adobe XD:百科
ylbtech-软件-设计-Adobe-Adobe XD:百科 创建线框.设计.创建原型.展示以及共享适用于 Web.移动设备和语音等的卓越体验 - 以上操作在一款应用程序中即可完成.XD 面向需要进 ...
- easyUI之Messager(消息窗口)
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <hea ...