首页 文章

nginx.conf忽略nginx-ingress配置映射片段

提问于
浏览
8

我有一个kubernetes集群,我使用helm nginx-ingress chart部署了一个nginx入口控制器 .

我需要在nginx-controller-pod中生成的nginx.conf文件中添加一些自定义配置,我看到一个问题,如果我添加一行选项,如 proxy-buffer-size: "512k" ,我可以看到这反映在nginx中 . conf文件,一切都按预期工作 .

但是,如果我尝试添加一个片段来完成同样的事情:

location-snippet: |
  proxy_buffer_size "512k";

就好像nginx.conf文件忽略了它, proxy_buffer_size 设置保持默认值 .

我需要能够添加 http-snippetserver-snippetlocation-snippet 覆盖,但是我是否尝试将它们添加到ConfigMap或作为Ingress.yaml文件中的注释,它们总是被忽略 .

我的Ingress yaml文件:

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: my-ingress
  annotations:
    kubernetes.io/ingress.class: nginx
    ingress.kubernetes.io/ssl-redirect: "true" 
    ingress.kubernetes.io/secure-backends: "true"    
    ingress.kubernetes.io/force-ssl-redirect: "true"

    ingress.kubernetes.io/location-snippet: |
       proxy_buffer_size 512k;     --This does not update the nginx.conf
spec:
  tls:
  - hosts:
    - my.app.co.uk
    secretName: tls-secret

  rules:
  - host: my.app.co.uk
    http:
      paths:
      - path: /
        backend:
          serviceName: myappweb-service
          servicePort: 80

我的nginx配置图:

apiVersion: v1
kind: ConfigMap
metadata:
  labels:
    app: nginx-ingress
    chart: nginx-ingress-0.28.3
    component: controller
    heritage: Tiller
    release: nginx-ingress
  name: nginx-ingress-controller
  namespace: default
data:
  proxy-buffer-size: "512k" -- this works and updates the nginx.conf

  location-snippet: |
    proxy_buffers 4 512k; -- this does not update the nginx.conf

  server-snippet: |       -- this does not update the nginx.conf
    location /messagehub {
      proxy_set_header Upgrade $http_upgrade;
      proxy_http_version 1.1;
      proxy_set_header X-Forwarded-Host $http_host;
      proxy_set_header X-Forwarded-Proto $scheme;
      proxy_set_header X-Forwarded-For $remote_addr;
      proxy_set_header Host $host;
      proxy_set_header Connection "upgrade";
      proxy_cache_bypass $http_upgrade;
   }
nginx kubernetes yaml kubernetes-ingress nginx-ingress

2 回答

  • 3

    事实证明,我的问题是由于我正在应用的代码段的内容 . 每次运行 kubectl apply -f myconfigmap.yaml 时,都会针对您尝试应用于nginx.conf的更改运行验证 . 当此验证失败时,它会无声地失败,并且在终端中没有任何提醒您的信息 .

    实际上,您仍然会收到 configmap/nginx-ingress-controller configured 消息 .

    例如,当我将其添加到配置映射时,它会按预期更新nginx.conf:

    http-snippet: |
  sendfile on;

    但是,当我添加它时,没有任何变化:

    http-snippet: |
  sendfile on;
  tcp_nopush on;

    原因是验证失败,但找到它的唯一方法是查看nginx入口控制器pod的日志 . 在这个例子中,我看到:

    Error: exit status 1
2018/10/16 07:45:49 [emerg] 470#470: "tcp_nopush" directive is duplicate in 
/tmp/nginx-cfg468835321:245
nginx: [emerg] "tcp_nopush" directive is duplicate in /tmp/nginx-cfg468835321:245
nginx: configuration file /tmp/nginx-cfg468835321 test failed

    所以我复制了一个已经存在的指令 .

    回复于
  • 3

    如果您想修改Kubernetes Ingress ,注释选项如下:

    • nginx.ingress.kubernetes.io/configuration-snippet 用于nginx位置块代码段

    • nginx.ingress.kubernetes.io/server-snippet 用于nginx配置服务块中的代码段

    看起来你正在使用 nginx.org/location-snippets: .

    在nginx配置示例中还有一个YAML无效语法,你也应该根据exampleserver-snippets 中使用复数 . 在撰写本文时,_457877中有一个拼写错误 . 打开this ticket跟进 .

    它应该是这样的:

    server-snippets: |
    location /messagehub {
      proxy_set_header Upgrade $http_upgrade;
      proxy_http_version 1.1;
      proxy_set_header X-Forwarded-Host $http_host;
      proxy_set_header X-Forwarded-Proto $scheme;
      proxy_set_header X-Forwarded-For $remote_addr;
      proxy_set_header Host $host;
      proxy_set_header Connection "upgrade";
      proxy_cache_bypass $http_upgrade;
      }

    而不是这个:

    server-snippet: |
    location /messagehub {
      proxy_set_header Upgrade $http_upgrade;
      proxy_http_version 1.1;
      proxy_set_header X-Forwarded-Host $http_host;
      proxy_set_header X-Forwarded-Proto $scheme;
      proxy_set_header X-Forwarded-For $remote_addr;
      proxy_set_header Host $host;
      proxy_set_header Connection "upgrade";
      proxy_cache_bypass $http_upgrade;
    }

    注意最后一个花括号的缩进 .

    回复于

相关问题