Open STRRL opened 11 months ago
您好,不知道目前已经支持了哪些功能?我尝试使用 rewrites,但是无法达到预期效果。 https://github.com/nginxinc/kubernetes-ingress/tree/v3.4.0/examples/ingress-resources/rewrites
kind: Ingress apiVersion: networking.k8s.io/v1 metadata: name: steambird-api-yaml-via-cf-tunnel namespace: steambird annotations: kubesphere.io/creator: admin nginx.org/rewrites: "serviceName=steambird rewrite=/api-docs" finalizers: - strrl.dev/cloudflare-tunnel-ingress-controller-controlled spec: ingressClassName: cloudflare-tunnel rules: - host: steambird-api-yaml.besscroft.com http: paths: - path: / pathType: Prefix backend: service: name: steambird port: number: 8000
感谢您能看到这里,我不确定是不能这样用,还是我配置错误。但是查询文档发现 Nginx Ingress 似乎是支持这个注解的,而且也有官方示例。 谢谢!
应该是还没有实现这个功能,同时推荐使用ingress-nginx ,而不是nginx-ingress
Hi @besscroft, 目前这个想法还在 draft 阶段, 并没有真正实现它.
如果需要的话可以考虑和 ingress-nginx 嵌套使用.
@STRRL @omegazeng 感谢回复,我抽空尝试一下😊,需要学习的内容还有挺多。
Along the same lines as this, I want to be able to use authelia which part of how authelia works with nginx-ingress is the following annotations
annotations:
nginx.ingress.kubernetes.io/auth-method: GET
nginx.ingress.kubernetes.io/auth-url: http://authelia.default.svc.cluster.local/api/verify
nginx.ingress.kubernetes.io/auth-signin: https://auth.example.com?rm=$request_method
nginx.ingress.kubernetes.io/auth-response-headers: Remote-User,Remote-Name,Remote-Groups,Remote-Email
nginx.ingress.kubernetes.io/auth-snippet: |
proxy_set_header X-Forwarded-Method $request_method;
I see that the issue I'm facing is with the kubernetes official nginx ingress controller and not the f5 nginx official ingress controller.
Just to add to this discussion you can solve this easily. I just use this controller to tunnel to my NGINX ingress. I.e.
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ingress-to-nginx-ingress
namespace: ingress-nginx
annotations:
cloudflare-tunnel-ingress-controller.strrl.dev/backend-protocol: https
cloudflare-tunnel-ingress-controller.strrl.dev/proxy-ssl-verify: "off"
spec:
ingressClassName: cloudflare-tunnel
rules:
- host: "*.example.com"
http:
paths:
- backend:
service:
name: ingress-nginx-controller
port:
number: 443
path: /
pathType: Prefix
Now I can use ingressClassName: nginx and provided the ingresses are subdomains of example.com, then it magically works. You can basically ignore the cloudflare-ingress controller once its setup, and use authelia on your nginx ingress. Thanks again for an amazing ingress controller! Really looking forward to the next release with the latest pulls.
apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: ingress-to-nginx-ingress namespace: ingress-nginx annotations: cloudflare-tunnel-ingress-controller.strrl.dev/backend-protocol: https cloudflare-tunnel-ingress-controller.strrl.dev/proxy-ssl-verify: "off" spec: ingressClassName: cloudflare-tunnel rules: - host: "*.example.com" http: paths: - backend: service: name: ingress-nginx-controller port: number: 443 path: / pathType: Prefix
nice idea
您好,不知道目前已经支持了哪些功能?我尝试使用 rewrites,但是无法达到预期效果。 https://github.com/nginxinc/kubernetes-ingress/tree/v3.4.0/examples/ingress-resources/rewrites
感谢您能看到这里,我不确定是不能这样用,还是我配置错误。但是查询文档发现 Nginx Ingress 似乎是支持这个注解的,而且也有官方示例。 谢谢!