search

STRRL / cloudflare-tunnel-ingress-controller

🚀 Expose the website directly into the internet! The Kuberntes Ingress Controller based on Cloudflare Tunnel.
MIT License
569 stars 35 forks source link

Ingetrate with Nginx Ingress Controller #28

Open STRRL opened 11 months ago

besscroft commented 6 months ago

您好,不知道目前已经支持了哪些功能?我尝试使用 rewrites,但是无法达到预期效果。 https://github.com/nginxinc/kubernetes-ingress/tree/v3.4.0/examples/ingress-resources/rewrites

kind: Ingress
apiVersion: networking.k8s.io/v1
metadata:
  name: steambird-api-yaml-via-cf-tunnel
  namespace: steambird
  annotations:
    kubesphere.io/creator: admin
    nginx.org/rewrites: "serviceName=steambird rewrite=/api-docs"
  finalizers:
    - strrl.dev/cloudflare-tunnel-ingress-controller-controlled
spec:
  ingressClassName: cloudflare-tunnel
  rules:
    - host: steambird-api-yaml.besscroft.com
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: steambird
                port:
                  number: 8000

感谢您能看到这里,我不确定是不能这样用,还是我配置错误。但是查询文档发现 Nginx Ingress 似乎是支持这个注解的,而且也有官方示例。 谢谢!

omegazeng commented 6 months ago

您好,不知道目前已经支持了哪些功能?我尝试使用 rewrites,但是无法达到预期效果。 https://github.com/nginxinc/kubernetes-ingress/tree/v3.4.0/examples/ingress-resources/rewrites

kind: Ingress
apiVersion: networking.k8s.io/v1
metadata:
  name: steambird-api-yaml-via-cf-tunnel
  namespace: steambird
  annotations:
    kubesphere.io/creator: admin
    nginx.org/rewrites: "serviceName=steambird rewrite=/api-docs"
  finalizers:
    - strrl.dev/cloudflare-tunnel-ingress-controller-controlled
spec:
  ingressClassName: cloudflare-tunnel
  rules:
    - host: steambird-api-yaml.besscroft.com
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: steambird
                port:
                  number: 8000

感谢您能看到这里,我不确定是不能这样用,还是我配置错误。但是查询文档发现 Nginx Ingress 似乎是支持这个注解的,而且也有官方示例。 谢谢!

应该是还没有实现这个功能,同时推荐使用ingress-nginx ,而不是nginx-ingress

STRRL commented 6 months ago

Hi @besscroft, 目前这个想法还在 draft 阶段, 并没有真正实现它.

如果需要的话可以考虑和 ingress-nginx 嵌套使用.

besscroft commented 6 months ago

@STRRL @omegazeng 感谢回复,我抽空尝试一下😊,需要学习的内容还有挺多。

blade2005 commented 5 months ago

Along the same lines as this, I want to be able to use authelia which part of how authelia works with nginx-ingress is the following annotations

annotations:
  nginx.ingress.kubernetes.io/auth-method: GET
  nginx.ingress.kubernetes.io/auth-url: http://authelia.default.svc.cluster.local/api/verify
  nginx.ingress.kubernetes.io/auth-signin: https://auth.example.com?rm=$request_method
  nginx.ingress.kubernetes.io/auth-response-headers: Remote-User,Remote-Name,Remote-Groups,Remote-Email
  nginx.ingress.kubernetes.io/auth-snippet: |
    proxy_set_header X-Forwarded-Method $request_method;

https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md

I see that the issue I'm facing is with the kubernetes official nginx ingress controller and not the f5 nginx official ingress controller.

toastedcrumpets commented 1 month ago

Just to add to this discussion you can solve this easily. I just use this controller to tunnel to my NGINX ingress. I.e.

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: ingress-to-nginx-ingress
  namespace: ingress-nginx
  annotations:
    cloudflare-tunnel-ingress-controller.strrl.dev/backend-protocol: https
    cloudflare-tunnel-ingress-controller.strrl.dev/proxy-ssl-verify: "off"
spec:
  ingressClassName: cloudflare-tunnel
  rules:
  - host: "*.example.com"
    http:
      paths:
      - backend:
          service:
            name: ingress-nginx-controller
            port:
              number: 443
        path: /
        pathType: Prefix

Now I can use ingressClassName: nginx and provided the ingresses are subdomains of example.com, then it magically works. You can basically ignore the cloudflare-ingress controller once its setup, and use authelia on your nginx ingress. Thanks again for an amazing ingress controller! Really looking forward to the next release with the latest pulls.

monlor commented 1 month ago 
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: ingress-to-nginx-ingress
  namespace: ingress-nginx
  annotations:
    cloudflare-tunnel-ingress-controller.strrl.dev/backend-protocol: https
    cloudflare-tunnel-ingress-controller.strrl.dev/proxy-ssl-verify: "off"
spec:
  ingressClassName: cloudflare-tunnel
  rules:
  - host: "*.example.com"
    http:
      paths:
      - backend:
          service:
            name: ingress-nginx-controller
            port:
              number: 443
        path: /
        pathType: Prefix

nice idea