个人中心
gpt4 book ai didi

nginx - Kubernetes 中带有 nginx 入口 Controller 的 Kibana

转载 作者:行者123 更新时间:2023-12-01 13:36:36 26 4
gpt4 key购买 nike

我试图在 www.mydomain.com/kibana 下运行的 GKE Kubernetes 集群中获取 Kibana 6.2.4,但没有成功。尽管如此,我可以用 kubectl proxy 完美地运行它和默认 SERVER_BASEPATH .

这是我使用 SERVER_BASEPATH 的 Kibana 部署移除。

---

apiVersion: apps/v1
kind: Deployment
metadata:
  name: kibana-logging
  namespace: logging
  labels:
    k8s-app: kibana-logging
    kubernetes.io/cluster-service: "true"
    addonmanager.kubernetes.io/mode: Reconcile
spec:
  replicas: 1
  selector:
    matchLabels:
      k8s-app: kibana-logging
  template:
    metadata:
      labels:
        k8s-app: kibana-logging
      annotations:
        seccomp.security.alpha.kubernetes.io/pod: 'docker/default'
    spec:
      containers:
      - name: kibana-logging
        image: docker.elastic.co/kibana/kibana-oss:6.2.4
        resources:
          # need more cpu upon initialization, therefore burstable class
          limits:
            cpu: 1000m
          requests:
            cpu: 100m
        env:
          - name: ELASTICSEARCH_URL
            value: http://elasticsearch-logging:9200
          # - name: SERVER_BASEPATH
          #   value: /api/v1/namespaces/logging/services/kibana-logging/proxy
        ports:
        - containerPort: 5601
          name: ui
          protocol: TCP

我的 nginx 入口定义(nginx-ingress-controller:0.19.0): 
---

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: logging-ingress
  namespace: logging
  annotations:
    kubernetes.io/ingress.class: nginx
    nginx.ingress.kubernetes.io/configuration-snippet: |
      rewrite ^/kibana/(.*)$ /$1 break;
spec:
  tls:
    - hosts:
      - dev.mydomain.net
      secretName: mydomain-net-tls-secret
  rules:
  - host: dev.mydomain.net
    http:
      paths:
      - path: /kibana
        backend:
          serviceName: kibana-logging
          servicePort: 5601

这导致了这个 nginx 位置 
    location /kibana {

        set $namespace      "logging";
        set $ingress_name   "logging-ingress";
        set $service_name   "kibana-logging";
        set $service_port   "5601";
        set $location_path  "/kibana";

        rewrite_by_lua_block {

            balancer.rewrite()

        }

        log_by_lua_block {

            balancer.log()

            monitor.call()
        }

        port_in_redirect off;

        set $proxy_upstream_name "logging-kibana-logging-5601";

        # enforce ssl on server side
        if ($redirect_to_https) {

            return 308 https://$best_http_host$request_uri;

        }

        client_max_body_size                    "1m";

        proxy_set_header Host                   $best_http_host;

        # Pass the extracted client certificate to the backend

        # Allow websocket connections
        proxy_set_header                        Upgrade           $http_upgrade;

        proxy_set_header                        Connection        $connection_upgrade;

        proxy_set_header X-Request-ID           $req_id;
        proxy_set_header X-Real-IP              $the_real_ip;

        proxy_set_header X-Forwarded-For        $the_real_ip;

        proxy_set_header X-Forwarded-Host       $best_http_host;
        proxy_set_header X-Forwarded-Port       $pass_port;
        proxy_set_header X-Forwarded-Proto      $pass_access_scheme;

        proxy_set_header X-Original-URI         $request_uri;

        proxy_set_header X-Scheme               $pass_access_scheme;

        # Pass the original X-Forwarded-For
        proxy_set_header X-Original-Forwarded-For $http_x_forwarded_for;

        # mitigate HTTPoxy Vulnerability
        # https://www.nginx.com/blog/mitigating-the-httpoxy-vulnerability-with-nginx/
        proxy_set_header Proxy                  "";

        # Custom headers to proxied server

        proxy_connect_timeout                   5s;
        proxy_send_timeout                      60s;
        proxy_read_timeout                      60s;

        proxy_buffering                         "off";
        proxy_buffer_size                       "4k";
        proxy_buffers                           4 "4k";
        proxy_request_buffering                 "on";

        proxy_http_version                      1.1;

        proxy_cookie_domain                     off;
        proxy_cookie_path                       off;

        # In case of errors try the next upstream server before returning an error
        proxy_next_upstream                     error timeout;
        proxy_next_upstream_tries               3;

        rewrite ^/kibana/(.*)$ /$1 break;

        proxy_pass http://upstream_balancer;

        proxy_redirect                          off;

    }

但是,要去 /kibana结果是 404。

堆栈驱动程序 
2018-10-30 08:30:48.000 MDT
GET /kibana 404 61ms - 9.0B

网页 
{
  statusCode: 404,
  error: "Not Found",
  message: "Not Found"
}

我觉得我好像缺少 SERVER_BASEPATH 的某种设置和/或我的 nginx 入口配置。

最佳答案

我相信你想要的是nginx.ingress.kubernetes.io/rewrite-target: /入口中的注释。

这样location {}块看起来像这样:

location ~* ^/kibana\/?(?<baseuri>.*) {
       ...
       rewrite (?i)/kibana/(.*) /$1 break;
       rewrite (?i)/kibana$ / break;
       ...
}

关于nginx - Kubernetes 中带有 nginx 入口 Controller 的 Kibana,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/53067005/

26 4 0
文章推荐: tfs - 升级到 VS2017 后 VSTS 托管构建失败
文章推荐: git - 如何列出从特定分支的任何提交创建的所有 git 分支
文章推荐: java - Base64 编码的 512 位数字签名的最终字符的范围是多少?
文章推荐: nginx 已卸载,本地主机 :8080 still showing nginx welcome page
行者123
个人简介

我是一名优秀的程序员,十分优秀!

滴滴打车优惠券免费领取
滴滴打车优惠券
全站热门文章
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com