个人中心
gpt4 book ai didi

linux - 如何使用 GCP 负载均衡器将 HTTP 重定向到 HTTPS

转载 作者:行者123 更新时间:2023-12-02 22:28:06 28 4
gpt4 key购买 nike

我正在 GCP 中使用 2 个节点 (Apache httpd) 设置负载均衡器,域为 lblb.tonegroup.net。

目前我的负载均衡器工作正常,流量正在两个节点之间切换,但我如何配置重定向 http://lblb.tonegroup.nethttps://lblb.tonegroup.net

是否可以在负载均衡器级别配置它,或者我需要在 apache 级别配置它?我已安装 Google 托管 SSL 证书(仅供引用)。

最佳答案

现在,可以通过负载均衡器的流量管理从 http 重定向到 https

下面是如何在其文档中进行设置的示例: https://cloud.google.com/load-balancing/docs/https/setting-up-traffic-management#console

基本上,您将创建两个“转发规则”:targetproxy 和 urlmap。

2 个 URLMap

  • 在第一个 URL 映射中,您只需设置重定向。定义重定向规则如下,这里不需要定义后端服务
    • httpsRedirect: true
    • redirectResponseCode:找到
  • 在第二张 map 中,您必须在那里定义后端服务

2条转发规则

  • 第一个转发规则是服务 http 请求,所以基本上是端口 80
  • 第二条转发规则是为 http 请求提供服务,因此端口 443

2 个目标代理

  • 第一个目标代理是 targetHttpProxy,这将是第一个转发规则转发到的位置并映射到第一个 URLMap
  • 第二个目标代理是 targetHttpsProxy,其中第二个转发规则转发到并映射到第二个 URLMap

================================================== =========================

下面是一个以托管证书和存储桶作为后端的云部署管理器示例

storagebuckets-template.jinja

resources:
- name: {{ properties["bucketExample"] }}
  type: storage.v1.bucket
  properties:
    storageClass: REGIONAL
    location: asia-east2
    cors:
    - origin: ["*"]
      method: [GET]
      responseHeader: [Content-Type]
      maxAgeSeconds: 3600
    defaultObjectAcl:
    - bucket: {{ properties["bucketExample"] }}
      entity: allUsers
      role: READER
    website:
     mainPageSuffix: index.html

backendbuckets-template.jinja

resources:
- name: {{ properties["bucketExample"] }}-backend
  type: compute.beta.backendBucket
  properties:
    bucketName: $(ref.{{ properties["bucketExample"] }}.name)
    enableCdn: true

ipaddresses-template.jinja

resources:
- name: lb-ipaddress
  type: compute.v1.globalAddress

sslcertificates-template.jinja

resources:
- name: example
  type: compute.v1.sslCertificate
  properties:
    type: MANAGED
    managed:
      domains:
      - example1.com
      - example2.com
      - example3.com

loadbalancer-template.jinja

resources:
- name: centralized-lb-http
  type: compute.v1.urlMap
  properties:
    defaultUrlRedirect:
      httpsRedirect: true
      redirectResponseCode: FOUND
- name: centralized-lb-https
  type: compute.v1.urlMap
  properties:
    defaultService: {{ properties["bucketExample"] }}
    pathMatchers:
    - name: example
      defaultService: {{ properties["bucketExample"] }}
      pathRules:
      - service: {{ properties["bucketExample"] }}
        paths:
        - /*
    hostRules:
    - hosts:
      - example1.com
      pathMatcher: example
    - hosts:
      - example2.com
      pathMatcher: example
    - hosts:
      - example3.com
      pathMatcher: example

httpproxies-template.jinja

resources:
- name: lb-http-proxy
  type: compute.v1.targetHttpProxy
  properties:
    urlMap: $(ref.centralized-lb-http.selfLink)
- name: lb-https-proxy
  type: compute.v1.targetHttpsProxy
  properties:
    urlMap: $(ref.centralized-lb-https.selfLink)
    sslCertificates: [$(ref.example.selfLink)]
- name: lb-http-forwardingrule
  type: compute.v1.globalForwardingRule
  properties:
    target: $(ref.lb-http-proxy.selfLink)
    IPAddress: $(ref.lb-ipaddress.address)
    IPProtocol: TCP
    portRange: 80-80
- name: lb-https-forwardingrule
  type: compute.v1.globalForwardingRule
  properties:
    target: $(ref.lb-https-proxy.selfLink)
    IPAddress: $(ref.lb-ipaddress.address)
    IPProtocol: TCP
    portRange: 443-443

templates-bundle.yaml 

 imports:
 - path: backendbuckets-template.jinja
 - path: httpproxies-template.jinja
 - path: ipaddresses-template.jinja
 - path: loadbalancer-template.jinja
 - path: storagebuckets-template.jinja
 - path: sslcertificates-template.jinja

resources:
 - name: storagebuckets
   type: storagebuckets-template.jinja
   properties:
     bucketExample: example-sb
 - name: backendbuckets
   type: backendbuckets-template.jinja
   properties:
     bucketExample: example-sb
 - name: loadbalancer
   type: loadbalancer-template.jinja
   properties:
     bucketExample: $(ref.example-sb-backend.selfLink)
 - name: ipaddresses
   type: ipaddresses-template.jinja
 - name: httpproxies
   type: httpproxies-template.jinja
 - name: sslcertificates
   type: sslcertificates-template.jinja

$ gcloud 部署管理器部署创建基础架构 --config=templates-bundle.yaml > 输出命令输出

 NAME                                   TYPE                             STATE      ERRORS  INTENT
 centralized-lb-http                    compute.v1.urlMap                COMPLETED  []
 centralized-lb-https                   compute.v1.urlMap                COMPLETED  []
 example                                compute.v1.sslCertificate        COMPLETED  []
 example-sb                             storage.v1.bucket                COMPLETED  []
 example-sb-backend                     compute.beta.backendBucket       COMPLETED  []
 lb-http-forwardingrule                 compute.v1.globalForwardingRule  COMPLETED  []
 lb-http-proxy                          compute.v1.targetHttpProxy       COMPLETED  []
 lb-https-forwardingrule                compute.v1.globalForwardingRule  COMPLETED  []
 lb-https-proxy                         compute.v1.targetHttpsProxy      COMPLETED  []
 lb-ipaddress                           compute.v1.globalAddress         COMPLETED  []

关于linux - 如何使用 GCP 负载均衡器将 HTTP 重定向到 HTTPS,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/53648159/

28 4 0
文章推荐: mouseover - 如何在 EaselJS 中处理鼠标悬停事件?
文章推荐: 使用 Jasmine 进行 AngularJS Controller 单元测试
文章推荐: algorithm - 为什么当输入大小改变时算法的优先级会改变
文章推荐: linux - 为什么 ld.so 是共享对象?
行者123
个人简介

我是一名优秀的程序员,十分优秀!

滴滴打车优惠券免费领取
滴滴打车优惠券
全站热门文章
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com