huojin
/
Cpte-Boot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Cpte-Boot/k8s/manifests/nginx.yaml

255 lines
6.5 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

apiVersion: v1
kind: ConfigMap
metadata:
name: nginx-conf
namespace: cpte-wms
annotations:
kubesphere.io/creator: admin
kubesphere.io/description: 配置文件
data:
nginx.conf: |
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
# ✅ 字符编码设置
charset utf-8;
charset_types text/html text/plain text/css application/javascript application/json;
sendfile on;
keepalive_timeout 65;
gzip on;
gzip_static on;
gzip_buffers 4 16k;
gzip_comp_level 5;
gzip_types text/plain application/javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png;
server {
listen 80;
listen [::]:80;
server_name 101.35.253.46;
# 前端配置
location / {
root /html/dist;
try_files $uri $uri/ /index.html last;
index index.html;
expires -1;
}
# 后端api配置
location /cpte-wms/ {
# 反向代理的java地址
proxy_pass http://101.35.253.46:8000/cpte-wms/;
proxy_redirect off;
# 设置代理消息头
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
# 设置没有缓存
expires -1;
# 安全配置
add_header Set-Cookie "Path=/; HttpOnly; Secure";
add_header X-Content-Type-Options "nosniff";
add_header X-XSS-Protection "1; mode=block";
add_header X-Frame-Options "ALLOW-FROM 101.35.253.46";
add_header Content-Security-Policy "frame-ancestors 101.35.253.46";
}
# 健康检查端点
location /health {
access_log off;
return 200 "healthy\n";
add_header Content-Type text/plain;
}
# 就绪检查端点
location /ready {
access_log off;
return 200 "ready\n";
add_header Content-Type text/plain;
}
}
}
default.html: |
<!DOCTYPE html>
<html lang="zh-CN">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Nginx - CPTE WMS</title>
<style>
body { font-family: Arial, "Microsoft YaHei", sans-serif; margin: 40px; background: #f5f5f5; }
.container { background: white; padding: 30px; border-radius: 8px; box-shadow: 0 2px 4px rgba(0,0,0,0.1); max-width: 600px; margin: 0 auto; }
h1 { color: #009639; }
.info { background: #e8f5e9; padding: 15px; border-radius: 4px; margin: 20px 0; }
.info p { margin: 8px 0; }
</style>
</head>
<body>
<div class="container">
<h1>✅ Nginx 部署成功!</h1>
<div class="info">
<p><strong>项目:</strong> CPTE WMS</p>
<p><strong>环境:</strong> Production</p>
<p><strong>时间:</strong> <span id="time"></span></p>
</div>
</div>
<script>document.getElementById('time').innerText = new Date().toLocaleString('zh-CN');</script>
</body>
</html>
---
# 2. Deployment
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx
namespace: cpte-wms
labels:
app: nginx
annotations:
kubesphere.io/description: "1.28.0"
spec:
replicas: 1
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
version: v1
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "80"
spec:
containers:
- name: nginx
image: docker.io/library/nginx:1.28.0
imagePullPolicy: IfNotPresent
ports:
- name: http
containerPort: 80
protocol: TCP
resources:
requests:
cpu: "50m"
memory: "64Mi"
limits:
cpu: "500m"
memory: "256Mi"
livenessProbe:
httpGet:
path: /health
port: 80
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
readinessProbe:
httpGet:
path: /ready
port: 80
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 3
failureThreshold: 3
startupProbe:
httpGet:
path: /health
port: 80
initialDelaySeconds: 0
periodSeconds: 5
timeoutSeconds: 3
failureThreshold: 30
volumeMounts:
- name: nginx-conf
mountPath: /etc/nginx/nginx.conf
subPath: nginx.conf
readOnly: true
- name: nginx-html
mountPath: /html/dist
readOnly: true
- name: nginx-cache
mountPath: /var/cache/nginx
- name: nginx-log
mountPath: /var/log/nginx
env:
- name: NGINX_ENTRYPOINT_QUIET_LOGS
value: "true"
# ⚠️ 修复重点volumes 配置
volumes:
- name: nginx-conf
configMap:
name: nginx-conf
items:
- key: nginx.conf
path: nginx.conf
- name: nginx-html
configMap:
name: nginx-conf
items:
- key: default.html
path: index.html
- name: nginx-cache
emptyDir: {}
- name: nginx-log
emptyDir: {}
restartPolicy: Always
---
# 3. Service
kind: Service
apiVersion: v1
metadata:
name: nginx-service
namespace: cpte-wms
creationTimestamp: '2026-03-16T11:55:00Z'
labels:
app: nginx
spec:
ports:
- name: nginx
protocol: TCP
port: 80
targetPort: 80
nodePort: 30575
selector:
app: nginx
clusterIP: 10.233.51.227
clusterIPs:
- 10.233.51.227
type: NodePort
sessionAffinity: None
externalTrafficPolicy: Cluster
ipFamilies:
- IPv4
ipFamilyPolicy: SingleStack
internalTrafficPolicy: Cluster
Reference in New Issue View Git Blame Copy Permalink