当前位置: 首页 > news >正文

ingress-nginx

news 2026/6/30 2:19:04

apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: flask-app-ingress namespace: default annotations: # ==================== Nginx 配置 ==================== kubernetes.io/ingress.class: "nginx" # 启用 HTTPS 重定向 nginx.ingress.kubernetes.io/ssl-redirect: "true" nginx.ingress.kubernetes.io/force-ssl-redirect: "true" # 限流(每秒 10 个请求,突发 20) nginx.ingress.kubernetes.io/limit-rps: "10" nginx.ingress.kubernetes.io/limit-burst-multiplier: "2" # 客户端真实 IP nginx.ingress.kubernetes.io/enable-real-ip: "true" nginx.ingress.kubernetes.io/proxy-real-ip-cidr: "0.0.0.0/0" # 连接超时 nginx.ingress.kubernetes.io/proxy-connect-timeout: "60" nginx.ingress.kubernetes.io/proxy-send-timeout: "60" nginx.ingress.kubernetes.io/proxy-read-timeout: "60" # 缓冲区大小 nginx.ingress.kubernetes.io/proxy-buffering: "on" nginx.ingress.kubernetes.io/proxy-buffer-size: "16k" nginx.ingress.kubernetes.io/proxy-buffers-number: "4" # Gzip 压缩 nginx.ingress.kubernetes.io/enable-gzip: "true" nginx.ingress.kubernetes.io/gzip-level: "6" nginx.ingress.kubernetes.io/gzip-min-length: "1024" nginx.ingress.kubernetes.io/gzip-types: "text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript" # 安全头 nginx.ingress.kubernetes.io/configuration-snippet: | add_header X-Frame-Options "SAMEORIGIN" always; add_header X-Content-Type-Options "nosniff" always; add_header X-XSS-Protection "1; mode=block" always; add_header Referrer-Policy "strict-origin-when-cross-origin" always; # 认证 # nginx.ingress.kubernetes.io/auth-type: basic # nginx.ingress.kubernetes.io/auth-secret: flask-app-basic-auth # nginx.ingress.kubernetes.io/auth-realm: "Authentication Required" # 自定义错误页面 # nginx.ingress.kubernetes.io/custom-http-errors: "404,500,502,503,504" # nginx.ingress.kubernetes.io/default-backend: custom-error-pages # 重写目标 # nginx.ingress.kubernetes.io/rewrite-target: /$1 # WAF(如果安装了 ModSecurity) # nginx.ingress.kubernetes.io/enable-modsecurity: "true" # nginx.ingress.kubernetes.io/modsecurity-snippet: | # SecRuleEngine On # SecRequestBodyAccess On spec: tls: - hosts: - flask.example.com secretName: flask-app-tls-secret # TLS 证书 Secret rules: - host: flask.example.com http: paths: - path: / pathType: Prefix backend: service: name: flask-app-service port: number: 80

http://www.gsyq.cn/news/1605100.html

相关文章:

  • FanControl终极指南:如何在Windows上实现智能风扇控制,告别噪音烦恼
  • 在线教程丨32K上下文一次解析数十页文档,百度开源Unlimited OCR,重构长文档复杂场景
  • LPDDR5 ZQ校准实战:从背景校准到命令模式的深度解析
  • 从DCB到OSB:北斗多频多系统硬件延迟改正的演进与实践
  • 更新int count变量,fill()函数中getInIfOpen().read(buffer, pos, buffer.length - pos)这行代码的返回值为8192,
  • D3KeyHelper终极指南:暗黑3智能游戏自动化与按键管理解决方案
  • 量子LDPC码波束搜索解码器:原理、优化与应用
  • BGP路由反射器实战:从反射簇设计到防环机制的部署与验证
  • 考验AI的“自我“-AI对《红楼梦》后40回的改写(29)
  • OV SSL证书一年费用多少?单域名、多域名和通配符价格怎么选
  • 信号链路——从采样电阻到电流数值
  • 从调试失败到上线交付:一位资深架构师的ChatGPT API Python集成手记(含企业级重试/降级/监控完整链路)
  • 口碑好的抗衰项目直销厂商
  • MSPM0 H-Series I2C模块深度解析:从控制器/目标模式到低功耗与DMA优化
  • 无法强制安装 pyinstaller-hooks-contrib
  • TAS5711数字音频放大器:从I2S到PWM的完整开发指南
  • Agent编排的核心挑战指令与内容分离剪贴板法则的实践与思考
  • 实战ModSecurity WAF:从DVWA靶场到自定义SQL注入防御规则
  • go 数字人Coze智能体
  • 卡梅德生物技术快报|羊驼纳米抗体文库筛选实操全流程:天然 / 合成文库构建与淘选参数汇总
  • AI数字人平台热门十三问|必火AI数字人全维度专业解答
  • 如何高效优化电子书阅读体验:Kindle Comic Converter的完整漫画转换方案
  • 从 0 开始学 Python:装好环境,写一下demo实例
  • GPU硬件故障排查终极指南:5分钟完成显卡内存稳定性检测
  • 收藏!小白程序员必看:如何将大模型Agent从Demo成功落地工程实践?
  • Lean 4实战指南:5个步骤掌握下一代定理证明编程语言
  • Vibe Coding:说人话就能做软件,超简单开发流程全讲明白
  • XSS防御实战:从同源策略到CSP的纵深安全体系构建
  • Kafka2.4-Windows安装教程
  • 02 状态(State)