Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/ssl/3.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181

Warning: file_get_contents(/data/phpspider/zhask/data//catemap/1/cassandra/3.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Ssl 使用kubernetes nginx入口反向代理具有SNI支持的站点_Ssl_Nginx_Kubernetes_Nginx Ingress - Fatal编程技术网
Fatal编程技术网
  • ssl/
  • Ssl 使用kubernetes nginx入口反向代理具有SNI支持的站点

Ssl 使用kubernetes nginx入口反向代理具有SNI支持的站点

ssl nginx kubernetes

Ssl 使用kubernetes nginx入口反向代理具有SNI支持的站点,ssl,nginx,kubernetes,nginx-ingress,Ssl,Nginx,Kubernetes,Nginx Ingress,我正在使用kubernetes nginx ingress设置反向代理,但我不知道如何将nginx参数添加到配置中,特别是:。如何在yaml配置中设置入口参数 我已经尝试过使用注释,但它似乎没有将参数添加到集群pods中的nginx.conf文件中 以下是反向代理的当前代码: kind: Service apiVersion: v1 metadata: name: formstack namespace: serves spec: type: ExternalName exter

我正在使用kubernetes nginx ingress设置反向代理,但我不知道如何将nginx参数添加到配置中,特别是:。如何在yaml配置中设置入口参数

我已经尝试过使用注释,但它似乎没有将参数添加到集群pods中的nginx.conf文件中

以下是反向代理的当前代码:

kind: Service
apiVersion: v1
metadata:
  name: formstack
  namespace: serves
spec:
  type: ExternalName
  externalName: fluidsignal.formstack.com
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: formstack
  namespace: serves
  annotations:
    kubernetes.io/ingress.class: nginx
    nginx.ingress.kubernetes.io/upstream-vhost: "fluidsignal.formstack.com"
    nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
spec:
  tls:
  - hosts:
    - fluidattacks.com
    secretName: fluidattacks-cert
  rules:
  - host: fluidattacks.com
    http:
      paths:
      - backend:
          serviceName: formstack
          servicePort: 443
        path: /forms(.*)
在设置代理之后,我从Nginx得到一个
502坏网关
错误。在查看pods日志后,我发现我得到了以下openssl错误:
SSL:error:14094410:SSL例程:ssl3\u read\u字节:sslv3警报握手失败:SSL警报编号40
,这就是我想添加前面提到的参数的原因。

我刚刚发现我确实使用了正确的注释:
nginx.ingres.kubernetes.io/server snippet

但是我需要添加一个额外的参数:
proxy\u ssl\u name

添加以下代码修复了该问题:

nginx.ingress.kubernetes.io/server-snippet: |
  proxy_ssl_name fluidsignal.formstack.com;
  proxy_ssl_server_name on;
现在一切似乎都很好:D