From 38f24fcf9c437958b716ba7fe4ca77a11263e2bb Mon Sep 17 00:00:00 2001 From: wz Date: Thu, 8 Jan 2026 02:56:11 +0700 Subject: [PATCH] 1 --- base/basic-auth/http-basic-auth.yaml | 5 +- gp2523/ingress-admin.yaml | 76 +++++++++++++++++++ gp2523/kustomization.yaml | 1 + gp2524/ingress-admin.yaml | 76 +++++++++++++++++++ gp2524/kustomization.yaml | 1 + ...{admin-ingress.yaml => ingress-admin.yaml} | 6 +- gp2525/kustomization.yaml | 1 + 7 files changed, 160 insertions(+), 6 deletions(-) create mode 100644 gp2523/ingress-admin.yaml create mode 100644 gp2524/ingress-admin.yaml rename gp2525/{admin-ingress.yaml => ingress-admin.yaml} (94%) diff --git a/base/basic-auth/http-basic-auth.yaml b/base/basic-auth/http-basic-auth.yaml index aaf972d..e4fd97b 100644 --- a/base/basic-auth/http-basic-auth.yaml +++ b/base/basic-auth/http-basic-auth.yaml @@ -4,6 +4,5 @@ metadata: name: basic-auth type: Opaque data: - auth: dXNlcjokYXByMSRPU0JHSXpFbCRFemNTTGk1QkJWVGFBQlhMODlNaXkvCg== -# This is a base64 encoded string of the format "user:$apr1$OSBGIzEl$EzcSLi5BBVTaABXL89Miy/". -# password: FVhxOBuqXK800gdmIq \ No newline at end of file + auth: YWRtaW46JGFwcjEkc1hKSE1BdXIkQlE1MU1jRm5NWVA1WjFRZk13NXZyMA== +# user: admin, password: 88888888 \ No newline at end of file diff --git a/gp2523/ingress-admin.yaml b/gp2523/ingress-admin.yaml new file mode 100644 index 0000000..999d706 --- /dev/null +++ b/gp2523/ingress-admin.yaml @@ -0,0 +1,76 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: gp-ingress + annotations: + kubernetes.io/ingress.class: "nginx" + nginx.ingress.kubernetes.io/proxy-body-size: "10m" + nginx.ingress.kubernetes.io/use-forwarded-headers: "true" +# nginx.ingress.kubernetes.io/auth-tls-secret: "gp2523/ca-secret" +# nginx.ingress.kubernetes.io/auth-tls-verify-client: "on" +# nginx.ingress.kubernetes.io/auth-tls-verify-depth: "2" +# nginx.ingress.kubernetes.io/auth-tls-pass-certificate-to-upstream: "true" +# nginx.ingress.kubernetes.io/ssl-redirect: "true" +# nginx.ingress.kubernetes.io/force-ssl-redirect: "true" +# nginx.ingress.kubernetes.io/auth-type: "basic" +# nginx.ingress.kubernetes.io/auth-secret: "basic-auth" +# nginx.ingress.kubernetes.io/auth-realm: "Authentication Required" +spec: + tls: + - hosts: + - api-g2523.qq.com + - h5-g2523.qq.com + - down-g2523.qq.com + secretName: tls-secret + rules: + - host: api-g2523.qq.com + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: stock2-java-api-service + port: + number: 80 + - path: /api/market + pathType: Prefix + backend: + service: + name: haproxy-service + port: + number: 8188 + - host: h5-g2523.qq.com + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: stock2-web-h5-service + port: + number: 80 + - path: /api + pathType: Prefix + backend: + service: + name: stock2-java-api-service + port: + number: 80 + - path: /api/market + pathType: Prefix + backend: + service: + name: haproxy-service + port: + number: 8188 + - host: down-g2523.qq.com + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: download-cos-proxy-service + port: + number: 80 \ No newline at end of file diff --git a/gp2523/kustomization.yaml b/gp2523/kustomization.yaml index 1803f3e..6124baa 100644 --- a/gp2523/kustomization.yaml +++ b/gp2523/kustomization.yaml @@ -15,6 +15,7 @@ resources: - ../base/basic-auth - ../base/haproxy - ingress.yaml + - ingress-admin.yaml configMapGenerator: - name: mysql-configmap diff --git a/gp2524/ingress-admin.yaml b/gp2524/ingress-admin.yaml new file mode 100644 index 0000000..ce1c602 --- /dev/null +++ b/gp2524/ingress-admin.yaml @@ -0,0 +1,76 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: gp-ingress + annotations: + kubernetes.io/ingress.class: "nginx" + nginx.ingress.kubernetes.io/proxy-body-size: "10m" + nginx.ingress.kubernetes.io/use-forwarded-headers: "true" +# nginx.ingress.kubernetes.io/auth-tls-secret: "gp2524/ca-secret" +# nginx.ingress.kubernetes.io/auth-tls-verify-client: "on" +# nginx.ingress.kubernetes.io/auth-tls-verify-depth: "2" +# nginx.ingress.kubernetes.io/auth-tls-pass-certificate-to-upstream: "true" +# nginx.ingress.kubernetes.io/ssl-redirect: "true" +# nginx.ingress.kubernetes.io/force-ssl-redirect: "true" +# nginx.ingress.kubernetes.io/auth-type: "basic" +# nginx.ingress.kubernetes.io/auth-secret: "basic-auth" +# nginx.ingress.kubernetes.io/auth-realm: "Authentication Required" +spec: + tls: + - hosts: + - api-g2524.qq.com + - h5-g2524.qq.com + - down-g2524.qq.com + secretName: tls-secret + rules: + - host: api-g2524.qq.com + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: stock2-java-api-service + port: + number: 80 + - path: /api/market + pathType: Prefix + backend: + service: + name: haproxy-service + port: + number: 8188 + - host: h5-g2524.qq.com + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: stock2-web-h5-service + port: + number: 80 + - path: /api + pathType: Prefix + backend: + service: + name: stock2-java-api-service + port: + number: 80 + - path: /api/market + pathType: Prefix + backend: + service: + name: haproxy-service + port: + number: 8188 + - host: down-g2524.qq.com + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: download-cos-proxy-service + port: + number: 80 \ No newline at end of file diff --git a/gp2524/kustomization.yaml b/gp2524/kustomization.yaml index 689f9b1..e7a9b20 100644 --- a/gp2524/kustomization.yaml +++ b/gp2524/kustomization.yaml @@ -15,6 +15,7 @@ resources: - ../base/basic-auth - ../base/haproxy - ingress.yaml + - ingress-admin.yaml configMapGenerator: - name: mysql-configmap diff --git a/gp2525/admin-ingress.yaml b/gp2525/ingress-admin.yaml similarity index 94% rename from gp2525/admin-ingress.yaml rename to gp2525/ingress-admin.yaml index 7aad726..ca682dd 100644 --- a/gp2525/admin-ingress.yaml +++ b/gp2525/ingress-admin.yaml @@ -12,9 +12,9 @@ metadata: # nginx.ingress.kubernetes.io/auth-tls-pass-certificate-to-upstream: "true" # nginx.ingress.kubernetes.io/ssl-redirect: "true" # nginx.ingress.kubernetes.io/force-ssl-redirect: "true" -# nginx.ingress.kubernetes.io/auth-type: "basic" -# nginx.ingress.kubernetes.io/auth-secret: "basic-auth" -# nginx.ingress.kubernetes.io/auth-realm: "Authentication Required" + nginx.ingress.kubernetes.io/auth-type: "basic" + nginx.ingress.kubernetes.io/auth-secret: "basic-auth" + nginx.ingress.kubernetes.io/auth-realm: "Authentication Required" spec: tls: - hosts: diff --git a/gp2525/kustomization.yaml b/gp2525/kustomization.yaml index 25b72fa..56b4f2f 100644 --- a/gp2525/kustomization.yaml +++ b/gp2525/kustomization.yaml @@ -15,6 +15,7 @@ resources: - ../base/basic-auth - ../base/haproxy - ingress.yaml + - ingress-admin.yaml configMapGenerator: - name: mysql-configmap