k8s环境huise环境业务镜像同步到线上业务镜像平台

使用场景和原理:

在k8s中,我需要把huise测试完成的镜像发布到线上,为了快快快,所有直接替换镜像。我们环境huise镜像是私有仓库,线上是阿里云仓库所以需要先pull->tag->push-set image

代码仓库地址:imagesrync

当然我们也是介入了ldap的登录界面的如图:

k8s环境huise环境业务镜像同步到线上业务镜像平台_第1张图片

nginx接入ldap和部署业务配置:

server {
    listen 80;
    server_name test.images.com;
    return 301 https://$host$request_uri;
}

server {
    listen 443    ssl;
    server_name   test.images.com;
    access_log    /var/log/nginx/imagesync_access.log json;
    error_log     /var/log/nginx/imagesync_error.log;
    ssl_certificate     conf.d/dkcert/test.images.com.pem;
    ssl_certificate_key conf.d/dkcert/test.images.com.key;
    location /api/ {
         proxy_intercept_errors on;
         auth_request /auth-proxy;
    #     error_page 401 403 =200 /login;
         proxy_pass http://192.168.16.30:8082/;  #后端接口
    }
    location / {
         proxy_intercept_errors on;
         auth_request /auth-proxy;
         error_page 401 403 =200 /login;
         root conf/conf.d/images_tongbu_html/;  #前端文件
       # proxy_read_timeout 90;
    }


  #ldap配置
       location /login {  
        proxy_pass http://192.168.12.191:9000/login;
        proxy_set_header  X-Target  $request_uri;
}


  #ldap配置
         location = /auth-proxy {
          internal;
           proxy_pass http://192.168.12.191:8888;
           proxy_cache_key "$http_authorization$cookie_nginxauth";
           proxy_cache_valid 200 403 1m;
           proxy_pass_request_body  off;
           proxy_set_header Content-Length "";
           proxy_set_header X-Ldap-URL "ldap://192.168.14.58:389";
           proxy_set_header X-Ldap-BindDN "cn=admin,dc=shenhu,dc=com";
           proxy_set_header X-Ldap-BindPass "lzx123456";
           proxy_set_header X-Ldap-BaseDN "dc=shenhu,dc=com";
           proxy_set_header X-CookieName "nginxauth";
           proxy_set_header Cookie nginxauth=$cookie_nginxauth;
         }




}

nginx接入ldap可自行去配置


k8s环境huise环境业务镜像同步到线上业务镜像平台_第2张图片

k8s环境huise环境业务镜像同步到线上业务镜像平台_第3张图片

你可能感兴趣的:(k8s,kubernetes,https,ssl)