nginx ingress默认是支持websocket,不需要添加配置。如果websocket的端口与当前服务不一致,则需要在rules中配置对应的路径。具体本文不体现。
跨域主要配置有:
nginx.ingress.kubernetes.io/enable-cors 是否允许跨域
nginx.ingress.kubernetes.io/cors-allow-headers 允许的标头
nginx.ingress.kubernetes.io/cors-allow-methods 允许的请求方式
nginx.ingress.kubernetes.io/cors-allow-origin cors可接受的origin * 代表所有
nginx.ingress.kubernetes.io/cors-expose-headers 控制向响应公开哪些标头
nginx.ingress.kubernetes.io/cors-allow-credentials 控制在cors操作期间是否可以传递凭据 默认true
nginx.ingress.kubernetes.io/cors-max-age 请求的缓存时间 默认1728000
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: MyServicesApp
labels:
app: MyServicesApp
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/rewrite-target: /MyServicesApp/$1
nginx.ingress.kubernetes.io/enable-cors: "true"
nginx.ingress.kubernetes.io/cors-allow-credentials: 'false'
nginx.ingress.kubernetes.io/cors-allow-headers: X-CUSTOM-CODE,Upgrade,Connect,Sec-WebSocket-Extensions,Sec-WebSocket-Key,Sec-WebSocket-Version # 自定义的标头一定要加,*不包含自定义和WebSocket标头部分 ,(*,X-CUSTOM-CODE 这种方式测试未通过,不确定能不能行)
nginx.ingress.kubernetes.io/cors-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
nginx.ingress.kubernetes.io/cors-allow-origin: http://*.xxx.com # 注意(s)与*不要通用,例如:http(s)://*.xxx.com 不支持
nginx.ingress.kubernetes.io/cors-expose-headers: '*' # 默认为空
nginx.ingress.kubernetes.io/cors-max-age: '600'
spec:
rules:
- host: xxx.xxx.com
http:
paths:
- path: /MyServicesApp/(.*)
pathType: ImplementationSpecific
backend:
service:
name: MyServicesApp-svc
port:
number: 8080
