我的乐与怒

Life, thoughts, stories and ideas.

Ingress添加权限验证

生成密码文件 ~ htpasswd -c httpauth admin New password: Re-type new password: Adding password for user admin 添加密文 apiVersion: v1 kind: Secret metadata: name: httpauth data: auth: admin:$apr1$RjgQNPDx$e9htPYO4fELnCxOb07GIK0 配置 对你需要增加权限验证的INgress设置注释 nginx.ingress.kubernetes.io/auth-realm: '"Authentication Required - admin"' nginx.ingress.kubernetes.io/auth-secret: httpauth nginx.ingress.kubernetes.io/auth-type: basic INgress YAML如下 apiVersion: extensions/v1beta1 kind: Ingress metadata: annotations: field.cattle.io/creatorId: user-ng7cm field.cattle.io/ingressState: '{"Y29uc3VsL2xvY2FsL2NvbnN1bC5sb2NhbC5waGlsby5pbi8vaHR0cA==":""}' field.cattle.io/publicEndpoints: '[{"addresses":["10.10.0.31"],"port":80,"protocol":"HTTP","serviceName":"local:consul","ingressName":"local:consul","hostname":"consul.local.philo.in","allNodes":true}]' nginx.ingress.kubernetes.io/auth-realm: '"Authentication Required - admin"' nginx.ingress.kubernetes.io/auth-secret: httpauth nginx.ingress.kubernetes.io/auth-type: basic creationTimestamp: "2020-04-23T05:52:00Z" generation: 2 labels: cattle.io/creator: norman name: consul namespace: local resourceVersion: "1102762" selfLink: /apis/extensions/v1beta1/namespaces/local/ingresses/consul uid: a55e4299-2552-401b-91a8-a595fd3ff7e3 spec: rules: - host: consul.local.philo.in http: paths: - backend: serviceName: consul servicePort: http status: loadBalancer: ingress: - ip: 10.10.0.31 - ip: 10.10.0.32 - ip: 10.10.0.41 - ip:

Posted by Vincent on Thursday, April 30, 2020

Lets Encrypt 申请免费SSL证书

申请SSL docker run -it --rm -v /Users/vincentmi/cert:/etc/letsencrypt certbot/certbot certonly --manual --preferred-challenges dns 路径 SSL保存路径为 /Users/vincentmi/cert/live/philo.in NGINX 配置 server { listen 443 ssl http2; server_name *.dev.philo.in; ssl_certificate /Users/vincentmi/cert/live/philo.in/fullchain.pem; ssl_certificate_key /Users/vincentmi/cert/live/philo.in/privkey.pem; } 更新SSL docker run -it --rm -v /Users/vincentmi/cert:/etc/letsencrypt certbot/certbot renew

Posted by Vincent on Wednesday, April 8, 2020

Feign自定义配置

背景 微服务重构,使用Spring全家桶.JSON数据传输为了兼容接口规范对Feign进行了定制 启用Feign 加入Feign的Spring starter依赖 <dependency> <groupId>org.springframework.cloud</groupId> <artifactId>spring-cloud-starter-openfeign</artifactId> </dependency> Applicaiton中加上注解 @SpringBootApplication @EnableFeignClients public class Application { public static void main(String[] args) { SpringApplication.run(Application.class); } } 定义一个和使用客户端 package com.tourscool.passport; import org.springframework.cloud.openfeign.FeignClient; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RequestParam; @FeignClient(name="authorize" ,url="http://authorize.dev.philo.in/api/v1/",configuration = FeignConfiguration.class) public interface AuthorizeClient {

Posted by Vincent on Wednesday, March 25, 2020

avatar

In Code We Trust

公众号
avatar
InCodeWeTrust
标签
aframe andrew-ng arduino blockchain cgi consul docker eth ethereum evm feign flask golang hw java javascript jpa js k8s kubernetes linux mac machine-learning math mysql nginx op opentcv ops poco pptp python rd spring springboot ssl thymeleaf type vagrant vpn vue webrtc 技术文章 新浪博客 无聊 生活 生活记录 股票 运维
链接
书签