zoukankan      html  css  js  c++  java

  • ingress Whitelisting白名单机制

    Whitelisting

    To restrict the service in a way that only a list of IPs can access it, modify the ingress_rules.yaml to add the whitelist-source-range annotation:

    apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: ingress-rules
  namespace: default
  annotations:
    kubernetes.io/ingress.class: nginx
    nginx.ingress.kubernetes.io/whitelist-source-range: '192.168.65.3/32'
    nginx.ingress.kubernetes.io/rewrite-target: /
spec:
  tls:
  - hosts:
    - localhost
    secretName: tls-secret
  rules:
  - host: localhost
    http:
      paths:
      - path: /
        backend:
          serviceName: dni-function
          servicePort: 80

    and deploy:

    kubectl apply -f ./ingress_rules.yaml

    Feel free to try different ranges and understand how you can block or enable access to your service.

    实例配置:

    apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  annotations:
    nginx.ingress.kubernetes.io/service-weight: ''
    nginx.ingress.kubernetes.io/whitelist-source-range: 220.191.163.50
  creationTimestamp: '2019-08-22T03:13:22Z'
  generation: 1
  name: dev-operation.weifeng.com
  namespace: weifeng-test
  resourceVersion: '15672384'
  selfLink: >-
    /apis/extensions/v1beta1/namespaces/xitu-test/ingresses/dev-operation.xitu.com
  uid: cca4d52e-c48a-11e9-b6f0-00163e08f1b1
spec:
  rules:
    - host: dev-operation。weifeng.com
      http:
        paths:
          - backend:
              serviceName: dev-platform-nginx
              servicePort: 80
            path: /
status:
  loadBalancer:
    ingress:
      - ip: 10******.38

      

    设置白名单只允许 220.191.163.50 出网ip地址访问 
  • 相关阅读:
    5.Java 线程状态之 TIMED_WAITING
    3.Java 线程状态之 BLOCKED
    4.Java 线程状态之 WAITING
    2.Java 线程状态之 RUNNABLE
    1.关于Java的线程状态
    js注入,canvas截图
    node使用3
    node使用2
    node的使用1
    学习进度报告
  • 原文地址:https://www.cnblogs.com/weifeng1463/p/11401136.html
Copyright © 2011-2022 走看看