Today I moved my Proxmox behind an Kubernetes NGINX Ingress, I did that because I want a CORS, a Let's Encrypt Cert with a single Public IP and port 443.
The Service YAML
And the ingress yaml
The Service YAML
Code:
apiVersion: v1
kind: Service
metadata:
annotations:
field.cattle.io/ipAddresses: '["10.167.160.10"]'
name: pve01
namespace: my-pve-namespace
spec:
clusterIP: None
ports:
- name: pve
port: 8006
protocol: TCP
targetPort: 8006
sessionAffinity: None
type: ClusterIPAnd the ingress yaml
Code:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
ingress.kubernetes.io/configuration-snippet: "proxy_set_header Host $http_host;\nproxy_set_header
X-Real-IP $remote_addr;\nproxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
\ \nproxy_http_version 1.1;\nproxy_set_header Upgrade $http_upgrade;\nproxy_set_header
Connection $connection_upgrade; "
kubernetes.io/tls-acme: "true"
nginx.ingress.kubernetes.io/backend-protocol: HTTPS
nginx.ingress.kubernetes.io/cors-allow-headers: Authorization
nginx.ingress.kubernetes.io/cors-allow-methods: PUT, GET, POST, OPTIONS, DELETE
nginx.ingress.kubernetes.io/cors-allow-origin: "*"
nginx.ingress.kubernetes.io/enable-cors: "true"
nginx.ingress.kubernetes.io/proxy-body-size: "0"
nginx.ingress.kubernetes.io/server-snippet: |-
client_max_body_size 100G;
server_tokens off;
proxy_hide_header X-Powered-By;
generation: 2
managedFields:
name: pve01
namespace: my-pve-namespace
spec:
rules:
- host: pve01.mydomain.com
http:
paths:
- backend:
serviceName: pve01
servicePort: 8006
path: /
pathType: ImplementationSpecific
tls:
- hosts:
- pve01.mydomain.com
secretName: pve01-mycomain-com-tls
Last edited: