由于现在需要部署 nginx 的 Pod 服务,希望 nginx 配置文件里面有关 proxy_pass
的配置在启动服务前动态修改。但是由于 nginx 的配置文件不支持使用环境变量。网上找了好些方案,最终选择使用 envsubst
的方式改写 nginx 配置文件。
什么是 envsubst
envsubst
是一个非常好用的工具,尤其善于处理和环境变量相关的事务。
通常我们需要获取某一个或者几个环境去替换系统中的某些变量,这种情况下我们只需使用sed去简单的替换掉即可,在这种场景中,sed就可以满足我们的需求,但是如果我们需要修改的变量较多,而且不确定到底有哪些变量时,envsubst就排上了用场
envsubst 使用方法
envsubst 的使用方法如下:
original_file
为模板文件,destination_file
为使用变量后生成的目标文件1
envsubst < original_file > destination_file
envsubst 测试示例
假设我们需要将某个环境变量添加到脚本中,则我们只需要制作一个模板文件,然后只需要执行一行命令即可实现替换,如下
添加一个环境变量预设文件
env.txt
(也可以在命终端下执行如下两个命令),如下:1
2export V1=10
export V2=20再添加一个模板文件tpl.txt
1
2v1=$V1
v2=$V2执行以下命令
1
source env.txt && envsubst < tpl.txt > newfile.txt
envsubst 使用示例
构建 chainmaker-explorer-web 服务镜像
在 chainmaker-explorer-web 项目根目录创建 nginx 配置模板文件
default.template
文件,文件内容如下1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21server {
listen 1071;
root /usr/share/nginx/html;
index index.html;
location / {
try_files $try_files_uri $try_files_uri/ /index.html;
}
location /chainmaker {
proxy_pass http://${CHAINMAKER_EXPLORER_SERVER};
proxy_connect_timeout 60s;
proxy_send_timeout 60s;
proxy_read_timeout 60s;
proxy_set_header Host ${proxy_set_header_host};
proxy_set_header X-Real-IP ${proxy_set_header_remote_addr};
proxy_set_header X-Forwarded-For ${proxy_set_header_add_x_forwarded_for};
proxy_set_header X-Forwarded-Proto http;
}
}创建 Dockerfile
1
2
3
4
5
6FROM nginxinc/nginx-unprivileged:1.23
COPY --chown=nginx:nginx ./build /usr/share/nginx/html
COPY --chown=nginx:nginx ./default.template /etc/nginx/conf.d/default.template
EXPOSE 1071构建镜像
1
docker build -t 10.1.40.69/chainmaker/chainmaker-explorer-web:v2.2.1 .
使用 Deployment 部署服务
创建 Deployment 资源清单
chainmaker-explorer-web.yaml
文件,内容如下1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: chainmaker-explorer-web
project: chainmaker-explorer
tier: frontend
name: chainmaker-explorer-web
namespace: vchain-core-dev
spec:
replicas: 1
selector:
matchLabels:
app: chainmaker-explorer-web
project: chainmaker-explorer
tier: frontend
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
labels:
app: chainmaker-explorer-web
project: chainmaker-explorer
tier: frontend
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: groups
operator: In
values:
- chainmaker
- key: node-role.kubernetes.io/edge
operator: DoesNotExist
- key: node-role.kubernetes.io/agent
operator: DoesNotExist
tolerations:
- key: "groups"
operator: "Equal"
effect: "NoExecute"
value: "chainmaker"
imagePullSecrets:
- name: harbor-token
restartPolicy: Always
containers:
- image: 10.1.40.69/chainmaker/chainmaker-explorer-web:v2.2.1
imagePullPolicy: IfNotPresent
name: chainmaker-explorer-web
env:
- name: CHAINMAKER_EXPLORER_SERVER
value: "chainmaker-explorer-server.vchain-core-dev:9997"
- name: "try_files_uri"
value: "$uri"
- name: proxy_set_header_host
value: "$host"
- name: proxy_set_header_remote_addr
value: "$remote_addr"
- name: proxy_set_header_add_x_forwarded_for
value: "$proxy_add_x_forwarded_for"
ports:
- containerPort: 1071
name: tcp-1071
protocol: TCP
resources:
requests:
cpu: 100m
memory: 500Mi
limits:
cpu: 100m
memory: 500Mi
lifecycle:
postStart:
exec:
command:
- "/bin/bash"
- "-c"
- "envsubst < /etc/nginx/conf.d/default.template >/etc/nginx/conf.d/default.conf && nginx -s reload"
volumeMounts:
- name: host-time
readOnly: true
mountPath: /etc/localtime
volumes:
- name: host-time
hostPath:
path: /etc/localtime
securityContext:
runAsUser: 101
runAsGroup: 101
fsGroup: 101
fsGroupChangePolicy: Always创建 Deployment 资源对象
1
kubectl create -f chainmaker-explorer-web.yaml
查看服务的 Nginx 配置文件
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16# kubectl exec -it -n vchain-core-dev chainmaker-explorer-web-664f4b5f94-bhpwx -- cat /etc/nginx/conf.d/default.conf
server {
listen 1071;
root /usr/share/nginx/html;
index index.html;
location / {
try_files / /index.html;
}
location /chainmaker/ {
proxy_read_timeout 300;
proxy_pass http://chainmaker-explorer-server.vchain-core-dev:9997/chainmaker;
}
}