mirror of
https://github.com/bunkerity/bunkerized-nginx
synced 2023-12-13 21:30:18 +01:00
add missing cluster config for ui/k8s and start quickstart guide doc
This commit is contained in:
parent
aa3ce13a81
commit
78c2e16ead
2 changed files with 156 additions and 166 deletions
|
@ -22,98 +22,84 @@ You will find more settings about reverse proxy in the [settings section](/1.4/s
|
|||
|
||||
=== "Docker"
|
||||
|
||||
When using Docker integration, the easiest way of protecting an existing application is to create a network so BunkerWeb can send requests using the container name.
|
||||
When using Docker integration, the easiest way of protecting an existing application is to add the web service in the `bw-services` network :
|
||||
|
||||
Create the Docker network if it's not already created :
|
||||
```shell
|
||||
docker network create bw-net
|
||||
```
|
||||
|
||||
Then, instantiate your app :
|
||||
```shell
|
||||
docker run -d \
|
||||
--name myapp \
|
||||
--network bw-net \
|
||||
nginxdemos/hello:plain-text
|
||||
```
|
||||
|
||||
Create the BunkerWeb volume if it's not already created :
|
||||
```shell
|
||||
docker volume create bw-data
|
||||
```
|
||||
|
||||
You can now run BunkerWeb and configure it for your app :
|
||||
```shell
|
||||
docker run -d \
|
||||
--name mybunker \
|
||||
--network bw-net \
|
||||
-p 80:8080 \
|
||||
-p 443:8443 \
|
||||
-v bw-data:/data \
|
||||
-e SERVER_NAME=www.example.com \
|
||||
-e USE_REVERSE_PROXY=yes \
|
||||
-e REVERSE_PROXY_URL=/ \
|
||||
-e REVERSE_PROXY_HOST=http://myapp \
|
||||
bunkerity/bunkerweb:1.5.0-beta
|
||||
```
|
||||
|
||||
Here is the docker-compose equivalent :
|
||||
```yaml
|
||||
version: '3'
|
||||
version: "3.5"
|
||||
|
||||
services:
|
||||
|
||||
mybunker:
|
||||
myapp:
|
||||
image: tutum/hello-world
|
||||
networks:
|
||||
- bw-services
|
||||
|
||||
bunkerweb:
|
||||
image: bunkerity/bunkerweb:1.5.0-beta
|
||||
ports:
|
||||
- 80:8080
|
||||
- 443:8443
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
labels:
|
||||
- "bunkerweb.INSTANCE"
|
||||
environment:
|
||||
- SERVER_NAME=www.example.com
|
||||
- API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24
|
||||
- USE_REVERSE_PROXY=yes
|
||||
- REVERSE_PROXY_URL=/
|
||||
- REVERSE_PROXY_HOST=http://myapp
|
||||
networks:
|
||||
- bw-net
|
||||
- bw-universe
|
||||
- bw-services
|
||||
|
||||
myapp:
|
||||
image: nginxdemos/hello:plain-text
|
||||
bw-scheduler:
|
||||
image: bunkerity/bunkerweb-scheduler:1.5.0-beta
|
||||
depends_on:
|
||||
- bunkerweb
|
||||
- bw-docker
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
environment:
|
||||
- DOCKER_HOST=tcp://bw-docker:2375
|
||||
networks:
|
||||
- bw-net
|
||||
- bw-universe
|
||||
- bw-docker
|
||||
|
||||
bw-docker:
|
||||
image: tecnativa/docker-socket-proxy
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
volumes:
|
||||
bw-data:
|
||||
|
||||
networks:
|
||||
bw-net:
|
||||
name: bw-net
|
||||
bw-universe:
|
||||
name: bw-universe
|
||||
ipam:
|
||||
driver: default
|
||||
config:
|
||||
- subnet: 10.20.30.0/24
|
||||
bw-services:
|
||||
name: bw-services
|
||||
bw-docker:
|
||||
name: bw-docker
|
||||
|
||||
```
|
||||
|
||||
=== "Docker autoconf"
|
||||
|
||||
We will assume that you already have the [Docker autoconf integration](/1.4/integrations/#docker-autoconf) stack running on your machine and connected to a network called bw-services.
|
||||
We will assume that you already have the [Docker autoconf integration](/1.4/integrations/#docker-autoconf) stack running on your machine and connected to a network called `bw-services` so you can connect your existing application and configure BunkerWeb with labels :
|
||||
|
||||
You can instantiate your container and pass the settings as labels :
|
||||
```shell
|
||||
docker run -d \
|
||||
--name myapp \
|
||||
--network bw-services \
|
||||
-l bunkerweb.SERVER_NAME=www.example.com \
|
||||
-l bunkerweb.USE_REVERSE_PROXY=yes \
|
||||
-l bunkerweb.USE_REVERSE_URL=/ \
|
||||
-l bunkerweb.REVERSE_PROXY_HOST=http://myapp \
|
||||
nginxdemos/hello:plain-text
|
||||
```
|
||||
|
||||
Here is the docker-compose equivalent :
|
||||
```yaml
|
||||
version: '3'
|
||||
version: '3.5'
|
||||
|
||||
services:
|
||||
|
||||
myapp:
|
||||
image: nginxdemos/hello:plain-text
|
||||
image: tutum/hello-world
|
||||
networks:
|
||||
bw-services:
|
||||
aliases:
|
||||
|
@ -132,27 +118,12 @@ You will find more settings about reverse proxy in the [settings section](/1.4/s
|
|||
|
||||
=== "Swarm"
|
||||
|
||||
We will assume that you already have the [Swarm integration](/1.4/integrations/#swarm) stack running on your cluster.
|
||||
We will assume that you already have the [Swarm integration](/1.4/integrations/#swarm) stack running on your cluster and connected to a network called `bw-services` so you can connect your existing application and configure BunkerWeb with labels :
|
||||
|
||||
You can instantiate your service and pass the settings as labels :
|
||||
```shell
|
||||
docker service \
|
||||
create \
|
||||
--name myapp \
|
||||
--network bw-services \
|
||||
-l bunkerweb.SERVER_NAME=www.example.com \
|
||||
-l bunkerweb.USE_REVERSE_PROXY=yes \
|
||||
-l bunkerweb.REVERSE_PROXY_HOST=http://myapp \
|
||||
-l bunkerweb.REVERSE_PROXY_URL=/ \
|
||||
nginxdemos/hello:plain-text
|
||||
```
|
||||
|
||||
Here is the docker-compose equivalent (using `docker stack deploy`) :
|
||||
```yaml
|
||||
version: "3"
|
||||
|
||||
services:
|
||||
|
||||
myapp:
|
||||
image: nginxdemos/hello:plain-text
|
||||
networks:
|
||||
|
@ -180,6 +151,7 @@ You will find more settings about reverse proxy in the [settings section](/1.4/s
|
|||
We will assume that you already have the [Kubernetes integration](/1.4/integrations/#kubernetes) stack running on your cluster.
|
||||
|
||||
Let's assume that you have a typical Deployment with a Service to access the web application from within the cluster :
|
||||
|
||||
```yaml
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
|
@ -199,7 +171,7 @@ You will find more settings about reverse proxy in the [settings section](/1.4/s
|
|||
spec:
|
||||
containers:
|
||||
- name: app
|
||||
image: nginxdemos/hello:plain-text
|
||||
image: tutum/hello-world
|
||||
ports:
|
||||
- containerPort: 80
|
||||
---
|
||||
|
@ -217,13 +189,14 @@ You will find more settings about reverse proxy in the [settings section](/1.4/s
|
|||
```
|
||||
|
||||
Here is the corresponding Ingress definition to serve and protect the web application :
|
||||
|
||||
```yaml
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: ingress
|
||||
annotations:
|
||||
bunkerweb.io/AUTOCONF: "yes"
|
||||
bunkerweb.io/DUMMY_SETTING: "value"
|
||||
spec:
|
||||
rules:
|
||||
- host: www.example.com
|
||||
|
@ -243,32 +216,37 @@ You will find more settings about reverse proxy in the [settings section](/1.4/s
|
|||
We will assume that you already have the [Linux integration](/1.4/integrations/#linux) stack running on your machine.
|
||||
|
||||
The following command will run a basic HTTP server on the port 8000 and deliver the files in the current directory :
|
||||
|
||||
```shell
|
||||
python3 -m http.server -b 127.0.0.1
|
||||
```
|
||||
|
||||
Configuration of BunkerWeb is done by editing the `/etc/bunkerweb/variables.env` file :
|
||||
|
||||
```conf
|
||||
SERVER_NAME=www.example.com
|
||||
HTTP_PORT=80
|
||||
HTTPS_PORT=443
|
||||
DNS_RESOLVERS=8.8.8.8 8.8.4.4
|
||||
SERVER_NAME=www.example.com
|
||||
USE_REVERSE_PROXY=yes
|
||||
REVERSE_PROXY_URL=/
|
||||
REVERSE_PROXY_HOST=http://127.0.0.1:8000
|
||||
```
|
||||
|
||||
Let's check the status of BunkerWeb :
|
||||
|
||||
```shell
|
||||
systemctl status bunkerweb
|
||||
```
|
||||
|
||||
If it's already running, we can restart it :
|
||||
|
||||
```shell
|
||||
systemctl restart bunkerweb
|
||||
```
|
||||
|
||||
Otherwise, we will need to start it :
|
||||
|
||||
```shell
|
||||
systemctl start bunkerweb
|
||||
```
|
||||
|
@ -278,28 +256,32 @@ You will find more settings about reverse proxy in the [settings section](/1.4/s
|
|||
We will assume that you already have a service running and you want to use BunkerWeb as a reverse-proxy.
|
||||
|
||||
The following command will run a basic HTTP server on the port 8000 and deliver the files in the current directory :
|
||||
|
||||
```shell
|
||||
python3 -m http.server -b 127.0.0.1
|
||||
```
|
||||
|
||||
Content of the `my_variables.env` configuration file :
|
||||
|
||||
```conf
|
||||
SERVER_NAME=www.example.com
|
||||
HTTP_PORT=80
|
||||
HTTPS_PORT=443
|
||||
DNS_RESOLVERS=8.8.8.8 8.8.4.4
|
||||
SERVER_NAME=www.example.com
|
||||
USE_REVERSE_PROXY=yes
|
||||
REVERSE_PROXY_URL=/
|
||||
REVERSE_PROXY_HOST=http://127.0.0.1:8000
|
||||
```
|
||||
|
||||
In your Ansible inventory, you can use the `variables_env` variable to set the path of configuration file :
|
||||
|
||||
```yaml
|
||||
[mybunkers]
|
||||
192.168.0.42 variables_env="{{ playbook_dir }}/my_variables.env"
|
||||
```
|
||||
|
||||
Or alternatively, in your playbook file :
|
||||
|
||||
```yaml
|
||||
- hosts: all
|
||||
become: true
|
||||
|
@ -310,6 +292,7 @@ You will find more settings about reverse proxy in the [settings section](/1.4/s
|
|||
```
|
||||
|
||||
You can now run the playbook :
|
||||
|
||||
```shell
|
||||
ansible-playbook -i inventory.yml playbook.yml
|
||||
```
|
||||
|
@ -319,6 +302,7 @@ You will find more settings about reverse proxy in the [settings section](/1.4/s
|
|||
We will assume that you already have the [Vagrant integration](/1.4/integrations/#vagrant) stack running on your machine.
|
||||
|
||||
The following command will run a basic HTTP server on the port 8000 and deliver the files in the current directory :
|
||||
|
||||
```shell
|
||||
python3 -m http.server -b 127.0.0.1
|
||||
```
|
||||
|
@ -326,6 +310,7 @@ You will find more settings about reverse proxy in the [settings section](/1.4/s
|
|||
Configuration of BunkerWeb is done by editing the `/etc/bunkerweb/variables.env` file.
|
||||
|
||||
Connect to your vagrant machine :
|
||||
|
||||
```shell
|
||||
vagrant ssh
|
||||
```
|
||||
|
@ -342,21 +327,24 @@ You will find more settings about reverse proxy in the [settings section](/1.4/s
|
|||
REVERSE_PROXY_HOST=http://127.0.0.1:8000
|
||||
```
|
||||
|
||||
Let's check the status of BunkerWeb :
|
||||
|
||||
```shell
|
||||
systemctl status bunkerweb
|
||||
```
|
||||
|
||||
If it's already running we can restart it :
|
||||
|
||||
```shell
|
||||
systemctl restart bunkerweb
|
||||
```
|
||||
|
||||
Otherwise, we will need to start it :
|
||||
|
||||
```shell
|
||||
systemctl start bunkerweb
|
||||
```
|
||||
|
||||
Let's check the status of BunkerWeb :
|
||||
```shell
|
||||
systemctl status bunkerweb
|
||||
```
|
||||
|
||||
### Multiple applications
|
||||
|
||||
!!! tip "Testing"
|
||||
|
|
|
@ -51,6 +51,7 @@ from io import BytesIO
|
|||
from json import JSONDecodeError, dumps, load as json_load
|
||||
from jinja2 import Template
|
||||
from kubernetes import client as kube_client
|
||||
from kubernetes import config as kube_config
|
||||
from kubernetes.client.exceptions import ApiException as kube_ApiException
|
||||
from os import _exit, getenv, getpid, listdir
|
||||
from re import match as re_match
|
||||
|
@ -180,6 +181,7 @@ if integration in ("Docker", "Swarm", "Autoconf"):
|
|||
except (docker_APIError, DockerException):
|
||||
logger.warning("No docker host found")
|
||||
elif integration == "Kubernetes":
|
||||
kube_config.load_incluster_config()
|
||||
kubernetes_client = kube_client.CoreV1Api()
|
||||
|
||||
db = Database(logger)
|
||||
|
|
Loading…
Reference in a new issue