236 lines
9.1 KiB
YAML
236 lines
9.1 KiB
YAML
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: nginx-mycelium-proxy
|
|
namespace: default
|
|
labels:
|
|
app: nginx-mycelium-proxy
|
|
role: reverse-proxy
|
|
network: mycelium-global
|
|
spec:
|
|
replicas: 3
|
|
selector:
|
|
matchLabels:
|
|
app: nginx-mycelium-proxy
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: nginx-mycelium-proxy
|
|
role: reverse-proxy
|
|
network: mycelium-global
|
|
spec:
|
|
# 🔑 Host network for direct Mycelium IPv6 access
|
|
hostNetwork: true
|
|
affinity:
|
|
podAntiAffinity:
|
|
requiredDuringSchedulingIgnoredDuringExecution:
|
|
- labelSelector:
|
|
matchExpressions:
|
|
- key: app
|
|
operator: In
|
|
values:
|
|
- nginx-mycelium-proxy
|
|
topologyKey: kubernetes.io/hostname
|
|
containers:
|
|
- name: nginx-proxy
|
|
image: nginx:alpine
|
|
ports:
|
|
# Different ports on different nodes to avoid conflicts
|
|
- containerPort: 8080
|
|
hostPort: 8080
|
|
- containerPort: 8081
|
|
hostPort: 8081
|
|
- containerPort: 8082
|
|
hostPort: 8082
|
|
volumeMounts:
|
|
- name: nginx-config
|
|
mountPath: /etc/nginx/nginx.conf
|
|
subPath: nginx.conf
|
|
- name: proxy-content
|
|
mountPath: /usr/share/nginx/html/index.html
|
|
subPath: index.html
|
|
resources:
|
|
requests:
|
|
memory: "32Mi"
|
|
cpu: "100m"
|
|
limits:
|
|
memory: "64Mi"
|
|
cpu: "200m"
|
|
livenessProbe:
|
|
httpGet:
|
|
path: /
|
|
port: 8080
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
readinessProbe:
|
|
httpGet:
|
|
path: /
|
|
port: 8080
|
|
initialDelaySeconds: 3
|
|
periodSeconds: 5
|
|
volumes:
|
|
- name: nginx-config
|
|
configMap:
|
|
name: nginx-proxy-config
|
|
- name: proxy-content
|
|
configMap:
|
|
name: nginx-proxy-content
|
|
---
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: nginx-proxy-config
|
|
namespace: default
|
|
data:
|
|
nginx.conf: |
|
|
events {
|
|
worker_connections 1024;
|
|
}
|
|
|
|
http {
|
|
upstream backend {
|
|
# Forward to the internal nginx-mycelium service
|
|
server nginx-mycelium.default.svc.cluster.local:80;
|
|
}
|
|
|
|
server {
|
|
listen 8080;
|
|
server_name _;
|
|
|
|
location / {
|
|
proxy_pass http://backend;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 8081;
|
|
server_name _;
|
|
|
|
location / {
|
|
proxy_pass http://backend;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 8082;
|
|
server_name _;
|
|
|
|
location / {
|
|
proxy_pass http://backend;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
}
|
|
}
|
|
}
|
|
---
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: nginx-proxy-content
|
|
namespace: default
|
|
data:
|
|
index.html: |
|
|
<!DOCTYPE html>
|
|
<html>
|
|
<head>
|
|
<title>🔄 Mycelium Reverse Proxy - Global Access</title>
|
|
<meta charset="UTF-8">
|
|
<style>
|
|
body { font-family: Arial, sans-serif; margin: 50px; background: #f0f0f0; }
|
|
.container { background: white; padding: 40px; border-radius: 10px; box-shadow: 0 2px 10px rgba(0,0,0,0.1); max-width: 900px; margin: 0 auto; }
|
|
h1 { color: #2c3e50; text-align: center; }
|
|
.success { background: #e8f4fd; padding: 20px; border-radius: 8px; border-left: 4px solid #3498db; margin: 20px 0; }
|
|
.proxy { background: #f1f3f4; padding: 20px; border-radius: 8px; border-left: 4px solid #5f6368; margin: 20px 0; }
|
|
.urls { background: #fff3cd; padding: 20px; border-radius: 8px; border-left: 4px solid #ffc107; margin: 20px 0; }
|
|
.test { background: #d4edda; padding: 20px; border-radius: 8px; border-left: 4px solid #28a745; margin: 20px 0; }
|
|
code { background: #f8f9fa; padding: 2px 4px; border-radius: 3px; font-size: 12px; }
|
|
pre { background: #f8f9fa; padding: 10px; border-radius: 4px; font-size: 12px; color: #333; overflow-x: auto; }
|
|
.architecture { background: #e7f3ff; padding: 20px; border-radius: 8px; margin: 20px 0; }
|
|
</style>
|
|
</head>
|
|
<body>
|
|
<div class="container">
|
|
<h1>🔄 Mycelium Reverse Proxy - Global Access</h1>
|
|
|
|
<div class="success">
|
|
<h2>✅ SUCCESS! True Global Mycelium Access via Reverse Proxy</h2>
|
|
<p><strong>This website demonstrates true global web hosting through Mycelium's IPv6 network!</strong></p>
|
|
<p>This reverse proxy approach provides the most elegant solution: direct access to your website from anywhere in the world via Mycelium IPv6, while maintaining full Kubernetes load balancing internally.</p>
|
|
</div>
|
|
|
|
<div class="proxy">
|
|
<h3>🔄 Reverse Proxy Architecture</h3>
|
|
<p>This deployment uses a <strong>reverse proxy pattern</strong> which is the professional way to expose internal services globally:</p>
|
|
<div class="architecture">
|
|
<h4>🌐 Traffic Flow:</h4>
|
|
<ol>
|
|
<li><strong>Global Client</strong> → Mycelium IPv6 + Port (8080/8081/8082)</li>
|
|
<li><strong>nginx Reverse Proxy</strong> → Receives request on host network</li>
|
|
<li><strong>Internal Forwarding</strong> → proxy_pass to nginx-mycelium.default.svc.cluster.local:80</li>
|
|
<li><strong>Kubernetes Load Balancer</strong> → Distributes to 3 nginx pods</li>
|
|
<li><strong>Response</strong> → Back through the same path to global client</li>
|
|
</ol>
|
|
</div>
|
|
<p><strong>Benefits:</strong> Clean separation, maintains load balancing, easy to scale, production-ready!</p>
|
|
</div>
|
|
|
|
<div class="urls">
|
|
<h3>🌐 Global Access URLs</h3>
|
|
<p><strong>Your website is now truly globally accessible via:</strong></p>
|
|
<div style="display: grid; grid-template-columns: 1fr 1fr; gap: 10px; font-size: 12px;">
|
|
<div>
|
|
<h4>Port 8080 (Node 1):</h4>
|
|
<ul>
|
|
<li><code>http://[51d:3596:6cc3:81e7:ff0f:d546:3737:4c8c]:8080</code></li>
|
|
<li><code>http://[476:c4f:b4cb:7205:ff0f:f56e:abea:6905]:8080</code></li>
|
|
</ul>
|
|
</div>
|
|
<div>
|
|
<h4>Port 8081 (Node 2):</h4>
|
|
<ul>
|
|
<li><code>http://[538:964a:a1e1:4057:ff0f:63c7:960b:7c27]:8081</code></li>
|
|
<li><code>http://[552:5984:2d97:72dc:ff0f:39ef:6ec:a48c]:8081</code></li>
|
|
</ul>
|
|
</div>
|
|
<div>
|
|
<h4>Port 8082 (Node 3):</h4>
|
|
<ul>
|
|
<li><code>http://[437:9faf:1f1a:e2b1:ff0f:1fd9:7fd5:1095]:8082</code></li>
|
|
<li><code>http://[5c3:a162:45ab:6c53:ff0f:8c55:36b0:24af]:8082</code></li>
|
|
</ul>
|
|
</div>
|
|
</div>
|
|
<p><em>Anyone with Mycelium can access your website from anywhere in the world!</em></p>
|
|
</div>
|
|
|
|
<div class="test">
|
|
<h3>🧪 Test Global Accessibility</h3>
|
|
<p>Test from any Mycelium client:</p>
|
|
<pre>curl -H "Cache-Control: no-cache" http://[51d:3596:6cc3:81e7:ff0f:d546:3737:4c8c]:8080</pre>
|
|
<p>Or test different ports to see load balancing:</p>
|
|
<pre>
|
|
curl http://[51d:3596:6cc3:81e7:ff0f:d546:3737:4c8c]:8080 # Node 1
|
|
curl http://[538:964a:a1e1:4057:ff0f:63c7:960b:7c27]:8081 # Node 2
|
|
curl http://[437:9faf:1f1a:e2b1:ff0f:1fd9:7fd5:1095]:8082 # Node 3
|
|
</pre>
|
|
</div>
|
|
|
|
<div style="text-align: center; margin-top: 30px; padding-top: 20px; border-top: 1px solid #dee2e6;">
|
|
<p>
|
|
<strong>Mycelium Cloud</strong> • Reverse Proxy Global Web Hosting<br>
|
|
<em>Professional Architecture • True Global Access • Load Balanced! 🌍</em>
|
|
</p>
|
|
</div>
|
|
</div>
|
|
</body>
|
|
</html> |