Using a custom nginx.conf on GKE

If you want to use a custom nginx.conf on Google Kubernetes Engine, prepare one by extending this sample nginx.conf. Here is a snippet of the configuration required by Cloud Endpoints:

http {  include /etc/nginx/mime.types;  server_tokens off;  client_max_body_size 32m;  upstream app_server {  server localhost:8081;  keepalive 128;  }  endpoints {  metadata_server;  }  server {  # Running port  listen 8080;  # Running ssl port  listen 443 ssl;  ssl_certificate /etc/nginx/ssl/nginx.crt;  ssl_certificate_key /etc/nginx/ssl/nginx.key;  # Logging to stdout enables better integration with Docker and GKE/Kubernetes.  access_log /dev/stdout;  location / {  # Begin Endpoints v2 Support  endpoints {  on;  # After ESP 1.7.0, "server_config" field is required.  # It has to be /etc/nginx/server_config.pb.txt exactly.  # If not present, some new features will not work.  server_config /etc/nginx/server_config.pb.txt;  # After ESP 1.7.0, "api" field is not required.  # If added, it has to be /etc/nginx/endpoints/service.json exactly.  # api /etc/nginx/endpoints/service.json;  # Uncomment the line below if you are not using Google Container Engine.  # The path should be set to the -k path specified in the ESP containers   # args section in the Kubernetes yaml config.  # google_authentication_secret /etc/nginx/creds/service-account-creds.json;  }  # End Endpoints v2 Support  proxy_pass http://app_server;  proxy_redirect off;  proxy_set_header Host $host;  proxy_set_header X-Real-IP $remote_addr;  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;  proxy_set_header X-Forwarded-Host $server_name;  proxy_set_header X-Google-Real-IP $remote_addr;  # 86400 seconds (24 hours) is the maximum a server is allowed.  proxy_send_timeout 86400s;  proxy_read_timeout 86400s;  }  include /var/lib/nginx/extra/*.conf;  }  server {  # expose /nginx_status but on a different port to avoid  # external visibility / conflicts with the app.  listen 8090;  location /nginx_status {  stub_status on;  access_log off;  }  location / {  root /dev/null;  }  } }

Now create a Kubernetes Configmap with your custom nginx.conf using kubectl:

kubectl create configmap nginx-config --from-file=nginx.conf

Edit the Kubernetes configuration file such as esp_echo_custom_config_gke.yaml and replace SERVICE_NAME with the name of your Endpoints service.

template:  metadata:  labels:  app: esp-echo  spec:  volumes:  - name: nginx-config  configMap:  name: nginx-config  - name: nginx-ssl  secret:  secretName: nginx-ssl  containers:  - name: esp  image: gcr.io/endpoints-release/endpoints-runtime:1  args: [  "-n", "/etc/nginx/custom/nginx.conf",  "-s", "SERVICE_NAME",  "--rollout_strategy", "managed",  ]  ports:  - containerPort: 8080  - containerPort: 443  volumeMounts:  - mountPath: /etc/nginx/ssl  name: nginx-ssl  readOnly: true  - mountPath: /etc/nginx/custom  name: nginx-config  readOnly: true  - name: echo   image: gcr.io/endpoints-release/echo:latest  ports:  - containerPort: 8081

Finally, start the service with the updated Kubernetes configuration file using kubectl.

kubectl create -f esp_echo_custom_config_gke.yaml

For more information on getting the Endpoints service name, see the following topics: