新增RustFs文档,修改了一些文件

网关/Ingress/其他/Ingress代理外部服务Teleport.md

@@ -0,0 +1,90 @@
+> 本文作者：丁辉
+>
+
+# Ingress代理外部服务Teleport
+
+## 准备
+
+修改 Teleport 服务为 HTTP 协议
+
+```yaml
+proxy_service:
+  enabled: "yes"
+  web_listen_addr: 0.0.0.0:9443
+  public_addr: teleport.example.com:443 # 对外访问地址
+# 删除如下内容
+  # https_keypairs:
+  # - key_file:
+    # cert_file:
+  # https_keypairs_reload_interval: 0s
+  # acme: {}
+```
+
+## 开启对外访问
+
+1. Endpoints 对接外部 Teleport
+
+   ```yaml
+   cat <<EOF | kubectl apply -f -
+   apiVersion: v1
+   kind: Endpoints
+   metadata:
+     name: teleport-proxy
+     namespace: teleport
+   subsets:
+     - addresses:
+         - ip: 127.0.0.1 # 修改为 Teleport 服务器访问地址
+       ports:
+         - port: 9443
+           protocol: TCP
+   ---
+   apiVersion: v1
+   kind: Service
+   metadata:
+     name: teleport-proxy
+     namespace: teleport
+   spec:
+     ports:
+       - port: 9443
+         targetPort: 9443
+     type: ClusterIP
+   EOF
+   ```
+
+2. 配置对外 Ingress
+
+   ```yaml
+   cat <<EOF | kubectl apply -f -
+   apiVersion: networking.k8s.io/v1
+   kind: Ingress
+   metadata:
+     name: teleport
+     namespace: teleport
+     annotations:
+       # 不限制文件上传大小
+       nginx.ingress.kubernetes.io/proxy-body-size: "0"
+       # 告诉Ingress后端是HTTP
+       nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
+     labels:
+       app: teleport
+   spec:
+     rules:
+       - host: teleport.example.com
+         http:
+           paths:
+             - pathType: Prefix
+               backend:
+                 service:
+                   name: teleport-proxy
+                   port:
+                     number: 9443
+               path: /
+     tls:
+       - hosts:
+         - teleport.example.com
+         secretName: teleport-tls
+   EOF
+   ```
+
+3. 访问即可
+