[ PROMPT_NODE_24320 ]
Spectrum 配置说明
[ SKILL_DOCUMENTATION ]
## 源站类型
### 直接 IP 源站
适用于源站为具有静态 IP 的单台服务器的情况。
**TypeScript SDK:**
typescript
const app = await client.spectrum.apps.create({
zone_id: 'your-zone-id',
protocol: 'tcp/22',
dns: { type: 'CNAME', name: 'ssh.example.com' },
origin_direct: ['tcp://192.0.2.1:22'],
ip_firewall: true,
tls: 'off',
});
**Terraform:**
hcl
resource "cloudflare_spectrum_application" "ssh" {
zone_id = var.zone_id
protocol = "tcp/22"
dns {
type = "CNAME"
name = "ssh.example.com"
}
origin_direct = ["tcp://192.0.2.1:22"]
ip_firewall = true
tls = "off"
argo_smart_routing = true
}
### CNAME 源站
适用于源站为域名(非静态 IP)的情况。Spectrum 会动态解析 DNS。
**TypeScript SDK:**
typescript
const app = await client.spectrum.apps.create({
zone_id: 'your-zone-id',
protocol: 'tcp/3306',
dns: { type: 'CNAME', name: 'db.example.com' },
origin_dns: { name: 'db-primary.internal.example.com' },
origin_port: 3306,
tls: 'full',
});
**Terraform:**
hcl
resource "cloudflare_spectrum_application" "database" {
zone_id = var.zone_id
protocol = "tcp/3306"
dns {
type = "CNAME"
name = "db.example.com"
}
origin_dns {
name = "db-primary.internal.example.com"
}
origin_port = 3306
tls = "full"
argo_smart_routing = true
}
### 负载均衡器源站
用于高可用性和故障转移。
**Terraform:**
hcl
resource "cloudflare_load_balancer" "game_lb" {
zone_id = var.zone_id
name = "game-lb.example.com"
default_pool_ids = [cloudflare_load_balancer_pool.game_pool.id]
}
resource "cloudflare_load_balancer_pool" "game_pool" {
name = "game-primary"
origins { name = "game-1"; address = "192.0.2.1" }
monitor = cloudflare_load_balancer_monitor.tcp_monitor.id
}
resource "cloudflare_load_balancer_monitor" "tcp_monitor" {
type = "tcp"; port = 25565; interval = 60; timeout = 5
}
resource "cloudflare_spectrum_application" "game" {
zone_id = var.zone_id
protocol = "tcp/25565"
dns { type = "CNAME"; name = "game.example.com" }
origin_dns { name = cloudflare_load_balancer.game_lb.name }
origin_port = 25565
}
## TLS 配置
| 模式 | 描述 | 使用场景 | 源站证书 |
|------|-------------|----------|-------------|
| `off` | 无 TLS | 非加密 (SSH, 游戏) | 无 |
| `flexible` | 客户端→CF TLS,CF→源站明文 | 测试 | 无 |
| `full`
粤公网安备44030002003366号