基於nginx -> traefik -> k8s的架構,某個應用需要支持商戶的大量任意自定義域名,咋整呢?咱公司k8s上的應用遇到這個場景,因此研究了下,有以下兩種方案:
方案1, 最直接粗暴但很lowB的方案,ingress中列出每個域名
# more ingress.yaml
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: zhanghao-custom
annotations:
kubernetes.io/ingress.class: traefik
spec:
rules:
- host: aa.xx.com
http:
paths:
- path: /service
backend:
serviceName: zhanghao-gateway-www
servicePort: http
- path: /
backend:
serviceName: zhanghao-web
servicePort: http
- host: bb.yy.com
http:
paths:
- path: /service
backend:
serviceName: zhanghao-gateway-www
servicePort: http
- path: /
backend:
serviceName: zhanghao-web
servicePort: http
每次新增域名,都要修改ingress,不能接受。
方法2:traefik新增entryPoint,ingress對該entryPoint下的請求通配
nginx控制非自定義域名走traefik_normal,自定義域名走zhanghao_custom
upstream traefik_normal {
server traefik_server1:80;
server traefik_server2:80;
}
upstream zhanghao_custom {
server traefik_server1:81;
server traefik_server2:81;
}
traefik默認所有請求是走entryPoints: http(80端口),爲自定義域名新增一個entryPoints: zhanghao-custom(81端口)
# more traefik.toml
defaultEntryPoints = ["http"]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.zhanghao-custom]
address = ":81"
ingress通過註解設置自定義域名走entryPoints: zhanghao-custom(81端口);不指定host,接受所有域名的請求;
增加自定義域名不需要動配置,一勞永逸
# more ingress.yaml
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: zhanghao-custom
annotations:
kubernetes.io/ingress.class: traefik
traefik.ingress.kubernetes.io/frontend-entry-points: zhanghao-custom
spec:
rules:
- http:
paths:
- path: /service
backend:
serviceName: zhanghao-gateway-www
servicePort: http
- path: /
backend:
serviceName: zhanghao-web
servicePort: http
traefik效果如下:
over!
