下面是配置traefik2.2爲k8s的ingress,也可以配置爲k8s的ingress route
rbac.yaml
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: traefik-ingress-controller
rules:
- apiGroups:
- ""
resources:
- services
- endpoints
- secrets
verbs:
- get
- list
- watch
- apiGroups:
- extensions
resources:
- ingresses
verbs:
- get
- list
- watch
- apiGroups:
- extensions
resources:
- ingresses/status
verbs:
- update
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: traefik-ingress-controller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: traefik-ingress-controller
subjects:
- kind: ServiceAccount
name: traefik-ingress-controller
namespace: traefik
deployment.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: traefik-ingress-controller
---
kind: Deployment
apiVersion: apps/v1
metadata:
name: traefik
labels:
app: traefik
spec:
replicas: 1
selector:
matchLabels:
app: traefik
template:
metadata:
labels:
app: traefik
spec:
serviceAccountName: traefik-ingress-controller
containers:
- name: traefik
image: traefik:v2.2
args:
- --log.level=DEBUG
- --api
- --api.insecure
- --accesslog
- --entrypoints.web.address=:80
- --providers.kubernetesingress=true # 配置爲kubernetes的ingress
- --providers.kubernetesingress.ingressclass=traefik-new02 # 如果有多個ingress的情況,一定要配置這個進行區分
ports:
- name: web
containerPort: 80
- name: admin
containerPort: 8080
---
apiVersion: v1
kind: Service
metadata:
name: traefik
spec:
type: NodePort
selector:
app: traefik
ports:
- protocol: TCP
port: 80
name: web
targetPort: 80
- protocol: TCP
port: 8080
name: admin
targetPort: 8080
部署:
kubectl apply -n traefik -f rbac.yaml
kubectl apply -n traefik -f deployment.yaml
上面的部署並沒有開啓ssl服務,如果需要配置,可以參考官方文檔
配置示例應用
example-dp.yaml
kind: Deployment
apiVersion: apps/v1
metadata:
name: whoami
labels:
app: containous
name: whoami
spec:
replicas: 2
selector:
matchLabels:
app: containous
task: whoami
template:
metadata:
labels:
app: containous
task: whoami
spec:
containers:
- name: containouswhoami
image: containous/whoami
ports:
- containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: whoami
spec:
ports:
- name: http
port: 80
selector:
app: containous
task: whoami
example-ingress.yaml
kind: Ingress
apiVersion: networking.k8s.io/v1beta1
metadata:
name: myingress
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: web # web這個對應80端口
kubernetes.io/ingress.class: "traefik-new02" # 要對應上
spec:
rules:
- host: test.example.com
http:
paths:
- path: /bar
backend:
serviceName: whoami
servicePort: 80
- path: /foo
backend:
serviceName: whoami
servicePort: 80
部署示例應用:
kubectl apply -n traefik example-dp.yaml
kubectl apply -n traefik example-ingress.yaml
部署完成後,查看
訪問dashboard
可以看到,服務已經跟新部署的traefik2.2關聯上了
參考:
https://docs.traefik.io/v2.2/routing/providers/kubernetes-ingress/
https://www.qikqiak.com/traefik-book/providers/kubernetes-ingress/