kubernetes - 本地主机的 Kubernetes Traefik 入口规则
问题描述
我正在尝试将 traefik 仪表板连接到 localhost。我下面的清单将显示 localhost:port 但我只收到 404 错误。现在确定如何将入口设置为在本地工作。基本代码设置为在 AWS NLB 上运行,我正在尝试将其设置为在本地运行。下面的清单包含 traefik Kubernetes 安装的部署和服务。
apiVersion: v1
kind: Namespace
metadata:
name: traefik
---
kind: Deployment
apiVersion: apps/v1
metadata:
name: traefik-ingress-lb
namespace: kube-system
labels:
k8s-app: traefik-ingress-lb
spec:
replicas: 1
selector:
matchLabels:
k8s-app: traefik-ingress-lb
template:
metadata:
labels:
k8s-app: traefik-ingress-lb
name: traefik-ingress-lb
spec:
# hostNetwork: true
serviceAccountName: traefik-ingress-lb
terminationGracePeriodSeconds: 60
containers:
- image: traefik:v2.5
imagePullPolicy: IfNotPresent
name: traefik-ingress-lb
args:
- --serversTransport.insecureSkipVerify=true
- --providers.kubernetesingress=true
- --providers.kubernetescrd
- --entryPoints.traefik.address=:1080
- --entryPoints.https.address=:443
- --entrypoints.https.http.tls=true
- --entryPoints.https.forwardedHeaders.insecure=true
- --entryPoints.https2.address=:4443
- --entrypoints.https2.http.tls=true
- --entryPoints.https2.forwardedHeaders.insecure=true
- --entryPoints.turn.address=:5349
- --entrypoints.turn.http.tls=true
- --entryPoints.turn.forwardedHeaders.insecure=true
- --api
- --api.insecure
- --accesslog
- --log.level=INFO
- --pilot.dashboard=false
- --entryPoints.http.address=:80
- --entrypoints.http.http.redirections.entryPoint.to=https
- --entrypoints.http.http.redirections.entryPoint.scheme=https
- --entrypoints.http.http.redirections.entrypoint.permanent=true
resources:
limits:
memory: 3072Mi
cpu: 1.5
requests:
memory: 1024Mi
cpu: 1
---
apiVersion: v1
kind: Service
metadata:
name: lb
namespace: kube-system
annotations:
spec:
type: LoadBalancer
externalTrafficPolicy: Local
selector:
k8s-app: traefik-ingress-lb
ports:
- name: http
port: 80
targetPort: 80
- name: https
port: 443
targetPort: 443
- name: https2
port: 4443
targetPort: 4443
- name: turn
port: 5349
targetPort: 5349
---
apiVersion: v1
kind: Service
metadata:
name: dashboard
namespace: traefik
spec:
selector:
k8s-app: traefik-ingress-lb
ports:
- name: dashboard
port: 1080
targetPort: 1080
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: traefik
namespace: kube-system
# annotations:
# ingress.kubernetes.io/whitelist-x-forwarded-for: "true"
spec:
entryPoints:
- https
# - web
routes:
- kind: Rule
match: "PathPrefix(`/api`) || PathPrefix(`/dashboard`)"
# middlewares:
# - name: internal-ip-whitelist
# namespace: traefik
services:
- kind: Service
name: dashboard
namespace: kube-system
passHostHeader: true
port: 1080
,,,
解决方案
您的 IngressRoute 指向命名空间“kube-system”中的仪表板服务,但 traefik 仪表板服务部署在命名空间“traefik”中。因此该路线不起作用,导致 traefik 中的 404。
推荐阅读
- python - 如何使用在同一网络上的 PC 上运行的另一个 Python 脚本在 RPi 上执行一段代码或 Python 脚本?
- javascript - 从 html 文件中的 js 文件更新变量
- c# - 遍历嵌套列表
- c# - 如果不手动运行 commit 命令,则无法查看数据库中的更改
- java - graphQL api 请求突然停止工作
- kubernetes - 如何向 kubelet 添加标志
- javascript - 如何将数据目标用于不同的组件?
- vue.js - 强制使用旧版本的 vuejs devtools 或下载旧版本
- ios - 我如何以团队成员的身份提交 TestFlight 构建
- mysql - 我的目标是合并这两个查询。我在以单独的方式执行时存在差异