k8s配置ingress traefik2.2

下面是配置traefik2.2为k8s的ingress,也可以配置为k8s的ingress route
rbac.yaml

---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
  name: traefik-ingress-controller
rules:
  - apiGroups:
      - ""
    resources:
      - services
      - endpoints
      - secrets
    verbs:
      - get
      - list
      - watch
  - apiGroups:
      - extensions
    resources:
      - ingresses
    verbs:
      - get
      - list
      - watch
  - apiGroups:
      - extensions
    resources:
      - ingresses/status
    verbs:
      - update
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
  name: traefik-ingress-controller
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: traefik-ingress-controller
subjects:
  - kind: ServiceAccount
    name: traefik-ingress-controller
    namespace: traefik

deployment.yaml

apiVersion: v1
kind: ServiceAccount
metadata:
  name: traefik-ingress-controller
---
kind: Deployment
apiVersion: apps/v1
metadata:
  name: traefik
  labels:
    app: traefik
spec:
  replicas: 1
  selector:
    matchLabels:
      app: traefik
  template:
    metadata:
      labels:
        app: traefik
    spec:
      serviceAccountName: traefik-ingress-controller
      containers:
        - name: traefik
          image: traefik:v2.2
          args:
            - --log.level=DEBUG
            - --api
            - --api.insecure
            - --accesslog
            - --entrypoints.web.address=:80
            - --providers.kubernetesingress=true # 配置为kubernetes的ingress
            - --providers.kubernetesingress.ingressclass=traefik-new02 # 如果有多个ingress的情况,一定要配置这个进行区分
          ports:
            - name: web
              containerPort: 80
            - name: admin
              containerPort: 8080
---
apiVersion: v1
kind: Service
metadata:
  name: traefik
spec:
  type: NodePort
  selector:
    app: traefik
  ports:
    - protocol: TCP
      port: 80
      name: web
      targetPort: 80
    - protocol: TCP
      port: 8080
      name: admin
      targetPort: 8080

部署:

kubectl apply -n traefik -f rbac.yaml
kubectl apply -n traefik -f deployment.yaml

上面的部署并没有开启ssl服务,如果需要配置,可以参考官方文档
配置示例应用
example-dp.yaml

kind: Deployment
apiVersion: apps/v1
metadata:
  name: whoami
  labels:
    app: containous
    name: whoami
spec:
  replicas: 2
  selector:
    matchLabels:
      app: containous
      task: whoami
  template:
    metadata:
      labels:
        app: containous
        task: whoami
    spec:
      containers:
        - name: containouswhoami
          image: containous/whoami
          ports:
            - containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
  name: whoami
spec:
  ports:
    - name: http
      port: 80
  selector:
    app: containous
    task: whoami
example-ingress.yaml
kind: Ingress
apiVersion: networking.k8s.io/v1beta1
metadata:
  name: myingress
  annotations:
    traefik.ingress.kubernetes.io/router.entrypoints: web   # web这个对应80端口
    kubernetes.io/ingress.class: "traefik-new02"   # 要对应上
spec:
  rules:
    - host: test.example.com
      http:
        paths:
          - path: /bar
            backend:
              serviceName: whoami
              servicePort: 80
          - path: /foo
            backend:
              serviceName: whoami
              servicePort: 80

部署示例应用:
kubectl apply -n traefik example-dp.yaml
kubectl apply -n traefik example-ingress.yaml
部署完成后,查看
k8s配置ingress traefik2.2_第1张图片
访问dashboard
k8s配置ingress traefik2.2_第2张图片
k8s配置ingress traefik2.2_第3张图片
可以看到,服务已经跟新部署的traefik2.2关联上了

参考:
https://docs.traefik.io/v2.2/routing/providers/kubernetes-ingress/
https://www.qikqiak.com/traefik-book/providers/kubernetes-ingress/

你可能感兴趣的:(k8s)