這篇文章給大家分享的是有關(guān)Kubernetes中如何部署Traefik Ingress的內(nèi)容。小編覺得挺實(shí)用的,因此分享給大家做個(gè)參考,一起跟隨小編過來看看吧。
創(chuàng)新互聯(lián)-專業(yè)網(wǎng)站定制、快速模板網(wǎng)站建設(shè)、高性價(jià)比麻章網(wǎng)站開發(fā)、企業(yè)建站全套包干低至880元,成熟完善的模板庫(kù),直接使用。一站式麻章網(wǎng)站制作公司更省心,省錢,快速模板網(wǎng)站建設(shè)找我們,業(yè)務(wù)覆蓋麻章地區(qū)。費(fèi)用合理售后完善,十年實(shí)體公司更值得信賴。
一:前言
1.到目前為止 Kubernetes 暴露服務(wù)的有三種方式,分別為 LoadBlancer Service、NodePort Service、Ingress。官網(wǎng)對(duì) Ingress 的定義為管理對(duì)外服務(wù)到集群內(nèi)服務(wù)之間規(guī)則的集合,通俗點(diǎn)講就是它定義規(guī)則來允許進(jìn)入集群的請(qǐng)求被轉(zhuǎn)發(fā)到集群中對(duì)應(yīng)服務(wù)上,從來實(shí)現(xiàn)服務(wù)暴漏。 Ingress 能把集群內(nèi) Service 配置成外網(wǎng)能夠訪問的 URL,流量負(fù)載均衡,終止SSL,提供基于域名訪問的虛擬主機(jī)等等
LoadBlancer Service:LoadBlancer Service 是 Kubernetes 結(jié)合云平臺(tái)的組件,如國(guó)外 GCE、AWS、國(guó)內(nèi)阿里云等等,使用它向底層云平臺(tái)申請(qǐng)創(chuàng)建負(fù)載均衡器來實(shí)現(xiàn),有局限性,對(duì)于使用云平臺(tái)的集群比較方便。
NodePort Service: NodePort Service 是通過在節(jié)點(diǎn)上暴漏端口,然后通過將端口映射到具體某個(gè)服務(wù)上來實(shí)現(xiàn)服務(wù)暴漏,比較直觀方便,但是對(duì)于集群來說,隨著 Service 的不斷增加,需要的端口越來越多,很容易出現(xiàn)端口沖突,而且不容易管理。當(dāng)然對(duì)于小規(guī)模的集群服務(wù),還是比較不錯(cuò)的。
Ingress: Ingress 使用開源的反向代理負(fù)載均衡器來實(shí)現(xiàn)對(duì)外暴漏服務(wù),比如 Nginx、Apache、Haproxy等。
2.traefik 是一個(gè)前端負(fù)載均衡器,對(duì)于微服務(wù)架構(gòu)尤其是 kubernetes 等編排工具具有良好的支持;同 nginx 等相比,traefik 能夠自動(dòng)感知后端容器變化,從而實(shí)現(xiàn)自動(dòng)服務(wù)發(fā)現(xiàn)
二:yaml文件
可以通過https://github.com/containous/traefik/tree/master/examples/k8s 下載所需要的yaml文件; 我們使用了如下幾個(gè)文件:
traefik-rbac.yaml
點(diǎn)擊(此處)折疊或打開
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: traefik-ingress-controller
rules:
- apiGroups:
- ""
resources:
- services
- endpoints
- secrets
verbs:
- get
- list
- watch
- apiGroups:
- extensions
resources:
- ingresses
verbs:
- get
- list
- watch
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: traefik-ingress-controller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: traefik-ingress-controller
subjects:
- kind: ServiceAccount
name: traefik-ingress-controller
namespace: kube-system
traefik-ds.yaml
點(diǎn)擊(此處)折疊或打開
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: traefik-ingress-controller
namespace: kube-system
---
kind: DaemonSet
apiVersion: extensions/v1beta1
metadata:
name: traefik-ingress-controller
namespace: kube-system
labels:
k8s-app: traefik-ingress-lb
spec:
template:
metadata:
labels:
k8s-app: traefik-ingress-lb
name: traefik-ingress-lb
spec:
serviceAccountName: traefik-ingress-controller
terminationGracePeriodSeconds: 60
hostNetwork: true
containers:
- image: traefik
name: traefik-ingress-lb
ports:
- name: http
containerPort: 80
hostPort: 80
- name: admin
containerPort: 8080
securityContext:
capabilities:
drop:
- ALL
add:
- NET_BIND_SERVICE
args:
- --api
- --kubernetes
- --logLevel=INFO
---
kind: Service
apiVersion: v1
metadata:
name: traefik-ingress-service
namespace: kube-system
spec:
selector:
k8s-app: traefik-ingress-lb
ports:
- protocol: TCP
port: 80
name: web
- protocol: TCP
port: 8080
name: admin
type: NodePort
ui.yaml
點(diǎn)擊(此處)折疊或打開
apiVersion: v1
kind: Service
metadata:
name: traefik-web-ui
namespace: kube-system
spec:
selector:
k8s-app: traefik-ingress-lb
ports:
- name: web
port: 80
targetPort: 8580
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: traefik-web-ui
namespace: kube-system
spec:
rules:
- host: traefik-ui.local
http:
paths:
- path: /
backend:
serviceName: traefik-web-ui
servicePort: web
my-ingress.yaml (這里我們對(duì)集群中的 elasticsearch和kibana開啟了Ingress)
點(diǎn)擊(此處)折疊或打開
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: traefik-ingress
namespace: kube-system
spec:
rules:
- host: elasticsearch.donkey
http:
paths:
- path: /
backend:
serviceName: elasticsearch-logging
servicePort: 9200
- host: kibana.donkey
http:
paths:
- path: /
backend:
serviceName: kibana-logging
servicePort: 5601
三:部署與驗(yàn)證
1.創(chuàng)建資源 kubectl create -f .
2. 通過kubectl logs -f 確認(rèn)pod正常啟動(dòng)
3.traefik dashboard
4.如果需要在kubernetes集群以外訪問就需要設(shè)置DNS,或者修改本機(jī)的hosts文件。然后通過Igress配置中的host 直接訪問service.
感謝各位的閱讀!關(guān)于“Kubernetes中如何部署Traefik Ingress”這篇文章就分享到這里了,希望以上內(nèi)容可以對(duì)大家有一定的幫助,讓大家可以學(xué)到更多知識(shí),如果覺得文章不錯(cuò),可以把它分享出去讓更多的人看到吧!