部署Traefik
00-namespace.yml
| apiVersion: v1 |
| kind: Namespace |
| metadata: |
| name: test-traefik |
00-role.yml
| kind: ClusterRole |
| apiVersion: rbac.authorization.k8s.io/v1 |
| metadata: |
| name: traefik-role |
| namespace: test-traefik |
| rules: |
| - apiGroups: |
| - "" |
| resources: |
| - services |
| - secrets |
| - nodes |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - discovery.k8s.io |
| resources: |
| - endpointslices |
| verbs: |
| - list |
| - watch |
| - apiGroups: |
| - extensions |
| - networking.k8s.io |
| resources: |
| - ingresses |
| - ingressclasses |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - extensions |
| - networking.k8s.io |
| resources: |
| - ingresses/status |
| verbs: |
| - update |
| - apiGroups: |
| - traefik.io |
| resources: |
| - middlewares |
| - middlewaretcps |
| - ingressroutes |
| - traefikservices |
| - ingressroutetcps |
| - ingressrouteudps |
| - tlsoptions |
| - tlsstores |
| - serverstransports |
| - serverstransporttcps |
| verbs: |
| - get |
| - list |
| - watch |
00-account.yml
| apiVersion: v1 |
| kind: ServiceAccount |
| metadata: |
| name: traefik-account |
| namespace: test-traefik |
01-role-binding.yml
| kind: ClusterRoleBinding |
| apiVersion: rbac.authorization.k8s.io/v1 |
| metadata: |
| name: traefik-role-binding |
| namespace: test-traefik |
| roleRef: |
| apiGroup: rbac.authorization.k8s.io |
| kind: ClusterRole |
| name: traefik-role |
| subjects: |
| - kind: ServiceAccount |
| name: traefik-account |
| namespace: test-traefik |
02-traefik.yml
| kind: Deployment |
| apiVersion: apps/v1 |
| metadata: |
| name: traefik-deployment |
| namespace: test-traefik |
| labels: |
| app: traefik |
| |
| spec: |
| replicas: 1 |
| selector: |
| matchLabels: |
| app: traefik |
| template: |
| metadata: |
| labels: |
| app: traefik |
| spec: |
| serviceAccountName: traefik-account |
| containers: |
| - name: traefik |
| image: traefik:v3.1 |
| args: |
| - --api.insecure |
| - --providers.kubernetesingress |
| ports: |
| - name: web |
| containerPort: 80 |
| - name: dashboard |
| containerPort: 8080 |
02-traefik-services.yml
把 LoadBalancer 改成 NodePort
| apiVersion: v1 |
| kind: Service |
| metadata: |
| name: traefik-dashboard-service |
| namespace: test-traefik |
| spec: |
| type: NodePort |
| ports: |
| - port: 8080 |
| targetPort: dashboard |
| selector: |
| app: traefik |
| --- |
| apiVersion: v1 |
| kind: Service |
| metadata: |
| name: traefik-web-service |
| namespace: test-traefik |
| spec: |
| type: NodePort |
| ports: |
| - targetPort: web |
| port: 80 |
| selector: |
| app: traefik |
| kubectl apply -f 00-namespace.yml \ |
| -f 00-role.yml \ |
| -f 00-account.yml \ |
| -f 01-role-binding.yml \ |
| -f 02-traefik.yml \ |
| -f 02-traefik-services.yml |
| |
| kubectl get all -n test-traefik |
访问Traefik Dashboard:http://127.0.0.1:32193/dashboard
Ingress示例
00-nginx-deployment.yaml
| kind: Deployment |
| apiVersion: apps/v1 |
| metadata: |
| name: nginx |
| namespace: test-traefik |
| labels: |
| app: nginx |
| |
| spec: |
| replicas: 1 |
| selector: |
| matchLabels: |
| app: nginx |
| template: |
| metadata: |
| labels: |
| app: nginx |
| spec: |
| containers: |
| - name: nginx |
| image: swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/nginx:1.27.1 |
| ports: |
| - name: web |
| containerPort: 80 |
01-nginx-services.yaml
| apiVersion: v1 |
| kind: Service |
| metadata: |
| name: nginx |
| namespace: test-traefik |
| spec: |
| ports: |
| - name: web |
| port: 80 |
| targetPort: web |
| selector: |
| app: nginx |
02-nginx-ingress.yaml
| apiVersion: networking.k8s.io/v1 |
| kind: Ingress |
| metadata: |
| name: nginx-ingress |
| namespace: test-traefik |
| spec: |
| rules: |
| - http: |
| paths: |
| - path: / |
| pathType: Prefix |
| backend: |
| service: |
| name: nginx |
| port: |
| name: web |
| kubectl apply -f 00-nginx-deployment.yaml \ |
| -f 01-nginx-services.yaml \ |
| -f 02-nginx-ingress.yaml |
访问http://127.0.0.1:32560/
ingressRoute示例
注意这里的kind为IngressRoute
00-nginx-ingressroute.yaml
| apiVersion: traefik.io/v1alpha1 |
| kind: IngressRoute |
| metadata: |
| name: nginxIngressRoute |
| namespace: test-traefik |
| spec: |
| entryPoints: |
| - web |
| routes: |
| - match: Host(`ingressRoute.example.com`) |
| kind: Rule |
| services: |
| - name: nginx |
| port: 80 |
| kubectl apply -f 00-nginx-ingressroute.yaml |
访问http://ingressroute.example.com:32560/
ingressRoute.example.com需要配置/etc/hosts文件进行ip与命名的映射,如果没有DNS服务。
参考:
| https://blog.csdn.net/networken/article/details/85953346 |
| https://blog.csdn.net/networken/article/details/85953346 |
| https://doc.traefik.io/traefik/getting-started/quick-start-with-kubernetes/ |
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· TypeScript + Deepseek 打造卜卦网站:技术与玄学的结合
· Manus的开源复刻OpenManus初探
· 三行代码完成国际化适配,妙~啊~
· .NET Core 中如何实现缓存的预热?
· 如何调用 DeepSeek 的自然语言处理 API 接口并集成到在线客服系统
2020-10-27 撬动offer:两个长字符串数字相加
2019-10-27 8、服务发现&服务消费者Feign