这是一个创建于 1723 天前的主题,其中的信息可能已经有所发展或是发生改变。
在 k8s 内搭建 traefik,想把 80\443 端口暴露到主机上,使用 helm 搭建时可以做到,但是自己配置添加了
hostNetwork: true 无效。
helm 搭建的 traefik 的 service 里,在 k8s dashboard 里可以看到,外部端点是有显示
localhost:80
localhost:443
并且在主机上可以直接访问
traefik-deploy.yaml
apiVersion: v1
kind: Service
metadata:
name: traefik
namespace: kube-system
spec:
ports:
- name: web
protocol: TCP
nodePort: 30080
port: 80
targetPort: http
- name: websecure
protocol: TCP
nodePort: 30443
port: 443
- name: admin
port: 8080
nodePort: 30880
selector:
app: traefik
type: NodePort
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: traefik-ingress-controller
namespace: kube-system
labels:
app: traefik
spec:
selector:
matchLabels:
app: traefik
template:
metadata:
name: traefik
labels:
app: traefik
spec:
serviceAccountName: traefik-ingress-controller
terminationGracePeriodSeconds: 1
hostNetwork: true
containers:
- image: traefik:v2.1.6
name: traefik-ingress-lb
ports:
- name: http
containerPort: 80
hostPort: 80 #hostPort 方式,将端口暴露到集群节点
- name: https
containerPort: 443
hostPort: 443 #hostPort 方式,将端口暴露到集群节点
- name: admin
containerPort: 8080
resources:
limits:
cpu: 2000m
memory: 1024Mi
requests:
cpu: 1000m
memory: 1024Mi
securityContext:
capabilities:
drop:
- ALL
add:
- NET_BIND_SERVICE
args:
- --configfile=/config/traefik.yaml
volumeMounts:
- mountPath: "/config"
name: "config"
volumes:
- name: config
configMap:
name: traefik-config
tolerations: #设置容忍所有污点,防止节点被设置污点
- operator: "Exists"
nodeSelector: #设置 node 筛选器,在特定 label 的节点上启动
IngressProxy: "true"
搜了一圈文档都没发现怎么做到的,求助一下各位大佬。谢谢
 |
1
binux 2020-03-10 02:05:14 +08:00 via Android
bind IP address
|
 |
2
hzfyjgw 2020-03-10 09:16:39 +08:00
可以考虑用 nodeselector 的有特定标签的 daemonset 的形式部署 traefik
|
 |
4
Flands OP service 里 type: LoadBalancer 就好了。。
|
Select Language