添加traefik的helm仓库

1
2
3
$ helm repo add traefik https://helm.traefik.io/traefik
$ helm  repo list 
$ helm  pull traefik/traefik --version 10.0.0

生成部署values.yaml清单,清单内容照着自带的values.yaml修改添加

这里的内容是我修改过的my_values.yaml文件

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
# 使用hostNetwork网络,service就不需要创建了
service:
  enabled: false

deployment:
  replicas: 1

# traefik是dashboard的配置,web和websecure是入口的配置
ports:
  traefik:
    port: 9000
    expose: false
  web:
    expose: false
    port: 80
  websecure:
    expose: false
    port: 443

# 开启日志的功能记录日志等级
logs:
  general:
    level: INFO
  access:
    enabled: true


# 使用主机网络
hostNetwork: true

# pod的资源限制配置
resources:
  requests:
    cpu: "100m"
    memory: "150Mi"
  limits:
    cpu: "300m"
    memory: "150Mi"


# 监听1024以下的端口需要修改traefik默认的安全上下文配置
securityContext:
  capabilities:
    drop: []
  readOnlyRootFilesystem: false
  runAsGroup: 0
  runAsNonRoot: false
  runAsUser: 0
  
# 节点选择器,当节点打上了traefik=true的标签才会部署treafik控制器  
nodeSelector:
  traefik: "true"

对需要部署treafik的节点打上treafik=true的节点标签

1
2
3
4
$ kubectl label nodes cn-zhangjiakou.172.16.1.113 traefik=true
node/cn-zhangjiakou.172.16.1.113 labeled
$ kubectl label nodes cn-zhangjiakou.172.16.1.114 traefik=true
node/cn-zhangjiakou.172.16.1.114 labeled

通过自定义修改的values.yaml部署treafik

1
2
3
4
$ kubectl create namespace traefik
namespace/treafik created

$ helm install treafik-ingress -n traefik --version 10.0.0 traefik/traefik -f my_values.yaml

暴露traefik的dashboard

1
2
3
$ kubectl expose deployment -n traefik traefik --port=9000 --target-port=9000 --type=NodePort
$ kubectl get svc -n traefik |grep traefik
traefik      NodePort    192.168.2.75   <none>        9000:31906/TCP   7m2s

浏览器访问NodeIP:31906/dashboard/#/即可访问到traefik的dashboard

创建一个测试用的ingress-demo

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
$ vim test-traefik-ingress.yaml
------------------------------------
apiVersion: apps/v1
kind: Deployment
metadata:
  creationTimestamp: null
  labels:
    app: test-traefik-ingress
  name: test-traefik-ingress
spec:
  replicas: 1
  selector:
    matchLabels:
      app: test-traefik-ingress
  strategy: {}
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: test-traefik-ingress
    spec:
      containers:
      - image: putianhui/myapp:v1
        name: myapp
        resources: {}
---
apiVersion: v1
kind: Service
metadata:
  creationTimestamp: null
  labels:
    app: test-traefik-ingress
  name: test-traefik-ingress
spec:
  ports:
  - port: 80
    protocol: TCP
    targetPort: 80
  selector:
    app: test-traefik-ingress
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: test-traefik-ingress-ingress
  labels:
    ingress: nginxv
spec:
  rules:
  - host: traefik.putianhui.cn
    http:
      paths:
      - backend:
          serviceName: test-traefik-ingress
          servicePort: 80
        path: /

应用资源清单

1
2
3
4
$ kubectl apply -f  test-traefik-ingress.yaml 
deployment.apps/test-traefik-ingress configured
service/test-traefik-ingress created
ingress.extensions/test-traefik-ingress-ingress created

客户端写hosts将traefik.putianhui.cn域名对应到traefik的nodepod即可访问