链接: https://pan.baidu.com/s/1j8liEMtaNQKcNQySbsNQhA 密码: crhl
开启hostnetwork
给节点打上ingress=traefik的标签
kubectl label node op-jmx-n01 ingress=traefik
安装部署
kubectl create ns traefik-ingress
cd /srv/stuy/k201-master/charts/traefik
helm install traefik -n traefik-ingress -f traefik.yaml .
cd /srv/stuy/k201-master/4.Kubernetes容器网络/config/ingress
# 创建应用
kubectl apply -f echo-app.yaml
# 使用ingress的方式访问应用
kubectl apply -f echo-traefik-ingress-http.yaml
kubectl get ingress
# 访问域名echo.hipstershop.cn
curl echo.hipstershop.cn
访问443 不可以 原因是trarfik.yaml中没有启用ssl
为证书crt和key文件配置secret
kubectl create generic echo-hipstershp-cn --from-file=cert/tls.crt --from-file=cert/tls.key
在echo-traefik-ingress-https.yaml中加入tls配置
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: echo-traefik-ingress
annotations:
kubernetes.io/ingress.class: traefik
spec:
tls:
- secretName: echo-hipstershop-cn-cert
rules:
- host: echo.hipstershop.cn
http:
paths:
- path: /
backend:
serviceName: echo
servicePort: 80
应用并查看配置
kubectl apply -f echo-traefik-ingress-https.yaml
kubectl get ingress
curl https://echo.hipstershop.cn
traefik 导出grpc服务
首先部署一个grpc的服务
grpc-app.yaml
---
apiVersion: v1
kind: Service
metadata:
name: grpc
spec:
ports:
- port: 80
targetPort: 8080
selector:
app: grpc
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: grpc
spec:
selector:
matchLabels:
app: grpc
replicas: 2
template:
metadata:
labels:
app: grpc
spec:
containers:
- name: grpc
image: findsec/grpc
ports:
- containerPort: 8080
env:
- name: PORT
value: "8080"
readinessProbe:
periodSeconds: 5
exec:
command: ["/bin/grpc_health_probe", "-addr=:8080"]
livenessProbe:
exec:
command: ["/bin/grpc_health_probe", "-addr=:8080"]
kubectl apply -f grpc-app.yaml
创建ingress grpc-traefik-ingress.yaml
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: grpc-traefik-ingress
annotations:
kubernetes.io/ingress.class: traefik
ingress.kubernetes.io/protocol: h2c # h2c协议
spec:
rules:
- host: grpc.hipstershop.cn
http:
paths:
- path: /
backend:
serviceName: grpc
servicePort: 80
应用ingress
kubectl apply -f grpc-traefik-ingress.yaml
检查服务
/srv/stuy/k201-master/4.Kubernetes容器网络/config/ingress/grpc_health_probe-linux-amd64 -addr grpc.hipstorshop.cn:80