配置traefik资源清单
rbac.yaml

配置traefik资源清单

rbac.yaml

apiVersion: v1

kind: ServiceAccount

metadata:

  name: traefik-ingress-controller

  namespace: kube-system

---

apiVersion: rbac.authorization.k8s.io/v1beta1

kind: ClusterRole

metadata:

  name: traefik-ingress-controller

rules:

  - apiGroups:

      - ""

    resources:

      - services

      - endpoints

      - secrets

    verbs:

      - get

      - list

      - watch

  - apiGroups:

      - extensions

    resources:

      - ingresses

    verbs:

      - get

      - list

      - watch

---

kind: ClusterRoleBinding

apiVersion: rbac.authorization.k8s.io/v1beta1

metadata:

  name: traefik-ingress-controller

roleRef:

  apiGroup: rbac.authorization.k8s.io

  kind: ClusterRole

  name: traefik-ingress-controller

subjects:

- kind: ServiceAccount

  name: traefik-ingress-controller

  namespace: kube-system

daemonset.yaml

apiVersion: extensions/v1beta1

kind: DaemonSet

metadata:

name: traefik-ingress

namespace: kube-system

labels:

k8s-app: traefik-ingress

spec:

template:

metadata:

labels:

k8s-app: traefik-ingress

name: traefik-ingress

spec:

serviceAccountName: traefik-ingress-controller

terminationGracePeriodSeconds: 60

containers:

- image: harbor.od.com/public/traefik:v1.7.2

name: traefik-ingress

ports:

- name: controller

containerPort: 80

hostPort: 81

- name: admin-web

containerPort: 8080

securityContext:

capabilities:

drop:

- ALL

add:

- NET_BIND_SERVICE

args:

- --api

- --kubernetes

- --logLevel=INFO

- --insecureskipverify=true

- --kubernetes.endpoint=https://10.4.7.10:7443

- --accesslog

- --accesslog.filepath=/var/log/traefik_access.log

- --traefiklog

- --traefiklog.filepath=/var/log/traefik.log

- --metrics.prometheus

service.yaml

kind: Service

apiVersion: v1

metadata:

name: traefik-ingress-service

namespace: kube-system

spec:

selector:

k8s-app: traefik-ingress

ports:

- protocol: TCP

port: 80

name: controller

- protocol: TCP

port: 8080

name: admin-web

ingress.yaml

apiVersion: extensions/v1beta1

kind: Ingress

metadata:

name: traefik-web-ui

namespace: kube-system

annotations:

kubernetes.io/ingress.class: traefik

spec:

rules:

- host: traefik.od.com

http:

paths:

- path: /

backend:

serviceName: traefik-ingress-service

servicePort: 8080

交付traefik到k8s

[root@hdss7-21 ~]# kubectl apply -f http://k8s-yaml.od.com/traefik/traefik_1.7.2/rbac.yaml

[root@hdss7-21 ~]# kubectl apply -f http://k8s-yaml.od.com/traefik/traefik_1.7.2/daemonset.yaml

[root@hdss7-21 ~]# kubectl apply -f http://k8s-yaml.od.com/traefik/traefik_1.7.2/service.yaml

[root@hdss7-21 ~]# kubectl apply -f http://k8s-yaml.od.com/traefik/traefik_1.7.2/ingress.yaml

[root@hdss7-21 ~]# kubectl get pods -n kube-system -o wide

NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES

coredns-6b6c4f9648-4vtcl 1/1 Running 1 24h 172.7.21.3 hdss7-21.host.com <none> <none>

traefik-ingress-4gm4w 1/1 Running 0 77s 172.7.21.5 hdss7-21.host.com <none> <none>

traefik-ingress-hwr2j 1/1 Running 0 77s 172.7.22.3 hdss7-22.host.com <none> <none>

[root@hdss7-21 ~]# kubectl get ds -n kube-system

NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE

traefik-ingress 2 2 2 2 2 <none> 107s

配置外部nginx负载均衡

[root@hdss7-11 ~]# vim /etc/nginx/conf.d/od.com.conf

server {

server_name *.od.com;

location / {

proxy_pass http://default_backend_traefik;

proxy_set_header Host $http_host;

proxy_set_header x-forwarded-for $proxy_add_x_forwarded_for;

}

}

upstream default_backend_traefik {

# 所有的nodes都放到upstream中

server 10.4.7.21:81 max_fails=3 fail_timeout=10s;

server 10.4.7.22:81 max_fails=3 fail_timeout=10s;

}

[root@hdss7-11 ~]# nginx -tq && nginx -s reload

k8s二进制部署 - traefik安装的更多相关文章

  1. k8s二进制部署 - dashboard安装

    配置资源清单rbac.yaml apiVersion: v1 kind: ServiceAccount metadata: labels: k8s-app: kubernetes-dashboard ...

  2. k8s二进制部署 - coredns安装

    coredns的资源清单文件rabc.yaml apiVersion: v1 kind: ServiceAccount metadata: name: coredns namespace: kube- ...

  3. k8s二进制部署 - flannel安装

    安装Flannel [root@hdss7-21 ~]# cd /opt/src/ [root@hdss7-21 src]# wget https://github.com/coreos/flanne ...

  4. k8s二进制部署 - harbor安装

    harbor安装 # 目录说明: # /opt/src : 源码.文件下载目录 # /opt/release : 各个版本软件存放位置 # /opt/apps : 各个软件当前版本的软链接 [root ...

  5. k8s二进制部署

    k8s二进制部署 1.环境准备 主机名 ip地址 角色 k8s-master01 10.0.0.10 master k8s-master02 10.0.0.11 master k8s-node01 1 ...

  6. K8s二进制部署单节点 etcd集群,flannel网络配置 ——锥刺股

    K8s 二进制部署单节点 master    --锥刺股 k8s集群搭建: etcd集群 flannel网络插件 搭建master组件 搭建node组件 1.部署etcd集群 2.Flannel 网络 ...

  7. K8s二进制部署单节点 master组件 node组件 ——头悬梁

    K8s二进制部署单节点   master组件 node组件   --头悬梁 1.master组件部署 2.node   组件部署 k8s集群搭建: etcd集群 flannel网络插件 搭建maste ...

  8. k8s 二进制部署详解

    环境说明: 192.168.1.101 -- master01 + etcd01 192.168.1.102 -- etcd02 192.168.1.103 -- etcd03 192.168.1.1 ...

  9. k8s二进制部署 - 总结

    镜像仓库: 安装软件:docker.docker-compose.harbor.nginx 1.下载cfssl.cfssljson.cfssl-certinfo,增加执行权限并放在PATH环境变量路径 ...

随机推荐

  1. 【Docker】CentOS7 上无网络情况下安装

    自建虚拟机,但是连接不上网络,只能通过下载rpm包进行安装docker 环境:CentOS 7.3.1611 x64 rpm镜像下载地址用的阿里的https://mirrors.aliyun.com/ ...

  2. 【Oracle】重命名表空间

    将表空间重新命名 SQL>   alter tablespace 原名 rename to 新名; 在查看下是否命名成功 SQL> select tablespace_name from ...

  3. 【RAC】安装cluster软件 在节点2执行root.sh脚本

    安装cluster软件  在节点2执行root.sh脚本 报错如下: Running vipca(silent) for configuring nodeapps /db/oracle/product ...

  4. python之格式化字符串速记整理

      一.格式化字符串的方式: 1.字符串表达式: 语法格式:'%s' % var 或 '%s %d' % (var1, var2) 说明:%s.%d等为格式类型说明符 例子: >>> ...

  5. 1 分钟上手,在容器中运行 Visual Studio Code

    https://marketplace.visualstudio.com/items?itemName=ms-vscode-remote.remote-containers 这个插件允许我们在容器中运 ...

  6. C++ STL getline()函数

    getline() C++11 <string> 函数原型 //(1) istream& getline (istream& is, string& str, ch ...

  7. 带你走进memcache,老牌内存缓存技术

    一.核心优化概述 什么是优化:以更小的资源支持更大负载网站的运行,以小博大. 思路:尽量减少用户等待时间,节省系统资源开销,节省带宽使用. 优化什么地方?有三方面:Memcache内存缓存技术.静态化 ...

  8. Py第一次练习,第二次练习

    有两个列表      l1 = [11,22,33]        l2 = [22,33,44] 1.获取内容相同的元素列表2.获取l1中有l2中没有的元素列表3.获取l1和l2中不同的元素列表 l ...

  9. (02)-Python3之--列表(list)操作

    1.定义 列表的关键字:list 列表以[]括起来,数据之间用 , 隔开.列表当中的数据,可以是任意类型.数值是可以重复的. 列表元素是 可变的,顺序是 有序的. 例如: b = ["萝卜& ...

  10. LR 场景中Windows资源配置设置

    监视连接前的准备工作 1)进入被监视windows系统,开启以下几个服务Remote Procedure Call(RPC) .Rmote Resgistry.Network DDE.Server.W ...