这是一个创建于 2120 天前的主题,其中的信息可能已经有所发展或是发生改变。
在 k8s 内搭建 traefik,想把 80\443 端口暴露到主机上,使用 helm 搭建时可以做到,但是自己配置添加了
hostNetwork: true 无效。 helm 搭建的 traefik 的 service 里,在 k8s dashboard 里可以看到,外部端点是有显示
localhost:80 localhost:443 并且在主机上可以直接访问
traefik-deploy.yaml
apiVersion: v1 kind: Service metadata: name: traefik namespace: kube-system spec: ports: - name: web protocol: TCP nodePort: 30080 port: 80 targetPort: http - name: websecure protocol: TCP nodePort: 30443 port: 443 - name: admin port: 8080 nodePort: 30880 selector: app: traefik type: NodePort --- apiVersion: apps/v1 kind: DaemonSet metadata: name: traefik-ingress-controller namespace: kube-system labels: app: traefik spec: selector: matchLabels: app: traefik template: metadata: name: traefik labels: app: traefik spec: serviceAccountName: traefik-ingress-controller terminationGracePeriodSeconds: 1 hostNetwork: true containers: - image: traefik:v2.1.6 name: traefik-ingress-lb ports: - name: http containerPort: 80 hostPort: 80 #hostPort 方式,将端口暴露到集群节点 - name: https containerPort: 443 hostPort: 443 #hostPort 方式,将端口暴露到集群节点 - name: admin containerPort: 8080 resources: limits: cpu: 2000m memory: 1024Mi requests: cpu: 1000m memory: 1024Mi securityContext: capabilities: drop: - ALL add: - NET_BIND_SERVICE args: - --cOnfigfile=/config/traefik.yaml volumeMounts: - mountPath: "/config" name: "config" volumes: - name: config configMap: name: traefik-config tolerations: #设置容忍所有污点,防止节点被设置污点 - operator: "Exists" nodeSelector: #设置 node 筛选器,在特定 label 的节点上启动 IngressProxy: "true" 搜了一圈文档都没发现怎么做到的,求助一下各位大佬。谢谢
 | 1 binux 2020-03-10 02:05:14 +08:00 via Android bind IP address |
 | 2 hzfyjgw 2020-03-10 09:16:39 +08:00 可以考虑用 nodeselector 的有特定标签的 daemonset 的形式部署 traefik |
 | 4 Flands OP service 里 type: LoadBalancer 就好了。。 |
Select Language