kubernetes-traefik(二十一)

参考文档:http://traefik.cn/

traefik和ingress的对比

ingress:

使用nginx作为前端负载均衡,通过ingress controller不断的和kubernetes api交互,实时获取后端service,pod等的变化,然后动态更新nginx配置,并刷新使配置生效,达到服务发现的目的。

traefik:

traefik本身设计的就能够实时跟kubernetes api交互,感知后端service,pod等的变化,自动更新配置并重载。

traefik更快速方便,同时支持更多的特性,使反向代理,负载均衡更直接更高效

helm部署traefik
下载traefik需要用到的chart
[root@k8s-master ~]# git clone https://github.com/helm/charts.git

修改traefik使用宿主机网络
[root@k8s-master ~]# vim charts/stable/traefik/templates/deployment.yaml
hostNetwork: true

配置dashboard
[root@k8s-master ~]# cd charts/stable/
[root@k8s-master stable]# vim traefik/traefik.yaml
serviceType: NodePort
replicas: 1
resources:
  limits:
    cpu: 500m
    memory: 512Mi
dashboard:
  enabled: true
  domain: traefik.test.com
service:
  nodePorts:
    http: 30080
    https: 30443
rbac:
  enabled: true
metrics:
  prometheus:
    enabled: true

部署
[root@k8s-master stable]# helm install ./traefik --name traefik --namespace kube-system -f traefik/traefik.yaml
[root@k8s-master ~]# kubectl get pod -n kube-system -o wide |grep traefik
traefik-74df464495-w288l             0/1     Running   0          7s      192.168.0.123   k8s-node01   <none>           <none>

[root@k8s-node01 ~]# netstat -tnlp |grep traefik
tcp6       0      0 :::8080                 :::*                    LISTEN      110720/traefik      
tcp6       0      0 :::8880                 :::*                    LISTEN      110720/traefik      
tcp6       0      0 :::80                   :::*                    LISTEN      110720/traefi

部署应用

[root@k8s-master demo]# cat deploy.yaml 
apiVersion: apps/v1
kind: Deployment
metadata:
  name: myapp-backend-pod
  namespace: default
spec:
  replicas: 3
  selector:
    matchLabels:
      app: myapp
      release: canary
  template:
    metadata:
      labels:
        app: myapp
        release: canary
    spec:
      containers:
      - name: myapp
        image: ikubernetes/myapp:v2
        ports:
        - name: http
          containerPort: 80
[root@k8s-master demo]# cat service.yaml 
apiVersion: v1
kind: Service
metadata:
  name: myapp
  namespace: default
spec:
  selector:
    app: myapp
    release: canary
  ports:
  - name: http
    targetPort: 80
    port: 80
[root@k8s-master demo]# kubectl apply -f .
deployment.apps/myapp-backend-pod created
service/myapp created
[root@k8s-master demo]# kubectl get svc
NAME         TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)   AGE
kubernetes   ClusterIP   10.1.0.1       <none>        443/TCP   46h
myapp        ClusterIP   10.1.125.169   <none>        80/TCP    43s
[root@k8s-master demo]# curl 10.1.125.169
Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>

配置ingress规则使集群外部访问

[root@k8s-master demo]# cat ingress.yaml 
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: hello-ingress
  annotations:
    kubernetes.io/ingress.class: traefik
spec:
  rules:
  - host: hello.test.com
    http:
      paths:
      - path: /
        backend:
          serviceName: myapp
          servicePort: 80
[root@k8s-master demo]# kubectl apply -f ingress.yaml 
ingress.extensions/hello-ingress created

kubernetes-traefik(二十一)

traefik的Dashboard

一个简单的Dashboard, 可以看当前的路由规则,和转发的结果统计。

kubernetes-traefik(二十一)

上一篇:traefik Ingress https配置


下一篇:kubernetes集群traefik ingress实现同一命名空间不同微服务模块的访问