如何删除 nodePort Kubernetes - Traefik 入口 controller
[英]How to remove nodePort Kubernetes - Traefik ingress controller
问题描述
Following this tutorial:
按照本教程:
https://medium.com/kubernetes-tutorials/deploying-traefik-as-ingress-controller-for-your-kubernetes-cluster-b03a0672ae0c
I am able to access the site by visiting www.domain.com:nodePort我可以通过访问www.domain.com:nodePort来访问该站点
Is it possible to omit nodePort part?是否可以省略 nodePort 部分? Could you provide example?你能举个例子吗?
2 个解决方案
解决方案1
2 已采纳 2020-07-10 21:19:33
Is it possible to omit nodePort part?
Yes and No.是和否。
- Not directly.不是直接的。 Kubernetes always exposes external services even LoadBalancer type of services on a node port. Kubernetes 总是公开外部服务,即使是节点端口上的 LoadBalancer 类型的服务。
- Yes.是的。 If you front it with a load balancer.如果您在其前面使用负载平衡器。 Either your own that forwards port
80and/or443to your NodePort or a LoadBalancer type of service which essentially sets up an external load balancer that forwards traffic to your NodePort.您自己的将端口80和/或443转发到您的 NodePort 或LoadBalancer类型的服务,它实质上设置了一个外部负载均衡器,将流量转发到您的 NodePort。
Could you provide an example?
The NodePort service to expose your ingress is basically the same, you just need to setup your own external load balancer.暴露你的入口的 NodePort 服务基本相同,你只需要设置你自己的外部负载均衡器。 (ie AWS ELB/ALB/NLB, GCP load balancer, Azure load balancer, F5, etc, etc) (即AWS ELB/ALB/NLB、GCP负载均衡器、Azure负载均衡器、F5等)
kind: Service
apiVersion: v1
metadata:
name: traefik-ingress-service
namespace: kube-system
spec:
selector:
k8s-app: traefik-ingress-lb
ports:
- protocol: TCP
port: 80
name: web
- protocol: TCP
port: 8080
name: admin
type: NodePort
The LoadBalancer type is just a change on the type of service: LoadBalancer类型只是对服务类型的更改:
kind: Service
apiVersion: v1
metadata:
name: traefik-ingress-service
namespace: kube-system
spec:
selector:
k8s-app: traefik-ingress-lb
ports:
- protocol: TCP
port: 80
name: web
- protocol: TCP
port: 8080
name: admin
type: LoadBalancer
In the case above, Kubernetes will automatically manage the load balancer in the provider .在上述情况下,Kubernetes 将自动管理provider 中的负载均衡器。
解决方案2
1 2020-07-10 20:49:17
Try deploying the below code.尝试部署以下代码。 This is a simple whoami pod which can be deployed along traefik and can be accessed at http://localhost/whoami-app-api when deployed on the local machine.这是一个简单的 whoami pod,可以沿着 traefik 部署,部署在本地机器上时可以通过 http://localhost/whoami-app-api 访问。 The dashboard is also available at http://localhost:8080/dashboard.仪表板也可在 http://localhost:8080/dashboard 获得。
Deployment File:部署文件:
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: ingressroutes.traefik.containo.us
spec:
group: traefik.containo.us
version: v1alpha1
names:
kind: IngressRoute
plural: ingressroutes
singular: ingressroute
scope: Namespaced
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: middlewares.traefik.containo.us
spec:
group: traefik.containo.us
version: v1alpha1
names:
kind: Middleware
plural: middlewares
singular: middleware
scope: Namespaced
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: ingressroutetcps.traefik.containo.us
spec:
group: traefik.containo.us
version: v1alpha1
names:
kind: IngressRouteTCP
plural: ingressroutetcps
singular: ingressroutetcp
scope: Namespaced
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: ingressrouteudps.traefik.containo.us
spec:
group: traefik.containo.us
version: v1alpha1
names:
kind: IngressRouteUDP
plural: ingressrouteudps
singular: ingressrouteudp
scope: Namespaced
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: tlsoptions.traefik.containo.us
spec:
group: traefik.containo.us
version: v1alpha1
names:
kind: TLSOption
plural: tlsoptions
singular: tlsoption
scope: Namespaced
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: tlsstores.traefik.containo.us
spec:
group: traefik.containo.us
version: v1alpha1
names:
kind: TLSStore
plural: tlsstores
singular: tlsstore
scope: Namespaced
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: traefikservices.traefik.containo.us
spec:
group: traefik.containo.us
version: v1alpha1
names:
kind: TraefikService
plural: traefikservices
singular: traefikservice
scope: Namespaced
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: traefik-ingress-controller
rules:
- apiGroups:
- ""
resources:
- services
- endpoints
- secrets
verbs:
- get
- list
- watch
- apiGroups:
- extensions
resources:
- ingresses
verbs:
- get
- list
- watch
- apiGroups:
- extensions
resources:
- ingresses/status
verbs:
- update
- apiGroups:
- traefik.containo.us
resources:
- middlewares
- ingressroutes
- traefikservices
- ingressroutetcps
- ingressrouteudps
- tlsoptions
- tlsstores
verbs:
- get
- list
- watch
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: traefik-ingress-controller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: traefik-ingress-controller
subjects:
- kind: ServiceAccount
name: traefik-ingress-controller
namespace: default
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: traefik-ingress-controller
---
kind: Deployment
apiVersion: apps/v1
metadata:
name: traefik
labels:
app: traefik
spec:
replicas: 1
selector:
matchLabels:
app: traefik
template:
metadata:
labels:
app: traefik
spec:
serviceAccountName: traefik-ingress-controller
containers:
- name: traefik
image: traefik:v2.1
args:
- --accesslog=true
- --api
- --api.insecure
- --entrypoints.web.address=:80
- --entrypoints.websecure.address=:443
- --providers.kubernetescrd
- --configfile=/config/traefik.toml
ports:
- name: web
containerPort: 80
- name: admin
containerPort: 8080
- name: websecure
containerPort: 443
---
apiVersion: v1
kind: Service
metadata:
name: traefik
spec:
type: LoadBalancer
selector:
app: traefik
ports:
- protocol: TCP
port: 80
name: web
targetPort: 80
- protocol: TCP
port: 443
name: websecure
targetPort: 80
- protocol: TCP
port: 8080
name: admin
targetPort: 8080
---
kind: Deployment
apiVersion: apps/v1
metadata:
namespace: default
name: whoami
labels:
app: whoami
spec:
replicas: 1
selector:
matchLabels:
app: whoami
template:
metadata:
labels:
app: whoami
spec:
containers:
- name: whoami
image: containous/whoami
ports:
- name: web
containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: whoami
spec:
ports:
- protocol: TCP
name: web
port: 80
selector:
app: whoami
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: whoami-whoami
namespace: default
spec:
entryPoints:
- web
- websecure
routes:
- match: PathPrefix(`/whoami-app-api`)
kind: Rule
services:
- name: whoami
port: 80
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
没有 Nodeport 的 Kubernetes 入口控制器 - Kubernetes Ingress Controller without a Nodeport
Kubernetes Nginx NodePort 上的入口 Controller - Kubernetes Nginx Ingress Controller on NodePort
如何在 traefik 入口 controller 中为 kubernetes 设置最大请求正文大小? - How to set max request body size in traefik ingress controller for kubernetes?
用于Kubernetes(AWS EKS)的Traefik入口控制器 - Traefik Ingress Controller for Kubernetes (AWS EKS)
Ingress 和 Ingress 控制器如何将它们与 NodePort 服务一起使用? - Ingress and Ingress controller how to use them with NodePort Services?
如何使用traefik入口控制器在kubernetes裸机上设置https - How to set up https on kubernetes bare metal using traefik ingress controller
如何通过kubernetes上的traefik入口控制器使cockroachdb的管理ui公开可用? - How do I make my admin ui of cockroachdb publicly available via traefik ingress controller on kubernetes?
kubernetes中具有单个traefik入口控制器的多个客户的多个acme部分 - Multiple acme sections for multiple customers with single traefik ingress controller in kubernetes
在同一个 kubernetes 集群上安装两个 traefik 入口控制器 - Install two traefik ingress controller on same kubernetes Cluster
Kubernetes:通过 traefik 入口控制器处理与集群中多个 LoadBalancer 的连接 - Kubernetes: Handle connections with multiple LoadBalancer in cluster via traefik ingress controller
相关标签