README.MD

# 如何使用?
访问192.168.71.104:8500 观察traefik的信息为本地配置域名解析即可,注意关闭电脑的管家提示的域名拦截和vpn的代理


# 修改hosts文件(C:\Windows\System32\drivers\etc 或者 /etc/hosts ),添加以下内容

192.168.71.104 yibainetwork.java.dev.kibana.com
192.168.71.104 yibainetwork.java.dev.zipkin.com

ingress-rbac.yaml

apiVersion: v1
kind: ServiceAccount
metadata:
  name: ingress
  namespace: kube-system

---

kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
  name: ingress
subjects:
  - kind: ServiceAccount
    name: ingress
    namespace: kube-system
roleRef:
  kind: ClusterRole
  name: cluster-admin
  apiGroup: rbac.authorization.k8s.io

ingress.yaml

---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: traefik-ingress
  namespace: default
  annotations:
    kubernetes.io/ingress.class: traefik
    traefik.ingress.kubernetes.io/auth-type: "basic"
    traefik.ingress.kubernetes.io/auth-secret: "basic-auth"
spec:
  rules:
    - host: yibainetwork.java.dev.kibana.com
      http:
        paths:
          - backend:
              serviceName: kibana4log
              servicePort: 5601
    - host: yibainetwork.java.dev.zipkin.com
      http:
        paths:
          - backend:
              serviceName: zipkin
              servicePort: 80

traefik.yml

---
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
  name: traefik-ingress-lb
  namespace: kube-system
  labels:
    k8s-app: traefik-ingress-lb
spec:
  template:
    metadata:
      labels:
        k8s-app: traefik-ingress-lb
        name: traefik-ingress-lb
    spec:
      terminationGracePeriodSeconds: 60
      hostNetwork: true
      restartPolicy: Always
      serviceAccountName: ingress
      containers:
        - image: traefik
          name: traefik-ingress-lb
          resources:
            limits:
              cpu: 200m
              memory: 30Mi
            requests:
              cpu: 100m
              memory: 20Mi
          ports:
            - name: http
              containerPort: 80
              hostPort: 80
            - name: admin
              containerPort: 8580
              hostPort: 8580
          args:
            - --web
            - --web.address=:8580
            - --kubernetes
      nodeSelector:
        type: outer
---
# 创建认证
# mkdir -p /data/tristan/auth && cd /data/tristan/auth
# yum -y install httpd-tools
# htpasswd -c auth admin
# kubectl -n default create secret generic basic-auth --from-file=auth
# kubectl -n default get secret basic-auth -o yaml
# 显示如下
#---
#apiVersion: v1
#data:
#  auth: YWRtaW46JGFwcjEk
#kind: Secret
#metadata:
#  name: basic-auth
#  namespace: default
#type: Opaque
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: service-gateway
  annotations:
    kubernetes.io/ingress.class: traefik
    traefik.ingress.kubernetes.io/auth-type: "basic"
    traefik.ingress.kubernetes.io/auth-secret: "basic-auth"
spec:
  rules:
    - host: yibainetwork.java.dev.kibana.com
      http:
        paths:
          - backend:
              serviceName: kibana4log
              servicePort: 5601
    - host: yibainetwork.java.dev.zipkin.com
      http:
        paths:
          - backend:
              serviceName: zipkin
              servicePort: 80

服务认证网关

README.MD

ingress-rbac.yaml

ingress.yaml

traefik.yml

猜你喜欢