Skip to content

Commit 4d30579

Browse files
my-dlqdingliqiang
authored andcommitted
新增traefik 2.4 部署文件
1 parent 1b30886 commit 4d30579

15 files changed

Lines changed: 1611 additions & 0 deletions

File tree

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,3 @@
1+
# Traefik v2.4 Deploy
2+
3+
这是 Traefik v2.4 的部署文件,具体可以看我博客,博客地址: http://www.mydlq.club/article/107/
Lines changed: 55 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,55 @@
1+
kind: ConfigMap
2+
apiVersion: v1
3+
metadata:
4+
name: traefik-config
5+
data:
6+
traefik.yaml: |-
7+
ping: ""
8+
serversTransport:
9+
insecureSkipVerify: true
10+
api:
11+
insecure: true
12+
dashboard: true
13+
debug: false
14+
metrics:
15+
prometheus: ""
16+
entryPoints:
17+
web:
18+
address: ":80"
19+
websecure:
20+
address: ":443"
21+
providers:
22+
kubernetesCRD: ""
23+
kubernetesIngress: ""
24+
kubernetesGateway: ""
25+
experimental:
26+
kubernetesGateway: true
27+
log:
28+
filePath: ""
29+
level: error
30+
format: json
31+
accessLog:
32+
filePath: ""
33+
format: json
34+
bufferingSize: 0
35+
filters:
36+
#statusCodes: ["200"]
37+
retryAttempts: true
38+
minDuration: 20
39+
fields:
40+
defaultMode: keep
41+
names:
42+
ClientUsername: drop
43+
headers:
44+
defaultMode: keep
45+
names:
46+
User-Agent: redact
47+
Authorization: drop
48+
Content-Type: keep
49+
#tracing:
50+
# serviceName:
51+
# zipkin:
52+
# sameSpan: true
53+
# id128Bit: true
54+
# sampleRate: 0.1
55+
# httpEndpoint: http://localhost:9411/api/v2/spans
Lines changed: 103 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,103 @@
1+
apiVersion: apiextensions.k8s.io/v1beta1
2+
kind: CustomResourceDefinition
3+
metadata:
4+
name: ingressroutes.traefik.containo.us
5+
spec:
6+
group: traefik.containo.us
7+
version: v1alpha1
8+
names:
9+
kind: IngressRoute
10+
plural: ingressroutes
11+
singular: ingressroute
12+
scope: Namespaced
13+
---
14+
apiVersion: apiextensions.k8s.io/v1beta1
15+
kind: CustomResourceDefinition
16+
metadata:
17+
name: middlewares.traefik.containo.us
18+
spec:
19+
group: traefik.containo.us
20+
version: v1alpha1
21+
names:
22+
kind: Middleware
23+
plural: middlewares
24+
singular: middleware
25+
scope: Namespaced
26+
---
27+
apiVersion: apiextensions.k8s.io/v1beta1
28+
kind: CustomResourceDefinition
29+
metadata:
30+
name: ingressroutetcps.traefik.containo.us
31+
spec:
32+
group: traefik.containo.us
33+
version: v1alpha1
34+
names:
35+
kind: IngressRouteTCP
36+
plural: ingressroutetcps
37+
singular: ingressroutetcp
38+
scope: Namespaced
39+
---
40+
apiVersion: apiextensions.k8s.io/v1beta1
41+
kind: CustomResourceDefinition
42+
metadata:
43+
name: ingressrouteudps.traefik.containo.us
44+
spec:
45+
group: traefik.containo.us
46+
version: v1alpha1
47+
names:
48+
kind: IngressRouteUDP
49+
plural: ingressrouteudps
50+
singular: ingressrouteudp
51+
scope: Namespaced
52+
---
53+
apiVersion: apiextensions.k8s.io/v1beta1
54+
kind: CustomResourceDefinition
55+
metadata:
56+
name: tlsoptions.traefik.containo.us
57+
spec:
58+
group: traefik.containo.us
59+
version: v1alpha1
60+
names:
61+
kind: TLSOption
62+
plural: tlsoptions
63+
singular: tlsoption
64+
scope: Namespaced
65+
---
66+
apiVersion: apiextensions.k8s.io/v1beta1
67+
kind: CustomResourceDefinition
68+
metadata:
69+
name: tlsstores.traefik.containo.us
70+
spec:
71+
group: traefik.containo.us
72+
version: v1alpha1
73+
names:
74+
kind: TLSStore
75+
plural: tlsstores
76+
singular: tlsstore
77+
scope: Namespaced
78+
---
79+
apiVersion: apiextensions.k8s.io/v1beta1
80+
kind: CustomResourceDefinition
81+
metadata:
82+
name: traefikservices.traefik.containo.us
83+
spec:
84+
group: traefik.containo.us
85+
version: v1alpha1
86+
names:
87+
kind: TraefikService
88+
plural: traefikservices
89+
singular: traefikservice
90+
scope: Namespaced
91+
---
92+
apiVersion: apiextensions.k8s.io/v1beta1
93+
kind: CustomResourceDefinition
94+
metadata:
95+
name: serverstransports.traefik.containo.us
96+
spec:
97+
group: traefik.containo.us
98+
version: v1alpha1
99+
names:
100+
kind: ServersTransport
101+
plural: serverstransports
102+
singular: serverstransport
103+
scope: Namespaced
Lines changed: 90 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,90 @@
1+
apiVersion: v1
2+
kind: Service
3+
metadata:
4+
name: traefik
5+
spec:
6+
ports:
7+
- name: web
8+
port: 80
9+
- name: websecure
10+
port: 443
11+
- name: admin
12+
port: 8080
13+
selector:
14+
app: traefik
15+
---
16+
apiVersion: apps/v1
17+
kind: DaemonSet
18+
metadata:
19+
name: traefik-ingress-controller
20+
labels:
21+
app: traefik
22+
spec:
23+
selector:
24+
matchLabels:
25+
app: traefik
26+
template:
27+
metadata:
28+
name: traefik
29+
labels:
30+
app: traefik
31+
spec:
32+
serviceAccountName: traefik-ingress-controller
33+
terminationGracePeriodSeconds: 1
34+
containers:
35+
- image: traefik:v2.4.3
36+
name: traefik-ingress-lb
37+
ports:
38+
- name: web
39+
containerPort: 80
40+
hostPort: 80
41+
- name: websecure
42+
containerPort: 443
43+
hostPort: 443
44+
- name: admin
45+
containerPort: 8080
46+
resources:
47+
limits:
48+
cpu: 2000m
49+
memory: 1024Mi
50+
requests:
51+
cpu: 1000m
52+
memory: 1024Mi
53+
securityContext:
54+
capabilities:
55+
drop:
56+
- ALL
57+
add:
58+
- NET_BIND_SERVICE
59+
args:
60+
- --configfile=/config/traefik.yaml
61+
volumeMounts:
62+
- mountPath: "/config"
63+
name: "config"
64+
readinessProbe:
65+
httpGet:
66+
path: /ping
67+
port: 8080
68+
failureThreshold: 3
69+
initialDelaySeconds: 10
70+
periodSeconds: 10
71+
successThreshold: 1
72+
timeoutSeconds: 5
73+
livenessProbe:
74+
httpGet:
75+
path: /ping
76+
port: 8080
77+
failureThreshold: 3
78+
initialDelaySeconds: 10
79+
periodSeconds: 10
80+
successThreshold: 1
81+
timeoutSeconds: 5
82+
volumes:
83+
- name: config
84+
configMap:
85+
name: traefik-config
86+
tolerations: ## 设置容忍所有污点,防止节点被设置污点
87+
- operator: "Exists"
88+
nodeSelector: ## 设置node筛选器,在特定label的节点上启动
89+
IngressProxy: "true"
90+
Lines changed: 116 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,116 @@
1+
## ServiceAccount
2+
apiVersion: v1
3+
kind: ServiceAccount
4+
metadata:
5+
namespace: kube-system
6+
name: traefik-ingress-controller
7+
---
8+
## ClusterRole
9+
kind: ClusterRole
10+
apiVersion: rbac.authorization.k8s.io/v1beta1
11+
metadata:
12+
name: traefik-ingress-controller
13+
namespace: kube-system
14+
rules:
15+
- apiGroups:
16+
- ""
17+
resources:
18+
- services
19+
- endpoints
20+
- secrets
21+
verbs:
22+
- get
23+
- list
24+
- watch
25+
- apiGroups:
26+
- extensions
27+
- networking.k8s.io
28+
resources:
29+
- ingresses
30+
- ingressclasses
31+
verbs:
32+
- get
33+
- list
34+
- watch
35+
- apiGroups:
36+
- extensions
37+
- networking.k8s.io
38+
resources:
39+
- ingresses/status
40+
verbs:
41+
- update
42+
- apiGroups:
43+
- traefik.containo.us
44+
resources:
45+
- ingressroutes
46+
- ingressroutetcps
47+
- ingressrouteudps
48+
- middlewares
49+
- tlsoptions
50+
- tlsstores
51+
- traefikservices
52+
- serverstransports
53+
verbs:
54+
- get
55+
- list
56+
- watch
57+
- apiGroups:
58+
- networking.x-k8s.io
59+
resources:
60+
- gatewayclasses
61+
- gatewayclasses/status
62+
- gateways
63+
verbs:
64+
- get
65+
- list
66+
- watch
67+
- apiGroups:
68+
- networking.x-k8s.io
69+
resources:
70+
- gatewayclasses/status
71+
verbs:
72+
- get
73+
- patch
74+
- update
75+
- apiGroups:
76+
- networking.x-k8s.io
77+
resources:
78+
- gateways/status
79+
verbs:
80+
- get
81+
- patch
82+
- update
83+
- apiGroups:
84+
- networking.x-k8s.io
85+
resources:
86+
- httproutes
87+
verbs:
88+
- create
89+
- delete
90+
- get
91+
- list
92+
- patch
93+
- update
94+
- watch
95+
- apiGroups:
96+
- networking.x-k8s.io
97+
resources:
98+
- httproutes/status
99+
verbs:
100+
- get
101+
- patch
102+
- update
103+
---
104+
## ClusterRoleBinding
105+
kind: ClusterRoleBinding
106+
apiVersion: rbac.authorization.k8s.io/v1beta1
107+
metadata:
108+
name: traefik-ingress-controller
109+
roleRef:
110+
apiGroup: rbac.authorization.k8s.io
111+
kind: ClusterRole
112+
name: traefik-ingress-controller
113+
subjects:
114+
- kind: ServiceAccount
115+
name: traefik-ingress-controller
116+
namespace: kube-system

0 commit comments

Comments
 (0)