用AI赚第一桶💰低成本搭建一套AI赚钱工具,源码可二开。 广告
## 简介 [官方文档](https://traefik.io/) [中文文档](https://traefik.cn/) Træfɪk 是一个为了让部署微服务更加便捷而诞生的现代HTTP反向代理、负载均衡工具。 它支持多种后台 (Docker, Swarm, Kubernetes, Marathon, Mesos, Consul, Etcd, Zookeeper, BoltDB, Rest API, file…) 来自动化、动态的应用它的配置文件设置。 假设你已经在你的基础设施上部署了一堆微服务。你可能使用了一个服务发现系统(例如 etcd 或 consul)或者一个资源管理框架(swarm,Mesos/Marathon)来管理所有这些服务。 如果你想让你的用户去从互联网访问你的某些微服务, 你就必需使用虚拟hosts或前缀路径来配置一个反向代理: 域名 `api.domain.com` 将指向你的私有网络中的微服务 `api` 路径 `domain.com/web` 将指向你的私有网络中的微服务 `web` 域名 `backoffice.domain.com` 将指向你的私有网络中的微服务 `backoffice` ,在你的多台实例之间负载均衡 但一个微服务的结构时动态的。。。 服务在会经常被添加、移除、杀死或更新,可能一天之内就会发生许多次。 传统的反向代理原生不支持动态配置。你不可能轻易的通过热更新更改它们的配置。 这时,Træfɪk就诞生了。 ![](https://docs.traefik.cn/frontend_doc/images/architecture.png) Træfɪk 可以监听你的服务发现、管理API,并且每当你的微服务被添加、移除、杀死或更新都会被感知,并且可以自动生成它们的配置文件。 指向到你服务的路由将会被直接创建出来。 ## 部署traefik ``` $ cat traefik-insecure.yaml --- kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1beta1 metadata: name: traefik-ingress-controller rules: - apiGroups: - "" resources: - services - endpoints - secrets verbs: - get - list - watch - apiGroups: - extensions resources: - ingresses verbs: - get - list - watch --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1beta1 metadata: name: traefik-ingress-controller roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: traefik-ingress-controller subjects: - kind: ServiceAccount name: traefik-ingress-controller namespace: kube-system --- apiVersion: v1 kind: ServiceAccount metadata: name: traefik-ingress-controller namespace: kube-system --- kind: ConfigMap apiVersion: v1 metadata: name: traefik-conf namespace: kube-system data: traefik.toml: | insecureSkipVerify = true defaultEntryPoints = ["http"] [entryPoints] [entryPoints.http] address = ":80" --- kind: DaemonSet apiVersion: extensions/v1beta1 metadata: name: traefik-ingress-controller namespace: kube-system labels: k8s-app: traefik-ingress-lb spec: template: metadata: labels: k8s-app: traefik-ingress-lb name: traefik-ingress-lb spec: serviceAccountName: traefik-ingress-controller tolerations: - key: node-role.kubernetes.io/master effect: NoSchedule terminationGracePeriodSeconds: 60 hostNetwork: true volumes: - name: config configMap: name: traefik-conf containers: - image: registry.cn-shanghai.aliyuncs.com/mydlq/traefik:1.7.10 name: traefik-ingress-lb ports: - name: http containerPort: 80 hostPort: 80 - name: admin containerPort: 8080 securityContext: privileged: true args: - --configfile=/config/traefik.toml - -d - --web - --kubernetes volumeMounts: - mountPath: "/config" name: "config" --- kind: Service apiVersion: v1 metadata: name: traefik-ingress-service spec: selector: k8s-app: traefik-ingress-lb ports: - protocol: TCP port: 80 name: web - protocol: TCP port: 8080 name: admin - protocol: TCP port: 443 name: https type: NodePort --- apiVersion: v1 kind: Service metadata: name: traefik-web-ui namespace: kube-system spec: selector: k8s-app: traefik-ingress-lb ports: - port: 80 targetPort: 8080 --- apiVersion: extensions/v1beta1 kind: Ingress metadata: name: traefik-web-ui namespace: kube-system annotations: kubernetes.io/ingress.class: traefik spec: rules: - host: ingress.multi.io http: paths: - backend: serviceName: traefik-web-ui servicePort: 80 ``` - 部署 ``` kubectl apply -f traefik-insecure.yaml ``` 查看kube-system下的ingress ``` kubectl -n kube-system get ingresses.extensions traefik-web-ui NAME HOSTS ADDRESS PORTS AGE traefik-web-ui ingress.multi.io 80 4m6s ``` 本地配置`ingress.multi.io`的hosts即可访问traefik的web Dashboard ## 部署测试服务 - 部署一个nginx服务 ``` $ cat nginx-deploy.yaml apiVersion: extensions/v1beta1 kind: Deployment metadata: name: nginx labels: app: nginx spec: template: metadata: labels: app: nginx spec: containers: - name: nginx image: nginx:1.11.3 ports: - containerPort: 80 --- apiVersion: v1 kind: Service metadata: name: nginx-svc labels: app: nginx-svc spec: ports: - port: 80 protocol: TCP targetPort: 80 selector: app: nginx ``` - 部署一个tomcat服务 ``` $ cat tomcat-deploy.yaml apiVersion: extensions/v1beta1 kind: Deployment metadata: name: tomcat labels: app: tomcat spec: template: metadata: labels: app: tomcat spec: containers: - name: tomcat image: tomcat ports: - containerPort: 8080 --- apiVersion: v1 kind: Service metadata: name: tomcat-svc labels: app: tomcat-svc spec: ports: - port: 8080 protocol: TCP targetPort: 8080 selector: app: tomcat ``` - 配置服务的ingress ``` cat ingress.yaml --- apiVersion: extensions/v1beta1 kind: Ingress metadata: name: traefik annotations: kubernetes.io/ingress.class: traefik spec: rules: - host: ingress.nginx.io # 访问的域名 http: paths: - backend: serviceName: nginx-service 对应服务的service servicePort: 80 # 对应service的端口 - host: ingress.tomcat.io http: paths: - backend: serviceName: tomcat-svc servicePort: 8080 ``` 如果服务不是默认的namespace,需要单独使用一个ingress文件,在其中配置加入namespace配置 ``` kubectl apply -f ingress.yaml ``` 可以通过Dashboard查看对应的服务的情况 ![](https://carey-akhack-com.oss-cn-hangzhou.aliyuncs.com/images/20190509/2.png)