未检测到 Traefik v2 中间件
Traefik v2 Middlewares not being detected
未检测到中间件,因此未删除路径,导致后端出现 404 api。
k8s apps 命名空间中存在中间件
$ kubectl get -n apps middlewares
NAME AGE
traefik-middlewares-backend-users-service 1d
中间件和入口路由的配置
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
annotations:
kubernetes.io/ingress.class: traefik
name: apps-services
namespace: apps
spec:
entryPoints:
- web
routes:
- kind: Rule
match: Host(`example.com`) && PathPrefix(`/users/`)
middlewares:
- name: traefik-middlewares-backend-users-service
priority: 0
services:
- name: backend-users-service
port: 8080
---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: traefik-middlewares-backend-users-service
namespace: apps
spec:
stripPrefix:
prefixes:
- /users
静态配置
global:
checkNewVersion: true
sendAnonymousUsage: true
entryPoints:
http:
address: :80
traefik:
address: :8080
providers:
providersThrottleDuration: 2s
kubernetesIngress: {}
api:
# TODO: make this secure later
insecure: true
ping:
entryPoint: http
log: {}
Traefik dasboard 没有中间件
Spring 启动 404 页面。路线如上。com/actuator/health
/users
没有被剥离。这在 traefik v1 中非常适合我。
注意:示例中的实际域已替换为 example.com
和 domain.com
。
为了让它工作,我必须:
- 使用 traefik v2 的自定义 k8s CRD 所在的命名空间添加 Kubernetes CRD 提供程序
- 添加 TLSOption 资源定义
- 更新 traefik 的集群角色以具有列出和观看新 v2 资源的权限
- 确保配置了所有具有新资源的命名空间
Traefik 静态配置文件
providers:
providersThrottleDuration: 2s
kubernetesCRD:
namespaces:
- apps
- traefik
TLSOption CRD
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: tlsoptions.traefik.containo.us
spec:
group: traefik.containo.us
version: v1alpha1
names:
kind: TLSOption
plural: tlsoptions
singular: tlsoption
scope: Namespaced
更新了 Traefik 的静态配置
global:
checkNewVersion: true
sendAnonymousUsage: true
entryPoints:
http:
address: :80
traefik:
address: :8080
providers:
providersThrottleDuration: 2s
kubernetesCRD:
namespaces:
- apps
- traefik
api:
# TODO: make this secure later
insecure: true
ping:
entryPoint: http
log: {}
未检测到中间件,因此未删除路径,导致后端出现 404 api。
k8s apps 命名空间中存在中间件
$ kubectl get -n apps middlewares
NAME AGE
traefik-middlewares-backend-users-service 1d
中间件和入口路由的配置
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
annotations:
kubernetes.io/ingress.class: traefik
name: apps-services
namespace: apps
spec:
entryPoints:
- web
routes:
- kind: Rule
match: Host(`example.com`) && PathPrefix(`/users/`)
middlewares:
- name: traefik-middlewares-backend-users-service
priority: 0
services:
- name: backend-users-service
port: 8080
---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: traefik-middlewares-backend-users-service
namespace: apps
spec:
stripPrefix:
prefixes:
- /users
静态配置
global:
checkNewVersion: true
sendAnonymousUsage: true
entryPoints:
http:
address: :80
traefik:
address: :8080
providers:
providersThrottleDuration: 2s
kubernetesIngress: {}
api:
# TODO: make this secure later
insecure: true
ping:
entryPoint: http
log: {}
Traefik dasboard 没有中间件
Spring 启动 404 页面。路线如上。com/actuator/health
/users
没有被剥离。这在 traefik v1 中非常适合我。
注意:示例中的实际域已替换为 example.com
和 domain.com
。
为了让它工作,我必须:
- 使用 traefik v2 的自定义 k8s CRD 所在的命名空间添加 Kubernetes CRD 提供程序
- 添加 TLSOption 资源定义
- 更新 traefik 的集群角色以具有列出和观看新 v2 资源的权限
- 确保配置了所有具有新资源的命名空间
Traefik 静态配置文件
providers:
providersThrottleDuration: 2s
kubernetesCRD:
namespaces:
- apps
- traefik
TLSOption CRD
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: tlsoptions.traefik.containo.us
spec:
group: traefik.containo.us
version: v1alpha1
names:
kind: TLSOption
plural: tlsoptions
singular: tlsoption
scope: Namespaced
更新了 Traefik 的静态配置
global:
checkNewVersion: true
sendAnonymousUsage: true
entryPoints:
http:
address: :80
traefik:
address: :8080
providers:
providersThrottleDuration: 2s
kubernetesCRD:
namespaces:
- apps
- traefik
api:
# TODO: make this secure later
insecure: true
ping:
entryPoint: http
log: {}