如何使用 Helm 但使用 ALB 而不是 ELB 在 EKS 上安装 Traefik?
How do I install Traefik on EKS using Helm but with an ALB instead of an ELB?
我正在尝试将 Traefik 安装为我在 EKS 上的路由器。如果我通常这样做,Traefik 已安装并由 ELB 前面:
helm install traefik traefik/traefik
但是,我希望 Traefik 以 ALB 为前端,这样我就可以附加多个 SSL 证书。
我已按照 EKS workshop guide 在我的集群上安装 aws-load-balancer-controller。这是成功的,因为我可以成功启动测试游戏并获得 ALB。我尝试安装 Traefik 并获得 ALB,但我似乎无法做到。这是我尝试过的方法:
helm install traefik traefik/traefik --values values.yaml --set="additionalArguments={--log.level=DEBUG}"
这是我的 values.yaml 的内容,带有入口注释:
raynard@Raynards-MacBook-Pro traefik % cat values.yaml
# Use ingressClass. Ignored if Traefik version < 2.3 / kubernetes < 1.18.x
ingressClass:
# true is not unit-testable yet, pending https://github.com/rancher/helm-unittest/pull/12
enabled: true
isDefaultClass: false
# Use to force a networking.k8s.io API Version for certain CI/CD applications. E.g. "v1beta1"
fallbackApiVersion: ""
# Create an IngressRoute for the dashboard
ingressRoute:
dashboard:
enabled: true
# Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class)
annotations:
kubernetes.io/ingress.class: alb
alb.ingress.kubernetes.io/scheme: internet-facing
alb.ingress.kubernetes.io/target-type: ip
# Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels)
labels: {}
当我检查时,没有创建入口。但是,已经创建了一个 svc。再次使用 ELB:
raynard@Raynards-MacBook-Pro traefik % kubectl get ingress
NAME CLASS HOSTS ADDRESS PORTS AGE
infinyprod <none> prod.infiny.cloud,cloudlx.epsilontel.com,k83.infiny.cloud + 7 more... 80 69d
raynard@Raynards-MacBook-Pro traefik % kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 172.20.0.1 <none> 443/TCP 150d
my-release-redis-headless ClusterIP None <none> 6379/TCP 12d
my-release-redis-master ClusterIP 172.20.122.33 <none> 6379/TCP 12d
my-release-redis-replicas ClusterIP 172.20.202.106 <none> 6379/TCP 12d
traefik LoadBalancer 172.20.240.72 a67bbaa57465c438ab0bce03933682e8-1307117939.eu-west-1.elb.amazonaws.com 80:31899/TCP,443:31306/TCP 8m14s
知道我哪里出错了吗?
看起来您可能想尝试将 traefik 服务安装为 NodePort,而不是默认的(在本例中为 LoadBalancer)。之后,您可以使用指向该服务的入口。
在您的 values.yaml 文件中,添加:
service:
annotations: {}
type: NodePort
然后使用以下内容制作 ingress.yml:
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: traefik
name: traefik-ingress
annotations:
kubernetes.io/ingress.class: alb
alb.ingress.kubernetes.io/scheme: internet-facing
spec:
rules:
- http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: traefik
port:
number: 80
我正在尝试将 Traefik 安装为我在 EKS 上的路由器。如果我通常这样做,Traefik 已安装并由 ELB 前面:
helm install traefik traefik/traefik
但是,我希望 Traefik 以 ALB 为前端,这样我就可以附加多个 SSL 证书。 我已按照 EKS workshop guide 在我的集群上安装 aws-load-balancer-controller。这是成功的,因为我可以成功启动测试游戏并获得 ALB。我尝试安装 Traefik 并获得 ALB,但我似乎无法做到。这是我尝试过的方法:
helm install traefik traefik/traefik --values values.yaml --set="additionalArguments={--log.level=DEBUG}"
这是我的 values.yaml 的内容,带有入口注释:
raynard@Raynards-MacBook-Pro traefik % cat values.yaml
# Use ingressClass. Ignored if Traefik version < 2.3 / kubernetes < 1.18.x
ingressClass:
# true is not unit-testable yet, pending https://github.com/rancher/helm-unittest/pull/12
enabled: true
isDefaultClass: false
# Use to force a networking.k8s.io API Version for certain CI/CD applications. E.g. "v1beta1"
fallbackApiVersion: ""
# Create an IngressRoute for the dashboard
ingressRoute:
dashboard:
enabled: true
# Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class)
annotations:
kubernetes.io/ingress.class: alb
alb.ingress.kubernetes.io/scheme: internet-facing
alb.ingress.kubernetes.io/target-type: ip
# Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels)
labels: {}
当我检查时,没有创建入口。但是,已经创建了一个 svc。再次使用 ELB:
raynard@Raynards-MacBook-Pro traefik % kubectl get ingress
NAME CLASS HOSTS ADDRESS PORTS AGE
infinyprod <none> prod.infiny.cloud,cloudlx.epsilontel.com,k83.infiny.cloud + 7 more... 80 69d
raynard@Raynards-MacBook-Pro traefik % kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 172.20.0.1 <none> 443/TCP 150d
my-release-redis-headless ClusterIP None <none> 6379/TCP 12d
my-release-redis-master ClusterIP 172.20.122.33 <none> 6379/TCP 12d
my-release-redis-replicas ClusterIP 172.20.202.106 <none> 6379/TCP 12d
traefik LoadBalancer 172.20.240.72 a67bbaa57465c438ab0bce03933682e8-1307117939.eu-west-1.elb.amazonaws.com 80:31899/TCP,443:31306/TCP 8m14s
知道我哪里出错了吗?
看起来您可能想尝试将 traefik 服务安装为 NodePort,而不是默认的(在本例中为 LoadBalancer)。之后,您可以使用指向该服务的入口。
在您的 values.yaml 文件中,添加:
service:
annotations: {}
type: NodePort
然后使用以下内容制作 ingress.yml:
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: traefik
name: traefik-ingress
annotations:
kubernetes.io/ingress.class: alb
alb.ingress.kubernetes.io/scheme: internet-facing
spec:
rules:
- http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: traefik
port:
number: 80