How to get Kubernetes Ingress Port 80 working on baremetal single node cluster
I have a bare-metal kubernetes (v1.11.0) cluster created with kubeadm and working fine without any issues. Network with calico and made it a single node cluster
-
I recently used traefik.io to configure a project with similar requirements to yours.
So I'll show a basic solution with
traefikand ingresses.I dedicated a whole namespace (you can use
kube-system), calledtraefik, and created a kubernetes serviceAccount:apiVersion: v1 kind: Namespace metadata: name: traefik --- apiVersion: v1 kind: ServiceAccount metadata: namespace: traefik name: traefik-ingress-controllerThe traefik controller which is invoked by ingress rules requires a ClusterRole and its binding:
--- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRole metadata: name: traefik-ingress-controller rules: - apiGroups: - "" resources: - services - endpoints - secrets verbs: - get - list - watch - apiGroups: - extensions resources: - ingresses verbs: - get - list - watch --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding metadata: name: traefik-ingress-controller roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: traefik-ingress-controller subjects: - kind: ServiceAccount namespace: traefik name: traefik-ingress-controllerThe traefin controller will be deployed as daemonset (i.e. by definition one for each node in your cluster) and a Kubernetes service is dedicated to the controller:
kind: DaemonSet apiVersion: extensions/v1beta1 metadata: name: traefik-ingress-controller namespace: traefik labels: k8s-app: traefik-ingress-lb spec: template: metadata: labels: k8s-app: traefik-ingress-lb name: traefik-ingress-lb spec: serviceAccountName: traefik-ingress-controller terminationGracePeriodSeconds: 60 containers: - name: traefik-ingress-lb image: traefik ports: - name: http containerPort: 80 hostPort: 80 - name: admin containerPort: 8080 securityContext: capabilities: drop: - ALL add: - NET_BIND_SERVICE args: - --api - --kubernetes - --logLevel=INFO --- kind: Service apiVersion: v1 metadata: namespace: traefik name: traefik-ingress-service spec: selector: k8s-app: traefik-ingress-lb ports: - protocol: TCP port: 80 name: web - protocol: TCP port: 8080 name: adminThe final part requires you to create a service for each microservice in you project, here an example:
apiVersion: v1 kind: Service metadata: namespace: traefik name: my-svc-1 spec: selector: k8s-app: traefik-ingress-lb ports: - port: 80 targetPort: 8080and also the ingress (set of rules) that will forward the request to the proper service:
apiVersion: extensions/v1beta1 kind: Ingress metadata: namespace: traefik name: ingress-ms-1 annotations: kubernetes.io/ingress.class: traefik spec: rules: - host: my-address-url http: paths: - backend: serviceName: my-svc-1 servicePort: 80In this ingress I wrote a host URL, this will be the entry point in your cluster, so you need to resolve the name to your master K8S node. If you have more nodes which could be master, then a loadbalancer is suggested (in this case the host URL will be the LB).
Take a look to kubernetes.io documentation to have clear the concepts for kubernetes. Also traefik.io is useful.
I hope this helps you.
讨论(0) -
In addition to the andswer of Nicola Ben , You have to define an externalIPs in your traefik service, just follow the steps of Nicola Ben and add a externalIPs section to the service "my-svc-1" .
apiVersion: v1 kind: Service metadata: namespace: traefik name: my-svc-1 spec: selector: k8s-app: traefik-ingress-lb ports: - port: 80 targetPort: 8080 externalIPs: - <IP_OF_A_NODE>And you can define more than on externalIP.
讨论(0)
加载中...
- 热议问题