7.2 Traefik ingress controller

Traefik 基础配置

  • entrypoint: 这是流量的入口,即是http还是https

  • frontend: 这相当于nginx配置中的location, server_name等,即当流量还在nginx上,没有proxy_pass之前, traefik拦截请求后,会转发给FrontEnd。前端定义EntryPoint映射到BackEnd的路由规则集,字段包括Host, Path, Headers 等,匹配请求后,默认通过加权轮询负载算法路由到一个可用的BackEnd,然后进入指定的微服务。

  • backend: 这相当于nginx中,proxy_pass后接的配置

logLevel = "INFO"  #traefik的日志等级
InsecureSkipVerify = true 
defaultEntryPoints = ["http","https"] #默认对外暴露的entrypoints
[entryPoints]
  [entryPoints.traefik]  #traefik自身使用
  address = ":28080"
    [entryPoints.traefik.auth] #开启认证
      # headerField = "X-WebAuth-User"
      [entryPoints.traefik.auth.basic] 
        # removeHeader = true
        users = ["admin:$apr1$mrDaKviI$B5AOi0GbfF/zRplMg6Nj0/",] 
  [entryPoints.metrics]  #监控读取metrics
  address = ":9001"
  [entryPoints.http]     #对外报漏的http端口
  address = ":20080"
  compress = true
    [entryPoints.http.redirect]  #开启http到https的强制跳转
      regex = "^http://(.*)"
      replacement = "https://$1"
  [entryPoints.https]  #对外报漏的https端口
  address = ":20443"
  compress = true
    [entryPoints.https.tls]  #https相关证书配置
      [[entryPoints.https.tls.certificates]]
      CertFile = "/ssl/tls.crt"  
      KeyFile = "/ssl/tls.key"
[kubernetes]  
labelselector = "traffic-type=external" #traefik会读取存在traffic-type=external的ingress配置
[kubernetes.ingressEndpoint]  
hostname = "traefik"
[accessLog] 
format = "json"
[traefikLog]  
  format = "json"
[api] #
entryPoint = "traefik"  #设置entrypoint的名字
dashboard = true #开启traefik web UI
[metrics] 
  [metrics.prometheus]
  entryPoint = "metrics"
  buckets = [0.1,0.3,1.2,5.0]
[ping]
entryPoint = "traefik"
上一页7.1 Ingress规划下一页7.2.1 Traefik配置详解

最后更新于