Traefik v2.0 快速入门
注意:Traefikv2.0之后的版本在修改了很多bug之后也增加了新的特性,比如增加了TCP的支持,并且更换了新的WEB UI界面
使用docker-compose来快速启动traefki实例.
# 查看编辑好的docker-compose配置文件
$ cat traefik-v2.0.yaml
version: '3'
services:
reverse-proxy:
image: traefik:2.0.1
# Enables the web UI and tells Traefik to listen to docker
# 启用webUI 并告诉Traefile去监听docker的容器实例
command: --api.insecure=true --providers.docker
ports:
# traefik暴露的http端口
- "80:80"
# webUI暴露的端口(必须制定--api.insecure=true才可以访问)
- "8080:8080"
volumes:
# 指定docker的sock文件来让traefik获取docker的事件,从而实现动态负载均衡
- /var/run/docker.sock:/var/run/docker.sock
# 使用docker-compose创建集群
$ docker-compose -f traefik-v2.0.yaml up -d reverse-proxy
Creating 20190927_reverse-proxy_1 ... done
# 查看使用docker-compose启动的应用
$ docker-compose -f traefik-v2.0.yaml ps
Name Command State Ports
--------------------------------------------------------------------------------------------------------------
20190927_reverse-proxy_1 /entrypoint.sh --api.insec ... Up 0.0.0.0:80->80/tcp, 0.0.0.0:8080->8080/tcp
# 直接访问traefik对外暴露的http接口
curl -s "http://localhost:8080/api/rawdata" | python -m json.tool
{
"routers": {
"reverse-proxy-20190927@docker": {
"rule": "Host(`reverse-proxy-20190927`)",
"service": "reverse-proxy-20190927",
"status": "enabled",
"using": [
"http",
"traefik"
]
}
},
"services": {
"reverse-proxy-20190927@docker": {
"loadBalancer": {
"passHostHeader": true,
"servers": [
{
"url": "http://172.21.0.2:80"
}
]
},
"serverStatus": {
"http://172.21.0.2:80": "UP"
},
"status": "enabled",
"usedBy": [
"reverse-proxy-20190927@docker"
]
}
}
}
查看Traefik官方Dashboard:
Traefik来检测新服务并为你创建一个路由
# 创建一个新服务
$ cat test-service.yaml
version: '3'
services:
whoami:
image: containous/whoami
labels:
- "traefik.http.routers.whoami.rule=Host(`whoami.docker.localhost`)"
# 创建服务
$ docker-compose -f test-service.yaml up -d whoami
Pulling whoami (containous/whoami:)...
latest: Pulling from containous/whoami
6f3614cb05a5: Pull complete
# 查看新创建的服务
$ docker-compose -f test-service.yaml ps
Name Command State Ports
--------------------------------------------
20190927_whoami_1 /whoami Up 80/tcp
# 再次查看traefik中的路由信息(就会发现服务自动加载进去了)
# 其实有点儿类似kong 的路由,只是traefik会自动监听docker的事件
$ curl -s "http://localhost:8080/api/rawdata" | python -m json.tool
{
"routers": {
"reverse-proxy-20190927@docker": {
"rule": "Host(`reverse-proxy-20190927`)",
"service": "reverse-proxy-20190927",
"status": "enabled",
"using": [
"http",
"traefik"
]
},
"whoami@docker": {
"rule": "Host(`whoami.docker.localhost`)",
"service": "whoami-20190927",
"status": "enabled",
"using": [
"http",
"traefik"
]
}
},
"services": {
"reverse-proxy-20190927@docker": {
"loadBalancer": {
"passHostHeader": true,
"servers": [
{
"url": "http://172.21.0.2:80"
}
]
},
"serverStatus": {
"http://172.21.0.2:80": "UP"
},
"status": "enabled",
"usedBy": [
"reverse-proxy-20190927@docker"
]
},
"whoami-20190927@docker": {
"loadBalancer": {
"passHostHeader": true,
"servers": [
{
"url": "http://172.21.0.3:80"
}
]
},
"serverStatus": {
"http://172.21.0.3:80": "UP"
},
"status": "enabled",
"usedBy": [
"whoami@docker"
]
}
}
}
查看Traefik中的http反向代理记录:
测试traefik相关功能
# 测试访问
$ curl -H Host:whoami.docker.localhost http://localhost
Hostname: f1b280a61fa7
IP: 127.0.0.1
IP: 172.21.0.3
RemoteAddr: 172.21.0.2:44604
GET / HTTP/1.1
Host: whoami.docker.localhost
User-Agent: curl/7.54.0
Accept: */*
Accept-Encoding: gzip
X-Forwarded-For: 172.21.0.1
X-Forwarded-Host: whoami.docker.localhost
X-Forwarded-Port: 80
X-Forwarded-Proto: http
X-Forwarded-Server: bf98c245d265
X-Real-Ip: 172.21.0.1
# 单机扩容
$ docker-compose -f test-service.yaml up -d --scale whoami=2
# 再次访问(就会发现自动负载到两个不同的实例上去了)
$ curl -H Host:whoami.docker.localhost http://localhost
Hostname: 3045eb2f3a89
IP: 127.0.0.1
IP: 172.21.0.4
RemoteAddr: 172.21.0.2:55182
GET / HTTP/1.1
Host: whoami.docker.localhost
User-Agent: curl/7.54.0
Accept: */*
Accept-Encoding: gzip
X-Forwarded-For: 172.21.0.1
X-Forwarded-Host: whoami.docker.localhost
X-Forwarded-Port: 80
X-Forwarded-Proto: http
X-Forwarded-Server: bf98c245d265
X-Real-Ip: 172.21.0.1
查看Traefike后端每个service的详情信息:
Traefik配置介绍
traefik配置结构图:
在traefik中的配置,会涉及到两方面内容:
- 动态的路由配置(即由k8s-api或docker相关api来自动发现服务的endpoint而进行路由的配置描述)
- 静态的启动配置(即traefik标准的启动配置参数)
注意:使用docker run traefik[:version] --help可查看traefik的配置参数
在k8s集群中部署traefik-v2.0.1
$ kubectl apply -f https://github.com/BGBiao/k8s-ansible-playbooks/blob/master/manifest/traefik/traefik-ds-v2.0.1.yaml
$ kubectl get pods -n kube-system | grep traefik-ingress-controller-v2
traefik-ingress-controller-v2-54h54 1/1 Running 0 29m
traefik-ingress-controller-v2-lh2jg 1/1 Running 0 29m
traefik-ingress-controller-v2-tqbvd 1/1 Running 0 29m
traefik-ingress-controller-v2-ww449 1/1 Running 0 29m
$ kubectl --kubeconfig ../../files/kubelet.kubeconfig get svc -n kube-system | grep v2
traefik-ingress-service-v2 ClusterIP 10.253.86.121 <none> 81/TCP,8081/TCP 30m
查看traefik-v2.0.1的dashboard:
注意:虽然traefikv2.x改动了很多,但是还是向下兼容一些内容的,比如我重新创建traefik-v2.0.1之后,之前创建的ingress规则会自动导入
欢迎关注我的公众号
