Traefik和k3d:仪表板不可访问
这是我的k3d集群创建命令:
$ k3d cluster create arxius \
--agents 3 \
--k3s-server-arg --disable=traefik \
-p "8888:80@loadbalancer" -p "9000:9000@loadbalancer" \
--volume ${HOME}/.k3d/registries.yaml:/etc/rancher/k3s/registries.yaml下面是我的节点:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c83f2f746621 rancher/k3d-proxy:v3.0.1 "/bin/sh -c nginx-pr…" 2 weeks ago Up 21 minutes 0.0.0.0:9000->9000/tcp, 0.0.0.0:8888->80/tcp, 0.0.0.0:45195->6443/tcp k3d-arxius-serverlb
0ed525443da2 rancher/k3s:v1.18.6-k3s1 "/bin/k3s agent" 2 weeks ago Up 21 minutes k3d-arxius-agent-2
561a0a51e6d7 rancher/k3s:v1.18.6-k3s1 "/bin/k3s agent" 2 weeks ago Up 21 minutes k3d-arxius-agent-1
fc131df35105 rancher/k3s:v1.18.6-k3s1 "/bin/k3s agent" 2 weeks ago Up 21 minutes k3d-arxius-agent-0
4cfceabad5af rancher/k3s:v1.18.6-k3s1 "/bin/k3s server --d…" 2 weeks ago Up 21 minutes k3d-arxius-server-0
873a4f157251 registry:2 "/entrypoint.sh /etc…" 3 months ago Up About an hour 0.0.0.0:5000->5000/tcp registry.localhost我使用默认的helm安装命令安装了traefik:
$ helm install traefik traefik/traefik之后,还将安装ingressroute以访问仪表板:
Name: traefik-dashboard
Namespace: traefik
Labels: app.kubernetes.io/instance=traefik
app.kubernetes.io/managed-by=Helm
app.kubernetes.io/name=traefik
helm.sh/chart=traefik-9.1.1
Annotations: helm.sh/hook: post-install,post-upgrade
API Version: traefik.containo.us/v1alpha1
Kind: IngressRoute
Metadata:
Creation Timestamp: 2020-12-09T19:07:41Z
Generation: 1
Managed Fields:
API Version: traefik.containo.us/v1alpha1
Fields Type: FieldsV1
fieldsV1:
f:metadata:
f:annotations:
.:
f:helm.sh/hook:
f:labels:
.:
f:app.kubernetes.io/instance:
f:app.kubernetes.io/managed-by:
f:app.kubernetes.io/name:
f:helm.sh/chart:
f:spec:
.:
f:entryPoints:
f:routes:
Manager: Go-http-client
Operation: Update
Time: 2020-12-09T19:07:41Z
Resource Version: 141805
Self Link: /apis/traefik.containo.us/v1alpha1/namespaces/traefik/ingressroutes/traefik-dashboard
UID: 1cbcd5ec-d967-440c-ad21-e41a59ca1ba8
Spec:
Entry Points:
traefik
Routes:
Kind: Rule
Match: PathPrefix(`/dashboard`) || PathPrefix(`/api`)
Services:
Kind: TraefikService
Name: api@internal
Events: <none>如你所见:
Match: PathPrefix(`/dashboard`) || PathPrefix(`/api`)我在试着接近仪表盘。尽管如此:
不显示详细信息。
我还尝试启动了一个curl命令:
curl 'http://localhost:9000/api/overview'
curl: (52) Empty reply from server有什么想法吗?
回答 1
Stack Overflow用户
发布于 2020-12-21 02:44:57
首先,使用traefik helm图表的默认配置(在版本9.1.1中)在端口9000上设置entryPoint traefik,但不会自动公开它。因此,如果您检查为您创建的服务,您将看到这只映射web和websecure端点。
从kubectl get svc traefik -o yaml检查此代码段
spec:
clusterIP: xx.xx.xx.xx
externalTrafficPolicy: Cluster
ports:
- name: web
nodePort: 30388
port: 80
protocol: TCP
targetPort: web
- name: websecure
nodePort: 31115
port: 443
protocol: TCP
targetPort: websecure
selector:
app.kubernetes.io/instance: traefik
app.kubernetes.io/name: traefik
sessionAffinity: None
type: LoadBalancer作为explained in the docs,有两种方法可以访问您的仪表板。您可以为端口9000启动到本地计算机的端口转发,也可以通过另一个入口点上的ingressroute公开仪表板。
请注意,即使您的k3d代理已经绑定到9000,您仍然是网络到端口转发。只有当某些负载平衡的服务想要在该外部端口上公开时,这才是保留。目前,任何解决方案都没有使用这一点,也没有必要这样做。您仍然需要端口转发到traefik pod。建立端口转发后,您可以访问http://localhost:9000/dashboard/上的仪表板(请注意PathPrefix规则所需的尾部斜杠)。
在另一个入口点上公开的另一种解决方案不需要端口转发,但您需要注意正确的域名(dns条目+主机规则),并注意不要通过添加身份验证中间件将其公开给全世界。
请参阅下面突出显示的更改:
# dashboard.yaml
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: dashboard
spec:
entryPoints:
- web # <-- using the web entrypoint, not the traefik (9000) one
routes: # v-- adding a host rule
- match: Host(`traefik.localhost`) && (PathPrefix(`/dashboard`) || PathPrefix(`/api`))
kind: Rule
services:
- name: api@internal
kind: TraefikServicehttps://stackoverflow.com/questions/65223445
复制相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号