kubernetes - 如何将服务和traefik入口添加到EKS集群？

Question

笔记

我正在尝试将演示服务的服务和入口(从“Kubernetes in Action”部署到已安装Helt的traefik入口 Controller 的AWS EKS集群)。

在将traefik.example.com设置的AWS ELB的IP地址手动添加到我的本地traefik文件中的主机名之后，我可以从/etc/hosts主机名访问traefik仪表板。

如果我描述traefik-dashboard的服务和入口:

$ kubectl describe svc -n kube-system traefik-dashboard
Name:              traefik-dashboard
Namespace:         kube-system
Labels:            app=traefik
                   chart=traefik-1.52.6
                   heritage=Tiller
                   release=traefik
Annotations:       <none>
Selector:          app=traefik,release=traefik
Type:              ClusterIP
IP:                10.100.164.81
Port:              <unset>  80/TCP
TargetPort:        8080/TCP
Endpoints:         172.31.27.70:8080
Session Affinity:  None
Events:            <none>

$ kubectl describe ing -n kube-system traefik-dashboard
Name:             traefik-dashboard
Namespace:        kube-system
Address:
Default backend:  default-http-backend:80 (<none>)
Rules:
Host                 Path  Backends
----                 ----  --------
traefik.example.com
                        traefik-dashboard:80 (172.31.27.70:8080)
Annotations:
Events:  <none>

服务和入口 Controller 似乎正在使用traefik-575cc584fb-v4mfn命名空间中正在运行的kube-system pod。

给定此信息并查看traefik文档，我尝试通过使用以下YAML的入口公开演示服务:

apiVersion: apps/v1beta2
kind: ReplicaSet
metadata:
name: kubia
spec:
replicas: 3
selector:
    matchLabels:
    app: kubia
template:
    metadata:
    labels:
        app: kubia
    spec:
    containers:
    - name: kubia
        image: luksa/kubia

---

apiVersion: v1
kind: Service
metadata:
name: kubia
namespace: default
spec:
selector:
    app: traefik
    release: traefik
ports:
- name: web
    port: 80
    targetPort: 8080

---

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: kubia
namespace: default
spec:
rules:
- host: kubia.int
    http:
    paths:
    - path: /
        backend:
        serviceName: kubia
        servicePort: web

应用此功能后，在将kubia设置的AWS ELB的IP地址手动添加到本地kubia.int文件中的该主机名之后，我无法从traefik主机名访问/etc/hosts服务。相反，我在响应中得到了Service Unavailable。描述创建的资源会显示一些不同的信息。

$ kubectl describe svc kubia
Name:              kubia
Namespace:         default
Labels:            <none>
Annotations:       kubectl.kubernetes.io/last-applied-configuration:
                    {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"kubia","namespace":"default"},"spec":{"ports":[{"name":"web","por...
Selector:          app=traefik,release=traefik
Type:              ClusterIP
IP:                10.100.142.243
Port:              web  80/TCP
TargetPort:        8080/TCP
Endpoints:         <none>
Session Affinity:  None
Events:            <none>

$ kubectl describe ing kubia
Name:             kubia
Namespace:        default
Address:
Default backend:  default-http-backend:80 (<none>)
Rules:
Host       Path  Backends
----       ----  --------
kubia.int
            /   kubia:web (<none>)
Annotations:
kubectl.kubernetes.io/last-applied-configuration:  {"apiVersion":"extensions/v1beta1","kind":"Ingress","metadata":{"annotations":{},"name":"kubia","namespace":"default"},"spec":{"rules":[{"host":"kubia.int","http":{"paths":[{"backend":{"serviceName":"kubia","servicePort":"web"},"path":"/"}]}}]}}

Events:  <none>

我还注意到，kubia演示服务没有端点，并且相应的入口没有可用的后端。

我注意到的另一件事是，演示kubia服务和入口位于default命名空间中，而traefik-dashboard服务和入口位于kube-system命名空间中。

有没有东西跳出来给任何人？关于最佳诊断方法的任何建议？

提前谢谢了!

Answer 1

似乎您缺少告诉traefik入口 Controller 为该入口定义服务的kubernetes.io/ingress.class: traefik。

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: kubia
  namespace: default
  annotations:
    kubernetes.io/ingress.class: traefik
spec:
rules:
- host: kubia.int
    http:
    paths:
    - path: /
        backend:
        serviceName: kubia
        servicePort: web

如果查看docs中的示例，您会看到唯一没有注释的Ingress是指向Traefik Web UI的traefik-web-ui。