Last active
November 7, 2023 17:57
-
-
Save bpineau/496dc9876bd77f1b7a854a9674a0f2da to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Routage/multiplexage HTTP dans kubernetes avec des Ingress et Traefik. | |
| # | |
| # On lance deux apps, sur les domaines, respectivement, foo.local et bar.local. | |
| # | |
| # Devant l'ingress controller, on utilise un service de type 'NodePort', qui | |
| # choisir un port dans le range 30000-32767 et l'exposera sur les nodes. | |
| # | |
| # Si on commente la ligne 'NodePort' et on decommente la ligne 'LoadBalancer', | |
| # kubernetes vas configurer un ELB AWS automatiquement pour renvoyer tout les | |
| # flux http sur le service kubernetes traefik-lb-svc. | |
| # | |
| # On peux se passer d'ELB en remplacant 'type: LoadBalancer' par un 'NodePort' | |
| # (qui choisira un port dans le range 30000-32767 et l'exposera sur les nodes). | |
| # | |
| # kubectl create --record --save-config --validate -f ingress-with-traefik.yaml | |
| # kubectl get --namespace=kube-system svc traefik-lb-svc \ | |
| # -o json -o=jsonpath="{.status.loadBalancer.ingress[*].hostname}" | |
| # | |
| # curl -H 'Host: foo.local' e3020d9[...]-1748702457.eu-west-1.elb.amazonaws.com | |
| # curl -H 'Host: bar.local' e3020d9[...]-1748702457.eu-west-1.elb.amazonaws.com | |
| # | |
| # On peux modifier les rules ingress (ie. les noms d'hotes) apres coup avec patch: | |
| # kubectl patch --record --namespace echoheaders ingress echoheaders \ | |
| # --type='json' -p='[{"op": "replace", "path": "/spec/rules/0/host", "value":"coin.local"}]' | |
| # | |
| # kubectl patch --record --namespace echoheaders ingress echoheaders --type='json' \ | |
| # -p='[{"op": "add", "path": "/spec/rules/-", \ | |
| # "value":{"host":"plop.local", "http":{"paths":[{"path":"/","backend":{"serviceName":"echoheaders","servicePort":80}}]}}}]' | |
| ######## | |
| ######## app echoheaders, sur le domaine "foo.local" | |
| ######## | |
| --- | |
| apiVersion: v1 | |
| kind: Namespace | |
| metadata: | |
| name: echoheaders | |
| --- | |
| apiVersion: v1 | |
| kind: Service | |
| metadata: | |
| namespace: echoheaders | |
| name: echoheaders | |
| labels: | |
| app: echoheaders | |
| spec: | |
| type: NodePort | |
| ports: | |
| - port: 80 | |
| targetPort: 8080 | |
| protocol: TCP | |
| name: http | |
| selector: | |
| app: echoheaders | |
| --- | |
| apiVersion: extensions/v1beta1 | |
| kind: Deployment | |
| metadata: | |
| namespace: echoheaders | |
| name: echoheaders | |
| spec: | |
| replicas: 1 | |
| template: | |
| metadata: | |
| labels: | |
| app: echoheaders | |
| spec: | |
| containers: | |
| - name: echoheaders | |
| image: gcr.io/google_containers/echoserver:1.4 | |
| ports: | |
| - containerPort: 8080 | |
| --- | |
| apiVersion: extensions/v1beta1 | |
| kind: Ingress | |
| metadata: | |
| namespace: echoheaders | |
| name: echoheaders | |
| annotations: | |
| kubernetes.io/ingress.class: "traefik" | |
| traefik.frontend.passHostHeader: "true" | |
| traefik.backend.loadbalancer.sticky: "true" | |
| spec: | |
| rules: | |
| - host: foo.local | |
| http: | |
| paths: | |
| - path: / | |
| backend: | |
| serviceName: echoheaders | |
| servicePort: 80 | |
| ######## | |
| ######## app helloworld, sur le domaine "bar.local" | |
| ######## | |
| --- | |
| apiVersion: v1 | |
| kind: Namespace | |
| metadata: | |
| name: helloworld | |
| --- | |
| apiVersion: v1 | |
| kind: Service | |
| metadata: | |
| namespace: helloworld | |
| name: helloworld | |
| labels: | |
| app: helloworld | |
| spec: | |
| type: NodePort | |
| ports: | |
| - port: 80 | |
| targetPort: 80 | |
| protocol: TCP | |
| name: http | |
| selector: | |
| app: helloworld | |
| --- | |
| apiVersion: extensions/v1beta1 | |
| kind: Deployment | |
| metadata: | |
| namespace: helloworld | |
| name: helloworld | |
| spec: | |
| replicas: 1 | |
| template: | |
| metadata: | |
| labels: | |
| app: helloworld | |
| spec: | |
| containers: | |
| - name: hello-world | |
| image: tutum/hello-world | |
| ports: | |
| - containerPort: 80 | |
| --- | |
| apiVersion: extensions/v1beta1 | |
| kind: Ingress | |
| metadata: | |
| namespace: helloworld | |
| name: helloworld | |
| annotations: | |
| kubernetes.io/ingress.class: "traefik" | |
| traefik.frontend.passHostHeader: "true" | |
| traefik.backend.loadbalancer.sticky: "true" | |
| spec: | |
| rules: | |
| - host: bar.local | |
| http: | |
| paths: | |
| - path: / | |
| backend: | |
| serviceName: helloworld | |
| servicePort: 80 | |
| ######## | |
| ######## Un ingress RC Traefik, commun/partage par tout le cluster (et son service LB) | |
| ######## | |
| --- | |
| apiVersion: v1 | |
| kind: Service | |
| metadata: | |
| namespace: kube-system | |
| name: traefik-lb-svc | |
| labels: | |
| app: traefik-lb-svc | |
| spec: | |
| # Ceci ("type: LoadBalancer") creerait un ELB automagiquement... | |
| #type: LoadBalancer | |
| # ... mais si on veux economiser et ne pas faire d'ELB, on utilise un "NodePort", | |
| # qui vas squatter un port (dynamiquement choisi) externe de tout les nodes. | |
| type: NodePort | |
| ports: | |
| - port: 80 | |
| name: http | |
| #- port: 443 | |
| # name: https | |
| selector: | |
| app: traefik-ingress-lb | |
| --- | |
| apiVersion: v1 | |
| kind: Service | |
| metadata: | |
| namespace: kube-system | |
| name: traefik-console | |
| labels: | |
| app: traefik-console | |
| spec: | |
| type: NodePort | |
| ports: | |
| - port: 8080 | |
| name: webui | |
| selector: | |
| app: traefik-ingress-lb | |
| --- | |
| apiVersion: extensions/v1beta1 | |
| kind: Deployment | |
| metadata: | |
| namespace: kube-system | |
| name: traefik-ingress-lb | |
| labels: | |
| app: traefik-ingress-lb | |
| spec: | |
| replicas: 2 | |
| template: | |
| metadata: | |
| labels: | |
| name: traefik-ingress-lb | |
| app: traefik-ingress-lb | |
| annotations: | |
| scheduler.alpha.kubernetes.io/critical-pod: '' | |
| scheduler.alpha.kubernetes.io/tolerations: '[{"key":"CriticalAddonsOnly", "operator":"Exists"}]' | |
| spec: | |
| terminationGracePeriodSeconds: 60 | |
| containers: | |
| - image: traefik | |
| name: traefik-ingress-lb | |
| imagePullPolicy: Always | |
| ports: | |
| - containerPort: 80 | |
| - containerPort: 8080 | |
| #- containerPort: 443 | |
| args: | |
| - --web | |
| - --kubernetes | |
| - --logLevel=DEBUG |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment