我正在将我的应用程序从docker合并到kubernetes。
我目前在minikube工作。
我使用traefk作为我的反向代理,它是使用官方helm chart安装在kubernetes中,可在https://github.com/traefik/traefik-helm-chart获得。
这是我的工作docker-compose文件:
version: "3.7"
services:
myapp:
image: nexus/my-app
labels:
- "traefik.enable=true"
- "traefik.http.routers.myapp.rule=Host(`myapp.localhost`)"
- "traefik.http.routers.myapp.entrypoints=web,web-secure"
- "traefik.http.routers.myapp.tls=true"
- "traefik.http.routers.myapp.service=myapp"
- "traefik.http.middlewares.myapp.redirectscheme.scheme=https"
- "traefik.http.middlewares.myapp.redirectscheme.permanent=true"
- "traefik.http.services.myapp.loadbalancer.server.port=8080"
- "traefik.http.services.myapp.loadbalancer.sticky=true"
- "traefik.http.services.myapp.loadbalancer.sticky.cookie.name=StickyCookieMyApp"
- "traefik.http.services.myapp.loadbalancer.sticky.cookie.secure=true"
# enable the property below if your are running on https
- "traefik.http.services.myapp.loadbalancer.server.scheme=https"
environment:
- JAVA_OPTS=-Xmx512m -Xms256m
- SPRING_PROFILES_ACTIVE=prod
在Kubernetes中,我有以下配置:
# HTTPS ingress
kind: Ingress
apiVersion: extensions/v1beta1
metadata:
name: myapp-ingress
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.tls: "true"
spec:
rules:
- host: myapp.localhost
http:
paths:
- backend:
serviceName: myapp
servicePort: 8080
tls:
- secretName: myapp-cert
---
# Ingresses
# this middleware is used as the following annotation:
# traefik.ingress.kubernetes.io/router.middlewares: default-redirect@kubernetescrd
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: redirect
spec:
redirectScheme:
scheme: https
permanent: true
---
# http ingress for http->https redirection
kind: Ingress
apiVersion: extensions/v1beta1
metadata:
name: myapp-redirect
annotations:
traefik.ingress.kubernetes.io/router.middlewares: default-redirect@kubernetescrd
traefik.ingress.kubernetes.io/router.entrypoints: web
spec:
rules:
- host: myapp.localhost
http:
paths:
- backend:
serviceName: myapp
servicePort: 8080
如何将这三行转换为Kubernetes规范?
- "traefik.http.services.myapp.loadbalancer.sticky=true"
- "traefik.http.services.myapp.loadbalancer.sticky.cookie.name=StickyCookieMyApp"
- "traefik.http.services.myapp.loadbalancer.sticky.cookie.secure=true"
你可以在你的服务上设置注释:
apiVersion: v1
kind: Service
metadata:
annotations:
traefik.ingress.kubernetes.io/service.sticky.cookie: "true"
traefik.ingress.kubernetes.io/service.sticky.cookie.name: cookie
traefik.ingress.kubernetes.io/service.sticky.cookie.secure: "true"
[...]
参见docs: https://doc.traefik.io/traefik/routing/providers/kubernetes-ingress/