无法使用ConfigMap启用traefik仪表板

时间:2020-11-03 01:23:58

标签: traefik

我已经使用官方文档在k8s中配置了traefik 2.3。使用文档中的示例,我能够以安全的方式配置启用了api / dashboard的traefik。我决定将traefik配置从容器参数移至* .toml文件,并为其创建configMap。我现在遇到的一个问题是我无法启用仪表板或API。我跟进了文档,并将所有cli输入转换为* toml格式。似乎traefik并没有选择所有配置。

守护进程配置文件:

--- 
apiVersion: v1
kind: ServiceAccount
metadata:
  name: traefik-ingress-controller
---
apiVersion: v1
data:
  traefik.toml: |
    [accessLog]
    [api]
      dashboard = true
      debug = true
    [ping]
    [log]
      level = "DEBUG"
      filePath = "/var/log/access.log"
    [entryPoints]
      [entryPoints.web]
        address = ":80"
      [entryPoints.web.http.redirections.entryPoint]
        to = "websecure"
        scheme = "https"
        permanent = true
      [entryPoints.websecure]
        address = ":443"
      [entryPoints.websecure.http.tls]
          certResolver = "le"
    [certificatesResolvers.le.acme]
      email = "email@gmail.com"
      storage = "/cert/acme.json"
      [certificatesResolvers.le.acme.httpChallenge]
        entryPoint = "web"
kind: ConfigMap
metadata:
  creationTimestamp: null
  name: traefik-config
 ---
apiVersion: apps/v1
kind: DaemonSet
metadata:
 name: traefik-ingress-controller
 labels:
   k8s-app: traefik-ingress-lb
   kubernetes.io/cluster-service: "true"
spec:
 selector:
   matchLabels:
      k8s-app: traefik-ingress-lb
 template:
  metadata:
    labels:
      k8s-app: traefik-ingress-lb
      name: traefik-ingress-lb
  spec:
    hostNetwork: true
    dnsPolicy: ClusterFirstWithHostNet
    serviceAccountName: traefik-ingress-controller
    terminationGracePeriodSeconds: 60
    tolerations:
    - key: node-role.kubernetes.io/master
      effect: NoSchedule
    containers:
    - image: traefik:v2.3.2
      name: traefik-ingress-lb
      imagePullPolicy: Always
      volumeMounts:
        - mountPath: "/cert/"
          name: cert
        - mountPath: "/etc/traefik/"
          name: traefik-config
      resources:
        requests:
          cpu: 100m
          memory: 20Mi
      ports:
       - name: web
         containerPort: 80
       - name: websecure
         containerPort: 443
       - name: api
         containerPort: 8080
      args:
      - --providers.file.directory=/etc/traefik
      - --providers.file.watch=true
      - --providers.kubernetescrd
    volumes:
    - name: cert
      hostPath:
        path: /data/traefik/certs/
        type: Directory
    - name: traefik-config
      configMap:
        name: traefik-config

Traefik日志文件:

time="2020-11-03T00:32:05Z" level=info msg="Traefik version 2.3.2 built on 2020-10-19T18:36:22Z"
time="2020-11-03T00:32:05Z" level=debug msg="Static configuration loaded {\"global\":{\"checkNewVersion\":true},\"serversTransport\":{\"maxIdleConnsPerHost\":200},\"entryPoints\":{\"traefik\":{\"address\":\":8080\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":10000000000},\"respondingTimeouts\":{\"idleTimeout\":180000000000}},\"forwardedHeaders\":{},\"http\":{}},\"web\":{\"address\":\":80\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":10000000000},\"respondingTimeouts\":{\"idleTimeout\":180000000000}},\"forwardedHeaders\":{},\"http\":{\"redirections\":{\"entryPoint\":{\"to\":\"websecure\",\"scheme\":\"https\",\"permanent\":true,\"priority\":2147483647}}}},\"websecure\":{\"address\":\":443\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":10000000000},\"respondingTimeouts\":{\"idleTimeout\":180000000000}},\"forwardedHeaders\":{},\"http\":{\"tls\":{\"certResolver\":\"le\"}}}},\"providers\":{\"providersThrottleDuration\":2000000000},\"api\":{\"dashboard\":true,\"debug\":true},\"ping\":{\"entryPoint\":\"traefik\",\"terminatingStatusCode\":503},\"log\":{\"level\":\"DEBUG\",\"filePath\":\"/var/log/access.log\",\"format\":\"common\"},\"accessLog\":{\"format\":\"common\",\"filters\":{},\"fields\":{\"defaultMode\":\"keep\",\"headers\":{\"defaultMode\":\"drop\"}}},\"certificatesResolvers\":{\"le\":{\"acme\":{\"email\":\"email@gmail.com\",\"caServer\":\"https://acme-v02.api.letsencrypt.org/directory\",\"storage\":\"/cert/acme.json\",\"keyType\":\"RSA4096\",\"httpChallenge\":{\"entryPoint\":\"web\"}}}}}"
time="2020-11-03T00:32:05Z" level=info msg="\nStats collection is disabled.\nHelp us improve Traefik by turning this feature on :)\nMore details on: https://doc.traefik.io/traefik/contributing/data-collection/\n"
time="2020-11-03T00:32:05Z" level=info msg="Starting provider aggregator.ProviderAggregator {}"
time="2020-11-03T00:32:05Z" level=debug msg="Start TCP Server" entryPointName=traefik
time="2020-11-03T00:32:05Z" level=debug msg="Start TCP Server" entryPointName=websecure
time="2020-11-03T00:32:05Z" level=debug msg="Start TCP Server" entryPointName=web
time="2020-11-03T00:32:05Z" level=info msg="Starting provider *traefik.Provider {}"
time="2020-11-03T00:32:05Z" level=info msg="Starting provider *acme.Provider {\"email\":\"email\",\"caServer\":\"https://acme-v02.api.letsencrypt.org/directory\",\"storage\":\"/cert/acme.json\",\"keyType\":\"RSA4096\",\"httpChallenge\":{\"entryPoint\":\"web\"},\"ResolverName\":\"le\",\"store\":{},\"ChallengeStore\":{}}"
time="2020-11-03T00:32:05Z" level=info msg="Testing certificate renew..." providerName=le.acme
time="2020-11-03T00:32:05Z" level=debug msg="Configuration received from provider internal: {\"http\":{\"routers\":{\"ping\":{\"entryPoints\":[\"traefik\"],\"service\":\"ping@internal\",\"rule\":\"PathPrefix(`/ping`)\",\"priority\":2147483647},\"web-to-websecure\":{\"entryPoints\":[\"web\"],\"middlewares\":[\"redirect-web-to-websecure\"],\"service\":\"noop@internal\",\"rule\":\"HostRegexp(`{host:.+}`)\",\"priority\":2147483647}},\"services\":{\"api\":{},\"dashboard\":{},\"noop\":{},\"ping\":{}},\"middlewares\":{\"redirect-web-to-websecure\":{\"redirectScheme\":{\"scheme\":\"https\",\"port\":\"443\",\"permanent\":true}}},\"models\":{\"websecure\":{\"tls\":{\"certResolver\":\"le\"}}}},\"tcp\":{},\"tls\":{}}" providerName=internal
time="2020-11-03T00:32:05Z" level=debug msg="Configuration received from provider le.acme: {\"http\":{},\"tls\":{}}" providerName=le.acme
time="2020-11-03T00:32:05Z" level=debug msg="Added outgoing tracing middleware ping@internal" middlewareType=TracingForwarder middlewareName=tracing entryPointName=traefik routerName=ping@internal
time="2020-11-03T00:32:05Z" level=debug msg="Creating middleware" entryPointName=traefik middlewareName=traefik-internal-recovery middlewareType=Recovery
time="2020-11-03T00:32:05Z" level=debug msg="Added outgoing tracing middleware noop@internal" entryPointName=web routerName=web-to-websecure@internal middlewareName=tracing middlewareType=TracingForwarder
time="2020-11-03T00:32:05Z" level=debug msg="Creating middleware" entryPointName=web routerName=web-to-websecure@internal middlewareName=redirect-web-to-websecure@internal middlewareType=RedirectScheme
time="2020-11-03T00:32:05Z" level=debug msg="Setting up redirection to https 443" entryPointName=web routerName=web-to-websecure@internal middlewareName=redirect-web-to-websecure@internal middlewareType=RedirectScheme
time="2020-11-03T00:32:05Z" level=debug msg="Adding tracing to middleware" entryPointName=web routerName=web-to-websecure@internal middlewareName=redirect-web-to-websecure@internal
time="2020-11-03T00:32:05Z" level=debug msg="Creating middleware" entryPointName=web middlewareName=traefik-internal-recovery middlewareType=Recovery
time="2020-11-03T00:32:05Z" level=debug msg="No default certificate, generating one"
time="2020-11-03T00:32:05Z" level=debug msg="Adding certificate for domain(s) domain.com"
time="2020-11-03T00:32:05Z" level=debug msg="No default certificate, generating one"
time="2020-11-03T00:32:05Z" level=debug msg="Added outgoing tracing middleware noop@internal" middlewareName=tracing middlewareType=TracingForwarder entryPointName=web routerName=web-to-websecure@internal
time="2020-11-03T00:32:05Z" level=debug msg="Creating middleware" middlewareType=RedirectScheme entryPointName=web routerName=web-to-websecure@internal middlewareName=redirect-web-to-websecure@internal
time="2020-11-03T00:32:05Z" level=debug msg="Setting up redirection to https 443" routerName=web-to-websecure@internal middlewareName=redirect-web-to-websecure@internal middlewareType=RedirectScheme entryPointName=web
time="2020-11-03T00:32:05Z" level=debug msg="Adding tracing to middleware" middlewareName=redirect-web-to-websecure@internal routerName=web-to-websecure@internal entryPointName=web
time="2020-11-03T00:32:05Z" level=debug msg="Creating middleware" entryPointName=web middlewareName=traefik-internal-recovery middlewareType=Recovery
time="2020-11-03T00:32:05Z" level=debug msg="Added outgoing tracing middleware ping@internal" entryPointName=traefik routerName=ping@internal middlewareName=tracing middlewareType=TracingForwarder
time="2020-11-03T00:32:05Z" level=debug msg="Creating middleware" entryPointName=traefik middlewareType=Recovery middlewareName=traefik-internal-recovery
time="2020-11-03T00:34:39Z" level=info msg="Traefik version 2.3.2 built on 2020-10-19T18:36:22Z"
time="2020-11-03T00:34:39Z" level=debug msg="Static configuration loaded {\"global\":{\"checkNewVersion\":true},\"serversTransport\":{\"maxIdleConnsPerHost\":200},\"entryPoints\":{\"traefik\":{\"address\":\":8080\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":10000000000},\"respondingTimeouts\":{\"idleTimeout\":180000000000}},\"forwardedHeaders\":{},\"http\":{}},\"web\":{\"address\":\":80\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":10000000000},\"respondingTimeouts\":{\"idleTimeout\":180000000000}},\"forwardedHeaders\":{},\"http\":{\"redirections\":{\"entryPoint\":{\"to\":\"websecure\",\"scheme\":\"https\",\"permanent\":true,\"priority\":2147483647}}}},\"websecure\":{\"address\":\":443\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":10000000000},\"respondingTimeouts\":{\"idleTimeout\":180000000000}},\"forwardedHeaders\":{},\"http\":{\"tls\":{\"certResolver\":\"le\"}}}},\"providers\":{\"providersThrottleDuration\":2000000000},\"api\":{\"dashboard\":true,\"debug\":true},\"ping\":{\"entryPoint\":\"traefik\",\"terminatingStatusCode\":503},\"log\":{\"level\":\"DEBUG\",\"filePath\":\"/var/log/access.log\",\"format\":\"common\"},\"accessLog\":{\"format\":\"common\",\"filters\":{},\"fields\":{\"defaultMode\":\"keep\",\"headers\":{\"defaultMode\":\"drop\"}}},\"certificatesResolvers\":{\"le\":{\"acme\":{\"email\":\"email@gmail.com\",\"caServer\":\"https://acme-v02.api.letsencrypt.org/directory\",\"storage\":\"/cert/acme.json\",\"keyType\":\"RSA4096\",\"httpChallenge\":{\"entryPoint\":\"web\"}}}}}"
time="2020-11-03T00:34:39Z" level=info msg="\nStats collection is disabled.\nHelp us improve Traefik by turning this feature on :)\nMore details on: https://doc.traefik.io/traefik/contributing/data-collection/\n"
time="2020-11-03T00:34:46Z" level=info msg="Traefik version 2.3.2 built on 2020-10-19T18:36:22Z"
time="2020-11-03T00:34:46Z" level=debug msg="Static configuration loaded {\"global\":{\"checkNewVersion\":true},\"serversTransport\":{\"maxIdleConnsPerHost\":200},\"entryPoints\":{\"traefik\":{\"address\":\":8080\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":10000000000},\"respondingTimeouts\":{\"idleTimeout\":180000000000}},\"forwardedHeaders\":{},\"http\":{}},\"web\":{\"address\":\":80\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":10000000000},\"respondingTimeouts\":{\"idleTimeout\":180000000000}},\"forwardedHeaders\":{},\"http\":{\"redirections\":{\"entryPoint\":{\"to\":\"websecure\",\"scheme\":\"https\",\"permanent\":true,\"priority\":2147483647}}}},\"websecure\":{\"address\":\":443\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":10000000000},\"respondingTimeouts\":{\"idleTimeout\":180000000000}},\"forwardedHeaders\":{},\"http\":{\"tls\":{\"certResolver\":\"le\"}}}},\"providers\":{\"providersThrottleDuration\":2000000000},\"api\":{\"dashboard\":true,\"debug\":true},\"ping\":{\"entryPoint\":\"traefik\",\"terminatingStatusCode\":503},\"log\":{\"level\":\"DEBUG\",\"filePath\":\"/var/log/access.log\",\"format\":\"common\"},\"accessLog\":{\"format\":\"common\",\"filters\":{},\"fields\":{\"defaultMode\":\"keep\",\"headers\":{\"defaultMode\":\"drop\"}}},\"certificatesResolvers\":{\"le\":{\"acme\":{\"email\":\"email@gmail.com\",\"caServer\":\"https://acme-v02.api.letsencrypt.org/directory\",\"storage\":\"/cert/acme.json\",\"keyType\":\"RSA4096\",\"httpChallenge\":{\"entryPoint\":\"web\"}}}}}"
time="2020-11-03T00:34:46Z" level=info msg="\nStats collection is disabled.\nHelp us improve Traefik by turning this feature on :)\nMore details on: https://doc.traefik.io/traefik/contributing/data-collection/\n"
time="2020-11-03T00:35:25Z" level=info msg="Traefik version 2.3.2 built on 2020-10-19T18:36:22Z"
time="2020-11-03T00:35:25Z" level=debug msg="Static configuration loaded {\"global\":{\"checkNewVersion\":true},\"serversTransport\":{\"maxIdleConnsPerHost\":200},\"entryPoints\":{\"traefik\":{\"address\":\":8080\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":10000000000},\"respondingTimeouts\":{\"idleTimeout\":180000000000}},\"forwardedHeaders\":{},\"http\":{}},\"web\":{\"address\":\":80\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":10000000000},\"respondingTimeouts\":{\"idleTimeout\":180000000000}},\"forwardedHeaders\":{},\"http\":{\"redirections\":{\"entryPoint\":{\"to\":\"websecure\",\"scheme\":\"https\",\"permanent\":true,\"priority\":2147483647}}}},\"websecure\":{\"address\":\":443\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":10000000000},\"respondingTimeouts\":{\"idleTimeout\":180000000000}},\"forwardedHeaders\":{},\"http\":{\"tls\":{\"certResolver\":\"le\"}}}},\"providers\":{\"providersThrottleDuration\":2000000000},\"api\":{\"dashboard\":true,\"debug\":true},\"ping\":{\"entryPoint\":\"traefik\",\"terminatingStatusCode\":503},\"log\":{\"level\":\"DEBUG\",\"filePath\":\"/var/log/access.log\",\"format\":\"common\"},\"accessLog\":{\"format\":\"common\",\"filters\":{},\"fields\":{\"defaultMode\":\"keep\",\"headers\":{\"defaultMode\":\"drop\"}}},\"certificatesResolvers\":{\"le\":{\"acme\":{\"email\":\"email@gmail.com\",\"caServer\":\"https://acme-v02.api.letsencrypt.org/directory\",\"storage\":\"/cert/acme.json\",\"keyType\":\"RSA4096\",\"httpChallenge\":{\"entryPoint\":\"web\"}}}}}"
time="2020-11-03T00:35:25Z" level=info msg="\nStats collection is disabled.\nHelp us improve Traefik by turning this feature on :)\nMore details on: https://doc.traefik.io/traefik/contributing/data-collection/\n"

在容器中,只有这些变量可用,仪表板的变量丢失了。

export -p
export HOME='/root'
export KUBERNETES_PORT='tcp://10.96.0.1:443'
export KUBERNETES_PORT_443_TCP='tcp://10.96.0.1:443'
export KUBERNETES_PORT_443_TCP_ADDR='10.96.0.1'
export KUBERNETES_PORT_443_TCP_PORT='443'
export KUBERNETES_PORT_443_TCP_PROTO='tcp'
export KUBERNETES_SERVICE_HOST='10.96.0.1'
export KUBERNETES_SERVICE_PORT='443'
export KUBERNETES_SERVICE_PORT_HTTPS='443'
export PATH='/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'
export PWD='/'
export SHLVL='1'
export TERM='xterm'

从日志中,我看到仪表板已设置为true,但是未创建api @ internal服务。我想念什么?

在2.3版中,我可以为* toml文件创建ConfigMap而不使用容器参数吗?当我使用容器参数时,一切工作正常。

感谢您的时间,

此致

0 个答案:

没有答案
相关问题
最新问题