我正在通过 kubernetes 在 AWS 上运行 traefik。这一切都适用于 http,但无法获取 https 和我的 http=>https 重定向配置。
我有以下 .toml 文件
defaultEntryPoints = ["http", "https"]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint = "https"使用下面的 Kubernetes 部署 + 服务配置。
Kubernetes 配置文件:
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
annotations:
deployment.kubernetes.io/revision: "3"
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"extensions/v1beta1","kind":"Deployment","metadata":{"annotations":{},"labels":{"k8s-app":"traefik-ingress-lb"},"name":"traefik-ingress-controller","namespace":"kube-system"},"spec":{"replicas":1,"selector":{"matchLabels":{"k8s-app":"traefik-ingress-lb"}},"template":{"metadata":{"labels":{"k8s-app":"traefik-ingress-lb","name":"traefik-ingress-lb"}},"spec":{"containers":[{"args":["--api","--kubernetes","--logLevel=INFO"],"image":"traefik","name":"traefik-ingress-lb","ports":[{"containerPort":80,"name":"http"},{"containerPort":8080,"name":"admin"}]}],"serviceAccountName":"traefik-ingress-controller","terminationGracePeriodSeconds":60}}}}
creationTimestamp: 2018-07-18T19:39:53Z
generation: 3
labels:
k8s-app: traefik-ingress-lb
name: traefik-ingress-controller
namespace: kube-system
resourceVersion: "624437"
selfLink: /apis/extensions/v1beta1/namespaces/kube-system/deployments/traefik-ingress-controller
uid: 58026a2c-8ac2-11e8-bb82-02f2884c3a1c
spec:
replicas: 1
selector:
matchLabels:
k8s-app: traefik-ingress-lb
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 1
type: RollingUpdate
template:
metadata:
creationTimestamp: null
labels:
k8s-app: traefik-ingress-lb
name: traefik-ingress-lb
spec:
containers:
- args:
- --configFile=/conf/traefik.toml
- --api
- --kubernetes
- --logLevel=INFO
image: traefik
imagePullPolicy: Always
name: traefik-ingress-lb
ports:
- containerPort: 80
name: http
protocol: TCP
- containerPort: 8080
name: admin
protocol: TCP
- containerPort: 443
protocol: TCP
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /conf
name: config
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: traefik-ingress-controller
serviceAccountName: traefik-ingress-controller
terminationGracePeriodSeconds: 60
volumes:
- configMap:
defaultMode: 420
name: traefik-conf
name: config
status:
availableReplicas: 1
conditions:
- lastTransitionTime: 2018-07-18T19:39:54Z
lastUpdateTime: 2018-07-18T19:39:54Z
message: Deployment has minimum availability.
reason: MinimumReplicasAvailable
status: "True"
type: Available
observedGeneration: 3
readyReplicas: 1
replicas: 1
updatedReplicas: 1
---
apiVersion: v1
kind: Service
metadata:
annotations:
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"traefik-ingress-service","namespace":"kube-system"},"spec":{"ports":[{"name":"web","port":80,"protocol":"TCP"},{"name":"admin","port":8080,"protocol":"TCP"}],"selector":{"k8s-app":"traefik-ingress-lb"},"type":"NodePort"}}
service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http
service.beta.kubernetes.io/aws-load-balancer-ssl-cert: arn:aws:acm:eu-west-1:735079771029:certificate/sfsg
service.beta.kubernetes.io/aws-load-balancer-ssl-ports: "443"
creationTimestamp: 2018-07-18T19:39:54Z
name: traefik-ingress-service
namespace: kube-system
resourceVersion: "619785"
selfLink: /api/v1/namespaces/kube-system/services/traefik-ingress-service
uid: 585294fb-8ac2-11e8-bb82-02f2884c3a1c
spec:
clusterIP: 100.69.33.166
externalTrafficPolicy: Cluster
ports:
- name: web
nodePort: 32734
port: 80
protocol: TCP
targetPort: 80
- name: admin
nodePort: 32566
port: 8080
protocol: TCP
targetPort: 8080
- name: https
nodePort: 32287
port: 443
protocol: TCP
targetPort: 80
selector:
k8s-app: traefik-ingress-lb
sessionAffinity: None
type: LoadBalancer
status:
loadBalancer:
ingress:
- hostname: blablabla.eu-west-1.elb.amazonaws.com
我的 http 工作正常,但我的 https 不工作。我有一个超时错误。这很奇怪。我什至在我的 ELB 的端口 443 上添加了一个侦听器,但仍然无法正常工作。你们有什么感想 ?