我们已经 traefik 一年多了,它一直很棒。我们目前在 1.6.6 上,一切正常,一旦我们尝试升级到 1.7,我们所有的端点都会得到 502。知道为什么会发生这种情况吗?
我们正在尝试升级,因为 NS1 是作为 DNS 提供程序引入的,而且 HTTP 挑战似乎不再起作用。
这是我们当前的设置:
apiVersion: v1
data:
traefik.toml: |
# traefik.toml
defaultEntryPoints = ["http", "https"]
[web]
address = ":8080"
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint = "https"
[entryPoints.https]
address = ":443"
[entryPoints.https.redirect]
[entryPoints.https.tls]
[kubernetes]
[acme]
email = "devops@something.com"
storage = "/acme/acme.json"
entryPoint = "https"
acmeLogging = true
caServer = "https://acme-v02.api.letsencrypt.org/directory"
[[acme.domains]]
main = "something.com"
[[acme.domains]]
main = "something.com"
[acme.httpChallenge]
entryPoint = "http"
[retry]
attempts = 5
[accessLog]
[traefikLog]
filePath = "/acme/traefik.log"
kind: ConfigMap
metadata:
labels:
app: traefik
name: traefik
namespace: kube-system
---
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
labels:
app: traefik
name: traefik
namespace: kube-system
spec:
selector:
matchLabels:
app: traefik
template:
metadata:
labels:
app: traefik
spec:
serviceAccountName: traefik-ingress-controller
hostNetwork: true
dnsPolicy: ClusterFirst
nodeSelector:
role: edge-routers
containers:
- args:
- --configfile=/config/traefik.toml
- --kubernetes
- --api
- -d
image: traefik:1.6.6
imagePullPolicy: Always
livenessProbe:
tcpSocket:
port: 80
initialDelaySeconds: 20
name: traefik
ports:
- containerPort: 80
protocol: TCP
- containerPort: 443
protocol: TCP
- containerPort: 8080
protocol: TCP
securityContext:
privileged: true
readinessProbe:
tcpSocket:
port: 80
initialDelaySeconds: 20
volumeMounts:
- mountPath: /config
name: config
- mountPath: /acme
name: acme
volumes:
- configMap:
name: traefik
name: config
- hostPath:
path: /etc/traefik
name: acme
似乎我们得到了:
time="2019-02-08T00:40:58Z" level=debug msg="'502 Bad Gateway' 导致:EOF"