0

Middlewares are not being detected and therefore paths are not being stripped resulting in 404s in the backend api.

Middleware exists in k8s apps namespace

$ kubectl get -n apps middlewares
NAME                                                AGE
traefik-middlewares-backend-users-service           1d

configuration for middleware and ingress route

---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
  annotations:
    kubernetes.io/ingress.class: traefik
  name: apps-services
  namespace: apps
spec:
  entryPoints:
    - web
  routes:
    - kind: Rule
      match: Host(`example.com`) && PathPrefix(`/users/`)
      middlewares:
        - name: traefik-middlewares-backend-users-service
      priority: 0
      services:
        - name: backend-users-service
          port: 8080
---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
  name: traefik-middlewares-backend-users-service
  namespace: apps
spec:
  stripPrefix:
    prefixes:
      - /users

Static configuration

global:
  checkNewVersion: true
  sendAnonymousUsage: true
entryPoints:
  http:
    address: :80
  traefik:
    address: :8080
providers:
  providersThrottleDuration: 2s
  kubernetesIngress: {}
api:
  # TODO: make this secure later
  insecure: true
ping:
  entryPoint: http
log: {}

Traefik dasboard has no middlewares

traefik v2 dashboard

Spring Boot 404 page. Route is on example.com/actuator/health

The /users is not being stripped. This worked for me in traefik v1 perfectly fine.

Note: actual domain has been replaced with example.com and domain.com in the examples.

spring boot 404 page

4

1 回答 1

1

为了让这个工作,我必须:

  1. 使用 traefik v2 的自定义 k8s CRD 所在的命名空间添加 Kubernetes CRD 提供程序
  2. 添加 TLSOption 资源定义
  3. 更新 traefik 的集群角色以拥有列出和观看新 v2 资源的权限
  4. 确保配置了所有具有新资源的命名空间

Traefik 静态配置文件

providers:
  providersThrottleDuration: 2s
  kubernetesCRD:
    namespaces:
      - apps
      - traefik

TLSOption CRD

---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
  name: tlsoptions.traefik.containo.us
spec:
  group: traefik.containo.us
  version: v1alpha1
  names:
    kind: TLSOption
    plural: tlsoptions
    singular: tlsoption
  scope: Namespaced

更新了 Traefik 的静态配置

global:
  checkNewVersion: true
  sendAnonymousUsage: true
entryPoints:
  http:
    address: :80
  traefik:
    address: :8080
providers:
  providersThrottleDuration: 2s
  kubernetesCRD:
    namespaces:
      - apps
      - traefik
api:
  # TODO: make this secure later
  insecure: true
ping:
  entryPoint: http
log: {}
于 2019-11-04T20:21:08.360 回答