Posted on Wednesday January 23, 2019
Kubernetes is the great way to manage docker service in the orchestration way, the service which are created need to be exposed to external clients, which can be done in many ways, This tutorial explains how to use Traefik as an Ingress controller for a Kubernetes cluster
In kubernetes these are the defined way to make service accessible externally we better known as
ClusterIPservices, to which the external load balancer will route, are automatically created.
This tutorial is dedicated to use Ingress Resource using the Traefik Kubernetes Ingress Controller
Traefik is a modern HTTP reverse proxy and load balancer that makes deploying microservices easy. Traefik integrates with your existing infrastructure components and configures itself automatically and dynamically. Pointing Traefik at your orchestrator should be the only configuration step you need.
Traefik Ingresses operate at the application layer of the network stack (HTTP) and can provide features such as cookie-based session affinity and the like, which services can't.
We are going here to setup three sample nginx cheese web application, the docker images are located here .
The Name-Based Routing performs routing by name and support routing HTTP traffic to multiple host names at the same IP address but different domain names , lets start by launching the pods for the cheese websites.
Deployment of Cheese Web Application
[email protected]:# kubectl apply -f https://raw.githubusercontent.com/containous/traefik/master/examples/k8s/cheese-deployments.yaml deployment.extensions/stilton created deployment.extensions/cheddar created deployment.extensions/wensleydale created
To provide some explanations about the file content:
selector: matchLabels: app:cheese)
Make sure all the deployment pods are up and running
[email protected]:/home/ansible# kubectl get pods NAME READY STATUS RESTARTS AGE cheddar-6c895c7cc7-2qztp 1/1 Running 0 7m cheddar-6c895c7cc7-mzq9v 1/1 Running 0 7m stilton-7989d7c86f-62wrt 1/1 Running 0 7m stilton-7989d7c86f-fjttz 1/1 Running 0 7m wensleydale-58784fc6f7-f8szd 1/1 Running 0 7m wensleydale-58784fc6f7-prb8z 1/1 Running 0 7m
Service Cheese Web Application
Next we need to setup a Service for each of the cheese pods.
[email protected]:# kubectl apply -f https://raw.githubusercontent.com/containous/traefik/master/examples/k8s/cheese-services.yaml service/stilton created service/cheddar created service/wensleydale created
[email protected]:/home/ansible# kubectl get svc NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE cheddar ClusterIP 10.108.200.238 <none> 80/TCP 30s kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 1h stilton ClusterIP 10.102.20.8 <none> 80/TCP 30s wensleydale ClusterIP 10.109.58.21 <none> 80/TCP 30s
At this point, we have deployment and Service ready in the K8 cluster, and we're about to define the ingress rules so that the world can eat the required service.
apiVersion: extensions/v1beta1 kind: Ingress metadata: name: cheese annotations: kubernetes.io/ingress.class: traefik spec: rules: - host: stilton.minikube http: paths: - path: / backend: serviceName: stilton servicePort: http - host: cheddar.minikube http: paths: - path: / backend: serviceName: cheddar servicePort: http - host: wensleydale.minikube http: paths: - path: / backend: serviceName: wensleydale servicePort: http
To provide some explanations about the file content:
[email protected]:/home/ansible# kubectl apply -f https://raw.githubusercontent.com/containous/traefik/master/examples/k8s/cheese-ingress.yaml ingress.extensions/cheese created
Verify the Ingress, all the hosts can be accessed with the ingress port 80
[email protected]:/home/ansible# kubectl get ingress NAME HOSTS ADDRESS PORTS AGE cheese stilton.minikube,cheddar.minikube,wensleydale.minikube 80 31s
Now visit the Traefik dashboard and you should see a frontend for each host. Along with a backend listing for each service with a server set up for each pod.
Open the webbrowser and start eating your faviourite cheese
Path based routing differ from Name based routing in a sense, we don't have multiple domains names, all the URI is distinguished and routed from the PATH prefix under a single domain, for example the above cheese application can be access through the single URI.
Let's create the PATH base routing for the cheese application
[email protected]:/home/ansible# kubectl apply -f https://raw.githubusercontent.com/containous/traefik/master/examples/k8s/cheeses-ingress.yaml ingress.extensions/cheeses created
View the Ingress, as you can notices the newly created ingress cheeses can be accessed through the hostname cheeses.minikube
[email protected]:/home/ansible# kubectl get ingress NAME HOSTS ADDRESS PORTS AGE cheese stilton.minikube,cheddar.minikube,wensleydale.minikube 80 13m cheeses cheeses.minikube 80 1m
You should now be able to visit the websites in your browser.
helm install stable/traefik --name traefik --set dashboard.enabled=true,dashboard.domain=dashboard.traefik,rbac.enabled=true,dashboard.auth.basic.traefik='$apr1$vUmd7ddA$CoklUZpHBbRzvnZUz6eFY.',ssl.enabled=true,ssl.enforced=true --namespace kube-system
Thanks Happy traefiking, do poke me for any problems
Thanku for reading !!! Give a Share for Support
Asking for donation sound bad to me, so i'm raising fund from The Modern Cryptography CookBook for Just $9. Leanpub books Discount coupon first 100 reader. No hurry read the sample chapters here then decide.
Alternatively to support you can buy My all four Cryptography book Just $10.99