Kubernetes Traefik K8s安装问题
背景: 我试图建立一个裸金属K8s集群,并希望利用Traefik的众多功能进入集群。我让MetalLB在前面提供LoadBalancer IP地址,目前这对我来说不是问题 信息: K8s群集版本:1.12 舵柄和舵柄版本:v2.11.0 问题: 如果我使用helm图表安装Traefik,它会安装,但是当我检查创建的集装箱的docker日志时,我会发现以下错误:Kubernetes Traefik K8s安装问题,kubernetes,traefik,kubernetes-helm,Kubernetes,Traefik,Kubernetes Helm,背景: 我试图建立一个裸金属K8s集群,并希望利用Traefik的众多功能进入集群。我让MetalLB在前面提供LoadBalancer IP地址,目前这对我来说不是问题 信息: K8s群集版本:1.12 舵柄和舵柄版本:v2.11.0 问题: 如果我使用helm图表安装Traefik,它会安装,但是当我检查创建的集装箱的docker日志时,我会发现以下错误: E1012 15:23:50.784829 1 reflector.go:205]github.com/containous/trae
E1012 15:23:50.784829 1 reflector.go:205]github.com/containous/traefik/vendor/k8s.io/client go/informers/factory.go:86:未能列出*v1.Endpoints:未经授权
E1012 15:23:52.279720 1 reflector.go:205]github.com/containous/traefik/vendor/k8s.io/client go/informers/factory.go:86:未能列出*v1.Service:未经授权
E1012 15:23:52.784902 1 reflector.go:205]github.com/containous/traefik/vendor/k8s.io/client-go/informers/factory.go:86:未能列出*v1beta1.Ingress:第一次安装(使用Helm)时未经授权的对于第二次安装,看起来Traefik可能被配置为从监控命名空间和集群中不存在的
prometheus服务器helm install --values values.yaml stable/traefik
NAME: khaki-goose
LAST DEPLOYED: Fri Oct 12 14:05:23 2018
NAMESPACE: default
STATUS: DEPLOYED
RESOURCES:
==> v1/Deployment
NAME AGE
khaki-goose-traefik 0s
==> v1beta1/Ingress
khaki-goose-traefik-dashboard 0s
==> v1/Pod(related)
NAME READY STATUS RESTARTS AGE
khaki-goose-traefik-dccfdf765-cmfl9 0/1 Pending 0 0s
==> v1/ConfigMap
NAME AGE
khaki-goose-traefik 0s
==> v1/Service
khaki-goose-traefik-dashboard 0s
khaki-goose-traefik 0s
kubectl get svc khaki-goose-traefik --namespace default -w
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
khaki-goose-traefik LoadBalancer 10.109.30.181 172.16.15.1 80:31644/TCP,443:31004/TCP 12s
Name: khaki-goose-traefik-dashboard
Namespace: default
Address:
Default backend: default-http-backend:80 (<none>)
Rules:
Host Path Backends
---- ---- --------
traefik-ui.minikube
khaki-goose-traefik-dashboard:80 (<none>)
Annotations:
Events: <none>
kubectl describe pods
Name: khaki-goose-traefik-dccfdf765-k9pxh
Namespace: default
Priority: 0
PriorityClassName: <none>
Node: jbv-dev-k8wrkr-02.removed.domain.name/172.16.1.47
Start Time: Fri, 12 Oct 2018 14:54:30 -0400
Labels: app=traefik
chart=traefik-1.43.0
heritage=Tiller
pod-template-hash=dccfdf765
release=khaki-goose
Annotations: checksum/config=fba7308c36f00b969971dec5caa6ca1e456737d4564d6c623d261aee9ffb82cc
Status: Running
IP: 172.25.4.44
Controlled By: ReplicaSet/khaki-goose-traefik-dccfdf765
Containers:
khaki-goose-traefik:
Container ID: docker://f88d222ccf72c244bdb100b956a8b629bcb8b89c9954de1f83552bddd6c44a43
Image: traefik:1.6.6
Image ID: docker-pullable://traefik@sha256:9569c56e8b7353c9c4e5d4f00177b0b7c523db6926a42a148e04a6fa4b6f9f8d
Ports: 80/TCP, 8880/TCP, 443/TCP, 8080/TCP
Host Ports: 0/TCP, 0/TCP, 0/TCP, 0/TCP
Args:
--configfile=/config/traefik.toml
State: Running
Started: Fri, 12 Oct 2018 14:54:41 -0400
Ready: True
Restart Count: 0
Limits:
cpu: 100m
memory: 30Mi
Requests:
cpu: 100m
memory: 20Mi
Liveness: tcp-socket :80 delay=10s timeout=2s period=10s #success=1 #failure=3
Readiness: tcp-socket :80 delay=10s timeout=2s period=10s #success=1 #failure=1
Environment: <none>
Mounts:
/config from config (rw)
/var/run/secrets/kubernetes.io/serviceaccount from default-token-n8865 (ro)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
config:
Type: ConfigMap (a volume populated by a ConfigMap)
Name: khaki-goose-traefik
Optional: false
default-token-n8865:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-n8865
Optional: false
QoS Class: Burstable
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 1m default-scheduler Successfully assigned default/khaki-goose-traefik-dccfdf765-k9pxh to jbv-dev-k8wrkr-02.removed.domain.name
Normal Pulled 1m kubelet, jbv-dev-k8wrkr-02.removed.domain.name Container image "traefik:1.6.6" already present on machine
Normal Created 1m kubelet, jbv-dev-k8wrkr-02.removed.domain.name Created container
Normal Started 1m kubelet, jbv-dev-k8wrkr-02.removed.domain.name Started container
kubectl apply -f traefik-rbac.yaml
kubectl describe pods
Name: khaki-goose-traefik-dccfdf765-k9pxh
Namespace: default
Priority: 0
PriorityClassName: <none>
Node: jbv-dev-k8wrkr-02.removed.domain.name/172.16.1.47
Start Time: Fri, 12 Oct 2018 14:54:30 -0400
Labels: app=traefik
chart=traefik-1.43.0
heritage=Tiller
pod-template-hash=dccfdf765
release=khaki-goose
Annotations: checksum/config=fba7308c36f00b969971dec5caa6ca1e456737d4564d6c623d261aee9ffb82cc
Status: Running
IP: 172.25.4.44
Controlled By: ReplicaSet/khaki-goose-traefik-dccfdf765
Containers:
khaki-goose-traefik:
Container ID: docker://f88d222ccf72c244bdb100b956a8b629bcb8b89c9954de1f83552bddd6c44a43
Image: traefik:1.6.6
Image ID: docker-pullable://traefik@sha256:9569c56e8b7353c9c4e5d4f00177b0b7c523db6926a42a148e04a6fa4b6f9f8d
Ports: 80/TCP, 8880/TCP, 443/TCP, 8080/TCP
Host Ports: 0/TCP, 0/TCP, 0/TCP, 0/TCP
Args:
--configfile=/config/traefik.toml
State: Running
Started: Fri, 12 Oct 2018 14:54:41 -0400
Ready: True
Restart Count: 0
Limits:
cpu: 100m
memory: 30Mi
Requests:
cpu: 100m
memory: 20Mi
Liveness: tcp-socket :80 delay=10s timeout=2s period=10s #success=1 #failure=3
Readiness: tcp-socket :80 delay=10s timeout=2s period=10s #success=1 #failure=1
Environment: <none>
Mounts:
/config from config (rw)
/var/run/secrets/kubernetes.io/serviceaccount from default-token-n8865 (ro)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
config:
Type: ConfigMap (a volume populated by a ConfigMap)
Name: khaki-goose-traefik
Optional: false
default-token-n8865:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-n8865
Optional: false
QoS Class: Burstable
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 1m default-scheduler Successfully assigned default/khaki-goose-traefik-dccfdf765-k9pxh to jbv-dev-k8wrkr-02.removed.domain.name
Normal Pulled 1m kubelet, jbv-dev-k8wrkr-02.removed.domain.name Container image "traefik:1.6.6" already present on machine
Normal Created 1m kubelet, jbv-dev-k8wrkr-02.removed.domain.name Created container
Normal Started 1m kubelet, jbv-dev-k8wrkr-02.removed.domain.name Started container
E1012 20:19:14.410278 1 reflector.go:205] github.com/containous/traefik/vendor/k8s.io/client-go/informers/factory.go:86: Failed to list *v1beta1.Ingress: Unauthorized
E1012 20:19:14.411657 1 reflector.go:205] github.com/containous/traefik/vendor/k8s.io/client-go/informers/factory.go:86: Failed to list *v1.Endpoints: Unauthorized
E1012 20:19:15.388608 1 reflector.go:205] github.com/containous/traefik/vendor/k8s.io/client-go/informers/factory.go:86: Failed to list *v1.Service: Unauthorized
E1012 20:19:15.391057 1 reflector.go:205] github.com/containous/traefik/vendor/k8s.io/client-go/informers/factory.go:86: Failed to list *v1beta1.Ingress: Unauthorized
E1012 20:19:15.397616 1 reflector.go:205] github.com/containous/traefik/vendor/k8s.io/client-go/informers/factory.go:86: Failed to list *v1.Endpoints: Unauthorized
E1012 20:19:15.411714 1 reflector.go:205] github.com/containous/traefik/vendor/k8s.io/client-go/informers/factory.go:86: Failed to list *v1.Service: Unauthorized
E1012 20:19:15.413496 1 reflector.go:205] github.com/containous/traefik/vendor/k8s.io/client-go/informers/factory.go:86: Failed to list *v1beta1.Ingress: Unauthorized
E1012 20:19:15.414809 1 reflector.go:205] github.com/containous/traefik/vendor/k8s.io/client-go/informers/factory.go:86: Failed to list *v1.Endpoints: Unauthorized