traefik 2.2.1在kubernetes中添加白名单时的响应代码403
我正在使用traefik 2.2.1公开我的kubernetes v1.16服务。这是我的traefik 2.2.1入口路由配置:traefik 2.2.1在kubernetes中添加白名单时的响应代码403,kubernetes,Kubernetes,我正在使用traefik 2.2.1公开我的kubernetes v1.16服务。这是我的traefik 2.2.1入口路由配置: apiVersion: traefik.containo.us/v1alpha1 kind: IngressRoute metadata: annotations: helm.sh/hook: post-install,post-upgrade labels: app.kubernetes.io/instance: traefik a
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
annotations:
helm.sh/hook: post-install,post-upgrade
labels:
app.kubernetes.io/instance: traefik
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: traefik
helm.sh/chart: traefik-8.2.1
name: traefik-dashboard
namespace: kube-system
spec:
entryPoints:
- traefik
routes:
- kind: Rule
match: Host(`traefik.balabala.net`) || PathPrefix(`/dashboard`) || PathPrefix(`/api`)
middlewares:
- name: traefik-white-list
namespace: kube-system
services:
- kind: TraefikService
name: api@internal
我在入口路由中添加了白名单中间件,这是白名单配置:
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: traefik-white-list
namespace: kube-system
spec:
ipWhiteList:
sourceRange:
- 0.0.0.0/0
ipStrategy:
excludedIPs:
- 172.27.0.1
但是当我访问url时:https://traefik.balabala.net/dashboard/#/
,显示403禁止。这是traefikaccess.log
输出:
/data/logs $ tail -f access.log |grep "403"|grep "dashboard"
100.120.96.235 - - [11/Sep/2020:04:45:01 +0000] "GET /dashboard/ HTTP/1.1" 403 9 "-" "-" 24990290 "kube-system-traefik-dashboard-18eee658e989daa69274@kubernetescrd" "-" 0ms
100.120.96.236 - - [11/Sep/2020:04:45:02 +0000] "GET /dashboard/ HTTP/1.1" 403 9 "-" "-" 24990314 "kube-system-traefik-dashboard-18eee658e989daa69274@kubernetescrd" "-" 0ms
100.120.96.235 - - [11/Sep/2020:04:45:03 +0000] "GET /dashboard/ HTTP/1.1" 403 9 "-" "-" 24990343 "kube-system-traefik-dashboard-18eee658e989daa69274@kubernetescrd" "-" 0ms
100.120.96.229 - - [11/Sep/2020:04:45:04 +0000] "GET /dashboard/ HTTP/1.1" 403 9 "-" "-" 24990362 "kube-system-traefik-dashboard-18eee658e989daa69274@kubernetescrd" "-" 0ms
100.120.96.229 - - [11/Sep/2020:04:45:05 +0000] "GET /dashboard/ HTTP/1.1" 403 9 "-" "-" 24990382 "kube-system-traefik-dashboard-18eee658e989daa69274@kubernetescrd" "-" 0ms
100.120.96.233 - - [11/Sep/2020:04:45:05 +0000] "GET /dashboard/ HTTP/1.1" 403 9 "-" "-" 24990406 "kube-system-traefik-dashboard-18eee658e989daa69274@kubernetescrd" "-" 0ms
100.120.96.235 - - [11/Sep/2020:04:45:07 +0000] "GET /favicon.ico HTTP/1.1" 403 9 "-" "-" 24990462 "kube-system-traefik-dashboard-18eee658e989daa69274@kubernetescrd" "-" 0ms
我允许所有ip都在白名单中,为什么这个仪表板仍然显示403?我该怎么做才能解决这个问题