Warning: file_get_contents(/data/phpspider/zhask/data//catemap/7/kubernetes/5.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
traefik 2.2.1在kubernetes中添加白名单时的响应代码403_Kubernetes - Fatal编程技术网
Fatal编程技术网
  • kubernetes/
  • traefik 2.2.1在kubernetes中添加白名单时的响应代码403

traefik 2.2.1在kubernetes中添加白名单时的响应代码403

kubernetes

traefik 2.2.1在kubernetes中添加白名单时的响应代码403,kubernetes,Kubernetes,我正在使用traefik 2.2.1公开我的kubernetes v1.16服务。这是我的traefik 2.2.1入口路由配置: apiVersion: traefik.containo.us/v1alpha1 kind: IngressRoute metadata: annotations: helm.sh/hook: post-install,post-upgrade labels: app.kubernetes.io/instance: traefik a

我正在使用traefik 2.2.1公开我的kubernetes v1.16服务。这是我的traefik 2.2.1入口路由配置:

apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
  annotations:
    helm.sh/hook: post-install,post-upgrade
  labels:
    app.kubernetes.io/instance: traefik
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/name: traefik
    helm.sh/chart: traefik-8.2.1
  name: traefik-dashboard
  namespace: kube-system
spec:
  entryPoints:
  - traefik
  routes:
  - kind: Rule
    match: Host(`traefik.balabala.net`) || PathPrefix(`/dashboard`) || PathPrefix(`/api`)
    middlewares:
    - name: traefik-white-list
      namespace: kube-system
    services:
    - kind: TraefikService
      name: api@internal
我在入口路由中添加了白名单中间件,这是白名单配置:

apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
  name: traefik-white-list
  namespace: kube-system
spec:
  ipWhiteList:
    sourceRange:
      - 0.0.0.0/0

    ipStrategy:
      excludedIPs:
        - 172.27.0.1
但是当我访问url时:
https://traefik.balabala.net/dashboard/#/
,显示403禁止。这是traefik
access.log
输出:

/data/logs $ tail -f access.log |grep "403"|grep "dashboard"
100.120.96.235 - - [11/Sep/2020:04:45:01 +0000] "GET /dashboard/ HTTP/1.1" 403 9 "-" "-" 24990290 "kube-system-traefik-dashboard-18eee658e989daa69274@kubernetescrd" "-" 0ms
100.120.96.236 - - [11/Sep/2020:04:45:02 +0000] "GET /dashboard/ HTTP/1.1" 403 9 "-" "-" 24990314 "kube-system-traefik-dashboard-18eee658e989daa69274@kubernetescrd" "-" 0ms
100.120.96.235 - - [11/Sep/2020:04:45:03 +0000] "GET /dashboard/ HTTP/1.1" 403 9 "-" "-" 24990343 "kube-system-traefik-dashboard-18eee658e989daa69274@kubernetescrd" "-" 0ms
100.120.96.229 - - [11/Sep/2020:04:45:04 +0000] "GET /dashboard/ HTTP/1.1" 403 9 "-" "-" 24990362 "kube-system-traefik-dashboard-18eee658e989daa69274@kubernetescrd" "-" 0ms
100.120.96.229 - - [11/Sep/2020:04:45:05 +0000] "GET /dashboard/ HTTP/1.1" 403 9 "-" "-" 24990382 "kube-system-traefik-dashboard-18eee658e989daa69274@kubernetescrd" "-" 0ms
100.120.96.233 - - [11/Sep/2020:04:45:05 +0000] "GET /dashboard/ HTTP/1.1" 403 9 "-" "-" 24990406 "kube-system-traefik-dashboard-18eee658e989daa69274@kubernetescrd" "-" 0ms
100.120.96.235 - - [11/Sep/2020:04:45:07 +0000] "GET /favicon.ico HTTP/1.1" 403 9 "-" "-" 24990462 "kube-system-traefik-dashboard-18eee658e989daa69274@kubernetescrd" "-" 0ms
我允许所有ip都在白名单中,为什么这个仪表板仍然显示403?我该怎么做才能解决这个问题