用于TCP的Traefik 2.0 IP白名单-Kubernetes CRD
我们正在使用Kubernetes和Traefik 2.0。 我们使用Kubernetes CRD(IngressRoute)作为Traefik的提供者 从Traefik文档来看,它看起来不像是可以用于TCP路由器的中间件 我们希望使用TCP路由器,但到目前为止,它只使用Http路由器 以下是我们的ipWhitelist定义:用于TCP的Traefik 2.0 IP白名单-Kubernetes CRD,kubernetes,traefik,kubernetes-ingress,traefik-ingress,Kubernetes,Traefik,Kubernetes Ingress,Traefik Ingress,我们正在使用Kubernetes和Traefik 2.0。 我们使用Kubernetes CRD(IngressRoute)作为Traefik的提供者 从Traefik文档来看,它看起来不像是可以用于TCP路由器的中间件 我们希望使用TCP路由器,但到目前为止,它只使用Http路由器 以下是我们的ipWhitelist定义: apiVersion: traefik.containo.us/v1alpha1 kind: Middleware metadata: name: testIPwhit
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: testIPwhitelist
spec:
ipWhiteList:
sourceRange:
- 127.0.0.1/32
- 192.168.1.7
apiVersion: v1
kind: Service
metadata:
name: traefik
spec:
type: LoadBalancer
externalTrafficPolicy: Local
ports:
- protocol: TCP
name: web
port: 8000
- protocol: TCP
name: admin
port: 8080
- protocol: TCP
name: websecure
port: 4443
- protocol: TCP
name: mongodb
port: 27017
selector:
app: traefik
以下是Traefik服务定义:
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: testIPwhitelist
spec:
ipWhiteList:
sourceRange:
- 127.0.0.1/32
- 192.168.1.7
apiVersion: v1
kind: Service
metadata:
name: traefik
spec:
type: LoadBalancer
externalTrafficPolicy: Local
ports:
- protocol: TCP
name: web
port: 8000
- protocol: TCP
name: admin
port: 8080
- protocol: TCP
name: websecure
port: 4443
- protocol: TCP
name: mongodb
port: 27017
selector:
app: traefik
入口路线定义:
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: simpleingressroute
namespace: default
spec:
entryPoints:
- web
routes:
- match: PathPrefix(`/who`)
kind: Rule
services:
- name: whoami
port: 80
middlewares:
- name: testIPwhitelist
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRouteTCP
metadata:
name: ingressroute.mongo
spec:
entryPoints:
- mongodb
routes:
# Match is the rule corresponding to an underlying router.
- match: HostSNI(`*`)
services:
- name: mongodb
port: 27017
middlewares:
- name: testIPwhitelist
有没有办法用traefik TCP路由器限制IP
要获得更多关于Kubernetes CRD的traefik资源,您可以去您是对的,中间件不能用于TCP路由器。通过中间件的IPWhitelist概念仅适用于HTTP路由器。 您可以关注为TCP路由器请求中间件的问题。我切换到。看起来Traefik的文档和支持很差