k8s中安装traefix并配置dashboard访问权限
k8s中安装traefix
·
参考链接
本文使用helm安装,并添加访问控制,使用用户名/密码登录
安装helm
helm repo add traefik https://helm.traefik.io/traefik
helm repo update
kubectl create ns traefik-v2
helm install --namespace=traefik-v2 \ traefik traefik/traefik
创建访问控制
转发暴露端口
nohup kubectl port-forward -n traefik-v2 $(kubectl get pods --selector "app.kubernetes.io/name=traefik" -n traefik-v2 --output=name) 9000:9000 &
创建用户名密码验证
创建文件:base_secret.yaml,内容如下,(用户访问dashboard的用户名密码)
apiVersion: v1
kind: Secret
metadata:
name: secret-basic-auth
namespace: traefik-v2
type: kubernetes.io/basic-auth
stringData:
username: admin # required field for kubernetes.io/basic-auth
password: admin123 # required field for kubernetes.io/basic-auth
创建文件:midauth.yaml ,内容如下(创建使用用户名,密码的middleware)
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: test-auth
namespace: traefik-v2
spec:
basicAuth:
secret: secret-basic-auth # 使用上面创建的secret名称
创建文件:dashboard.yaml,内容如下(创建dashboard访问)
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: traefik-dashboard
namespace: traefik-v2
spec:
routes:
- match: PathPrefix(`/dashboard`) || PathPrefix(`/api`)
kind: Rule
services:
- name: api@internal
kind: TraefikService
middlewares:
- name: test-auth # 使用上面创建的middleware名称
一次使用kubectl apply -f *.yaml
执行上述文件即可(我这里域名同样做了内网穿透,内网穿透参考链接),你自己访问直接访问http://ip(自己的ip):9000/dashboard/#/即可
更多推荐
已为社区贡献9条内容
所有评论(0)