traefik我们已经有一年多了,它很棒。我们目前的版本为1.6.6,一切正常,一旦尝试将其升级到1.7,所有端点都将获得502。知道为什么会这样吗?
我们正在尝试升级,因为NS1是作为DNS提供程序引入的,并且HTTP挑战似乎不再起作用。
这是我们当前的设置:
apiVersion: v1
data:
traefik.toml: |
# traefik.toml
defaultEntryPoints = ["http", "https"]
[web]
address = ":8080"
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint = "https"
[entryPoints.https]
address = ":443"
[entryPoints.https.redirect]
[entryPoints.https.tls]
[kubernetes]
[acme]
email = "[email protected]"
storage = "/acme/acme.json"
entryPoint = "https"
acmeLogging = true
caServer = "https://acme-v02.api.letsencrypt.org/directory"
[[acme.domains]]
main = "something.com"
[[acme.domains]]
main = "something.com"
[acme.httpChallenge]
entryPoint = "http"
[retry]
attempts = 5
[accessLog]
[traefikLog]
filePath = "/acme/traefik.log"
kind: ConfigMap
metadata:
labels:
app: traefik
name: traefik
namespace: kube-system
---
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
labels:
app: traefik
name: traefik
namespace: kube-system
spec:
selector:
matchLabels:
app: traefik
template:
metadata:
labels:
app: traefik
spec:
serviceAccountName: traefik-ingress-controller
hostNetwork: true
dnsPolicy: ClusterFirst
nodeSelector:
role: edge-routers
containers:
- args:
- --configfile=/config/traefik.toml
- --kubernetes
- --api
- -d
image: traefik:1.6.6
imagePullPolicy: Always
livenessProbe:
tcpSocket:
port: 80
initialDelaySeconds: 20
name: traefik
ports:
- containerPort: 80
protocol: TCP
- containerPort: 443
protocol: TCP
- containerPort: 8080
protocol: TCP
securityContext:
privileged: true
readinessProbe:
tcpSocket:
port: 80
initialDelaySeconds: 20
volumeMounts:
- mountPath: /config
name: config
- mountPath: /acme
name: acme
volumes:
- configMap:
name: traefik
name: config
- hostPath:
path: /etc/traefik
name: acme
似乎我们正在得到:
最佳答案
似乎traefik增加了它们在字节之间的时间,并且我们的内部缓存因此而超时。通过增加超时来解决。
关于kubernetes - Traefik 1.7升级打破了kubernetes 1.7.12,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/54583237/