Traefik 2.X.0 has been released for some time, and many new features of the version have been updated, especially the highlight of the coexistence of TCP forwarding and http forwarding, which can solve many business problems, save many core network ports and experience bare metal deployment.
Traefik, like an edge router, acts as an entry point for the entire platform to process and route each incoming request according to logic and rules.These rules determine which services handle which requests; traditional reverse proxies require a configuration file that contains all possible routes to your service, while Traefik detects the service in real time and updates the routing rules automatically, allowing automatic service discovery. Entrypoint This is the entry to traffic, which defines the port (HTTP or TCP) on which requests are received. Providers are used to automatically discover services on the platform, such as orchestration tools, container engines, or key-value storage, such as Docker, Kubernetes, File Routers Analysis Request (host, path, headers, SSL,...)Is responsible for connecting incoming requests to services that can handle them. Services forward requests to your application (load balancing,...)Is responsible for configuring how to obtain the actual service that will eventually process incoming requests. Middlewares middleware, which is used to modify requests or make judgments based on requests (authentication, rate limiting, headers,...), is attached to a route and is a way to adjust requests before they are sent to your service (or before the service's response is sent to the client).
Add the following main functions:
[acme,middleware,tls] entry point redirection and default router configuration [consul,etcd,kv,redis,zk] Add KV Store Provider (dynamic configuration only) [consulcatalog,docker,marathon,rancher,udp]Add UDP to providers with labels [docker] Repair traefik behavior when network_mode l is host [Docker] Supports SSH connections to Dockers [health check] Do not redirect health check URLs [k8s,k8s/crd,udp] Add UDP support to the kubernetesCRD provider The theme to add darkness to [WebUI] is Web UI Bug fixes a lot: Check the update instructions for more details: https://github.com/containous/traefik/releases
Introduction to the environment:
Default Occupied Port: http 80 https 443 traefik management page 8080 Configuration directory: /etc/traefik Service log path: /var/log/traefik Access log: /data/traefiklog
wget --quiet -O /tmp/traefik.tar.gz "https://github.com/containous/traefik/releases/download/v2.2.0/traefik_v2.2.0_linux_amd64.tar.gz" tar xzvf /tmp/traefik.tar.gz -C /usr/local/bin traefik rm -f /tmp/traefik.tar.gz; chmod +x /usr/local/bin/traefik mkdir -p /etc/traefik mkdir -p /var/log/traefik mkdir -p /data/traefiklog
traefik version Version: 2.2.0 Codename: chevrotin Go version: go1.14.1 Built: 2020-03-25T17:32:57Z OS/Arch: linux/amd64
Add traefik startup file:
cd /etc/systemd/system/ Traefik The startup file is as follows: vi traefik.service [Unit] Description=Traefik Documentation=https://docs.traefik.io #After=network-online.target #AssertFileIsExecutable=/usr/local/bin/traefik #AssertPathExists=/etc/traefik/traefik.toml [Service] # Run traefik as its own user (create new user with: useradd -r -s /bin/false -U -M traefik) #User=traefik #AmbientCapabilities=CAP_NET_BIND_SERVICE # configure service behavior Type=notify ExecStart=/usr/local/bin/traefik --configFile=/etc/traefik/traefik.toml Restart=always WatchdogSec=1s # lock down system access # prohibit any operating system and configuration modification #ProtectSystem=strict # create separate, new (and empty) /tmp and /var/tmp filesystems #PrivateTmp=true # make /home directories inaccessible #ProtectHome=true # turns off access to physical devices (/dev/...) #PrivateDevices=true # make kernel settings (procfs and sysfs) read-only #ProtectKernelTunables=true # make cgroups /sys/fs/cgroup read-only #ProtectControlGroups=true # allow writing of acme.json #ReadWritePaths=/etc/traefik/acme.json # depending on log and entrypoint configuration, you may need to allow writing to other paths, too # limit number of processes in this unit #LimitNPROC=1 [Install] WantedBy=multi-user.target
sudo chown root:root /etc/systemd/system/traefik.service sudo chmod 644 /etc/systemd/system/traefik.service
Please go to the original site to read:
Address is node IP address: 8080