kubernetes下traefik配置websocket
[global]checkNewVersion = falsesendAnonymousUsage = false[log]level = "DEBUG"[serversTransport]insecureSkipVerify=true[entryPoints][entryPoints.wss]address = ":8000"[api]insecure = true[providers.file
·
[global]
checkNewVersion = false
sendAnonymousUsage = false
[log]
level = "DEBUG"
[serversTransport]
insecureSkipVerify=true
[entryPoints]
[entryPoints.wss]
address = ":8000"
[api]
insecure = true
[providers.file]
filename = "{{ .SelfFilename }}"
## dynamic configuration ##
[http.routers]
[http.routers.router1]
service = "service1"
rule = "Path(`/echo`,`/ws`)"
[http.routers.router1.tls]
[http.services]
[http.services.service1]
[http.services.service1.loadBalancer]
passHostHeader = true
[[http.services.service1.loadBalancer.servers]]
url = "{{ .WebsocketServer }}"
[tls.stores]
[tls.stores.default.defaultCertificate]
certFile = "resources/tls/local.cert"
keyFile = "resources/tls/local.key"
我们可以看到官网上websocket wss的配置范例https://github.com/traefik/traefik/blob/e4e2a188c5c03ba305022ab0d2797e89b4ba7701/integration/fixtures/websocket/config.toml
在范例中entryPoints和routers和平时写的都没多大区别,比较关键的一点就是services里面passHostHeader = true,无论是ws还是wss,都必须有这句发送头才能实现websocket。
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: safe1
spec:
entryPoints:
- web
routes:
- match: Host(`xxx.cn`) && PathPrefix(`/safe`)
kind: Rule
priority: 3
middlewares:
- name: headers
namespace: default
services:
- name: safe1
port: 8080
# scheme: http
#websocket则加passHostHeader为true,wss则也一样加passHostHeader为true和tls配置
passHostHeader: true
# sticky:
# cookie:
# httpOnly: true
# name: cookie
在traefik的kubernetesCRD模式下,ingress可以如此配置websocket,百度、谷歌我几乎都没找到类似这样的配置指导,搞了很久才无意中发现github里面有配置,而我和它的区别就是passHostHeader: true这句。traefik官方文档也不够靠谱,没说清楚websocket怎么配置,藏在github这么深
开源、云原生的融合云平台
更多推荐
2
0- 0
已为社区贡献3条内容
所有评论(0)