当前位置: 首页 > 工具软件 > Traefik > 使用案例 >

traefik

淳于升
2023-12-01

在k8s集群搭建双traefik除了改变端口号&&DaemonSet还要 注意 以后匹配ingress的注解绑定

  - --kubernetes.ingressclass=private

Complete documentation is available at https://traefik.io

Usage: traefik [command] [flags] [arguments]

Use "traefik [command] --help" for help on any command.

Commands:
    healthcheck    Calls Traefik /ping to check the health of Traefik (the API must be enabled).
    version        Shows the current Traefik version.

Flag's usage: traefik [--flag=flag_argument] [-f [flag_argument]]    # set flag_argument to flag(s)
          or: traefik [--flag[=true|false| ]] [-f [true|false| ]]    # set true/false to boolean flag(s)

Flags:
    --accesslog  (Default: "false")
        Access log settings.

    --accesslog.bufferingsize  (Default: "0")
        Number of access log lines to process in a buffered way.

    --accesslog.fields.defaultmode  (Default: "keep")
        Default mode for fields: keep | drop

    --accesslog.fields.headers.defaultmode  (Default: "drop")
        Default mode for fields: keep | drop | redact

    --accesslog.fields.headers.names.<name>  (Default: "")
        Override mode for headers

    --accesslog.fields.names.<name>  (Default: "")
        Override mode for fields

    --accesslog.filepath  (Default: "")
        Access log file path. Stdout is used when omitted or empty.

    --accesslog.filters.minduration  (Default: "0")
        Keep access logs when request took longer than the specified duration.

    --accesslog.filters.retryattempts  (Default: "false")
        Keep access logs when at least one retry happened.

    --accesslog.filters.statuscodes  (Default: "")
        Keep access logs with status codes in the specified range.

    --accesslog.format  (Default: "common")
        Access log format: json | common

    --api  (Default: "false")
        Enable api/dashboard.

    --api.dashboard  (Default: "true")
        Activate dashboard.

    --api.debug  (Default: "false")
        Enable additional endpoints for debugging and profiling.

    --api.insecure  (Default: "false")
        Activate API directly on the entryPoint named traefik.

    --certificatesresolvers.<name>  (Default: "false")
        Certificates resolvers configuration.

    --certificatesresolvers.<name>.acme.caserver  (Default: "https://acme-v02.api.letsencrypt.org/directory")
        CA server to use.

    --certificatesresolvers.<name>.acme.dnschallenge  (Default: "false")
        Activate DNS-01 Challenge.

    --certificatesresolvers.<name>.acme.dnschallenge.delaybeforecheck  (Default: "0")
        Assume DNS propagates after a delay in seconds rather than finding and querying
        nameservers.

    --certificatesresolvers.<name>.acme.dnschallenge.disablepropagationcheck  (Default: "false")
        Disable the DNS propagation checks before notifying ACME that the DNS challenge
        is ready. [not recommended]

    --certificatesresolvers.<name>.acme.dnschallenge.provider  (Default: "")
        Use a DNS-01 based challenge provider rather than HTTPS.

    --certificatesresolvers.<name>.acme.dnschallenge.resolvers  (Default: "")
        Use following DNS servers to resolve the FQDN authority.

    --certificatesresolvers.<name>.acme.email  (Default: "")
        Email address used for registration.

    --certificatesresolvers.<name>.acme.httpchallenge  (Default: "false")
        Activate HTTP-01 Challenge.

    --certificatesresolvers.<name>.acme.httpchallenge.entrypoint  (Default: "")
        HTTP challenge EntryPoint

    --certificatesresolvers.<name>.acme.keytype  (Default: "RSA4096")
        KeyType used for generating certificate private key. Allow value 'EC256',
        'EC384', 'RSA2048', 'RSA4096', 'RSA8192'.

    --certificatesresolvers.<name>.acme.storage  (Default: "acme.json")
        Storage to use.

    --certificatesresolvers.<name>.acme.tlschallenge  (Default: "true")
        Activate TLS-ALPN-01 Challenge.

    --configfile  (Default: "")
        Configuration file to use. If specified all other flags are ignored.

    --entrypoints.<name>  (Default: "false")
        Entry points definition.

    --entrypoints.<name>.address  (Default: "")
        Entry point address.

    --entrypoints.<name>.forwardedheaders.insecure  (Default: "false")
        Trust all forwarded headers.

    --entrypoints.<name>.forwardedheaders.trustedips  (Default: "")
        Trust only forwarded headers from selected IPs.

    --entrypoints.<name>.proxyprotocol  (Default: "false")
        Proxy-Protocol configuration.

    --entrypoints.<name>.proxyprotocol.insecure  (Default: "false")
        Trust all.

    --entrypoints.<name>.proxyprotocol.trustedips  (Default: "")
        Trust only selected IPs.

    --entrypoints.<name>.transport.lifecycle.gracetimeout  (Default: "10")
        Duration to give active requests a chance to finish before Traefik stops.

    --entrypoints.<name>.transport.lifecycle.requestacceptgracetimeout  (Default: "0")
        Duration to keep accepting requests before Traefik initiates the graceful
        shutdown procedure.

    --entrypoints.<name>.transport.respondingtimeouts.idletimeout  (Default: "180")
        IdleTimeout is the maximum amount duration an idle (keep-alive) connection will
        remain idle before closing itself. If zero, no timeout is set.

    --entrypoints.<name>.transport.respondingtimeouts.readtimeout  (Default: "0")
        ReadTimeout is the maximum duration for reading the entire request, including
        the body. If zero, no timeout is set.

    --entrypoints.<name>.transport.respondingtimeouts.writetimeout  (Default: "0")
        WriteTimeout is the maximum duration before timing out writes of the response.
        If zero, no timeout is set.

    --global.checknewversion  (Default: "true")
        Periodically check if a new version has been released.

    --global.sendanonymoususage  
        Periodically send anonymous usage statistics. If the option is not specified, it
        will be enabled by default.

    --hostresolver  (Default: "false")
        Enable CNAME Flattening.

    --hostresolver.cnameflattening  (Default: "false")
        A flag to enable/disable CNAME flattening

    --hostresolver.resolvconfig  (Default: "/etc/resolv.conf")
        resolv.conf used for DNS resolving

    --hostresolver.resolvdepth  (Default: "5")
        The maximal depth of DNS recursive resolving

    --log  (Default: "false")
        Traefik log settings.

    --log.filepath  (Default: "")
        Traefik log file path. Stdout is used when omitted or empty.

    --log.format  (Default: "common")
        Traefik log format: json | common

    --log.level  (Default: "ERROR")
        Log level set to traefik logs.

    --metrics.datadog  (Default: "false")
        Datadog metrics exporter type.

    --metrics.datadog.addentrypointslabels  (Default: "true")
        Enable metrics on entry points.

    --metrics.datadog.address  (Default: "localhost:8125")
        Datadog's address.

    --metrics.datadog.addserviceslabels  (Default: "true")
        Enable metrics on services.

    --metrics.datadog.pushinterval  (Default: "10")
        Datadog push interval.

    --metrics.influxdb  (Default: "false")
        InfluxDB metrics exporter type.

    --metrics.influxdb.addentrypointslabels  (Default: "true")
        Enable metrics on entry points.

    --metrics.influxdb.address  (Default: "localhost:8089")
        InfluxDB address.

    --metrics.influxdb.addserviceslabels  (Default: "true")
        Enable metrics on services.

    --metrics.influxdb.database  (Default: "")
        InfluxDB database used when protocol is http.

    --metrics.influxdb.password  (Default: "")
        InfluxDB password (only with http).

    --metrics.influxdb.protocol  (Default: "udp")
        InfluxDB address protocol (udp or http).

    --metrics.influxdb.pushinterval  (Default: "10")
        InfluxDB push interval.

    --metrics.influxdb.retentionpolicy  (Default: "")
        InfluxDB retention policy used when protocol is http.

    --metrics.influxdb.username  (Default: "")
        InfluxDB username (only with http).

    --metrics.prometheus  (Default: "false")
        Prometheus metrics exporter type.

    --metrics.prometheus.addentrypointslabels  (Default: "true")
        Enable metrics on entry points.

    --metrics.prometheus.addserviceslabels  (Default: "true")
        Enable metrics on services.

    --metrics.prometheus.buckets  (Default: "0.100000, 0.300000, 1.200000, 5.000000")
        Buckets for latency metrics.

    --metrics.prometheus.entrypoint  (Default: "traefik")
        EntryPoint

    --metrics.statsd  (Default: "false")
        StatsD metrics exporter type.

    --metrics.statsd.addentrypointslabels  (Default: "true")
        Enable metrics on entry points.

    --metrics.statsd.address  (Default: "localhost:8125")
        StatsD address.

    --metrics.statsd.addserviceslabels  (Default: "true")
        Enable metrics on services.

    --metrics.statsd.pushinterval  (Default: "10")
        StatsD push interval.

    --ping  (Default: "false")
        Enable ping.

    --ping.entrypoint  (Default: "traefik")
        EntryPoint

    --providers.docker  (Default: "false")
        Enable Docker backend with default settings.

    --providers.docker.constraints  (Default: "")
        Constraints is an expression that Traefik matches against the container's labels
        to determine whether to create any route for that container.

    --providers.docker.defaultrule  (Default: "Host(`{{ normalize .Name }}`)")
        Default rule.

    --providers.docker.endpoint  (Default: "unix:///var/run/docker.sock")
        Docker server endpoint. Can be a tcp or a unix socket endpoint.

    --providers.docker.exposedbydefault  (Default: "true")
        Expose containers by default.

    --providers.docker.network  (Default: "")
        Default Docker network used.

    --providers.docker.swarmmode  (Default: "false")
        Use Docker on Swarm Mode.

    --providers.docker.swarmmoderefreshseconds  (Default: "15")
        Polling interval for swarm mode.

    --providers.docker.tls.ca  (Default: "")
        TLS CA

    --providers.docker.tls.caoptional  (Default: "false")
        TLS CA.Optional

    --providers.docker.tls.cert  (Default: "")
        TLS cert

    --providers.docker.tls.insecureskipverify  (Default: "false")
        TLS insecure skip verify

    --providers.docker.tls.key  (Default: "")
        TLS key

    --providers.docker.usebindportip  (Default: "false")
        Use the ip address from the bound port, rather than from the inner network.

    --providers.docker.watch  (Default: "true")
        Watch provider.

    --providers.file.debugloggeneratedtemplate  (Default: "false")
        Enable debug logging of generated configuration template.

    --providers.file.directory  (Default: "")
        Load configuration from one or more .toml files in a directory.

    --providers.file.filename  (Default: "")
        Override default configuration template. For advanced users :)

    --providers.file.watch  (Default: "true")
        Watch provider.

    --providers.kubernetescrd  (Default: "false")
        Enable Kubernetes backend with default settings.

    --providers.kubernetescrd.certauthfilepath  (Default: "")
        Kubernetes certificate authority file path (not needed for in-cluster client).

    --providers.kubernetescrd.disablepasshostheaders  (Default: "false")
        Kubernetes disable PassHost Headers.

    --providers.kubernetescrd.endpoint  (Default: "")
        Kubernetes server endpoint (required for external cluster client).

    --providers.kubernetescrd.ingressclass  (Default: "")
        Value of kubernetes.io/ingress.class annotation to watch for.

    --providers.kubernetescrd.labelselector  (Default: "")
        Kubernetes label selector to use.

    --providers.kubernetescrd.namespaces  (Default: "")
        Kubernetes namespaces.

    --providers.kubernetescrd.throttleduration  (Default: "0")
        Ingress refresh throttle duration

    --providers.kubernetescrd.token  (Default: "")
        Kubernetes bearer token (not needed for in-cluster client).

    --providers.kubernetesingress  (Default: "false")
        Enable Kubernetes backend with default settings.

    --providers.kubernetesingress.certauthfilepath  (Default: "")
        Kubernetes certificate authority file path (not needed for in-cluster client).

    --providers.kubernetesingress.disablepasshostheaders  (Default: "false")
        Kubernetes disable PassHost Headers.

    --providers.kubernetesingress.endpoint  (Default: "")
        Kubernetes server endpoint (required for external cluster client).

    --providers.kubernetesingress.ingressclass  (Default: "")
        Value of kubernetes.io/ingress.class annotation to watch for.

    --providers.kubernetesingress.ingressendpoint.hostname  (Default: "")
        Hostname used for Kubernetes Ingress endpoints.

    --providers.kubernetesingress.ingressendpoint.ip  (Default: "")
        IP used for Kubernetes Ingress endpoints.

    --providers.kubernetesingress.ingressendpoint.publishedservice  (Default: "")
        Published Kubernetes Service to copy status from.

    --providers.kubernetesingress.labelselector  (Default: "")
        Kubernetes Ingress label selector to use.

    --providers.kubernetesingress.namespaces  (Default: "")
        Kubernetes namespaces.

    --providers.kubernetesingress.throttleduration  (Default: "0")
        Ingress refresh throttle duration

    --providers.kubernetesingress.token  (Default: "")
        Kubernetes bearer token (not needed for in-cluster client).

    --providers.marathon  (Default: "false")
        Enable Marathon backend with default settings.

    --providers.marathon.basic.httpbasicauthuser  (Default: "")
        Basic authentication User.

    --providers.marathon.basic.httpbasicpassword  (Default: "")
        Basic authentication Password.

    --providers.marathon.constraints  (Default: "")
        Constraints is an expression that Traefik matches against the application's
        labels to determine whether to create any route for that application.

    --providers.marathon.dcostoken  (Default: "")
        DCOSToken for DCOS environment, This will override the Authorization header.

    --providers.marathon.defaultrule  (Default: "Host(`{{ normalize .Name }}`)")
        Default rule.

    --providers.marathon.dialertimeout  (Default: "5")
        Set a dialer timeout for Marathon.

    --providers.marathon.endpoint  (Default: "http://127.0.0.1:8080")
        Marathon server endpoint. You can also specify multiple endpoint for Marathon.

    --providers.marathon.exposedbydefault  (Default: "true")
        Expose Marathon apps by default.

    --providers.marathon.forcetaskhostname  (Default: "false")
        Force to use the task's hostname.

    --providers.marathon.keepalive  (Default: "10")
        Set a TCP Keep Alive time.

    --providers.marathon.respectreadinesschecks  (Default: "false")
        Filter out tasks with non-successful readiness checks during deployments.

    --providers.marathon.responseheadertimeout  (Default: "60")
        Set a response header timeout for Marathon.

    --providers.marathon.tls.ca  (Default: "")
        TLS CA

    --providers.marathon.tls.caoptional  (Default: "false")
        TLS CA.Optional

    --providers.marathon.tls.cert  (Default: "")
        TLS cert

    --providers.marathon.tls.insecureskipverify  (Default: "false")
        TLS insecure skip verify

    --providers.marathon.tls.key  (Default: "")
        TLS key

    --providers.marathon.tlshandshaketimeout  (Default: "5")
        Set a TLS handshake timeout for Marathon.

    --providers.marathon.trace  (Default: "false")
        Display additional provider logs.

    --providers.marathon.watch  (Default: "true")
        Watch provider.

    --providers.providersthrottleduration  (Default: "2")
        Backends throttle duration: minimum duration between 2 events from providers
        before applying a new configuration. It avoids unnecessary reloads if multiples
        events are sent in a short amount of time.

    --providers.rancher  (Default: "false")
        Enable Rancher backend with default settings.

    --providers.rancher.constraints  (Default: "")
        Constraints is an expression that Traefik matches against the container's labels
        to determine whether to create any route for that container.

    --providers.rancher.defaultrule  (Default: "Host(`{{ normalize .Name }}`)")
        Default rule.

    --providers.rancher.enableservicehealthfilter  (Default: "true")
        Filter services with unhealthy states and inactive states.

    --providers.rancher.exposedbydefault  (Default: "true")
        Expose containers by default.

    --providers.rancher.intervalpoll  (Default: "false")
        Poll the Rancher metadata service every 'rancher.refreshseconds' (less
        accurate).

    --providers.rancher.prefix  (Default: "latest")
        Prefix used for accessing the Rancher metadata service.

    --providers.rancher.refreshseconds  (Default: "15")
        Defines the polling interval in seconds.

    --providers.rancher.watch  (Default: "true")
        Watch provider.

    --providers.rest  (Default: "false")
        Enable Rest backend with default settings.

    --providers.rest.insecure  (Default: "false")
        Activate REST Provider directly on the entryPoint named traefik.

    --serverstransport.forwardingtimeouts.dialtimeout  (Default: "30")
        The amount of time to wait until a connection to a backend server can be
        established. If zero, no timeout exists.

    --serverstransport.forwardingtimeouts.idleconntimeout  (Default: "90")
        The maximum period for which an idle HTTP keep-alive connection will remain open
        before closing itself

    --serverstransport.forwardingtimeouts.responseheadertimeout  (Default: "0")
        The amount of time to wait for a server's response headers after fully writing
        the request (including its body, if any). If zero, no timeout exists.

    --serverstransport.insecureskipverify  (Default: "false")
        Disable SSL certificate verification.

    --serverstransport.maxidleconnsperhost  (Default: "200")
        If non-zero, controls the maximum idle (keep-alive) to keep per-host. If zero,
        DefaultMaxIdleConnsPerHost is used

    --serverstransport.rootcas  (Default: "")
        Add cert file for self-signed certificate.

    --tracing  (Default: "false")
        OpenTracing configuration.

    --tracing.datadog  (Default: "false")
        Settings for Datadog.

    --tracing.datadog.bagageprefixheadername  (Default: "")
        Specifies the header name prefix that will be used to store baggage items in a
        map.

    --tracing.datadog.debug  (Default: "false")
        Enable Datadog debug.

    --tracing.datadog.globaltag  (Default: "")
        Key:Value tag to be set on all the spans.

    --tracing.datadog.localagenthostport  (Default: "localhost:8126")
        Set datadog-agent's host:port that the reporter will used.

    --tracing.datadog.parentidheadername  (Default: "")
        Specifies the header name that will be used to store the parent ID.

    --tracing.datadog.prioritysampling  (Default: "false")
        Enable priority sampling. When using distributed tracing, this option must be
        enabled in order to get all the parts of a distributed trace sampled.

    --tracing.datadog.samplingpriorityheadername  (Default: "")
        Specifies the header name that will be used to store the sampling priority.

    --tracing.datadog.traceidheadername  (Default: "")
        Specifies the header name that will be used to store the trace ID.

    --tracing.haystack  (Default: "false")
        Settings for Haystack.

    --tracing.haystack.baggageprefixheadername  (Default: "")
        Specifies the header name prefix that will be used to store baggage items in a
        map.

    --tracing.haystack.globaltag  (Default: "")
        Key:Value tag to be set on all the spans.

    --tracing.haystack.localagenthost  (Default: "LocalAgentHost")
        Set haystack-agent's host that the reporter will used.

    --tracing.haystack.localagentport  (Default: "35000")
        Set haystack-agent's port that the reporter will used.

    --tracing.haystack.parentidheadername  (Default: "")
        Specifies the header name that will be used to store the parent ID.

    --tracing.haystack.spanidheadername  (Default: "")
        Specifies the header name that will be used to store the span ID.

    --tracing.haystack.traceidheadername  (Default: "")
        Specifies the header name that will be used to store the trace ID.

    --tracing.instana  (Default: "false")
        Settings for Instana.

    --tracing.instana.localagenthost  (Default: "localhost")
        Set instana-agent's host that the reporter will used.

    --tracing.instana.localagentport  (Default: "42699")
        Set instana-agent's port that the reporter will used.

    --tracing.instana.loglevel  (Default: "info")
        Set instana-agent's log level. ('error','warn','info','debug')

    --tracing.jaeger  (Default: "false")
        Settings for Jaeger.

    --tracing.jaeger.collector.endpoint  (Default: "")
        Instructs reporter to send spans to jaeger-collector at this URL.

    --tracing.jaeger.collector.password  (Default: "")
        Password for basic http authentication when sending spans to jaeger-collector.

    --tracing.jaeger.collector.user  (Default: "")
        User for basic http authentication when sending spans to jaeger-collector.

    --tracing.jaeger.gen128bit  (Default: "false")
        Generate 128 bit span IDs.

    --tracing.jaeger.localagenthostport  (Default: "127.0.0.1:6831")
        Set jaeger-agent's host:port that the reporter will used.

    --tracing.jaeger.propagation  (Default: "jaeger")
        Which propagation format to use (jaeger/b3).

    --tracing.jaeger.samplingparam  (Default: "1.000000")
        Set the sampling parameter.

    --tracing.jaeger.samplingserverurl  (Default: "http://localhost:5778/sampling")
        Set the sampling server url.

    --tracing.jaeger.samplingtype  (Default: "const")
        Set the sampling type.

    --tracing.jaeger.tracecontextheadername  (Default: "uber-trace-id")
        Set the header to use for the trace-id.

    --tracing.servicename  (Default: "traefik")
        Set the name for this service.

    --tracing.spannamelimit  (Default: "0")
        Set the maximum character limit for Span names (default 0 = no limit).

    --tracing.zipkin  (Default: "false")
        Settings for Zipkin.

    --tracing.zipkin.httpendpoint  (Default: "http://localhost:9411/api/v2/spans")
        HTTP Endpoint to report traces to.

    --tracing.zipkin.id128bit  (Default: "true")
        Use Zipkin 128 bit root span IDs.

    --tracing.zipkin.samespan  (Default: "false")
        Use Zipkin SameSpan RPC style traces.

    --tracing.zipkin.samplerate  (Default: "1.000000")
        The rate between 0.0 and 1.0 of requests to trace.

2019/09/24 06:11:13 command traefik error: flag needs an argument: -kubernetes
 

 类似资料: