Skip to content

概述

请求发生了什么?

让我们放大 Traefik 的架构,并讨论能够创建路由的组件。

首先,当您启动 Traefik 时,您可以定义入口点(在最基本的表单中,它们是端口号)。然后,路由器连接到这些入口点,分析传入的请求,以查看它们是否与一组规则匹配。 如果他们这样做,路由器可能会使用中间件转换请求,然后再将它们转发给您的服务

Architecture

明确的责任

  • Providers 发现您的基础设施上的服务(他们的 IP,健康......)
  • Entrypoints 侦听传入流量(端口,......)
  • Routers 分析请求(主机,路径,标头,SSL,......)
  • Services 将请求转发给您的服务(负载平衡,......)
  • Middlewares 可以根据请求更新请求或做出决策(身份验证,速率限制,标头......)

文件提供程序示例

下面是文件提供程序的完整配置文件的示例,该[文件提供程序]](../providers/file.md)将http://domain/whoami/请求转发到可访问的服务http://private/whoami-service/。 在此过程中,Traefik 将确保用户已通过身份验证(使用 BasicAuth 中间件)。

静态配置:

[entryPoints]
  [entryPoints.web]
    # Listen on port 8081 for incoming requests
    address = ":8081"

[providers]
  # Enable the file provider to define routers / middlewares / services in a file
  [providers.file]
    filename = "dynamic_conf.toml"
entryPoints:
  web:
    # Listen on port 8081 for incoming requests
    address: :8081

providers:
  # Enable the file provider to define routers / middlewares / services in a file
  file:
    filename: dynamic_conf.yml
# Listen on port 8081 for incoming requests
--entryPoints.web.address=:8081

# Enable the file provider to define routers / middlewares / services in a file
--providers.file.filename=dynamic_conf.toml

动态配置:

# http routing section
[http]
  [http.routers]
     # Define a connection between requests and services
     [http.routers.to-whoami]
      rule = "Host(`domain`) && PathPrefix(`/whoami/`)"
      # If the rule matches, applies the middleware
      middlewares = ["test-user"]
      # If the rule matches, forward to the whoami service (declared below)
      service = "whoami"

  [http.middlewares]
    # Define an authentication mechanism
    [http.middlewares.test-user.basicAuth]
      users = ["test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/"]

  [http.services]
    # Define how to reach an existing service on our infrastructure
    [http.services.whoami.loadBalancer]
      [[http.services.whoami.loadBalancer.servers]]
        url = "http://private/whoami-service"
# http routing section
http:
  routers:
    # Define a connection between requests and services
    to-whoami:
      rule:
        "Host(`domain`) && PathPrefix(`/whoami/`)"
        # If the rule matches, applies the middleware
      middlewares:
        - test-user
      # If the rule matches, forward to the whoami service (declared below)
      service: whoami

  middlewares:
    # Define an authentication mechanism
    test-user:
      basicAuth:
        users:
          - test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/

  services:
    # Define how to reach an existing service on our infrastructure
    whoami:
      loadBalancer:
        servers:
          - url: http://private/whoami-service

文件提供程序

在此示例中,我们使用文件提供程序. 即使它是配置Traefik的最不神奇的方式之一,它也明确地描述了每个可用的概念。

HTTP / TCP

在此示例中,我们仅为http请求定义了路由规则。 Traefik还支持TCP请求。要添加TCP路由器TCP服务,请在TCP部分中声明它们,如下所示。

在whoami.traefik.io上为TLS请求添加TCP路由

静态配置:

[entryPoints]
  [entryPoints.web]
    # Listen on port 8081 for incoming requests
    address = ":8081"

[providers]
  # Enable the file provider to define routers / middlewares / services in a file
  [providers.file]
    filename = "dynamic_conf.toml"
entryPoints:
  web:
    # Listen on port 8081 for incoming requests
    address: :8081
providers:
  # Enable the file provider to define routers / middlewares / services in a file
  file:
    filename: dynamic_conf.yml
# Listen on port 8081 for incoming requests
--entryPoints.web.address=":8081"

# Enable the file provider to define routers / middlewares / services in a file
--providers.file.filename=dynamic_conf.toml

动态配置:

# http routing section
[http]
  [http.routers]
    # Define a connection between requests and services
    [http.routers.to-whoami]
      rule = "Host(`domain`) && PathPrefix(`/whoami/`)"
      # If the rule matches, applies the middleware
      middlewares = ["test-user"]
      # If the rule matches, forward to the whoami service (declared below)
      service = "whoami"

  [http.middlewares]
     # Define an authentication mechanism
     [http.middlewares.test-user.basicAuth]
       users = ["test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/"]

  [http.services]
     # Define how to reach an existing service on our infrastructure
     [http.services.whoami.loadBalancer]
       [[http.services.whoami.loadBalancer.servers]]
         url = "http://private/whoami-service"

[tcp]
  [tcp.routers]
    [tcp.routers.to-whoami-tcp]
      rule = "HostSNI(`whoami-tcp.traefik.io`)"
      service = "whoami-tcp"
      [tcp.routers.to-whoami-tcp.tls]

  [tcp.services]
    [tcp.services.whoami-tcp.loadBalancer]
      [[tcp.services.whoami-tcp.loadBalancer.servers]]
        address = "xx.xx.xx.xx:xx"
# http routing section
http:

  routers:
    # Define a connection between requests and services
    to-whoami:
      rule: Host(`domain`) && PathPrefix(`/whoami/`)
      # If the rule matches, applies the middleware
      middlewares:
      - test-user
      # If the rule matches, forward to the whoami service (declared below)
      service: whoami

  middlewares:
    # Define an authentication mechanism
    test-user:
      basicAuth:
        users:
        - test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/

  services:
    # Define how to reach an existing service on our infrastructure
    whoami:
      loadBalancer:
        servers:
        - url: http://private/whoami-service
tcp:

  routers:
    to-whoami-tcp:
      service: whoami-tcp
      rule: HostSNI(`whoami-tcp.traefik.io`)

  services:
    whoami-tcp:
      loadBalancer:
        servers:
        - address: xx.xx.xx.xx:xx