使用 Helm(v3) 安装 Traefik(v2), 部署为:DaemonSet,使用主机网络,监听Node的80、443。
deployment:
kind: DaemonSet
dnsPolicy: ClusterFirstWithHostNet
ports:
web:
port: 80
hostPort: 80
websecure:
port: 443
hostPort: 443
# 关闭 metrics entrypoints
metrics: null
metrics: null
service:
enabled: false
type: NodePort
hostNetwork: true
# 开启80、443端口需要特权
securityContext:
capabilities:
drop: [ALL]
add: [NET_BIND_SERVICE]
readOnlyRootFilesystem: true
runAsGroup: 0
runAsNonRoot: false
runAsUser: 0