-
Setup minikube to your like
- Without a VM:
minikube start --vm-driver=none
In this case if you already built the images you won't have to do anything else as it will use the docker environment from your machine.
- With a VM:
minikube start
Set the docker environment to the minikube VM
eval $(minikube docker-env)
- Without a VM:
-
Proceed to build your local images
-
Install traefikee on the cluster with custom values making sure the pull policy is set to 'Never':
traefikeectl install --clustername=k8s --licensekey=$TRAEFIKEE_LICENSE_KEY --dashboard --dashboard.insecure --force --kubernetes --kubernetes.helmvaluespath=./traefikee_values.yml -
Add a label to one of the data nodes to later select it on a NetworkPolicy:
kubectl label pods <pod-name> test=block-controller -n traefikee -
Edit the policy with the correct cidr/ip to block traffic from/to the controller to the selected data node:
kubectl apply -f allow-except-ip.yml -n traefikee -
Remove the rule whenever you want:
kubectl delete -f allow-except-ip.yml -n traefikee
Last active
July 26, 2019 18:09
-
-
Save ddtmachado/1447397b0767ce387609665f0c855412 to your computer and use it in GitHub Desktop.
Running traefikee on minikube
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| kind: NetworkPolicy | |
| apiVersion: networking.k8s.io/v1 | |
| metadata: | |
| name: allow-except-ip | |
| spec: | |
| podSelector: | |
| matchLabels: | |
| app: traefikee | |
| component: data-nodes | |
| test: block-controller | |
| ingress: | |
| - from: | |
| - ipBlock: | |
| cidr: <your-k8s-net-cidr> #ex 10.244.1.0/24 | |
| except: | |
| - <your-controll-node-ip> #ex 10.244.1.144/32 | |
| egress: | |
| - to: | |
| - ipBlock: | |
| cidr: <your-k8s-net-cidr> #ex 10.244.1.0/24 | |
| except: | |
| - <your-controll-node-ip> #ex 10.244.1.144/32 | |
| policyTypes: | |
| - Ingress | |
| - Egress |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| . |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| bootstrap: | |
| timeout: 600 | |
| image: | |
| name: containous/traefikee-private | |
| tag: latest | |
| pullPolicy: Never | |
| replicas: | |
| dataNode: | |
| total: 2 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment