调整traefik为Daemonset部署,增加健康检测功能以及Node节点亲和性调度

[Hello-Linux]

调整traefik为Daemonset部署,增加健康检测功能以及Node节点亲和性调度

[Hello-Linux]

调整原因说明

1.根据官方文档说明,如果是面向内部(internal)服务的traefik，建议使用deployment的方式，面向外部(external)服务的traefik，建议使用daemonset的方式，大部分应用都是面向外部用户的．所以Daemonset更合适.
以下抄自官方原文档

    * The scalability can be much better when using a Deployment, because you will have a Single-Pod-per-Node model when using a DaemonSet, whereas you may need less replicas based on your environment when using a Deployment.
    * DaemonSets automatically scale to new nodes, when the nodes join the cluster, whereas Deployment pods are only scheduled on new nodes if required.
    * DaemonSets ensure that only one replica of pods run on any single node. Deployments require affinity settings if you want to ensure that two pods don't end up on the same node.
    * DaemonSets can be run with the NET_BIND_SERVICE capability, which will allow it to bind to port 80/443/etc on each host. This will allow bypassing the kube-proxy, and reduce traffic hops. Note that this is against the Kubernetes Best Practices Guidelines, and raises the potential for scheduling/scaling issues. Despite potential issues, this remains the choice for most ingress controllers.
    If you are unsure which to choose, start with the Daemonset.

2.DaemonSets 可以使用 NET_BIND_SERVICE 功能运行，这将允许它直接绑定到每个主机上的80/443端口，这将允许绕过 kube-proxy代理，并减少流量跳跃，流量不用走 kube-proxy，效率更高一些,另外直接爆露了80/443端口，后期直接使用负载均衡软件(nginx/haproxy)代理节点即可，方便简单．

3.我在Helm values文件中增加了NodeAffinity特性，也可以将Tracfik定位到自定义节点node,不一定必须部署多台traefik服务．

所以说综合来讲使用Daemonset方式更优于使用Deployment部署方式!!!

[gjmzj]

后续项目安装中不再更新像traefik/nginx-ingress等组件的部署，因为这个跟集群部署关联性小，安装也相对方便，交由需要使用的用户自己部署安装

[Hello-Linux]

好的