AllardKrings
commented
2 months ago Hi,
I did som more research and concluded that the traefik k3s installation uses uses the deprecated api-group traefik.containo.us.
I found this on the traefik site in their documentation:
In v2.10, the Kubernetes CRDs API Group traefik.containo.us is deprecated,
and its support will end starting with Traefik v3.
Please use the API Group traefik.io instead.
As the Kubernetes CRD provider still works with both API Versions
(traefik.io/v1alpha1 and traefik.containo.us/v1alpha1),
it means that for the same kind, namespace and name,
the provider will only keep the traefik.io/v1alpha1 resource.
In addition, the Kubernetes CRDs API Version traefik.io/v1alpha1
will not be supported in Traefik v3 itself.
Please note that it is a requirement to update the CRDs and the RBAC in the cluster before upgrading Traefik. To do so, please apply the required CRDs and RBAC manifests for v2.10:
kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v2.10/docs/content/reference/dynamic- configuration/kubernetes-crd-rbac.yml
kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v2.10/docs/content/reference/dynamic- configuration/kubernetes-crd-definition-v1.ymlAfter migrating the CRD’s this way and changing the yaml’s to use api-group traefik.io it works!
chazapis
Hi,
I dit a clean install of Ubuntu 23.10 on my RISCV Starfive Visionfive. The only thing I installed next was K3S.
Now alle pods are running:
kube-system helm-install-traefik-crd-7wm7w 0/1 Completed 0 174m kube-system helm-install-traefik-v4v2d 0/1 Completed 2 174m kube-system local-path-provisioner-6d44f4f9d7-k7dgx 1/1 Running 2 (107m ago) 174m kube-system metrics-server-7c55d89d5d-w2hmq 1/1 Running 2 (106m ago) 174m kube-system svclb-traefik-9a48e820-nvbsj 2/2 Running 2 (108m ago) 172m kube-system traefik-8657d6b9f4-stbbv 1/1 Running 1 (108m ago) 172m kube-system coredns-97b598894-2sb45 1/1 Running 1 (108m ago) 174m
However trafik does not seem to work correctly:
kubectl logs traefik-8657d6b9f4-stbbv -n kube-system gives:
E0420 11:21:03.776064 1 reflector.go:140] k8s.io/client-go@v0.26.3/tools/cache/reflector.go:169: Failed to watch v1alpha1.MiddlewareTCP: failed to list v1alpha1.MiddlewareTCP: middlewaretcps.traefik.io is forbidden: User "system:serviceaccount:kube-system:traefik" cannot list resource "middlewaretcps" in API group "traefik.io" at the cluster scope
This error is given for each CRD.
Looking at the clusterrole:
kubectl get clusterrole traefik-kube-system -o yaml
apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: meta.helm.sh/release-name: traefik meta.helm.sh/release-namespace: kube-system creationTimestamp: "2024-04-20T08:26:10Z" labels: app.kubernetes.io/instance: traefik-kube-system app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: traefik helm.sh/chart: traefik-21.2.1_up21.2.0 name: traefik-kube-system resourceVersion: "600" uid: e7326656-78c0-47a1-a8b2-408af3176c72 rules:
Ik tried NGINX with an Ingressroute but traefik does not route correctly (404)