Traefik not working - Githubissues

avarf commented 5 years ago

I have a working setup on Minikube with Traefik as ingress controller. I tried to use that setup on Microk8s but Traefik is not able to work and although I can see the Traefik dashboard and it says that everything is working but every time I try to use the ingress urls I face timeout but if I use the endpoint IP of that service (which I can see in the traefik dashboard) I am able to access to that service.

I also tried microk8s.enable ingress but it created a nginx ingress for me and then I disabled it because I want to use traefik.

Do I need to change my configuration so it becomes compatible with Microk8s? If yes how?

My ingress:

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: wws
  annotations:
    kubernetes.io/ingress.class: "traefik"
    traefik.frontend.rule.type: PathPrefixStrip
    traefik.frontend.passHostHeader: "true"
    traefik.backend.loadbalancer.sticky: "true"
    #traefik.ingress.kubernetes.io/rule-type: ReplacePathRegex
    traefik.wss.protocol: http
    traefik.wss.protocol: https
spec:
  rules:
  - host: streambridge.local
    http:
      paths:
      - path: /streambridge
        backend:
          serviceName: streambridge
          servicePort: 9999
      - path: /dashboard
        backend:
          serviceName: dashboard
          servicePort: 9009
      - path: /gateway
        backend:
          serviceName: gateway
          servicePort: 8080
      - path: /rdb
        backend:
          serviceName: rethinkdb
          servicePort: 8085

My traefik:

---
apiVersion: v1
kind: Service
metadata:
  name: traefik-web-ui
  namespace: kube-system
spec:
  selector:
    k8s-app: traefik-ingress-lb
  ports:
  - name: web
    port: 80
    targetPort: 8080
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: traefik-web-ui
  namespace: kube-system
spec:
  rules:
  - host: traefik-ui.minikube
    http:
      paths:
      - path: /
        backend:
          serviceName: traefik-web-ui
          servicePort: web

And the commands that I use for traefik:

microk8s.kubectl apply -f https://raw.githubusercontent.com/containous/traefik/v1.7/examples/k8s/traefik-rbac.yaml
microk8s.kubectl apply -f https://raw.githubusercontent.com/containous/traefik/v1.7/examples/k8s/traefik-ds.yaml
microk8s.kubectl apply -f traefik-ui.yaml

ktsakalozos commented 5 years ago

Hi @avarf

I had to do some minor changes in the ingress service:

---
kind: Service
apiVersion: v1
metadata:
  name: traefik-ingress-service
  namespace: kube-system
spec:
  type: NodePort
  selector:
    k8s-app: traefik-ingress-lb
  ports:
    - protocol: TCP
      port: 80
      name: web
      nodePort: 32100
---
kind: Service
apiVersion: v1
metadata:
  name: traefik-ingress-admin-service
  namespace: kube-system
spec:
  selector:
    k8s-app: traefik-ingress-lb
  ports:
    - protocol: TCP 
      port: 8080
      name: admin

The ingress service is now on localhost on port 32100 and the admin interface is still with ClusterIP. Here are how these services look like now:

kube-system   service/traefik-ingress-admin-service   ClusterIP   10.152.183.103   <none>        8080/TCP        10m
kube-system   service/traefik-ingress-service         NodePort    10.152.183.85    <none>        80:32100/TCP    58m

You can find the entire yaml manifest is here

Now the ingress would be:

---
apiVersion: v1
kind: Service
metadata:
  name: traefik-web-ui
  namespace: kube-system
spec:
  selector:
    k8s-app: traefik-ingress-lb
  ports:
  - name: web
    port: 80
    targetPort: 8081
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: traefik-web-ui
  namespace: kube-system
spec:
  rules:
  - host: traefik-ui.127.0.0.1.xip.io
    http:
      paths:
      - path: /
        backend:
          serviceName: traefik-web-ui
          servicePort: web

Note the use of traefik-ui.127.0.0.1.xip.io and your service is available at http://traefik-ui.127.0.0.1.xip.io:32100

The ingress controller we ship as addon is configured to use hostport and is made available in port 80.

Kubernetes networking can be confusing sometimes, let me know if you want me more info on any of the above setup.

avarf commented 5 years ago

Thank you for your answer but either I didn't get your point or you thought I just have one ingress file (which I think it is because I forgot to write the second command).

I have 2 ingress files:

traefik-ui.yaml: which contains both the service and ingress for my traefik and you can see it at My traefik and it is almost identical with what you wrote at Now the ingress would be. I use this service+ingress to access the traefik dashboard and as I mentioned it works
wws-ingress.yaml: is my main ingress which enables the communication with my components inside kubernetes and you can find it at My ingress and this is the part that doesn't work (please read my description).

I have to mention that I apply both of these files like this in minikube:

kubectl apply -f https://raw.githubusercontent.com/containous/traefik/v1.7/examples/k8s/traefik-rbac.yaml
kubectl apply -f https://raw.githubusercontent.com/containous/traefik/v1.7/examples/k8s/traefik-ds.yaml

kubectl apply -f traefik-ui.yaml
kubectl apply -f wws-ingress.yaml

And in Microk8s I tried:

microk8s.kubectl apply -f https://raw.githubusercontent.com/containous/traefik/v1.7/examples/k8s/traefik-rbac.yaml
microk8s.kubectl apply -f https://raw.githubusercontent.com/containous/traefik/v1.7/examples/k8s/traefik-ds.yaml
microk8s.kubectl apply -f traefik-ui.yaml
microk8s.kubectl apply -f wws-ingress.yaml

Now based on your answer I still have no idea how to change wws-ingress.yaml or configure Microk8s so my services and components become reachable.

ktsakalozos commented 5 years ago

@avarf, I saw you had two files with ingress rules, the reason I ignored your first file wws-ingress.yaml is that is creates ingress rules for services that I do not know how to setup here locally. I saw you opened the topic https://discuss.kubernetes.io/t/how-to-make-traefik-compatible-with-microk8s/6507/2 so lets continue our discussion over there.

sureshamk commented 5 years ago

@avarf @ktsakalozos
I also want to achieve traefik ingress controller with microk8 instead of inbuilt one. I have mac machine and installed microk8 in vagrant based on ubuntu 18.04

For configuring traefik I used the following configurations

microk8s.kubectl apply -f https://raw.githubusercontent.com/containous/traefik/v1.7/examples/k8s/traefik-rbac.yaml
microk8s.kubectl apply -f https://raw.githubusercontent.com/containous/traefik/v1.7/examples/k8s/traefik-ds.yaml

Vagrantfile

Vagrant.configure("2") do |config|
   config.vm.box = "bento/ubuntu-18.04"
   config.vm.network "private_network", ip: "192.168.50.4"
end

When i am try to access 192.168.50.4 in my host machine (mac) with the default ingress controller responded, but the traefik setup is not.

my hosts file

#/etc/hosts
192.168.50.4     test.com

Do i need do anything on iptables level? can you guys share the guideline on this

avarf commented 5 years ago

I am not familiar with vagrant and I didn't work with k8s on mac but I am sure that microk8s has some problem with iptable on ubuntu because just last Friday I tried to install microk8s and launch my k8s application on a new Ubuntu machine and I faced the same problems again and when I ran the bash command for iptables from this link: https://github.com/ubuntu/microk8s/issues/72 that solved the problem. So I say give it a shot.

canonical / microk8s

Traefik not working #477