Traefik UI port

[abusaidm]

Looking at enabling the UI port for traefik, I noticed that there is a port 8880 enabled and there is no mention of configuring the Traefik UI for this port, also the name httpn was slightly miss leading. The snippet below is how the port looks on a default installation of k3s without any extra inputs.

{
   "name": "httpn",
  "containerPort": 8880,
  "protocol": "TCP"
},

Is there an option to enable Traefik UI from the installation params or do I need to install Traefik and configure it myself.

Thanks

[idcrook]

I'm not sure how to override or further configure, but I see this comes with the traefik chart, in its template traefik/templates/configmap.yaml, which forms the traefik.toml config

e.g. from https://kubernetes-charts.storage.googleapis.com/traefik-1.64.0.tgz

Kind: ConfigMap
metadata:
  name: {{ template "traefik.fullname" . }}
data:
  traefik.toml: |
    # traefik.toml
...
[entryPoints.httpn]
      {{- if .Values.whiteListSourceRange }}
      {{ template "traefik.whiteListSourceRange" . }}
      {{- end }}
      address = ":8880"

[abusaidm]

In the traefik chart you are able to pass config variables to customise what you want with traefik for example

helm install --name my-release --namespace kube-system \
  --set dashboard.enabled=true,dashboard.domain=traefik.example.com stable/traefik

will install this chart and enable the dashboard through the mentioned domain name.

[mortenlj]

The way to handle this (at least it's the way I have handled it), is to add --no-deploy traefik to your k3s server command, and then create your own Traefik manifest (or run helm manually).

My traefik manifest looks like this (Jinja2 template used with Ansible):

apiVersion: k3s.cattle.io/v1
kind: HelmChart
metadata:
  name: traefik
  namespace: kube-system
spec:
  chart: stable/traefik
  set:
    ssl.enabled: "true"
    acme.challengeType: "tls-alpn-01"
    acme.email: "acme@example.com"
    acme.enabled: "true"
    acme.logging: "true"
    acme.persistence.accessMode: "ReadWriteOnce"
    acme.persistence.enabled: "false"
    acme.persistence.size: "64Mi"
    gzip.enabled: "true"
    metrics.prometheus.enabled: "true"
    metrics.prometheus.restrictAccess: "true"
    rbac.enabled: "true"
    traefikLogFormat: "json"
  valuesContent: |-
    acme:
      staging: false
      domains:
        enabled: true
        domainsList:
          - main: my.host.name
    dashboard:
      enabled: true
      domain: "traefik.my.host.name"
      auth:
        basic:
          user: "{{ traefik_dash_pass | string | password_hash('md5') }}"

[abusaidm]

Thanks, I have reached similar conclusion recently, thanks. I will mark this as closed.

BTW I am a big fan of this project and watching it closely, I will try and spare time to understand how it is developed and see if I can contribute.

[mpromonet]

Hi,

I proceed in a sligthly different way to access to the Trarfik UI making the folowing updates:

• update the traefik configmap to include [api] and add the endpoint address = ":8880"
• update the traefic service to expose the endpoint "port": 8880
• add an ingress to access to this endpoint.

The updated config map :

...
defaultEntryPoints = ["http","https"]
[api]
[entryPoints]
  [entryPoints.traefik]
  address = ":8880"
  [entryPoints.http]
...

The updated service:

...
 ports:
  - name: api
    port: 8880
    protocol: TCP
  - name: http
...

The ingress file:

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: traefik-web-ui
  namespace: kube-system
spec:
  rules:
  - host: traefik.k3s.local
    http:
      paths:
      - path: /
        backend:
          serviceName: traefik
          servicePort: 8880

Maybe it is simpler to install treafik after k3s, I will try.

Best Regards, Michel.