Open kafeinnet opened 4 years ago
Hi @kafeinnet
The problem is that you're not stripping the /api
prefix for isotope-server.
The following Traefik v2 configuration worked for me (check the api-stripprefix
Middleware):
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: ingressroutes.traefik.containo.us
spec:
group: traefik.containo.us
version: v1alpha1
names:
kind: IngressRoute
plural: ingressroutes
singular: ingressroute
scope: Namespaced
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: ingressroutetcps.traefik.containo.us
spec:
group: traefik.containo.us
version: v1alpha1
names:
kind: IngressRouteTCP
plural: ingressroutetcps
singular: ingressroutetcp
scope: Namespaced
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: middlewares.traefik.containo.us
spec:
group: traefik.containo.us
version: v1alpha1
names:
kind: Middleware
plural: middlewares
singular: middleware
scope: Namespaced
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: tlsoptions.traefik.containo.us
spec:
group: traefik.containo.us
version: v1alpha1
names:
kind: TLSOption
plural: tlsoptions
singular: tlsoption
scope: Namespaced
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: traefikservices.traefik.containo.us
spec:
group: traefik.containo.us
version: v1alpha1
names:
kind: TraefikService
plural: traefikservices
singular: traefikservice
scope: Namespaced
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: traefik-ingress-controller
rules:
- apiGroups:
- ""
resources:
- services
- endpoints
- secrets
verbs:
- get
- list
- watch
- apiGroups:
- extensions
resources:
- ingresses
verbs:
- get
- list
- watch
- apiGroups:
- extensions
resources:
- ingresses/status
verbs:
- update
- apiGroups:
- traefik.containo.us
resources:
- middlewares
verbs:
- get
- list
- watch
- apiGroups:
- traefik.containo.us
resources:
- ingressroutes
verbs:
- get
- list
- watch
- apiGroups:
- traefik.containo.us
resources:
- ingressroutetcps
verbs:
- get
- list
- watch
- apiGroups:
- traefik.containo.us
resources:
- tlsoptions
verbs:
- get
- list
- watch
- apiGroups:
- traefik.containo.us
resources:
- traefikservices
verbs:
- get
- list
- watch
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: traefik-ingress-controller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: traefik-ingress-controller
subjects:
- kind: ServiceAccount
name: traefik-ingress-controller
namespace: default
---
apiVersion: v1
kind: Service
metadata:
name: traefik
spec:
type: NodePort
ports:
- protocol: TCP
name: web
port: 8000
- protocol: TCP
name: admin
port: 8080
- protocol: TCP
name: websecure
port: 4443
selector:
app: traefik
---
apiVersion: v1
kind: ServiceAccount
metadata:
namespace: default
name: traefik-ingress-controller
---
kind: Deployment
apiVersion: apps/v1
metadata:
namespace: default
name: traefik
labels:
app: traefik
spec:
replicas: 1
selector:
matchLabels:
app: traefik
template:
metadata:
labels:
app: traefik
spec:
serviceAccountName: traefik-ingress-controller
containers:
- name: traefik
image: traefik:v2.1
args:
- --api.insecure
- --accesslog
- --entrypoints.web.Address=:8000
- --entrypoints.websecure.Address=:4443
- --providers.kubernetescrd
ports:
- name: web
containerPort: 8000
- name: websecure
containerPort: 4443
- name: admin
containerPort: 8080
---
apiVersion: v1
kind: Secret
metadata:
name: isotope-secrets
type: Opaque
data:
encryptionPassword: U2VjcmV0SzhzUGFzd29yZA==
---
kind: Deployment
apiVersion: apps/v1
metadata:
name: isotope-server
labels:
app: isotope
component: server
spec:
replicas: 1
selector:
matchLabels:
app: isotope
component: server
version: latest
template:
metadata:
labels:
app: isotope
component: server
version: latest
spec:
containers:
- name: isotope-server
image: marcnuri/isotope:server-latest
imagePullPolicy: Always
ports:
- containerPort: 9010
env:
- name: ENCRYPTION_PASSWORD
valueFrom:
secretKeyRef:
name: isotope-secrets
key: encryptionPassword
livenessProbe:
httpGet:
path: /actuator/health
port: 9010
failureThreshold: 6
periodSeconds: 5
# Use startupProbe instead if your k8s version supports it
initialDelaySeconds: 60
readinessProbe:
httpGet:
path: /actuator/health
port: 9010
failureThreshold: 2
periodSeconds: 5
# startupProbe:
# httpGet:
# path: /actuator/health
# port: 9010
# initialDelaySeconds: 20
# failureThreshold: 15
# periodSeconds: 10
---
kind: Deployment
apiVersion: apps/v1
metadata:
name: isotope-client
labels:
app: isotope
component: client
spec:
replicas: 1
selector:
matchLabels:
app: isotope
component: client
version: latest
template:
metadata:
labels:
app: isotope
component: client
version: latest
spec:
containers:
- name: isotope-client
image: marcnuri/isotope:client-latest
imagePullPolicy: Always
ports:
- containerPort: 80
livenessProbe:
httpGet:
path: /favicon.ico
port: 80
failureThreshold: 6
periodSeconds: 5
---
apiVersion: v1
kind: Service
metadata:
name: isotope-server
spec:
ports:
- name: http
targetPort: 9010
port: 80
selector:
app: isotope
component: server
---
apiVersion: v1
kind: Service
metadata:
name: isotope-client
spec:
ports:
- name: http
targetPort: 80
port: 80
selector:
app: isotope
component: client
---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: api-stripprefix
spec:
stripPrefix:
prefixes:
- /api
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: isotope-ingress-route
namespace: default
spec:
entryPoints:
- web
routes:
- match: Host(`traefik-ui.local`) && PathPrefix(`/`)
kind: Rule
services:
- name: isotope-client
port: 80
- match: Host(`traefik-ui.local`) && PathPrefix(`/api`)
kind: Rule
services:
- name: isotope-server
port: 80
middlewares:
- name: api-stripprefix
I'll probably submit a new blog post to update the current instructions for Traefik v1.
Of course ! A stripprefix middleware did the trick and I'm feeling a little dumb now.
Thanks !
Hey, sorry if it's not the right place to ask, but I have the same question - however I'm using nginx-ingress as my ingress and I'm experiencing the same issue. I've tried the solution from this stackoverflow answer: https://stackoverflow.com/questions/52923298/remove-routing-path-from-kubernetes-ingress but to no avail. Is there a recommended way to strip the path prefix in the nginx-ingress that'll work with Isotope mail?
If there's not, it's completely fine. I'll see if I can get it working, then paste the solution somewhere for others in my position to hopefully see. I'm just asking here, just in case.
Hi, I'm experimenting with isotope and traefik2 in a docker swarm environment. So far I'm not able to get any working request from the server. It only responds "Unauthorized".
Here is the relevant part of the stack :
The server only returns this line for every request :
I tried to read the code but java or JS are not quite my cup of tea.
\fab