search

shadowsocks / shadowsocks-rust

A Rust port of shadowsocks
https://shadowsocks.org/
MIT License
8.6k stars 1.17k forks source link

shadowsocks on kubernetes with traefik ingress #1067

Open waterdrop01 opened 1 year ago

waterdrop01 commented 1 year ago

Hello,

So I deployed shadowsocks-rust on kubernetes thanks to the manifest (big up to @realies).

First, let's start with what is working:

And then routing my traffic to 127.0.0.1:8388 works!

However, when trying to connect using a domain name pointing to my Traefik ingress, it doesn't work.

Here is my ingress definition:

apiVersion: traefik.containo.us/v1alpha1
kind: IngressRouteTCP
metadata:
  name: shadowsocks-rust
spec:
  entryPoints:
    - websecure
  routes:
    - kind: Rule
      match: HostSNI(`*`)
      services:
        - name: shadowsocks-rust
          port: 8388   <--- I use 8388 instead of the default 80 
  tls:
    certResolver: le

And websecure refers to this Traefik conf:

--entrypoints.websecure.address=:8443/tcp

Any idea on how to tell traefik to correctly route my sslocal traffic to shadowsocks-rust running in k8s, directly? (without having to kubectl port-forward)

Thanks a lot! Screenshot from 2022-12-22 13-14-19

zonyitoo commented 1 year ago

No idea. Not familiar with traefik.