I want to deploy traefik as a NodePort.
I am using helm chart for this, https://github.com/traefik/traefik-helm-chart/tree/master/traefik
and the values.yaml I used is given below:
ports:
# The name of this one can't be changed as it is used for the readiness and
# liveness probes, but you can adjust its config to your liking
traefik:
# port: 9000
# Use hostPort if set.
hostPort: 9000
#
# Use hostIP if set. If not set, Kubernetes will default to 0.0.0.0, which
# means it's listening on all your interfaces and all your IPs. You may want
# to set this value if you need traefik to listen on specific interface
# only.
hostIP: XXX.XXX.XXX.XXX
# Override the liveness/readiness port. This is useful to integrate traefik
# with an external Load Balancer that performs healthchecks.
# healthchecksPort: 9000
# Defines whether the port is exposed if service.type is LoadBalancer or
# NodePort.
#
# You SHOULD NOT expose the traefik port on production deployments.
# If you want to access it from outside of your cluster,
# use `kubectl port-forward` or create a secure ingress
expose: false
# The exposed port for this service
exposedPort: 9000
# The port protocol (TCP/UDP)
protocol: TCP
web:
port: 8000
expose: true
exposedPort: 80
hostPort: 80
# The port protocol (TCP/UDP)
protocol: TCP
# Use nodeport if set. This is useful if you have configured Traefik in a
# LoadBalancer
nodePort: 32080
# Port Redirections
# Added in 2.2, you can make permanent redirects via entrypoints.
# https://docs.traefik.io/routing/entrypoints/#redirection
websecure:
port: 8443
expose: true
exposedPort: 443
hostPort: 443
# The port protocol (TCP/UDP)
protocol: TCP
nodePort: 32443
# Set TLS at the entrypoint
# https://doc.traefik.io/traefik/routing/entrypoints/#tls
logs:
general:
level: ERROR
access:
enabled: true
format: json
additionalArguments:
- "--certificatesresolvers.le.acme.tlschallenge=true"
- "--certificatesresolvers.le.acme.email=test@gmail.com"
- "--certificatesresolvers.le.acme.storage=/data/acme.json"
- "--certificatesresolvers.le.acme.caserver=https://acme-v02.api.letsencrypt.org/directory"
- "--certificatesresolvers.le.acme.tlschallenge=true"
- "--certificatesresolvers.le.acme.email=test@gmail.com"
- "--certificatesresolvers.le.acme.storage=/data/acme.json"
persistence:
enabled: false
service:
enabled: true
type: NodePort
# Additional annotations (e.g. for cloud provider specific config)
annotations: {}
# Additional service labels (e.g. for filtering Service by custom labels)
labels: {}
# Additional entries here will be added to the service spec. Cannot contains
# type, selector or ports entries.
spec: {}
# externalTrafficPolicy: Cluster
# loadBalancerIP: "1.2.3.4"
# clusterIP: "2.3.4.5"
loadBalancerSourceRanges: []
# - 192.168.0.1/32
# - 172.16.0.0/16
externalIPs: []
# - 1.2.3.4
I am currently using the whoami service, with ingress
ingress.yaml:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: whoami-http
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: web
spec:
rules:
- host: <my_DNS>.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: whoami-svc
port:
number: 80
But when I curl the <my_DNS>.com , it returns this:
curl: (7) Failed to connect to <my_DNS>.com port 80: Connection refused
Please help me solve my issue.
Thanks!