Hi all, I have been trying for an entire day to attach a simple middleware to an entrypoint but whatever I tried failed miserably.
I have a traefik 2.4 instance working as Kubernetes ingress that works as expected; now I need to configure it to redirect every request that does not start with "www." to its equivalent "www." URL.
For example, my_site.com/index.html should be redirected to www.my_site.com/index.html.
I thought that I could easily achieve it with a middleware, but everything I attempt fails somewhat.
This is the traefik.yaml file that I am using right now:
log:
level: trace
serversTransport:
insecureSkipVerify: true
entryPoints:
web:
address: ':80'
http:
redirections:
entryPoint:
to: websecure
scheme: https
websecure:
address: ':443'
http:
tls: {}
middlewares:
- websecure-redirect-to-www
api:
address: ':8080'
# Redirect with domain replacement
http:
middlewares:
websecure-redirect-to-www:
redirectRegex:
regex: '^https://my_site(.*)'
replacement: 'https://www.my_site${1}'
api: {}
providers:
kubernetesIngress: {}
With this configuration I get this error at startup:
level=error msg="middleware \"websecure-redirect-to-www@kubernetes\" does not exist" entryPointName=websecure routerName=websecure-traefik-ingress-default-www-oregoldsafe-dev-com@kubernetes
If I remove the entrypoints.web.websecure.http.middlewares section, then it works (but I don't get the www. redirect that I need.
I also tried configuring this router to the HTTP section, but it is completely ignored:
http:
routers:
http-catchall:
rule: PathPrefix('/')
entrypoints:
- websecure
middlewares:
- websecure-redirect-to-www
Would you have any suggestion?
Hi!
I've had a similar problem with the "rate limit" middleware. I've created it as a Kubernetes CRD and tried to use it on an Ingress. Everything was configured correctly, I assume. I downgraded to v2.3, and it started to work. I guess it might be some bug of v2.4
Hello @ufoscout
I think the issue is related to the name of the middleware you are using in your static configuration.
The middleware name will have the name according to the following pattern:
<middleware-namespace>-<middleware-name>@kubernetescrd.
Here is more information related to that topic.
You would have to add the Kubernetes namespace of the middleware, the name of the middleware, and the provider that is kubernetescrd.
websecure:
address: ':443'
http:
tls: {}
middlewares:
- default-websecure-redirect-to-www@kubernetescrd
Could you please try it and let me know the results?
Hi @MarcioJales
Would you please provide more details concerning the issue you are describing? I also kindly advise to have a look on my recent answers in that thread when I explain how to use correctly the names of middlewares.
Thank you,
Hi @jakubhajek
Sure!
I use the most recent version (9.19.0) of the helm chart solution, to install it on GKE. I get the chart from Traefik | traefik-helm-chart.
Recently, I added the rate limit functionality on an Ingress and, as you've pointed out, I use the namespace when referencing to the middleware (only the annotations are showed):
$ kubectl -n myapp get ing myapp-staging -o yaml
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
cert-manager.io/cluster-issuer: letsencrypt-staging
kubernetes.io/ingress.class: traefik-staging
meta.helm.sh/release-name: myapp-staging
meta.helm.sh/release-namespace: myapp
traefik.ingress.kubernetes.io/router.entrypoints: web, websecure
traefik.ingress.kubernetes.io/router.middlewares: myapp-myapp-staging-ratelimit@kubernetescrd
traefik.ingress.kubernetes.io/router.tls: "true"
...
And the middleware defined on traefik's kubernetes CRD namespace is (just a snippet as well):
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
annotations:
meta.helm.sh/release-name: myapp-staging
meta.helm.sh/release-namespace: myapp
...
name: myapp-staging-ratelimit
namespace: myapp
...
spec:
rateLimit:
average: 100
burst: 50
When using Traefik 2.3.7, everything works fine, but when updating to 2.4.0, the same configuration doesn't.
Thank you!