I have installed the helm chart version 39.0.5 with the following values:
# configure image
image:
registry: "${image_registry}/docker.io"
# enable logs
logs:
general:
level: INFO
access:
enabled: true
format: json
# Enables the dashboard (ingress tls termination)
api:
dashboard: true
insecure: true
# enable dashboard ingress route
ingressRoute:
dashboard:
enabled: true
# set pod affinity to prevent pod scheduling in the same node
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 1
podAffinityTerm:
labelSelector:
matchExpressions:
- key: app.kubernetes.io/name
operator: In
values:
- traefik
- key: app.kubernetes.io/instance
operator: In
values:
- traefik
topologyKey: kubernetes.io/hostname
# resources configuration
resources:
limits:
memory: 1Gi
requests:
cpu: 100m
memory: 256Mi
# configure metrics
metrics:
prometheus:
serviceMonitor:
enabled: true
And I am deploying the following ingress
resource "kubernetes_ingress_v1" "traefik_dashboard" {
metadata {
name = "traefik-dashboard"
namespace = kubernetes_namespace_v1.traefik.id
annotations = {
"cert-manager.io/cluster-issuer": "letsencrypt"
"traefik.ingress.kubernetes.io/router.middlewares": "monitoring-oauth-errors@kubernetescrd,monitoring-forward-auth@kubernetescrd"
}
}
spec {
ingress_class_name = "traefik"
rule {
host = traefik.example.com
http {
path {
backend {
service {
name = "traefik"
port {
number = 80
}
}
}
path = "/"
}
}
}
tls {
hosts = [traefik.example.com]
secret_name = "traefik.example.com-tls"
}
}
}
If I hit the traefik.example.com it times out. I suspect that mixing Traefik CRDs and Kubernetes native resources is not the best idea, but I have cert-manager and external-dns that takes care of dns records and tls certificate generation.
Thanks,
Davide