I'm pretty new to Docker/Kubernetes/Traefik, so I feel like I'm doing something wrong, but so far I'm having trouble getting anything up and running. I'm just trying to get a kubernetes example up and running but so far when I try to access the dashboard or my whoami pod I only get 404 errors. It is also using the wrong certificate. I'm trying to use the containous helm chart as a starting point. So I pulled down from the repo and have been running it like this:
helm install --replace --name traefik21 ./traefik-helm-chart/traefik/ --values traefik-chart2.yml
Here is the contents of traefik-chart2.yml
# Default values for Traefik
image:
name: traefik
tag: 2.1.1
#
# Configure the deployment
#
deployment:
# Number of pods of the deployment
replicas: 1
rollingUpdate:
maxUnavailable: 1
maxSurge: 1
#
# Configure Traefik entry points
# Additional arguments to be passed at Traefik's binary
## Use curly braces to pass values: `helm install --set="{--providers.kubernetesingress,--global.checknewversion=true}" ."
additionalArguments: []
# - "--providers.kubernetesingress"
# Environment variables to be passed to Traefik's binary
env: {}
# - name: SOME_VAR
# value: some-var-value
# - name: SOME_OTHER_VAR
# value: some-other-var-value
#
ports:
# The name of this one can't be changed as it is used for the readiness and
# liveness probes, but you can adjust its config to your liking
traefik:
port: 9000
# Defines whether the port is exposed if service.type is LoadBalancer or
# NodePort.
#
# You SHOULD NOT expose the traefik port on production deployments.
# If you want to access it from outside of your cluster,
# use `kubectl proxy` or create a secure ingress
expose: false
# The exposed port for this service
exposedPort: 9000
web:
port: 8000
expose: true
exposedPort: 80
# Use nodeport if set. This is useful if you have configured Traefik in a
# LoadBalancer
# nodePort: 32080
websecure:
port: 8443
expose: true
exposedPort: 443
# nodePort: 32443
# Options for the main traefik service, where the entrypoints traffic comes
# from.
service:
type: LoadBalancer
# Additional annotations (e.g. for cloud provider specific config)
annotations: {}
# Additional entries here will be added to the service spec. Cannot contains
# type, selector or ports entries.
spec: {
"externalIPs" : [
"myexternalip"
]
}
# externalTrafficPolicy: Cluster
# loadBalancerIP: "1.2.3.4"
# clusterIP: "2.3.4.5"
dashboard:
# Enable the dashboard on Traefik
enable: true
# Expose the dashboard and api through an ingress route at /dashboard
# and /api This is not secure and SHOULD NOT be enabled on production
# deployments
ingressRoute: false
logs:
loglevel: TRACE
#
resources: {}
# requests:
# cpu: "100m"
# memory: "50Mi"
# limits:
# cpu: "300m"
# memory: "150Mi"
affinity: {}
#podAffinity:
# # required:
# # nodeSelectorTerms:
# # - matchExpressions:
# # - key: kubernetes.io/hostname
# # operator: In
# # values:
# # - farnsworth
# requiredDuringSchedulingIgnoredDuringExecution:
# - labelSelector:
# matchExpressions:
# - key: kubernetes.io/hostname
# operator: In
# values:
# - farnsworth
nodeSelector: {kubernetes.io/hostname: farnsworth}
tolerations: []
rbac: enabled
domain: mydomain
tls:
certificates:
- certFile: /etc/ssl/certs/mycer.cer
keyFile: /etc/ssl/private/mykey.key
http:
routers:
api:
rule: "PathPrefix(`/api`) || PathPrefix(`/dashboard`)"
service: api@internal
middlewares:
- auth
who:
rule: "PathPrefix(`/who`)"
service: whoami
middlewares:
auth:
basicAuth:
users:
- "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/"
- "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"