I have the following two configurations, an old yaml based approach, and helm override values. The yaml approach works correctly, however the helm approach ends up getting could not bind 443 when trying to run the pod.
Old Configuration:
metadata:
namespace: ingress
name: traefik
labels:
app: traefik
spec:
replicas: 1
selector:
matchLabels:
app: traefik
template:
metadata:
labels:
app: traefik
spec:
serviceAccountName: traefik-ingress-controller
containers:
- name: traefik
image: traefik:v2.2
args:
- --entrypoints.websecure.address=:443
# other config here
ports:
- name: websecure
containerPort: 443
nodeName: the-node
hostNetwork: true
---
apiVersion: v1
kind: Service
metadata:
name: traefik
namespace: ingress
spec:
selector:
app: traefik
ports:
- protocol: TCP
name: websecure
port: 443
externalIPs:
- x.x.x.x
Helm values.yaml
hostNetwork: true
nodeSelector:
ingress: "true" # over the nodeName, dumb label I know
additionalArguments:
# carried over additionalArguments, not the entrypoint, though, since helm populates
service:
type: ClusterIP
externalIPs:
- x.x.x.x
persistence:
enabled: true
If I had to guess, it seems like it's trying to create a hostPort
configuration for 443, and there's a conflict between the Pod
443, and the Service
. I've tried adding null
to the hostPort
within the ports
portion of the yaml, but haven't gotten it to work, yet.
Any help would be appreciated!