Helm v3 deploy traefik v2 in k8s v1.16,and myservice return 504

Traefik Traefik v2
1

I use the latest helm repository to deploy traefik version 2.2.8. I now deploy the traefik service in the cluster and I can access its dashboard through configuration, but when I configure other ingressroutes, I cannot access my service. I checked the RABC permission configuration many times and confirmed the required resource files.
I think there may be a problem with the DNS service in my cluster that caused the communication failure between POD and SERVICE. This is my guess. I use the cluster created automatically by kubeadm.
The following is my configuration file:

traefik/templates/service.yaml:
apiVersion: v1
kind: List
items:
  - apiVersion: v1
    kind: Service
    metadata:
      name: tr-traefik
      labels:
        app.kubernetes.io/name: traefik
        helm.sh/chart: traefik-8.9.2
        app.kubernetes.io/managed-by: Helm
        app.kubernetes.io/instance: tr
      annotations:
    spec:
      type: LoadBalancer
      selector:
        app.kubernetes.io/name: traefik
        app.kubernetes.io/instance: tr
      ports:
      - port: 9000
        name: traefik
        targetPort: "traefik"
        protocol: "TCP"
      - port: 80
        name: web
        targetPort: "web"
        protocol: "TCP"
      - port: 443
        name: websecure
        targetPort: "websecure"
        protocol: "TCP"

traefik/templates/deployment.yaml:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: tr-traefik
  labels:
    app.kubernetes.io/name: traefik
    helm.sh/chart: traefik-8.9.2
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/instance: tr
  annotations:
spec:
  replicas: 1
  selector:
    matchLabels:
      app.kubernetes.io/name: traefik
      app.kubernetes.io/instance: tr
  strategy:
    type: RollingUpdate
    rollingUpdate:
      maxSurge: 1
      maxUnavailable: 1
  template:
    metadata:
      annotations:
      labels:
        app.kubernetes.io/name: traefik
        helm.sh/chart: traefik-8.9.2
        app.kubernetes.io/managed-by: Helm
        app.kubernetes.io/instance: tr
    spec:
      serviceAccountName: tr-traefik
      terminationGracePeriodSeconds: 60
      hostNetwork: false
      containers:
      - image: traefik:2.2.8
        name: tr-traefik
        resources:
        readinessProbe:
          httpGet:
            path: /ping
            port: 9000
          failureThreshold: 1
          initialDelaySeconds: 10
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 2
        livenessProbe:
          httpGet:
            path: /ping
            port: 9000
          failureThreshold: 3
          initialDelaySeconds: 10
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 2
        ports:
        - name: "traefik"
          containerPort: 9000
          protocol: "TCP"
        - name: "web"
          containerPort: 8000
          hostPort: 80
          protocol: "TCP"
        - name: "websecure"
          containerPort: 8443
          hostPort: 443
          protocol: "TCP"
        securityContext:
          capabilities:
            drop:
            - ALL
          readOnlyRootFilesystem: false
          runAsGroup: 0
          runAsNonRoot: false
          runAsUser: 0
        volumeMounts:
          - name: data
            mountPath: /data
          - name: tmp
            mountPath: /tmp
        args:
          - "--global.checknewversion"
          - "--global.sendanonymoususage"
          - "--log.level=ERROR"
          - "--log.filePath=/var/log/error.log"
          - "--log.format=json"
          - "--accesslog=true"
          - "--accesslog.filePath=/var/log/access.log"
          - "--accesslog.format=json"
          - "--entryPoints.traefik.address=:9000/tcp"
          - "--entryPoints.web.address=:8000/tcp"
          - "--entryPoints.websecure.address=:8443/tcp"
          - "--api.dashboard=true"
          - "--ping=true"
          - "--providers.kubernetescrd"
          - "--providers.kubernetesingress"
      volumes:
        - name: data
          emptyDir: {}
        - name: tmp
          emptyDir: {}
      tolerations:
        - effect: NoSchedule
          key: node-role.kubernetes.io/master
          operator: Exists
      nodeSelector:
        node-role.kubernetes.io/master: ""
      securityContext:
        fsGroup: 0

traefik/templates/dashboard-hook-ingressroute.yaml:

apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
  name: tr-traefik-dashboard
  annotations:
    helm.sh/hook: "post-install,post-upgrade"
  labels:
    app.kubernetes.io/name: traefik
    helm.sh/chart: traefik-8.9.2
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/instance: tr
spec:
  entryPoints:
    - web
  routes:
  - match: Host(`traefik.path.net`)
    kind: Rule
    services:
    - name: api@internal
      kind: TraefikService
  - match: Host(`whoami.path.net`)
    kind: Rule
    services:
    - name: whoami
      kind: Service
      port: 80
      namespace: default
  - match: Host(`whoistraefik.path.net`)
    kind: Rule
    services:
    - name: whoami
      kind: Service
      port: 80
      schme: http
      namespace: traefik

and I try to use ingress:

apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
  name: app
  annotations:
    kubernetes.io/ingress.class: traefik
    traefik.ingress.kubernetes.io/router.entrypoints: web
spec:
  rules:
    - host: whoisingress.path.net
      http:
        paths:
          - backend:
              serviceName: whoami
              servicePort: 80

If I am missing something, please remind me
The following is the access log:
success for traefik-dashboard:

{"ClientAddr":"112.5.88.149:21941","ClientHost":"112.5.88.149","ClientPort":"21941","ClientUsername":"-","DownstreamContentSize":462,"DownstreamStatus":200,"Duration":79001,"OriginContentSize":462,"OriginDuration":53501,"OriginStatus":200,"Overhead":25500,"RequestAddr":"traefik..path.net","RequestContentSize":0,"RequestCount":2286,"RequestHost":"traefik..path.net","RequestMethod":"GET","RequestPath":"/api/overview","RequestPort":"-","RequestProtocol":"HTTP/1.1","RequestScheme":"http","RetryAttempts":0,"RouterName":"default-traefik-dashboard-1f4c714cbfc33102294c@kubernetescrd","StartLocal":"2020-08-17T04:49:50.765886821Z","StartUTC":"2020-08-17T04:49:50.765886821Z","entryPointName":"web","level":"info","msg":"","time":"2020-08-17T04:49:50Z"}

and failed:

{"ClientAddr":"112.5.88.149:35204","ClientHost":"112.5.88.149","ClientPort":"35204","ClientUsername":"-","DownstreamContentSize":15,"DownstreamStatus":504,"Duration":30000399280,"OriginContentSize":15,"OriginDuration":30000369380,"OriginStatus":504,"Overhead":29900,"RequestAddr":"whoami.path.net","RequestContentSize":0,"RequestCount":2102,"RequestHost":"whoami.path.net","RequestMethod":"GET","RequestPath":"/","RequestPort":"-","RequestProtocol":"HTTP/1.1","RequestScheme":"http","RetryAttempts":0,"RouterName":"default-traefik-dashboard-ab04af69dc135e01080e@kubernetescrd","ServiceAddr":"192.168.127.234:80","ServiceName":"default-traefik-dashboard-ab04af69dc135e01080e@kubernetescrd","ServiceURL":{"Scheme":"http","Opaque":"","User":null,"Host":"192.168.127.234:80","Path":"","RawPath":"","ForceQuery":false,"RawQuery":"","Fragment":""},"StartLocal":"2020-08-17T04:42:12.293511686Z","StartUTC":"2020-08-17T04:42:12.293511686Z","entryPointName":"web","level":"info","msg":"","time":"2020-08-17T04:42:42Z"}

Whether it is whoami, whoisingress or others are inaccessible.
Thinks for you help!

4

I tried deploying all the pods on the same node and it succeeded, so my k8s network strategy is a bit problematic.