How to use Ingress with Traefik 2.0

Traefik Traefik v2
18

I'm sorry but I can't reproduce, can you share more details (how is Traefik v2.0 deployed? Is Traefik v1 still deployed at the same time? Can you turn Traefik v2 logs in DEBUG and share it with us?)

Here are the steps I took to have this example working:

  • Created a local Kubernetes cluster based on k3s/k3d, exposing ports 80 and 443 for the external load balancer (and no traefik v1 deployment):
k3d create --name=tls --workers=2 --publish="80:80" --publish="443:443" --server-arg="--no-deploy=traefik"
  • Deploy Traefik v2 with the following YAML (extracted from the experimental v2.0 helm chart at https://github.com/containous/traefik-helm-chart with the helm template ... command and adapted to enable the Kubernets "classic" Ingress Provider):
# traefik-ingress.yml
---
kind: Namespace
apiVersion: v1
metadata:
  name: traefik

---
# Source: traefik/templates/rbac/serviceaccount.yaml
kind: ServiceAccount
apiVersion: v1
metadata:
  name: traefik
  namespace: traefik
---
# Source: traefik/templates/crd/ingressroute.yaml
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
  name: ingressroutes.traefik.containo.us
  namespace: traefik
spec:
  group: traefik.containo.us
  version: v1alpha1
  names:
    kind: IngressRoute
    plural: ingressroutes
    singular: ingressroute
  scope: Namespaced

---
# Source: traefik/templates/crd/ingressroutetcp.yaml
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
  name: ingressroutetcps.traefik.containo.us
  namespace: traefik
spec:
  group: traefik.containo.us
  version: v1alpha1
  names:
    kind: IngressRouteTCP
    plural: ingressroutetcps
    singular: ingressroutetcp
  scope: Namespaced
---
# Source: traefik/templates/crd/middlewares.yaml
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
  name: middlewares.traefik.containo.us
  namespace: traefik
spec:
  group: traefik.containo.us
  version: v1alpha1
  names:
    kind: Middleware
    plural: middlewares
    singular: middleware
  scope: Namespaced

---
# Source: traefik/templates/crd/tlsoptions.yaml
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
  name: tlsoptions.traefik.containo.us
  namespace: traefik
spec:
  group: traefik.containo.us
  version: v1alpha1
  names:
    kind: TLSOption
    plural: tlsoptions
    singular: tlsoption
  scope: Namespaced

---
# Source: traefik/templates/rbac/clusterrole.yaml
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: traefik
  namespace: traefik
rules:
  - apiGroups:
      - ""
    resources:
      - pods
      - services
      - endpoints
      - secrets
    verbs:
      - get
      - list
      - watch
  - apiGroups:
      - extensions
    resources:
      - ingresses
    verbs:
      - get
      - list
      - watch
  - apiGroups:
      - extensions
    resources:
      - ingresses/status
    verbs:
      - update
  - apiGroups:
      - traefik.containo.us
    resources:
      - ingressroutes
      - ingressroutetcps
      - middlewares
      - tlsoptions
    verbs:
      - get
      - list
      - watch

---
# Source: traefik/templates/rbac/clusterrolebinding.yaml
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: traefik
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: traefik
subjects:
- kind: ServiceAccount
  name: traefik
  namespace: traefik

---
# Source: traefik/templates/dashboard-service.yaml
apiVersion: v1
kind: Service
metadata:
  name: traefik-dashboard
  namespace: traefik
  labels:
    app: traefik
    chart: "traefik-2.0.0"
    release: "release-name"
    heritage: "Tiller"
spec:
  type: ClusterIP
  selector:
    app: traefik
    release: release-name
  ports:
  - port: 80
    name: traefik
    targetPort: traefik

---
# Source: traefik/templates/service.yaml
apiVersion: v1
kind: Service
metadata:
  name: traefik
  namespace: traefik
  labels:
    app: traefik
    chart: "traefik-2.0.0"
    release: "release-name"
    heritage: "Tiller"
spec:
  type: LoadBalancer
  externalTrafficPolicy: Cluster
  selector:
    app: traefik
    release: release-name
  ports:
  - port: 80
    name: web
    targetPort: web
  - port: 443
    name: websecure
    targetPort: websecure

---
# Source: traefik/templates/deployment.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: traefik
  namespace: traefik
  labels:
    app: traefik
    chart: traefik-2.0.0
    release: "release-name"
    heritage: "Tiller"
spec:
  replicas: 1
  selector:
    matchLabels:
      app: traefik
      release: release-name
  template:
    metadata:
      labels:
        app: traefik
        chart: traefik-2.0.0
        release: "release-name"
        heritage: "Tiller"
    spec:
      serviceAccountName: traefik
      terminationGracePeriodSeconds: 60
      containers:
      - image: traefik:2.0.5
        name: traefik
        resources:
          limits:
            cpu: 300m
            memory: 150Mi
          requests:
            cpu: 100m
            memory: 50Mi
        readinessProbe:
          httpGet:
            path: /ping
            port: 9000
          failureThreshold: 1
          initialDelaySeconds: 10
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 2
        livenessProbe:
          httpGet:
            path: /ping
            port: 9000
          failureThreshold: 3
          initialDelaySeconds: 10
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 2
        ports:
        - name: web
          containerPort: 8000
          protocol: TCP
        - name: websecure
          containerPort: 8443
          protocol: TCP
        - name: traefik
          containerPort: 9000
          protocol: TCP
        args:
          - "--entryPoints.web.address=:8000"
          - "--entryPoints.websecure.address=:8443"
          - "--entryPoints.traefik.address=:9000"
          - "--api.dashboard=true"
          - "--api.insecure=true"
          - "--ping=true"
          - "--providers.kubernetescrd=true"
          - "--providers.kubernetesingress=true"
          - "--log.level=DEBUG"
---
# Source: traefik/templates/dashboard-hook-ingressroute.yaml
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
  name: traefik-dashboard
  namespace: traefik
  annotations:
    helm.sh/hook: "post-install"
  labels:
    app: traefik
    chart: "traefik-2.0.0"
    release: "release-name"
    heritage: "Tiller"
spec:
  entryPoints:
    - web
  routes:
  - match: Host(`traefik.dashboard`)
    kind: Rule
    services:
    - name:  traefik-dashboard
      port: 80

  • Deploy Traefik with kubectl apply -f ./traefik-ingress.yml

  • Deploy the file you provided with kubectl apply -f ./whoami.yml

  • points the domains traefik.dashboard and whoami.mydomain.com to the external loadbalancer's IP

Then I have this:

image

or with the command line:

curl -v http://whoami.mydomain.com/
*   Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to whoami.mydomain.com (127.0.0.1) port 80 (#0)
> GET / HTTP/1.1
> Host: whoami.mydomain.com
> User-Agent: curl/7.64.1
> Accept: */*
> 
< HTTP/1.1 200 OK
< Content-Length: 28
< Content-Type: text/plain; charset=utf-8
< Date: Fri, 22 Nov 2019 10:18:03 GMT
< 
I'm whoami-5ff8cd9445-hws2w
* Connection #0 to host whoami.mydomain.com left intact
* Closing connection 0

=> There is definitively something in your Kubernetes setup which interacts, but it's hard to help you without more information.
Do you have another Ingress controller already installed (Traefik v1 for instance)?