I'm relatively new to traefik and kubernetes. I've gotten traefik to work with docker-compose, but now I'm moving to kubernetes and using helm for installation. I'm using the helm chart from here. I can get to the domain at http://traefik.internal.domain.com, but https does not work.
I've tried multiple different configurations and can't seem to get it work. A little information about my cluster. I'm installing this on a group of raspberry pi, and using weave net and I'm using metalLB to give the traefik ingress an external ip address.
Here is the values.yaml I am using:
dashboard:
enabled: true
domain: "traefik.internal.domain.com"
acme:
enabled: true
logging: true
challengeType: dns-01
email: "xxxxxxxxxxx@gmail.com"
dnsProvider:
name: cloudflare
cloudflare:
CF_API_EMAIL: "xxxxxxxxxx@gmail.com"
CF_API_KEY: xxxxxxxxxxxxxxxxxxxxx
domains:
enabled: true
domainsList:
- main: "*.internal.domain.com"
persistence:
enabled: false
debug:
enabled: true
accessLogs:
enabled: true
rbac:
enabled: true
ssl:
enabled: true
enforced: true
accessLogs:
enabled: true
kubernetes:
namespaces:
- default
- kube-system
Here are some of the logs:
{"level":"debug","msg":"Configuration received from provider kubernetes: {\"backends\":{\"traefik.internal.domain.com\":{\"servers\":{\"traefik-59645d68bc-tcv6l\":{\"url\":\"http://10.40.0.6:8080\",\"weight\":1}},\"loadBalancer\":{\"method\":\"wrr\"}}},\"frontends\":{\"traefik.internal.domain.com\":{\"entryPoints\":[\"http\",\"https\"],\"backend\":\"traefik.internal.domain.com\",\"routes\":{\"traefik.internal.domain.com\":{\"rule\":\"Host:traefik.internal.domain.com\"}},\"passHostHeader\":true,\"priority\":0,\"basicAuth\":null}}}","time":"2020-01-02T19:03:41Z"}
{"level":"debug","msg":"Adding certificate for domain(s) example.com","time":"2020-01-02T19:03:41Z"}
{"level":"debug","msg":"Wiring frontend traefik.internal.domain.com to entryPoint http","time":"2020-01-02T19:03:41Z"}
{"level":"debug","msg":"Creating backend traefik.internal.domain.com","time":"2020-01-02T19:03:41Z"}
{"level":"debug","msg":"Creating load-balancer wrr","time":"2020-01-02T19:03:41Z"}
{"level":"debug","msg":"Creating server traefik-59645d68bc-tcv6l at http://10.40.0.6:8080 with weight 1","time":"2020-01-02T19:03:41Z"}
{"level":"debug","msg":"Creating route traefik.internal.domain.com Host:traefik.internal.domain.com","time":"2020-01-02T19:03:41Z"}
{"level":"debug","msg":"Wiring frontend traefik.internal.domain.com to entryPoint https","time":"2020-01-02T19:03:41Z"}
{"level":"debug","msg":"Creating backend traefik.internal.domain.com","time":"2020-01-02T19:03:41Z"}
{"level":"debug","msg":"Creating load-balancer wrr","time":"2020-01-02T19:03:41Z"}
{"level":"debug","msg":"Creating server traefik-59645d68bc-tcv6l at http://10.40.0.6:8080 with weight 1","time":"2020-01-02T19:03:41Z"}
{"level":"debug","msg":"Creating route traefik.internal.domain.com Host:traefik.internal.domain.com","time":"2020-01-02T19:03:41Z"}
{"level":"info","msg":"Server configuration reloaded on :80","time":"2020-01-02T19:03:41Z"}
{"level":"info","msg":"Server configuration reloaded on :443","time":"2020-01-02T19:03:41Z"}
{"level":"info","msg":"Server configuration reloaded on :8080","time":"2020-01-02T19:03:41Z"}
{"level":"debug","msg":"Try to challenge certificate for domain [traefik.internal.domain.com] founded in Host rule","time":"2020-01-02T19:03:41Z"}
{"level":"debug","msg":"Looking for provided certificate(s) to validate [\"traefik.internal.domain.com\"]...","time":"2020-01-02T19:03:41Z"}
{"level":"debug","msg":"No ACME certificate generation required for domains [\"traefik.internal.domain.com\"].","time":"2020-01-02T19:03:41Z"}