What I expect to see
We want to use traefik on our Kubernetes cluster in the nonprivileged mode. So we basically build a custom traefik image where we embedded the `traefik:v1.7.26-alpine image and created a user. Everything is working fine besides https redirect. https redirect works fine if I don't use traefik in non priviliged mode.
What did you see instead
For example, if I just type http://hello.com, then it should redirect to https://hello.com. This is not working.
Output of traefik version
: ( What version of Traefik are you using? )
Version: v1.7.26
Codename: maroilles
Go version: go1.14.6
Built: 2020-07-28_03:45:27PM
OS/Arch: linux/amd64
What is your environment & configuration (arguments, toml, provider, platform, ...)?
We are running traefik on top of kubernetes. In below I am giving the deployment and service and dockerfiles
deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: traefik
spec:
selector:
matchLabels:
app: traefik
replicas: 1
template:
metadata:
labels:
app: traefik
spec:
containers:
- name: traefik
image: docker.cognigy.com:5000/traefik:1.7.26-alpine_non_priviledged
resources:
requests:
memory: "70Mi"
cpu: "200m"
limits:
memory: "200Mi"
cpu: "2000m"
args: [
"--api",
"--kubernetes",
"--entryPoints=Name:http Address::8000 Redirect.EntryPoint:https",
"--entryPoints=Name:https Address::4430 TLS:/run/secrets/traefik.cert,/run/secrets/traefik.key TLS.MinVersion:VersionTLS12 ProxyProtocol.TrustedIPs:0.0.0.0/0 WhiteList.UseXForwardedFor:true",
"--defaultentrypoints=http,https",
"--metrics.prometheus=true"
]
ports:
- name: http
containerPort: 8000
- name: https
containerPort: 4430
volumeMounts:
- name: traefik
mountPath: /var/run/secrets/
volumes:
- name: traefik
secret:
secretName: cognigy-traefik
items:
- key: tls.crt
path: traefik.cert
- key: tls.key
path: traefik.key
imagePullSecrets:
- name: cognigy-registry-token
service.yaml
apiVersion: v1
kind: Service
metadata:
name: traefik
labels:
app: traefik
spec:
ports:
- name: traefik-http
port: 80
targetPort: 8000
protocol: TCP
- name: traefik-https
port: 443
targetPort: 4430
protocol: TCP
- protocol: TCP
port: 8080
name: admin
externalIPs:
- x.x.x.x
type: LoadBalancer
selector:
app: traefik
dockerfile
FROM traefik:1.7.26-alpine
RUN addgroup -g 1000 traefik && \
adduser -D -u 1000 -G traefik traefik
USER traefik
Can someone guide me on what I am missing here?