IngressRoute to kubectl-proxy

I want to open k3s-API through IngressRoute. A kubectl-proxy will do the authentication.

I tried as follows:

kubectl proxy --port=8188

Now I can run "curl http://localhost:8188/api/" and get the proper json result.
With Traefik I want to publish this proxy using IngressRoute and redirectRegex Middleware.

I defined as follows:

apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
  name: apiredirect
  namespace: default
spec:
  redirectRegex:
    regex: ^http://api.mydomain.com/(.*)
    replacement: http://localhost:8188/${1}

apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
  name: ingressroute-api
  namespace: default
spec:
  entryPoints:
    - web
  routes:
  - match: Host(`api.mydomain.com`)
    kind: Rule
    middlewares:
      - name: apiredirect
        namespace: default
    services:
      - kind: TraefikService # I know, this is wrong, but without services definition it does not work
        name: api@internal # I also tried an existing services (as a dummy), but no success as well

I want an external call "curl http://api.mydomain.com/api/" to get redirected to localhost:8188 and show the same result as above.

  • How do I define "services" section properly
  • Is there a more easy way to explore k3s-API via Ingressroute to the public?

No I only have port 80 and 443 availabe for all services and the desired kubernetes API. Other ports are not available due to company restrictions.

Any suggestions? Is there an alternative way to publish KubernetesAPI through subdomain definition?Many thanks!