Issue with Traefik Middleware on Kubernetes (version 3.3.4)

Traefik Traefik v3 (latest)
1

Hello,

I’m facing difficulties with using a custom middleware in Traefik on my Kubernetes cluster. I am trying to deploy a middleware that adds a custom HTTP header (X-Traefik-Pod) with the name of the Traefik pod in the incoming request.

Context:

  • Traefik version: v3.3.4
  • Middleware used: log-traefik-pod (adds the HTTP header X-Traefik-Pod: <pod-name>)
  • Kubernetes cluster: Current version unspecified
  • Traefik deployed via Helm with CRDs enabled (IngressRoutes, Middlewares, etc.)

Error encountered:

When I try to create and apply my middleware, I get the following error in Traefik logs:

vbnet

Copier

error="middleware \"log-traefik-pod@default\" does not exist"

Despite this, the middleware seems to be correctly defined in the YAML file, but Traefik cannot find it.

Steps I’ve taken:

  1. Installed Traefik via Helm with the following settings:
  • 5 replicas for high availability
  • Entry points web (port 80) and websecure (port 443)
  • Dashboard enabled and exposed at traefik.local
  1. Deployed the middleware via the log-traefik-pod.yaml file with this configuration:

yaml

Copier

apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
  name: log-traefik-pod
  namespace: default
spec:
  headers:
    customRequestHeaders:
      X-Traefik-Pod: "{{ .Pod.Name }}"
  1. Checked the CRDs: The CRDs middlewares.traefik.io and ingressroutes.traefik.io are present, but I believe Traefik is not correctly recognizing the middleware.
  2. Commands used:
  • kubectl get middleware log-traefik-pod -n default to check if the middleware exists.
  • kubectl get crd middlewares.traefik.io to confirm that the CRD is installed.

Attempts to resolve:

  • I reapplied the middleware configuration, but the error persists.
  • I checked the logs and status of the Traefik pods, which appear to be functioning correctly.
  • The issue seems related to Traefik not finding or applying the middleware, even though it is correctly defined in the default namespace.

Questions:

  1. Is there any additional configuration I need to check in Traefik to ensure middlewares are properly recognized?
  2. Is the version of the CRDs compatible with Traefik v3.3.4?
  3. Do I need to restart the Traefik pods after applying a middleware or a CRD resource?

My globale config for help you:

# Traefik Helm Chart Configuration

# Définir les valeurs générales pour le déploiement
replicaCount: 5  # Déployer Traefik sur 5 instances pour une haute disponibilité

# Configuration des entrypoints (points d'entrée) de Traefik
entryPoints:
  web:
    address: ":80"
  websecure:
    address: ":443"

# Activer la gestion des Ingress
providers:
  kubernetesIngress:
    ingressClass: traefik
  kubernetesCRD: {}

# Contrôleur d'entrée Traefik
deployment:
  enabled: true
  replicas: 5  # On déploie Traefik sur 5 nœuds pour la résilience
  nodeSelector: {}
  affinity: {}  # Peut être utilisé pour une affinité plus précise si nécessaire

# Ajouter une tolérance pour permettre à Traefik de s'exécuter sur les nœuds maîtres
tolerations:
  - key: "node-role.kubernetes.io/control-plane"
    operator: "Exists"
    effect: "NoSchedule"

# Activation du Dashboard Traefik
dashboard:
  enabled: true
  domain: "traefik.local"  # Tu peux configurer cela avec le DNS ou le fichier hosts

# Exposer Traefik via LoadBalancer ou NodePort (selon ton besoin)
service:
  enabled: true
  #clusterIP: None # Service Headless
  type: ClusterIP
  #type: LoadBalancer  # Peut être changé en NodePort si tu n'as pas de LoadBalancer
  #loadBalancerIP: 10.1.10.101
  annotations: {}
  ports:
    web:
      port: 80
      targetPort: 80
    websecure:
      port: 443
      targetPort: 443

apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
  name: log-traefik-pod
spec:
  headers:
    customRequestHeaders:
      X-Traefik-Pod: "{{ .Pod.Name }}"


apiVersion: v1
kind: Service
metadata:
  name: nginx-service
spec:
  ports:
    - port: 80
      targetPort: 80
  selector:
    app: nginx
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-deployment
spec:
  replicas: 2
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
        - name: nginx
          image: nginx
          ports:
            - containerPort: 80
          command:
            - /bin/sh
            - -c
            - echo "Pod $(hostname)" > /usr/share/nginx/html/index.html && nginx -g 'daemon off;'
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: nginx-ingress
  namespace: default
  annotations:
    traefik.ingress.kubernetes.io/router.entrypoints: "web"
    traefik.ingress.kubernetes.io/router.middlewares: "log-traefik-pod@default"
spec:
  rules:
    - host: nginx.local
      http:
        paths:
        - path: /
          pathType: Prefix
          backend:
            service:
              name: nginx-service
              port:
                number: 80
2

I wonder if the correct syntax would rather be :

traefik.ingress.kubernetes.io/router.middlewares: "default-log-traefik-pod@kubernetescrd"

But you may double-check that the KubernetesCRD are enabled in your chart values.