kubernetes-dashboard https return "404 page not found"

lework · October 10, 2020, 9:34am

version

kube: 1.19.2
traefik: 2.3.1

# kubectl get node
NAME               STATUS   ROLES    AGE    VERSION
k8s-master-node1   Ready    master   156m   v1.19.2
k8s-master-node2   Ready    master   156m   v1.19.2
k8s-master-node3   Ready    master   155m   v1.19.2
k8s-worker-node1   Ready    worker   155m   v1.19.2
k8s-worker-node2   Ready    worker   154m   v1.19.2

install traefik

cat <<EOF | kubectl  apply -f -
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
  name: ingress-traefik-controller
rules:
  - apiGroups:
      - ''
    resources:
      - services
      - endpoints
      - secrets
    verbs:
      - get
      - list
      - watch
  - apiGroups:
      - extensions
      - networking.k8s.io
    resources:
      - ingresses
      - ingressclasses
    verbs:
      - get
      - list
      - watch
  - apiGroups:
      - extensions
    resources:
      - ingresses/status
    verbs:
      - update

---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
  name: ingress-traefik-controller
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: ingress-traefik-controller
subjects:
  - kind: ServiceAccount
    name: ingress-traefik-controller
    namespace: default
    
--- 
apiVersion: v1
kind: ServiceAccount
metadata:
  name: ingress-traefik-controller

---
kind: Deployment
apiVersion: apps/v1
metadata:
  name: ingress-traefik-controller
  labels:
    app: ingress-traefik-controller

spec:
  replicas: 1
  selector:
    matchLabels:
      app: ingress-traefik-controller
  template:
    metadata:
      labels:
        app: ingress-traefik-controller
    spec:
      serviceAccountName: ingress-traefik-controller
      containers:
        - name: traefik
          image: traefik:v2.3.1
          args:
            - --api.debug=true
            - --api.insecure=true
            - --log=true
            - --log.level=debug
            - --ping=true
            - --accesslog=true
            - --entrypoints.http.Address=:80
            - --entrypoints.https.Address=:443
            - --entrypoints.traefik.Address=:8080
            - --providers.kubernetesingress
            - --serverstransport.insecureskipverify=true
          ports:
            - name: http
              containerPort: 80
              protocol: TCP
            - name: https
              containerPort: 443
              protocol: TCP
            - name: admin
              containerPort: 8080
              protocol: TCP
          livenessProbe:
            failureThreshold: 2
            httpGet:
              path: /ping
              port: admin
              scheme: HTTP
            initialDelaySeconds: 10
            periodSeconds: 5
            successThreshold: 1
            timeoutSeconds: 1
          readinessProbe:
            failureThreshold: 3
            httpGet:
              path: /ping
              port: admin
              scheme: HTTP
            periodSeconds: 10
            successThreshold: 1
            timeoutSeconds: 1
          resources:
            limits:
              cpu: 250m
              memory: 128Mi
            requests:
              cpu: 100m
              memory: 64Mi
          securityContext:
            capabilities:
              add:
              - NET_BIND_SERVICE
              drop:
              - ALL
      restartPolicy: Always
      serviceAccount: ingress-traefik-controller
      serviceAccountName: ingress-traefik-controller

---
apiVersion: v1
kind: Service
metadata:
  name: ingress-traefik-controller
spec:
  type: NodePort
  selector:
    app: ingress-traefik-controller
  ports:
    - protocol: TCP
      port: 80
      name: http
      targetPort: 80
    - protocol: TCP
      port: 443
      name: https
      targetPort: 443
    - protocol: TCP
      port: 8080
      name: admin
      targetPort: 8080
EOF

install kubernetes-dashboard

openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout tls.key -out tls.crt -subj "/CN=kubernetes-dashboard.cluster.local"
kubectl create ns kubernetes-dashboard
kubectl create secret tls kubernetes-dashboard-certs --key tls.key --cert tls.crt -n kubernetes-dashboard 
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/master/aio/deploy/recommended.yaml

apply kubernetes-dashboard ingress

cat <<EOF | kubectl  apply -f -
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  annotations:
    kubernetes.io/ingress.class: traefik
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard 
spec:
  tls:
  - hosts:
    - kubernetes-dashboard.cluster.local
    secretName: kubernetes-dashboard-certs
  rules:
  - host: kubernetes-dashboard.cluster.local
    http:
      paths:
      - path: /
        backend:
          serviceName: kubernetes-dashboard
          servicePort: 443
EOF

status

# kubectl describe svc  ingress-traefik-controller
Name:                     ingress-traefik-controller
Namespace:                default
Labels:                   <none>
Annotations:              <none>
Selector:                 app=ingress-traefik-controller
Type:                     NodePort
IP:                       10.96.234.16
Port:                     http  80/TCP
TargetPort:               80/TCP
NodePort:                 http  30615/TCP
Endpoints:                10.244.3.6:80
Port:                     https  443/TCP
TargetPort:               443/TCP
NodePort:                 https  31678/TCP
Endpoints:                10.244.3.6:443
Port:                     admin  8080/TCP
TargetPort:               8080/TCP
NodePort:                 admin  31648/TCP
Endpoints:                10.244.3.6:8080
Session Affinity:         None
External Traffic Policy:  Cluster
Events:                   <none>

# kubectl get all -n kubernetes-dashboard
NAME                                             READY   STATUS    RESTARTS   AGE
pod/dashboard-metrics-scraper-7b59f7d4df-9kfqq   1/1     Running   0          167m
pod/kubernetes-dashboard-665f4c5ff-zfzcr         1/1     Running   0          167m

NAME                                TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)    AGE
service/dashboard-metrics-scraper   ClusterIP   10.96.8.248     <none>        8000/TCP   167m
service/kubernetes-dashboard        ClusterIP   10.96.154.232   <none>        443/TCP    167m

NAME                                        READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/dashboard-metrics-scraper   1/1     1            1           167m
deployment.apps/kubernetes-dashboard        1/1     1            1           167m

NAME                                                   DESIRED   CURRENT   READY   AGE
replicaset.apps/dashboard-metrics-scraper-7b59f7d4df   1         1         1       167m
replicaset.apps/kubernetes-dashboard-665f4c5ff         1         1         1       167m

result

http://kubernetes-dashboard.cluster.local:31678/#/login ok

https://kubernetes-dashboard.cluster.local:31678/#/login 404 page not found

ingress-traefik-controller log

time="2020-10-09T08:25:26Z" level=debug msg="http: TLS handshake error from 10.244.0.0:1349: remote error: tls: unknown certificate"
time="2020-10-09T08:25:26Z" level=debug msg="http: TLS handshake error from 10.244.0.0:24982: remote error: tls: unknown certificate"

Topic		Replies	Views
404 Not Found on Traefik Dashboard via http on local Kubernetes Cluster Traefik v2 (latest) kubernetes-ingress	2	1854	November 23, 2021
404 page not found errors Traefik v2 (latest) kubernetes-ingress	3	1898	January 25, 2023
Redirecting to https gives 404 error when using middlewares Traefik v2 (latest) kubernetes-crd , middleware	0	383	October 13, 2020
Unable to migrate to traefik v2 from v1: 404 not found error Traefik v2 (latest) kubernetes-ingress	1	533	May 18, 2022
404 Help, please Traefik v2 (latest) kubernetes-crd	4	2907	October 28, 2020

kubernetes-dashboard https return "404 page not found"

version

install traefik

install kubernetes-dashboard

status

result

Related Topics