Hi there, I'm trying to reverse proxy some proxmox servers. In order to do so, you need:
- A service defined for each "ExternalName"
- An ingressRoute
- A certificate
I believe that I configured each of these correctly, but VNC still doesn't work. The rest of the UI works great. For HAProxy, I had to get sticky cookies enabled and that fixed VNC there.
Can anyone tell me what I'm doing wrong here?
kind: Service
apiVersion: v1
metadata:
name: proxmox-1a
namespace: traefik
annotations:
traefik.ingress.kubernetes.io/service.sticky.cookie: "true"
traefik.ingress.kubernetes.io/service.sticky.cookie.name: "proxmox-1a"
spec:
type: ExternalName
ports:
- name: https
port: 8006
targetPort: 8006
externalName: 10.1.0.31
---
kind: Service
apiVersion: v1
metadata:
name: proxmox-1b
namespace: traefik
annotations:
traefik.ingress.kubernetes.io/service.sticky.cookie: "true"
traefik.ingress.kubernetes.io/service.sticky.cookie.name: "proxmox-1b"
spec:
type: ExternalName
ports:
- name: https
port: 8006
targetPort: 8006
externalName: 10.1.0.35
---
apiVersion: traefik.io/v1alpha1
kind: ServersTransport
metadata:
name: skip-ssl
namespace: traefik
spec:
insecureSkipVerify: true
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: proxmox
namespace: traefik
annotations:
kubernetes.io/ingress.class: traefik-external
spec:
entryPoints:
- websecure
routes:
- match: Host(`<address>`)
kind: Rule
services:
- name: proxmox-1a
port: 8006
serversTransport: skip-ssl
sticky:
cookie:
name: proxmox-1a
sameSite: strict
- name: proxmox-1b
port: 8006
serversTransport: skip-ssl
sticky:
cookie:
name: proxmox-1b
sameSite: strict
middlewares:
- name: default-headers
namespace: traefik
- name: cors-headers
namespace: traefik
tls:
secretName: <certificate>