I am using k3s with traefik. I want to deploy an apache-php k3s service behind traefik. I tried the next:
$ cat deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-php-app
namespace: kube-system
labels:
app: my-php-app
spec:
replicas: 1
selector:
matchLabels:
app: my-php-app
template:
metadata:
labels:
app: my-php-app
spec:
containers:
- name: php-apache
image: php:8.2-apache # Or your custom image
ports:
- containerPort: 80
volumeMounts:
- name: php-volume
mountPath: /var/www/html
volumes:
- name: php-volume
hostPath:
path: /opt/k3s/storage/www/html # Path on the host node
type: DirectoryOrCreate # Creates the directory if it doesn't exist
---
apiVersion: v1
kind: Service
metadata:
name: my-php-app-service
namespace: kube-system
spec:
selector:
app: my-php-app
ports:
- protocol: TCP
port: 80
targetPort: 80
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: my-php-app-ingress
namespace: kube-system
spec:
rules:
- host: myphpsite.cn.lan
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: my-php-app-service
port:
number: 80
This code “works” i.e. the volume is created at the node that contains the pod. However, independently that I created an index.html file inside the html folder, I get:
curl -k -H "Host: myphpsite.cn.lan" https://192.168.0.215/
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access this resource.</p>
<hr>
<address>Apache/2.4.62 (Debian) Server at myphpsite.cn.lan Port 80</address>
</body></html>
What could be the problem? Are my rules bad?