Needing a bit of assistance. I am trying to get Traefik configured to load balance to upstream servers and offload the tls certificate using cert-manager. I have cert-manager configured and a valid cert is stored in the secret. However I can't seem to get the router to recognize the secretName node to tie the two together. It will server the default traefik certificate if I remove the secretName and replace it with {}. I have included the deployment, and my config file that I am using below. Any idea what I am doing incorrectly?
traefik.yml
kind: Deployment
apiVersion: apps/v1
metadata:
name: traefik-deployment
labels:
app: traefik
spec:
replicas: 1
selector:
matchLabels:
app: traefik
template:
metadata:
labels:
app: traefik
spec:
serviceAccountName: traefik-account
containers:
- name: traefik
image: traefik:v2.9
args:
- --api.insecure
- --entrypoints.websecure.Address=:443
- --entrypoints.web.Address=:80
- --providers.kubernetesingress
- --providers.file.directory=/traefik-config
- --providers.file.watch=true
- --serversTransport.insecureSkipVerify=true
ports:
- name: web
containerPort: 80
- name: websecure
containerPort: 443
- name: dashboard
containerPort: 8080
volumeMounts:
- name: traefik-data
mountPath: /traefik-config
volumes:
- name: traefik-data
persistentVolumeClaim:
claimName: nfs-traefik-claim-00
test.example.com.yml
http:
routers:
# Define a connection between requests and services
test-http:
rule: "Host(`test.example.com`)"
entryPoints:
- web
middlewares:
- https-redirect
# If the rule matches, forward to the whoami service (declared below)
service: testsvc
test-https:
rule: "Host(`test.example.com`)"
entryPoints:
- websecure
service: testsvc
tls:
secretName: test-example-com-cert
middlewares:
https-redirect:
redirectScheme:
scheme: https
permanent: true
services:
# Define how to reach an existing service on our infrastructure
testsvc:
loadBalancer:
servers:
- url: https://172.19.0.90:4443
- url: https://172.19.0.91
healthCheck:
path: /ex
interval: "5s"
timeout: "1s"