Using the below Traefik config, all pods except traeafik can communicate properly using the httproute address. For example, wget -O- https://login.int.imdevinc.com just times out after 2 minutes from the traefik pod (it does show the correct IP being resolved). When done from any other pod on my network, the connection works fine though. Normally I'd just use service addresses, but OIDC requires an FQDN so when I use that, traefik fails to communicate with the OIDC pod over the httproute.
globalArguments:
- "--api.insecure"
logs:
general:
level: INFO
providers:
kubernetesIngress:
enabled: false
kubernetesGateway:
enabled: true
gateway:
annotations:
cert-manager.io/cluster-issuer: letsencrypt-traefik
listeners:
web:
hostname: "*.int.imdevinc.com"
namespacePolicy: All
forwardedHeaders:
insecure: true
websecure:
hostname: "*.int.imdevinc.com"
port: 8443
namespacePolicy: All
protocol: HTTPS
certificateRefs:
- name: wildcard-tls
forwardedHeaders:
insecure: true
service:
spec:
externalTrafficPolicy: Local
ports:
web:
redirections:
entryPoint:
scheme: https
to: websecure
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: pocket-id
spec:
parentRefs:
- name: traefik-gateway
namespace: traefik
hostnames:
- login.int.imdevinc.com
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: pocket-id
namespace: pocket-id
port: 80