I am trying to run rclone webdav in a k3s Kubernetes container with traefik as proxy. However I keep getting following error in traefik (10.42.0.152 in this case is the ip of rclone webdav container):
'502 Bad Gateway' caused by: dial tcp 10.42.0.152:8080: connect: connection refused"
I can kubectl port-forward the webdav-service, and it is accessible that way. So the container itself is running fine, which means it could be one of following issue:
- issue with traefik -- pass headers or something?
- issue with rclone where it is detecting proxy (requests coming from someplace else) and therefore blocks it -- some rclone config change?
Following are my traefik & rclone deployment files:
traefik
apiVersion: apps/v1
kind: Deployment
metadata:
name: traefik
labels:
app: traefik
spec:
replicas: 1
selector:
matchLabels:
app: traefik
template:
metadata:
labels:
app: traefik
spec:
serviceAccountName: traefik-ingress-controller
containers:
- name: traefik
image: traefik:latest
args:
- --api.insecure=true
- --accesslog=true
- --log.level=DEBUG
- --global.sendAnonymousUsage=false
- --providers.kubernetescrd=true
- --providers.kubernetescrd.allowCrossNamespace=true
# Entrypoints
- --entrypoints.web.address=:80
- --entrypoints.vpn.address=:81/udp
- --entrypoints.mqtt.address=:83
- --entrypoints.netbios.address=:139/udp
- --entrypoints.samba.address=:445
ports:
- name: web
containerPort: 80
protocol: TCP
- name: vpn
containerPort: 81
protocol: UDP
- name: mqtt
containerPort: 83
protocol: TCP
- name: netbios
containerPort: 139
protocol: UDP
- name: samba
containerPort: 445
protocol: TCP
- name: admin
containerPort: 8080
protocol: TCP
env:
- name: TZ
value: America/New_York
- name: PGID
value: "1000"
- name: PUID
value: "1000"
volumeMounts:
- name: traefik-volume
mountPath: /config
volumes:
- name: traefik-volume
hostPath:
path: /data/raid/kube/traefik
rclone
kind: Deployment
apiVersion: apps/v1
metadata:
name: webdav
spec:
replicas: 1
selector:
matchLabels:
app: webdav
template:
metadata:
labels:
app: webdav
spec:
containers:
- name: webdav
image: rclone/rclone:latest
args: ["serve", "webdav", "/data/media", "--read-only", "--addr", "127.0.0.1:8080", "--log-level", "DEBUG", "--exclude", "*.log, *.bak, log/, logs/"]
ports:
- containerPort: 8080
env:
- name: TZ
value: America/New_York
volumeMounts:
- name: data-volume
mountPath: /data/media
readOnly: true
volumes:
- name: data-volume
hostPath:
path: /data/media
---
apiVersion: v1
kind: Service
metadata:
name: webdav-service
labels:
app: webdav
spec:
ports:
- name: http
targetPort: 8080
port: 80
selector:
app: webdav
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: webdav-route
spec:
entryPoints:
- web
routes:
- match: Host(`webdav.local.example.com`)
kind: Rule
services:
- name: webdav-service
port: 80