Traefik v2 with Cert-Manager under Kubernetes problem

Hello,

As I know from the docs, currently Traefik v2 under Kubernetes doesn't play well with LetsEncrypt when multiple instances are running. The suggested workaround is to use cert-manager issues to kickstart an ingress that will perform the validation and ultimately create the TLS secret.

I have the current setup:

apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
  name: dashboard
  namespace: traefik
spec:
  entryPoints:
  - websecure
  routes:
  - match: Host(`traefiklb.emsclaimsengine.com`) && (PathPrefix(`/dashboard`) || PathPrefix(`/api`))
    kind: Rule
    services:
    - name: api@internal
      kind: TraefikService
  tls:
    secretName: dashboard-secret
    domains:
    - main: traefiklb.mydomain.com
---
kind: Ingress
apiVersion: networking.k8s.io/v1beta1
metadata:
  name: dashboard-traefik-test
  namespace: traefik
  annotations:
    traefik.ingress.kubernetes.io/router.entrypoints: "web,websecure"
    traefik.ingress.kubernetes.io/router.tls: "true"
    cert-manager.io/cluster-issuer: traefik-prod
    acme.cert-manager.io/http01-ingress-class: "traefik2"
    kubernetes.io/tls-acme: "true"
spec:
  rules:
  - host: traefiklb.mydomain.com
    http:
      paths:
      - path: /test
        backend:
          serviceName: traefik
          servicePort: 80
  tls:
  - hosts:
    - "traefiklb.mydomain.com"
  - secretName: dashboard-secret

Where traefik was started with the following arguments:

additionalArguments:
  - "--log.level=WARN"
  - "--api.dashboard=true"
  - "--providers.kubernetesingress.ingressclass=traefik2"

The issuer "traefik-prod" seems ok as far as cert-manager is concerned (it picks up registration details and considers it a valid issuer as per logs, it's a ClusterIssuer)

However, nothing happens. The domain looks ok, if configure Traefik with a single instance and using the Traefik-proper way of handling ACME provider it works but I would like to be able to use cert-manager as in general I am going to need to scale Traefik instances.

I would appreciate any pointers/examples.

Thanks!

Hi,
I seem to have hit the same problem what you reported a year ago. Were you able to find a solution to this? Appreciate your reply..

Problem:
cert-manager worked perfectly fine with Traefik v1. After I upgraded to Traefik v2, cert-manager seems to be not issuing the cert at all.. Not sure if any changes are needed related to Traefik v2.