Usage of `publishedService` in externalIP setup

Hey,

I have a setup with Traefik as a ClusterIP service with external IPs (as my hosting provider does not support a LoadBalancer infrastructure).

Now I try to setup ArgoCD. It works pretty good, but Argo had issues getting the health status of the ingresses.

After some digging I found the this GitHub issue and further on this part of the documentation: Kubernetes Ingress - Traefik

The issue and the part of the documentation state, that you should set your Traefik service as publishedService on your kubernetesIngress provider, so the status of the Traefik service is copied to the ingresses.

So I tried setting

providers:
  kubernetesIngress:
    ingressEndpoint:
      publishedService: kube-system/traefik2-ingress-controller

in my static configuration. But nothing changed. I first thought the fix was not working. Until I checked the status of the service (I removed some parts of the service):

user@nb [~]
-> % kubectl -n kube-system get svc traefik2-ingress-controller -o yaml
apiVersion: v1
kind: Service
metadata:
  name: traefik2-ingress-controller
  namespace: kube-system
spec:
  clusterIP: 10.106.182.36
  externalIPs:
  - 1.2.3.4
  - 1.2.3.5
  ports:
  - name: web
    port: 80
    protocol: TCP
    targetPort: 80
  - name: websecure
    port: 443
    protocol: TCP
    targetPort: 443
  selector:
    app: traefik2-ingress-controller
  type: ClusterIP
status:
  loadBalancer: {}
user@nb [~]
-> %

As you can see the status of the service is empty. So copying it to the ingresses worked, but as it is empty as well, nothing really changed.

I have another setup with a LoadBalancer service for Traefik. I tried there and it worked immediately.

So is there a setting I need to configure to either get a status on the Traefik ClusterIP service or can (and should) I set the status of the ingresses in some other way?

Thanks in advance!

EDIT: I have another setup where my provider configured a load balancer outside my cluster and I had to configure a NodePort service. I have the same issue with the service there. The status is empty as well. I mixed both of them up a bit here, so the original post was not really consistent. So I fixed it with the edits.

Ok, after some further digging I figured out what the other two keys in that group hostname and ip are doing: With both of them you can hardcode a domain or IP address to be published on all Ingresses.

So in my case I reconfigured it as follows:

providers:
  kubernetesIngress:
    ingressEndpoint:
      ip: 1.2.3.4

This way now the status of all Ingress is set and ArgoCD is able to do the health check on it.

This -- let's call it workaround -- has some downsides though. As you can see in my setup here I cannot configure both external IPs, for example.

I created a feature request for activating setting the status automatically also from ClusterIP and NodePort service on GitHub: Publish IPs from ClusterIP and NodePort services on Ingresses · Issue #7972 · traefik/traefik · GitHub

2 Likes

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.