Installing with Helm - 404 on dashboard

Traefik Traefik v2 (latest)
1

I have installed Traefik 2.1.1 on an AWS EKS cluster using the latest version of the Helm chart. AFAICT things are running one way or another. A classic ELB was created on AWS in three AZs, and the pod seems to have started just fine.

This is what the pod looks like

Name:           traefik-6d7859ff8d-k2v4p
Namespace:      acme
Priority:       0
Node:           ip-10-200-5-85.eu-central-1.compute.internal/10.200.5.85
Start Time:     Thu, 09 Jan 2020 10:51:33 +0100
Labels:         app=traefik
                chart=traefik-3.1.0
                heritage=Tiller
                pod-template-hash=6d7859ff8d
                release=traefik
Annotations:    kubernetes.io/psp: eks.privileged
Status:         Running
IP:             10.200.5.148
Controlled By:  ReplicaSet/traefik-6d7859ff8d
Containers:
  traefik:
    Container ID:  docker://7d5ef0c75b836ea03b090da455bdef33bf84f4cf86b5ba2451b4abe106047281
    Image:         traefik:2.1.1
    Image ID:      docker-pullable://traefik@sha256:a87b61f3254d03c4fcc0b994e2cb7af89abba8178f1fbec3bce3f4bdc080f8a6
    Ports:         9000/TCP, 8000/TCP, 8443/TCP
    Host Ports:    0/TCP, 0/TCP, 0/TCP
    Args:
      --global.checknewversion=true
      --global.sendanonymoususage=true
      --entryPoints.traefik.address=:9000
      --entryPoints.web.address=:8000
      --entryPoints.websecure.address=:8443
      --api.dashboard=true
      --ping=true
      --providers.kubernetescrd
      --log.level=DEBUG
      --providers.kubernetesingress
    State:          Running
      Started:      Thu, 09 Jan 2020 10:51:34 +0100
    Ready:          True
    Restart Count:  0
    Liveness:       http-get http://:9000/ping delay=10s timeout=2s period=10s #success=1 #failure=3
    Readiness:      http-get http://:9000/ping delay=10s timeout=2s period=10s #success=1 #failure=1
    Environment:    <none>
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from traefik-token-zl6kj (ro)
Conditions:
  Type              Status
  Initialized       True 
  Ready             True 
  ContainersReady   True 
  PodScheduled      True 
Volumes:
  traefik-token-zl6kj:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  traefik-token-zl6kj
    Optional:    false
QoS Class:       BestEffort
Node-Selectors:  <none>
Tolerations:     node.kubernetes.io/not-ready:NoExecute for 300s
                 node.kubernetes.io/unreachable:NoExecute for 300s
Events:
  Type    Reason     Age   From                                                   Message
  ----    ------     ----  ----                                                   -------
  Normal  Scheduled  22m   default-scheduler                                      Successfully assigned mercury/traefik-6d7859ff8d-k2v4p to ip-10-200-5-85.eu-central-1.compute.internal
  Normal  Pulled     22m   kubelet, ip-10-200-5-85.eu-central-1.compute.internal  Container image "traefik:2.1.1" already present on machine
  Normal  Created    22m   kubelet, ip-10-200-5-85.eu-central-1.compute.internal  Created container
  Normal  Started    22m   kubelet, ip-10-200-5-85.eu-central-1.compute.internal  Started container

This is the service:

Name:                     traefik
Namespace:           acme
Labels:                   app=traefik
                          app.kubernetes.io/instance=traefik
                          chart=traefik-3.1.0
                          heritage=Tiller
                          release=traefik
Annotations:              kubectl.kubernetes.io/last-applied-configuration:
                            {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"labels":{"app":"traefik","app.kubernetes.io/instance":"traefik","chart":...
Selector:                 app=traefik,release=traefik
Type:                     LoadBalancer
IP:                       172.20.77.240
LoadBalancer Ingress:     a5b6525XXXXXXX1eaac2e0208228b88f-287426285.eu-central-1.elb.amazonaws.com
Port:                     web  80/TCP
TargetPort:               web/TCP
NodePort:                 web  30916/TCP
Endpoints:                10.200.5.148:8000
Port:                     websecure  443/TCP
TargetPort:               websecure/TCP
NodePort:                 websecure  30998/TCP
Endpoints:                10.200.5.148:8443
Session Affinity:         None
External Traffic Policy:  Cluster
Events:                   <none>

I am now trying to see the dashboard as a first next step. Here is what I have tried so far:

  1. Use kubectl port-forward svc/traefik -n mynamespace 8080:443 to forward traffic to Traefik.
  2. Open https://localhost:8080/dashboard/ in a browser. I confirm that I want to proceed despite certificate issues and then get a 404.

Alternatively I tried

  1. kubectl port-forward svc/traefik -n mercury 8080:80
  2. http://localhost:8080/dashboard/

I see this in my logs:

time="2020-01-09T09:53:31Z" level=debug msg="Skipping Kubernetes event kind *v1.Endpoints" providerName=kubernetes

I have not made any changes other than change the loglevel to DEBUG.

How do I get this to work? I found some questions describing similar problems with solutions that contained a lot of configuration passed through labels to the service in docker compose files (e.g. Dashboard just not working). Am I wrong in assuming that the Helm chart should work out of the box? What steps do I need to take to get this up and running?

Any help is greatly appreciated.

2

Just noticed an error in my post (not the actual code): the namespaces are incongruent. In real life they were not.

3

Hello,

Something like that happens to me, how did you solve it?

Regards,

4

I did not. The lack of responses on this community actually caused me to give up on Traefik for the time being.

5

Hey I got the same problem, but I've managed to solve it. Maybe it's related to your issue ?

When creating the dashboard ingress, the ingress.class was missing. I found it by directly call the /api endpoint from within the cluster to the ClusterIP of the dashboard ui.
The return was: {"kubernetes": {}}

Easy fix was to add this annotation in my values.yaml:

dashboard:
  ingress:
    annotations:
      kubernetes.io/ingress.class: traefik-internal

kubernetes:
  ingressClass: "traefik-internal"

Note: traefik-internal is the default name you do not need the kubernetes block I've just put it there for clarity

Hope it solve your issue !