I have installed Traefik 2.1.1 on an AWS EKS cluster using the latest version of the Helm chart. AFAICT things are running one way or another. A classic ELB was created on AWS in three AZs, and the pod seems to have started just fine.
This is what the pod looks like
Name: traefik-6d7859ff8d-k2v4p
Namespace: acme
Priority: 0
Node: ip-10-200-5-85.eu-central-1.compute.internal/10.200.5.85
Start Time: Thu, 09 Jan 2020 10:51:33 +0100
Labels: app=traefik
chart=traefik-3.1.0
heritage=Tiller
pod-template-hash=6d7859ff8d
release=traefik
Annotations: kubernetes.io/psp: eks.privileged
Status: Running
IP: 10.200.5.148
Controlled By: ReplicaSet/traefik-6d7859ff8d
Containers:
traefik:
Container ID: docker://7d5ef0c75b836ea03b090da455bdef33bf84f4cf86b5ba2451b4abe106047281
Image: traefik:2.1.1
Image ID: docker-pullable://traefik@sha256:a87b61f3254d03c4fcc0b994e2cb7af89abba8178f1fbec3bce3f4bdc080f8a6
Ports: 9000/TCP, 8000/TCP, 8443/TCP
Host Ports: 0/TCP, 0/TCP, 0/TCP
Args:
--global.checknewversion=true
--global.sendanonymoususage=true
--entryPoints.traefik.address=:9000
--entryPoints.web.address=:8000
--entryPoints.websecure.address=:8443
--api.dashboard=true
--ping=true
--providers.kubernetescrd
--log.level=DEBUG
--providers.kubernetesingress
State: Running
Started: Thu, 09 Jan 2020 10:51:34 +0100
Ready: True
Restart Count: 0
Liveness: http-get http://:9000/ping delay=10s timeout=2s period=10s #success=1 #failure=3
Readiness: http-get http://:9000/ping delay=10s timeout=2s period=10s #success=1 #failure=1
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from traefik-token-zl6kj (ro)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
traefik-token-zl6kj:
Type: Secret (a volume populated by a Secret)
SecretName: traefik-token-zl6kj
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 22m default-scheduler Successfully assigned mercury/traefik-6d7859ff8d-k2v4p to ip-10-200-5-85.eu-central-1.compute.internal
Normal Pulled 22m kubelet, ip-10-200-5-85.eu-central-1.compute.internal Container image "traefik:2.1.1" already present on machine
Normal Created 22m kubelet, ip-10-200-5-85.eu-central-1.compute.internal Created container
Normal Started 22m kubelet, ip-10-200-5-85.eu-central-1.compute.internal Started container
This is the service:
Name: traefik
Namespace: acme
Labels: app=traefik
app.kubernetes.io/instance=traefik
chart=traefik-3.1.0
heritage=Tiller
release=traefik
Annotations: kubectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"labels":{"app":"traefik","app.kubernetes.io/instance":"traefik","chart":...
Selector: app=traefik,release=traefik
Type: LoadBalancer
IP: 172.20.77.240
LoadBalancer Ingress: a5b6525XXXXXXX1eaac2e0208228b88f-287426285.eu-central-1.elb.amazonaws.com
Port: web 80/TCP
TargetPort: web/TCP
NodePort: web 30916/TCP
Endpoints: 10.200.5.148:8000
Port: websecure 443/TCP
TargetPort: websecure/TCP
NodePort: websecure 30998/TCP
Endpoints: 10.200.5.148:8443
Session Affinity: None
External Traffic Policy: Cluster
Events: <none>
I am now trying to see the dashboard as a first next step. Here is what I have tried so far:
- Use kubectl port-forward svc/traefik -n mynamespace 8080:443 to forward traffic to Traefik.
- Open https://localhost:8080/dashboard/ in a browser. I confirm that I want to proceed despite certificate issues and then get a 404.
Alternatively I tried
- kubectl port-forward svc/traefik -n mercury 8080:80
- http://localhost:8080/dashboard/
I see this in my logs:
time="2020-01-09T09:53:31Z" level=debug msg="Skipping Kubernetes event kind *v1.Endpoints" providerName=kubernetes
I have not made any changes other than change the loglevel to DEBUG.
How do I get this to work? I found some questions describing similar problems with solutions that contained a lot of configuration passed through labels to the service in docker compose files (e.g. Dashboard just not working). Am I wrong in assuming that the Helm chart should work out of the box? What steps do I need to take to get this up and running?
Any help is greatly appreciated.