0

I have an on premise Kubernetes cluster. I have traefik running in the cluster as per the example given by traefik. It is tied to a node, which will be my loadbalancer. I can access the service running(with ingress) by hitting the node port with the route. For example http://build.mydomain.com:NODEPORT will route me to my Jenkins.

But I want to be able to hit my Jenkins by simply entering http://build.mydomain.com

Is this possible or do I have to run traefik outside of the cluster?

Basically I just want everything hitting 80 on the load balancer to hit the traefik ingress controller, which should rout the request based on the ingresses. 

---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: traefik-ingress-controller
  namespace: kube-system
---
kind: Deployment
apiVersion: extensions/v1beta1
metadata:
  name: traefik-ingress-controller
  namespace: kube-system
  labels:
    k8s-app: traefik-ingress-lb
spec:
  replicas: 1
  selector:
    matchLabels:
      k8s-app: traefik-ingress-lb
  template:
    metadata:
      labels:
        k8s-app: traefik-ingress-lb
        name: traefik-ingress-lb
    spec:
      serviceAccountName: traefik-ingress-controller
      terminationGracePeriodSeconds: 60
      containers:
      - image: traefik
        name: traefik-ingress-lb
        ports:
        - name: http
          containerPort: 80
        - name: admin
          containerPort: 8080
        args:
        - --api
        - --kubernetes
        - --logLevel=INFO
      nodeSelector:
        node-role.kubernetes.io/worker: loadbalancer
---
kind: Service
apiVersion: v1
metadata:
  name: traefik-ingress-service
  namespace: kube-system
spec:
  selector:
    k8s-app: traefik-ingress-lb
  ports:
    - protocol: TCP
      port: 80
      name: web
    - protocol: TCP
      port: 8080
      name: admin
  type: NodePort
tdh
  • 103
  • 2
  • 11
  • Basically I ended up running traefik *outside* the cluster and having it point kubernetes api-server on the master node. Then it picked up the ingress's and would route to the proper service. – tdh Oct 18 '18 at 14:18

1 Answers1

0

If you deploy traefik inside the cluster then it can only be exposed as a service with NodePort/LoadBalancer or Ingress. If it is an Ingress, guess what you need a loadbalancer outside the cluster.

I just wanted a simple reverse proxy to discover and route traffic to new services. This worked well by up running traefik outside the cluster and having it point kubernetes api-server on the master node. This is done in the Traefik config file. Like this:

[kubernetes]
endpoint = "https://my-master-node:6443"
token="" <-- GET THIS FROM YOUR KUBERNETES MASTER NODE
certAuthFilePath = "/root/ssl/ca.crt" <-- GET THIS FROM YOUR KUBERNETES MASTER NODE

Then it picked up the ingress's and would route to the proper service.

One of the services I was configuring in my cluster was Jenkins. Jenkins expects it's agents to connect on port 50000 by default. I spent some time trying to figure out how to get a rout based on the same host to hit another port in cluster. Couldn't really get it working.

Then I found out that trafik doesn't support TCP. Jenkins agents contact the master over http to say hello and then set up the agent to slave connection over TCP.

So in the end wasted effort :-(

tdh
  • 103
  • 2
  • 11