CODEWITHSUNDEEP
traefiktraefik-ingress
Clement
Clement

Reputation: 4811

Traefik v2 Middlewares not being detected

Middlewares are not being detected and therefore paths are not being stripped resulting in 404s in the backend api.

Middleware exists in k8s apps namespace

$ kubectl get -n apps middlewares
NAME                                                AGE
traefik-middlewares-backend-users-service           1d

configuration for middleware and ingress route

---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
  annotations:
    kubernetes.io/ingress.class: traefik
  name: apps-services
  namespace: apps
spec:
  entryPoints:
    - web
  routes:
    - kind: Rule
      match: Host(`example.com`) && PathPrefix(`/users/`)
      middlewares:
        - name: traefik-middlewares-backend-users-service
      priority: 0
      services:
        - name: backend-users-service
          port: 8080
---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
  name: traefik-middlewares-backend-users-service
  namespace: apps
spec:
  stripPrefix:
    prefixes:
      - /users

Static configuration

global:
  checkNewVersion: true
  sendAnonymousUsage: true
entryPoints:
  http:
    address: :80
  traefik:
    address: :8080
providers:
  providersThrottleDuration: 2s
  kubernetesIngress: {}
api:
  # TODO: make this secure later
  insecure: true
ping:
  entryPoint: http
log: {}

Traefik dasboard has no middlewares

traefik v2 dashboard

Spring Boot 404 page. Route is on example.com/actuator/health

The /users is not being stripped. This worked for me in traefik v1 perfectly fine.

Note: actual domain has been replaced with example.com and domain.com in the examples.

spring boot 404 page

Upvotes: 1

Views: 5260

Answers (1)

Clement
Clement

Reputation: 4811

To get this working, I had to:

  1. Add the Kubernetes CRD provider with the namespaces where the custom k8s CRDs for traefik v2 exist
  2. Add TLSOption resource definition
  3. Update cluster role for traefik to have permissions for listing and watching new v2 resources
  4. Make sure all namespaces with new resources are configured

Traefik Static Configuration File

providers:
  providersThrottleDuration: 2s
  kubernetesCRD:
    namespaces:
      - apps
      - traefik

TLSOption CRD

---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
  name: tlsoptions.traefik.containo.us
spec:
  group: traefik.containo.us
  version: v1alpha1
  names:
    kind: TLSOption
    plural: tlsoptions
    singular: tlsoption
  scope: Namespaced

Updated Static Configuration for Traefik

global:
  checkNewVersion: true
  sendAnonymousUsage: true
entryPoints:
  http:
    address: :80
  traefik:
    address: :8080
providers:
  providersThrottleDuration: 2s
  kubernetesCRD:
    namespaces:
      - apps
      - traefik
api:
  # TODO: make this secure later
  insecure: true
ping:
  entryPoint: http
log: {}

Upvotes: 1

Related Questions