0
I am new in kubernetes world, and I wish to use Traefik to make a reverse proxy to my services (with HTTPS). I followed the whole instructions from official Traefik website and It does not work, It keeps saying Internal server error when I try to access my service.
Ps: The Traefik dashboard is working fine... I think maybe it is a problem with the TLS configurations on my cluster, but I already tried everything I found on the internet and It doesn't work.
traefik-deployment.yml
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: traefik-ingress-controller
namespace: kube-system
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: traefik-ingress-controller
namespace: kube-system
labels:
k8s-app: traefik-ingress-lb
spec:
replicas: 1
selector:
matchLabels:
k8s-app: traefik-ingress-lb
template:
metadata:
labels:
k8s-app: traefik-ingress-lb
name: traefik-ingress-lb
spec:
serviceAccountName: traefik-ingress-controller
terminationGracePeriodSeconds: 60
containers:
- image: traefik:1.7.12
name: traefik-ingress-lb
ports:
- name: http
containerPort: 80
- name: https
containerPort: 443
- name: admin
containerPort: 8080
args:
- --api
- --kubernetes
- --logLevel=INFO
- --defaultentrypoints=http,https
- --entrypoints=Name:https Address::443 TLS
- --entrypoints=Name:http Address::80
- --insecureSkipVerify=true
---
apiVersion: v1
kind: Service
metadata:
name: traefik-ingress-service
namespace: kube-system
spec:
selector:
k8s-app: traefik-ingress-lb
ports:
- protocol: TCP
port: 80
name: web
- protocol: TCP
port: 443
name: web-secure
- protocol: TCP
port: 8080
name: admin
type: LoadBalancer
ui.yml
apiVersion: v1
kind: Service
metadata:
name: traefik-web-ui
namespace: kube-system
spec:
selector:
k8s-app: traefik-ingress-lb
ports:
- name: web
port: 80
targetPort: 8080
- name: web-secure
port: 443
targetPort: 8080
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: traefik-web-ui
namespace: kube-system
annotations:
kubernetes.io/ingress.class: traefik
spec:
rules:
- host: traefik.localhost
http:
paths:
- backend:
serviceName: traefik-web-ui
servicePort: 80
default-ingress.yml
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: behive-backend
annotations:
kubernetes.io/ingress.class: traefik
ingress.kubernetes.io/protocol: https
traefik.ingress.kubernetes.io/redirect-entry-point: https
traefik.ingress.kubernetes.io/redirect-permanent: "true"
spec:
rules:
- host: wh-entry.behive.io
http:
paths:
- path: /
backend:
serviceName: webhook-service
servicePort: 3000
tls:
- secretName: traefik-ui-tls-cert
app.yml
apiVersion: v1
kind: Service
metadata:
name: webhook-service
labels:
app: behive-webhook-entry
spec:
ports:
- name: node-app
port: 3000
targetPort: 3000
selector:
app: behive-webhook-entry
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: webhook-deployment
labels:
app: behive-webhook-entry
env: prod
spec:
selector:
matchLabels:
app: behive-webhook-entry
replicas: 1
strategy:
type: Recreate
template:
metadata:
annotations:
ad.datadoghq.com/nodejs.logs: '[{"source":"nodejs","service":"webhook-entry"}]'
labels:
app: behive-webhook-entry
env: prod
spec:
containers:
- name: webhook
image: mutterpedro/behive-wh-entry:1.0.0
ports:
- name: app
containerPort: 3000
hostPort: 3000
livenessProbe:
httpGet:
port: 3000
path: /liveness
initialDelaySeconds: 60
periodSeconds: 300
readinessProbe:
httpGet:
port: 3000
path: /readiness
initialDelaySeconds: 90
periodSeconds: 300
env:
- name: KAFKA_HOST
value: kafka-service:9092
- name: FIREBASE_API_KEY
valueFrom:
secretKeyRef:
name: firebase
key: api-key
- name: FIREBASE_DATABASE_URL
valueFrom:
secretKeyRef:
name: firebase
key: database-url
- name: FIREBASE_PROJECT_ID
valueFrom:
secretKeyRef:
name: firebase
key: project-id
- name: AUTH_USER
valueFrom:
secretKeyRef:
name: wh-basic-auth
key: user
- name: AUTH_PASSWORD
valueFrom:
secretKeyRef:
name: wh-basic-auth
key: password
- name: DD_API_KEY
valueFrom:
secretKeyRef:
name: datadog-secret
key: api-key
imagePullSecrets:
- name: regcred