Comments (6)
Hi @sonisaurabh19 , thanks a lot for your valuable response. Yeah I am planning to add such example as well. I will post the example here as comment :) and let you know.
from learn_kubernetes.
Hi @sonisaurabh19 ,
I have added a task for using the pre-existing certs now. Please check this and let me know if this helps.
Let me know if you face any issues. We can improve the document accordingly.
You can also check the official docs
I will close the issue if this works.
from learn_kubernetes.
Hi, thanks for doing this quick. I followed the steps as stated with couple minor changes.
- For dev, I am using mkcert tool to generate custom TLS certificate.
✗ mkcert traefik.minikube "*.traefik.minikube" 192.168.64.2
Using the local CA at "/Users/sisuser/Library/Application Support/mkcert" ✨
Warning: the local CA is not installed in the Firefox trust store! ⚠️
Run "mkcert -install" to avoid verification errors ‼️
Created a new certificate valid for the following names 📜
- "traefik.minikube"
- "*.traefik.minikube"
- "192.168.64.2"
Reminder: X.509 wildcards only go one level deep, so this won't match a.b.traefik.minikube ℹ️
The certificate is at "./traefik.minikube+2.pem" and the key at "./traefik.minikube+2-key.pem" ✅
-
Added the base64 key and cert files to
12-secret.yaml
, I just changed the values i.e. Add base64 encoded value of you cert.key and Add base64 encoded value of your chained cert.crt. -
kubectl apply -f 12-secret.yaml
-
Updated
35-whoami-ingress-route.yaml
:
- match: Host(`traefik.minikube`) && PathPrefix(`/whoami-app-api`)
-
kubectl apply -f .
-
Setup
minikube tunnel
-
Pods
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 18d
traefik LoadBalancer 10.98.11.245 10.98.11.245 80:31374/TCP,443:31201/TCP,8080:31166/TCP 4s
whoami ClusterIP 10.110.68.153 <none> 80/TCP 4s
whoami-again ClusterIP 10.111.200.181 <none> 80/TCP 2d4h
Please see the error in traefik.log
✗ kubectl logs traefik-644f4fdf79-877qd
time="2020-07-12T22:16:21Z" level=info msg="Configuration loaded from file: /etc/traefik/traefik.toml"
time="2020-07-12T22:16:21Z" level=info msg="Traefik version 2.1.9 built on 2020-03-23T17:23:17Z"
time="2020-07-12T22:16:21Z" level=debug msg="Static configuration loaded {\"global\":{},\"serversTransport\":{\"maxIdleConnsPerHost\":200},\"entryPoints\":{\"traefik\":{\"address\":\":8080\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":10000000000},\"respondingTimeouts\":{\"idleTimeout\":180000000000}},\"forwardedHeaders\":{}},\"web\":{\"address\":\":80\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":10000000000},\"respondingTimeouts\":{\"idleTimeout\":180000000000}},\"forwardedHeaders\":{}},\"websecure\":{\"address\":\":443\",\"transport\":{\"lifeCycle\":{\"graceTimeOut\":10000000000},\"respondingTimeouts\":{\"idleTimeout\":180000000000}},\"forwardedHeaders\":{}}},\"providers\":{\"providersThrottleDuration\":2000000000,\"file\":{\"directory\":\"/var/tf\",\"watch\":true},\"kubernetesCRD\":{}},\"api\":{\"insecure\":true,\"dashboard\":true,\"debug\":true},\"log\":{\"level\":\"DEBUG\",\"format\":\"common\"},\"accessLog\":{\"format\":\"common\",\"filters\":{},\"fields\":{\"defaultMode\":\"keep\",\"headers\":{\"defaultMode\":\"drop\"}}}}"
time="2020-07-12T22:16:21Z" level=info msg="\nStats collection is disabled.\nHelp us improve Traefik by turning this feature on :)\nMore details on: https://docs.traefik.io/contributing/data-collection/\n"
time="2020-07-12T22:16:21Z" level=info msg="Starting provider aggregator.ProviderAggregator {}"
time="2020-07-12T22:16:21Z" level=debug msg="Start TCP Server" entryPointName=web
time="2020-07-12T22:16:21Z" level=debug msg="Start TCP Server" entryPointName=websecure
time="2020-07-12T22:16:21Z" level=debug msg="Start TCP Server" entryPointName=traefik
time="2020-07-12T22:16:21Z" level=info msg="Starting provider *file.Provider {\"directory\":\"/var/tf\",\"watch\":true}"
time="2020-07-12T22:16:21Z" level=error msg="Cannot start the provider *file.Provider: unable to read directory /var/tf: open /var/tf: no such file or directory"
time="2020-07-12T22:16:21Z" level=info msg="Starting provider *traefik.Provider {}"
time="2020-07-12T22:16:21Z" level=debug msg="Configuration received from provider internal: {\"http\":{\"routers\":{\"api\":{\"entryPoints\":[\"traefik\"],\"service\":\"api@internal\",\"rule\":\"PathPrefix(`/api`)\",\"priority\":2147483646},\"dashboard\":{\"entryPoints\":[\"traefik\"],\"middlewares\":[\"dashboard_redirect@internal\",\"dashboard_stripprefix@internal\"],\"service\":\"dashboard@internal\",\"rule\":\"PathPrefix(`/`)\",\"priority\":2147483645},\"debug\":{\"entryPoints\":[\"traefik\"],\"service\":\"api@internal\",\"rule\":\"PathPrefix(`/debug`)\",\"priority\":2147483646}},\"middlewares\":{\"dashboard_redirect\":{\"redirectRegex\":{\"regex\":\"^(http:\\\\/\\\\/[^:\\\\/]+(:\\\\d+)?)\\\\/$\",\"replacement\":\"${1}/dashboard/\",\"permanent\":true}},\"dashboard_stripprefix\":{\"stripPrefix\":{\"prefixes\":[\"/dashboard/\",\"/dashboard\"]}}},\"services\":{\"api\":{},\"dashboard\":{}}},\"tcp\":{},\"tls\":{}}" providerName=internal
time="2020-07-12T22:16:21Z" level=info msg="Starting provider *crd.Provider {}"
time="2020-07-12T22:16:21Z" level=debug msg="Using label selector: \"\"" providerName=kubernetescrd
time="2020-07-12T22:16:21Z" level=info msg="label selector is: \"\"" providerName=kubernetescrd
time="2020-07-12T22:16:21Z" level=info msg="Creating in-cluster Provider client" providerName=kubernetescrd
time="2020-07-12T22:16:21Z" level=debug msg="Added outgoing tracing middleware api@internal" entryPointName=traefik routerName=debug@internal middlewareName=tracing middlewareType=TracingForwarder
time="2020-07-12T22:16:21Z" level=debug msg="Added outgoing tracing middleware api@internal" entryPointName=traefik routerName=api@internal middlewareName=tracing middlewareType=TracingForwarder
time="2020-07-12T22:16:21Z" level=debug msg="Added outgoing tracing middleware dashboard@internal" middlewareName=tracing middlewareType=TracingForwarder entryPointName=traefik routerName=dashboard@internal
time="2020-07-12T22:16:21Z" level=debug msg="Creating middleware" middlewareType=StripPrefix middlewareName=dashboard_stripprefix@internal routerName=dashboard@internal entryPointName=traefik
time="2020-07-12T22:16:21Z" level=debug msg="Adding tracing to middleware" routerName=dashboard@internal middlewareName=dashboard_stripprefix@internal entryPointName=traefik
time="2020-07-12T22:16:21Z" level=debug msg="Creating middleware" entryPointName=traefik routerName=dashboard@internal middlewareType=RedirectRegex middlewareName=dashboard_redirect@internal
time="2020-07-12T22:16:21Z" level=debug msg="Setting up redirection from ^(http:\\/\\/[^:\\/]+(:\\d+)?)\\/$ to ${1}/dashboard/" middlewareType=RedirectRegex middlewareName=dashboard_redirect@internal entryPointName=traefik routerName=dashboard@internal
time="2020-07-12T22:16:21Z" level=debug msg="Adding tracing to middleware" entryPointName=traefik routerName=dashboard@internal middlewareName=dashboard_redirect@internal
time="2020-07-12T22:16:21Z" level=debug msg="Creating middleware" entryPointName=traefik middlewareName=traefik-internal-recovery middlewareType=Recovery
time="2020-07-12T22:16:21Z" level=debug msg="No default certificate, generating one"
time="2020-07-12T22:16:22Z" level=debug msg="Configuration received from provider kubernetescrd: {\"http\":{\"routers\":{\"default-whoami-whoami-0a89be42842c990013d3\":{\"entryPoints\":[\"web\",\"websecure\"],\"service\":\"default-whoami-whoami-0a89be42842c990013d3\",\"rule\":\"Host(`traefik.minikube`) \\u0026\\u0026 PathPrefix(`/whoami-app-api`)\"}},\"services\":{\"default-whoami-whoami-0a89be42842c990013d3\":{\"loadBalancer\":{\"servers\":[{\"url\":\"http://172.17.0.7:80\"}],\"passHostHeader\":true}}}},\"tcp\":{},\"tls\":{}}" providerName=kubernetescrd
time="2020-07-12T22:16:22Z" level=debug msg="Creating middleware" entryPointName=websecure routerName=default-whoami-whoami-0a89be42842c990013d3@kubernetescrd serviceName=default-whoami-whoami-0a89be42842c990013d3 middlewareType=Pipelining middlewareName=pipelining
time="2020-07-12T22:16:22Z" level=debug msg="Creating load-balancer" entryPointName=websecure routerName=default-whoami-whoami-0a89be42842c990013d3@kubernetescrd serviceName=default-whoami-whoami-0a89be42842c990013d3
time="2020-07-12T22:16:22Z" level=debug msg="Creating server 0 http://172.17.0.7:80" serviceName=default-whoami-whoami-0a89be42842c990013d3 entryPointName=websecure routerName=default-whoami-whoami-0a89be42842c990013d3@kubernetescrd serverName=0
time="2020-07-12T22:16:22Z" level=debug msg="Added outgoing tracing middleware default-whoami-whoami-0a89be42842c990013d3" routerName=default-whoami-whoami-0a89be42842c990013d3@kubernetescrd entryPointName=websecure middlewareName=tracing middlewareType=TracingForwarder
time="2020-07-12T22:16:22Z" level=debug msg="Creating middleware" middlewareName=traefik-internal-recovery middlewareType=Recovery entryPointName=websecure
time="2020-07-12T22:16:22Z" level=debug msg="Added outgoing tracing middleware api@internal" middlewareName=tracing middlewareType=TracingForwarder entryPointName=traefik routerName=api@internal
time="2020-07-12T22:16:22Z" level=debug msg="Added outgoing tracing middleware dashboard@internal" entryPointName=traefik middlewareName=tracing middlewareType=TracingForwarder routerName=dashboard@internal
time="2020-07-12T22:16:22Z" level=debug msg="Creating middleware" middlewareName=dashboard_stripprefix@internal middlewareType=StripPrefix entryPointName=traefik routerName=dashboard@internal
time="2020-07-12T22:16:22Z" level=debug msg="Adding tracing to middleware" middlewareName=dashboard_stripprefix@internal entryPointName=traefik routerName=dashboard@internal
time="2020-07-12T22:16:22Z" level=debug msg="Creating middleware" middlewareName=dashboard_redirect@internal middlewareType=RedirectRegex entryPointName=traefik routerName=dashboard@internal
time="2020-07-12T22:16:22Z" level=debug msg="Setting up redirection from ^(http:\\/\\/[^:\\/]+(:\\d+)?)\\/$ to ${1}/dashboard/" middlewareName=dashboard_redirect@internal middlewareType=RedirectRegex entryPointName=traefik routerName=dashboard@internal
time="2020-07-12T22:16:22Z" level=debug msg="Adding tracing to middleware" entryPointName=traefik routerName=dashboard@internal middlewareName=dashboard_redirect@internal
time="2020-07-12T22:16:22Z" level=debug msg="Added outgoing tracing middleware api@internal" middlewareName=tracing middlewareType=TracingForwarder entryPointName=traefik routerName=debug@internal
time="2020-07-12T22:16:22Z" level=debug msg="Creating middleware" middlewareType=Recovery entryPointName=traefik middlewareName=traefik-internal-recovery
time="2020-07-12T22:16:22Z" level=debug msg="Creating middleware" entryPointName=web middlewareName=traefik-internal-recovery middlewareType=Recovery
time="2020-07-12T22:16:22Z" level=debug msg="No default certificate, generating one"
time="2020-07-12T22:16:23Z" level=debug msg="Skipping Kubernetes event kind *v1.Endpoints" providerName=kubernetescrd
The fact that traefik is generating default certificate could be linked to /var/tf missing.
from learn_kubernetes.
@sonisaurabh19 I pushed the changes to fix this issue. Pull the latest master and replace the secret with base64 encoded. It should work now.
from learn_kubernetes.
@vamshisiddarth It is working, thanks! But dashboard is still loading at http, not https!
from learn_kubernetes.
@sonisaurabh19 , you can refer the following link for the same. I will be closing the issue now as TLS with custom certificates is working.
from learn_kubernetes.
Related Issues (2)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from learn_kubernetes.