How do I run traefik behind Kubernetes on Google Container Engine?

12/1/2016

So I have Traefik "running" on Kubernetes:

apiVersion: v1
kind: Service
metadata:
  annotations:
    kubectl.kubernetes.io/last-applied-configuration: '{"kind":"Service","apiVersion":"v1","metadata":{"name":"traefik","namespace":"kube-system","creationTimestamp":null,"labels":{"k8s-app":"traefik-ingress-lb"}},"spec":{"ports":[{"name":"http","port":80,"targetPort":80},{"name":"https","port":443,"targetPort":443}],"selector":{"k8s-app":"traefik-ingress-lb"},"type":"LoadBalancer"},"status":{"loadBalancer":{}}}'
  creationTimestamp: 2016-11-30T23:15:49Z
  labels:
    k8s-app: traefik-ingress-lb
  name: traefik
  namespace: kube-system
  resourceVersion: "9672"
  selfLink: /api/v1/namespaces/kube-system/services/traefik
  uid: ee07b957-b752-11e6-88fa-42010af00083
spec:
  clusterIP: 10.11.251.200
  ports:
  - name: http
    nodePort: 30297
    port: 80
    protocol: TCP
    targetPort: 80
  - name: https
    nodePort: 30247
    port: 443
    protocol: TCP
    targetPort: 443
  selector:
    k8s-app: traefik-ingress-lb
  sessionAffinity: None
  type: LoadBalancer
status:
  loadBalancer:
    ingress:
    - ip: # IP THAT IS ALLOCATED BY k8s BUT NOT ASSIGNED
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  annotations:
    deployment.kubernetes.io/revision: "1"
    kubectl.kubernetes.io/last-applied-configuration: '###'
creationTimestamp: 2016-11-30T22:59:07Z
  generation: 2
  labels:
    k8s-app: traefik-ingress-lb
  name: traefik-ingress-controller
  namespace: kube-system
  resourceVersion: "23438"
  selfLink: /apis/extensions/v1beta1/namespaces/kube-system/deployments/traefik-ingress-controller
  uid: 9919ff46-b750-11e6-88fa-42010af00083
spec:
  replicas: 1
  selector:
    matchLabels:
      k8s-app: traefik-ingress-lb
  strategy:
    rollingUpdate:
      maxSurge: 1
      maxUnavailable: 1
    type: RollingUpdate
  template:
    metadata:
      creationTimestamp: null
      labels:
        k8s-app: traefik-ingress-lb
        name: traefik-ingress-lb
        version: v1.1
    spec:
      containers:
      - args:
        - --web
        - --kubernetes
        - --configFile=/etc/config/traefik.toml
        - --logLevel=DEBUG
        image: gcr.io/myproject/traefik
        imagePullPolicy: Always
        name: traefik-ingress-lb
        ports:
        - containerPort: 80
          hostPort: 80
          protocol: TCP
        - containerPort: 8080
          protocol: TCP
        resources:
          limits:
            cpu: 200m
            memory: 30Mi
          requests:
            cpu: 100m
            memory: 20Mi
        terminationMessagePath: /dev/termination-log
        volumeMounts:
        - mountPath: /etc/config
          name: config-volume
        - mountPath: /etc/traefik
          name: traefik-volume
      dnsPolicy: ClusterFirst
      restartPolicy: Always
      securityContext: {}
      terminationGracePeriodSeconds: 60
      volumes:
      - configMap:
          defaultMode: 420
          name: traefik-config
        name: config-volume
      - emptyDir: {}
        name: traefik-volume
status:
  observedGeneration: 2
  replicas: 1
  unavailableReplicas: 1
  updatedReplicas: 1

My problem is that the external IP assigned by Kubernetes does not actually forward to Traefik; in fact, the IP assigned does not even show up in my Google Cloud Platform console. How do I get Traefik working with a load-balancer on Google Container Engine?

-- AniSkywalker
devops
google-kubernetes-engine
kubernetes

2 Answers

12/2/2016

If you do

kubectl describe svc/traefik

Do the endpoints match the IPs from:

kubectl get po -lk8s-app=traefik-ingress-lb -o wide

What happens when you do hit the LB IP? Does it load indefinitely, or do you get a different service?

-- ZoidbergWill
Source: StackOverflow

12/5/2016

There was a new fork of Traefik that supposedly fixes some kubernetes issues. However, I did further reading and talking about Traefik and uncovered some (recent) advisories of potential instability. While this is to be expected in new software, I decided to switch to NGINX to handle my reverse proxy. It's been working wonderfully, so I'm going to go ahead and close this question.

-- AniSkywalker
Source: StackOverflow