Traefik Kubernetes: Expose non Kubernetes service

9/16/2018

I'm using Kubernetes with Traefik as Ingress Controller. I've some web services within my network that can't be containerized yet. Therefore I'm looking for a way to expose my non-Kubernetes web services through the Traefik Ingress. I've no more public IP's, so splitting both environments is not an option.

I've made an endpoint + service to solve this issue, but when I try to connect I get an SSL Protocol Error. Am I doing something wrong or does someone have another solution?

These are my (test)endpoints and service yaml:

kind: Endpoints
apiVersion: v1
metadata:
  name: my-service
subsets:
  - addresses:
      - ip: 10.4.0.6
    ports:
      - port: 443
---
kind: Service
apiVersion: v1
metadata:
  name: my-service
spec:
  ports:
  - protocol: TCP
    port: 443
    name: https
    targetPort: 443
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: test-ingress
  annotations:
    kubernetes.io/ingress.class: traefik
spec:
  rules:
  - host: host.com
    http:
      paths:
      - path: /*
        backend:
          serviceName: my-service
          servicePort: 443
-- Ferron Nijland
kubernetes
traefik

3 Answers

9/17/2018

There we're multiple issue regarding this problem. First of all I deployed Traefik with helm. I found out that SSL is disabled by default...

my values.yaml is as follows:

imageTag: 1.6.6
rbac:
  enabled: true
dashboard:
  enabled: true
  domain: traefik.dahsboard.local
ssl:
  enabled: true
  insecureSkipVerify: true
  upstream: true

Like Radek mentioned the port definition of the endpoints and service have to be the same.

mine are:

kind: Service
apiVersion: v1
metadata:
  name: my-service
spec:
  ports:
  - protocol: TCP
    port: 443
    targetPort: 443
    name: https
---
kind: Endpoints
apiVersion: v1
metadata:
  name: my-service
subsets:
  - addresses:
    - ip: 10.4.0.6
    ports:
    - protocol: TCP
      port: 443
      name: https
-- Ferron Nijland
Source: StackOverflow

5/29/2019

You could try this: Creating a K8s service of type ExternalName that binds to your external web service and add an Ingress as you would to with a "native" K8s service.

ExternalName Service --> https://kubernetes.io/docs/concepts/services-networking/service/#externalname

Exp.

apiVersion: v1
kind: Service 
metadata:
  name: my-service
  namespace: prod
spec:
  type: ExternalName
  externalName: my.database.example.com
-- RemoH
Source: StackOverflow

9/16/2018

For starters, I bet that when you kubectl describe svc my-service you have empty endpoints, even though endpoints do exist, right ?

To fix that, you need to adapt your endpoints ports key to have the same ports definition as your service has (name, protocol etc.). You should then see these endpoints in describe service results and be able to use it normally.

-- Radek 'Goblin' Pieczonka
Source: StackOverflow