Configuring a new ingress-controller with Traefik using helm chart and creating secrets.
Kubernetes version: 1.9.3
Helm version: 2.9
Traefik chart version: 1.5
Traefik version: 1.7.2
I am deploying Traefik through official helm chart, but always I have the same problem in the logs "Error configuring TLS for ingress default/traefik-testing-tls: secret default/traefik-tls does not exist"
I have the secret properly created and configured in the same namespace and also checked the clusterrole and clusterrolebinds are ok and allows the access to secrets
I tried to change the defaultCert
and defaultKey
but not sure about this.
data:
traefik.toml: |
# traefik.toml
logLevel = "INFO"
defaultEntryPoints = ["http", "https", "httpn"]
[entryPoints]
[entryPoints.http]
address = ":80"
compress = true
[entryPoints.https]
address = ":443"
compress = true
[entryPoints.httpn]
address = ":8880"
compress = true
[kubernetes]
namespaces = ["default", "kube-system"]
[traefikLog]
format = "json"
[accessLog]
format = "common"
[accessLog.fields]
defaultMode = "keep"
[accessLog.fields.names]
[accessLog.fields.headers]
defaultMode = "keep"
[accessLog.fields.headers.names]
After several checks, rbacs, namespaces, etc. a member from Traefik told us that the k8s objects are loaded asynchronously (so the ingress may be loaded before the secret) this is the reason because it gives a problem at start of the Traefik.
Looks like you are missing the traefik-tls
secret, for your traefik-testing-tls
ingress, that probably holds your TLS certificates. You can follow this.
Instead of:
kubectl -n kube-system create secret tls traefik-ui-tls-cert --key=tls.key --cert=tls.crt
You can use:
kubectl -n kube-system create secret tls traefik-tls --key=tls.key --cert=tls.crt