6

*Cross-posted to k3d github discussions, to a thread in Rancher forums, and to traefik's community discussion board

Tutorials from 2020 refer to editing the traefik configmap. Where did it go?

The traefik installation instructions refer to a couple of ways to expose the dashboard:

  1. This works, but isn't persistent: Using a 1-time command kubectl -n kube-system port-forward $(kubectl -n kube-system get pods --selector "app.kubernetes.io/name=traefik" --output=name) 9000:9000

  2. I cannot get this to work: Creating an "IngressRoute" yaml file and applying it to the cluster. This might be due to the Klipper LB and/or my ignorance.

No configmap in use by traefik deployment

For a 2-server, 2-agent cluster... kubectl -n kube-system describe deploy traefik does not show any configmap:

  Volumes:
   data:
    Type:       EmptyDir (a temporary directory that shares a pod's lifetime)
    Medium:     
    SizeLimit:  <unset>
   tmp:
    Type:               EmptyDir (a temporary directory that shares a pod's lifetime)
    Medium:             
    SizeLimit:          <unset>
  Priority Class Name:  system-cluster-critical

No "traefik" configmap

And, kubectl get -n kube-system cm shows:

NAME                                 DATA   AGE
chart-content-traefik                0      28m
chart-content-traefik-crd            0      28m
chart-values-traefik                 1      28m
chart-values-traefik-crd             0      28m
cluster-dns                          2      28m
coredns                              2      28m
extension-apiserver-authentication   6      28m
k3s                                  0      28m
k3s-etcd-snapshots                   0      28m
kube-root-ca.crt                     1      27m
local-path-config                    4      28m

No configmap in use by traefik pods

Describing the pod doesn't turn up anything either. kubectl -n kube-system describe pod traefik-.... results in no configmap too.

Traefik ports in use, but not responding

However, I did see arguments to the traefik pod with ports in use:

      --entryPoints.traefik.address=:9000/tcp
      --entryPoints.web.address=:8000/tcp
      --entryPoints.websecure.address=:8443/tcp

However, these ports are not exposed. So, I tried port-forward with kubectl port-forward pods/traefik-97b44b794-r9srz 9000:9000 8000:8000 8443:8443 -n kube-system --address 0.0.0.0, but when I curl -v localhost:9000 (or 8000 or 8443) and curl -v localhost:9000/dashboard, I get "404 Not Found".

After getting a terminal to traefik, I discovered the local ports that are open, but it seems nothing is responding:

/ $ netstat -lntu
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       
tcp        0      0 :::8443                 :::*                    LISTEN      
tcp        0      0 :::8000                 :::*                    LISTEN      
tcp        0      0 :::9000                 :::*                    LISTEN      
/ $ wget localhost:9000
Connecting to localhost:9000 ([::1]:9000)
wget: server returned error: HTTP/1.1 404 Not Found
/ $ wget localhost:8000
Connecting to localhost:8000 ([::1]:8000)
wget: server returned error: HTTP/1.1 404 Not Found
/ $ wget localhost:8443
Connecting to localhost:8443 ([::1]:8443)
wget: server returned error: HTTP/1.1 404 Not Found

Versions

k3d version v4.4.7
k3s version v1.21.2-k3s1 (default)
Eric Swanson
  • 820
  • 1
  • 9
  • 19
  • I think you need to do `kubectl describe` on the pod – P.... Jul 28 '21 at 18:20
  • Thanks @P.... I've updated the question with findings there. I see potential ports. Maybe I just need to figure out how to expose them... – Eric Swanson Jul 28 '21 at 18:36
  • Hello, I got thesame issue I thought it's not working but it turns out that I need to append `/dashboard/` in the URL. Try to check on `http://localhost:9000/dashboard/#/http/routers` if the newly applied ingress route from `dashboard.yml` is reflected. If it is, then you only need to access `http:///dashboard/` – Jessie Baltazar Aug 03 '21 at 11:40

3 Answers3

15

I found a solution and hopefully someone find a better one soon

  1. you need to control your k3s cluster from your pc and not to ssh into master node, so add /etc/rancher/k3s/k3s.yaml into your local ~/.kube/config (in order to port forward in last step into your pc)
  2. now get your pod name as follows:

kubectl get pod -n kube-system

and seach for traefik-something-somethingElse mine was traefik-97b44b794-bsvjn

  1. now this part is needed from your local pc

kubectl port-forward traefik-97b44b794-bsvjn -n kube-system 9000:9000

  1. get http://localhost:9000/dashboard/ in your favorite browser and don't forget the second slash
  2. enjoy the dashboard

please note you have to enable the dashboard first in /var/lib/rancher/k3s/server/manifests/traefik.yaml by adding

dashboard:
  enabled: true
Nur Rony
  • 7,823
  • 7
  • 38
  • 45
Jakub
  • 245
  • 2
  • 6
  • 8
    can you please bold step 4 with focus on `don't forget the last (/) slash` because I waste like half an hour since I didn't saw that from the begging. Thanks – ricristian Sep 26 '21 at 20:58
  • Are you sure `dashboard` is a top level element? According to [values.yaml](https://github.com/traefik/traefik-helm-chart/blob/v9.18.2/traefik/values.yaml#L68-L88) it is a child of `pilot` or `ingressRoute`... – Marc Jan 21 '22 at 14:41
  • @Marc It actually is a top level element. Baffling I know. – Ringil Jan 28 '22 at 14:24
  • It could be done in oneline like `kubectl port-forward $(kubectl get pod -n kube-system -l app.kubernetes.io/name=traefik -o NAME) -n kube-system 9000:9000` – mpromonet Oct 24 '22 at 19:30
10

Jakub's answer is pretty good. But one thing that is unfortunate about it is that if k3s restarts, the configs get reset. According to the k3s docs, if you create a custom file called /var/lib/rancher/k3s/server/manifests/traefik-config.yaml, k3s' traefik will automatically update with this new config and use its values. Here is what I have:

apiVersion: helm.cattle.io/v1
kind: HelmChartConfig
metadata:
  name: traefik
  namespace: kube-system
spec:
  valuesContent: |-
    dashboard:
      enabled: true
    ports:
      traefik:
        expose: true # this is not recommended in production deployments, but I want to be able to see my dashboard locally
    logs:
      access:
        enabled: true

With this setup, you can skip the port-forwarding and just go to http://localhost:9000/dashboard/ directly!

Ringil
  • 6,277
  • 2
  • 23
  • 37
  • Tested and it works and it's persistent. You can also access the dashboard using `http://traefik.localhost/dashboard` Thank you. – Roberto Feb 09 '22 at 16:51
  • Is this for k3s or k3d? Where would I create that file for k3d? – Alex Dresko Apr 18 '22 at 02:31
  • It's for k3s. I've never tried k3d, so all I can say is best of luck there. – Ringil Apr 18 '22 at 11:35
  • 2
    @AlexDresko I'm also using k3d and was searching about the same thing. Since in our case k3s is running in a container we need to populate that file in the container. An easy way is to simply do a `docker exec -it k3d-dash-server-0 sh` (whatever your k3s container is named) and using `vi` you create that file. Then you can `stop` and re`start` the cluster (not delete - otherwise that change will be lost). I think it should be a way to set that file as a volume but did not dig into that yet. Hope this helps. – AkaiBukai Jun 07 '22 at 13:58
1

for the current latest version of k3s (1.21.4):

  1. according to traefik's installation guide (https://doc.traefik.io/traefik/getting-started/install-traefik/#exposing-the-traefik-dashboard), create dashboard.yaml with the proper CRD content, and run kubectl apply -f dashboard.yaml

  2. create DNS record or modify host file of the hostname - ip mapping for you set up in last step

Windom Wu
  • 11
  • 3