I am unable to get even the most basic examples of Ingress Resources working in K3S.
According to the documentation, a Traefik Ingress Controller is installed by default but it doesn't seem to handle/see any Ingress Resources I create. The response is always 404 or 500. It does however respond with the correct TLS certificate configured in my Ingress Resource definition (secretName: tls-secret).
- How can I view traefik logs?
- And increase verbosity?
- No IngressClass exists in the cluster. Is this a problem?
- How are Ingress Resources linked/assigned an Ingress Controller?
- Any general diagnosis tips would be appreciated
I can see a traefik deployment and shell into a pod which has a traefik binary but I can see no traefik configuration in /etc nor any logs in /var/logs.
Service
The following service is exposed and accessible via NodePort on https://myhost.com:30005/v2/_catalog:
apiVersion: v1
kind: Service
metadata:
name: registry-docker-registry
namespace: registry
labels:
app: docker-registry
chart: docker-registry-2.0.0
release: registry
heritage: Helm
spec:
type: NodePort
ports:
- port: 5000
protocol: TCP
name: https-5000
targetPort: 5000
nodePort: 30005
selector:
app: docker-registry
release: registry
Ingress
Here is my Ingress Resource.
- I don't see how this resource is "linked" to any controller
- I don't see how this resource specifies HTTPS anywhere
- The ingress (in K9S) shows ports 80 and 443 - I only want HTPPS 443
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: nginx-ingress
namespace: registry
annotations:
kubernetes.io/ingress.class: traefik
spec:
tls:
- hosts:
- myhost.com
secretName: tls-secret
rules:
- host: myhost.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: registry-docker-registry
port:
number: 5000
UPDATE: According to this the issue could be that traefik does not trust the certificate installed on my application (pod). Indeed it is a corporate CA signed certificate so I would have to tell traefik about the CA Root somehow.
