Traefik Ingress not opening port

Question

I am setting up the development environment for a application we sell.

Since we use this environment for active development, it is necessary to build it more or less like the given environment at the customer. Customer uses Kubernetes and traefik. So we also do in the Dev.

Fortunately, we got the original YAML Files for the customer environment, so we could just use them with little modifications.

After we set up the Ingress and Traefik Ingress Controller, i assume that kubernetes will open the given port on the System, so the application could be reached from outside. But it doesn't, nothing is listening on the port 443 and 80.

I double checked the configuration (since we have access to the customer cluster, I can compare their env and our env) - but everything looks exactly the same, despite the IP-Adresses and the name of the namespace.

In the logs of the traefik controller pod I cannot see anything wrong here. Only I see some TLS certificate errors. Sometimes with my tests, I saw a permission denied for "bind" when opening port 80, but not currently.

I (and the customer) defined the traefik toml file as Configuration Map and added it as volume on /opt/conf/traefik.toml to the pod. This path is given as parameter to the pod, and according to the log, it uses the file.

The server, on which kubernetes is running, is a Ubuntu Server 18.04 Hyper-V machine on a Windows Server 2016 host. Kubernetes was deployed using apt-get (not snap) and the cluster was set up with kubeadm.

Here is the Cluster config:

root@srv-app-003:~# kubeadm config view
apiServer:
  extraArgs:
    authorization-mode: Node,RBAC
  timeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io/v1beta1
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controlPlaneEndpoint: ""
controllerManager: {}
dns:
  type: CoreDNS
etcd:
  local:
    dataDir: /var/lib/etcd
imageRepository: k8s.gcr.io
kind: ClusterConfiguration
kubernetesVersion: v1.14.1
networking:
  dnsDomain: cluster.local
  podSubnet: 192.168.0.0/16
  serviceSubnet: 10.96.0.0/12
scheduler: {}

Here is the node configuration:

root@srv-app-003:~# kubectl get nodes -o wide
NAME          STATUS   ROLES    AGE   VERSION   INTERNAL-IP     EXTERNAL-IP   OS-IMAGE             KERNEL-VERSION      CONTAINER-RUNTIME
srv-app-003   Ready    master   12d   v1.14.1   192.168.6.203   <none>        Ubuntu 18.04.2 LTS   4.15.0-48-generic   docker://18.9.2

The deployment has 4 Pods which are all running without problems (also, I can locally curl the website directly from the pods).

I placed some of the important yaml files here: https://gitlab.com/group15/my-awesome-project

Tell me if you need more (service accounts, roles(binding) etc...)

The main goal is a running dev environment and it being reachable via HTTP(s) inside the 192.168.6.0 Network. I did not get it running yet. Please help me, am I doing something wrong?

Answer 1

Seems to me the problem comes from your ports definitions. In the deployement you provide, only 8080 and 9443 are defined. Plus, they are not mapped to the host port.

I'd suggest you to deploy Traefik via its helm chart . It's a godd way to ensure robust and easy deployment for complex kubernetes apps.

If you look in this chart you'll see here that ports are defined as both "port" AND "hostPort". Here an example, what is generated by helm for nginx controller (its really close to what traefik needs) :

      name: ingress-nginx-controller
      ports:
      - containerPort: 80
        hostPort: 80
        name: http
        protocol: TCP
      - containerPort: 443
        hostPort: 443
        name: https
        protocol: TCP