I'm facing a problem to configure an ingress for traefik.
The design is simple :
I want to be able to reach port 8888 and 8080 from the host via a CI/CD flow with argocd and a simple docker application, all the stuff embedded in a cluster created with k3d. I thought that the easiest way to do that is to execute something like this :
k3d cluster create -p 8888:8888@loadblancer -p 8080:80@loadbalancer
I installed everything I need (argocd cli, kubectl...) and defined for the application and argocd a "naive" ingress.
For argocd :
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: argocd-ingress
namespace: argocd
annotations:
ingress.kubernetes.io/ssl-redirect: "false"
spec:
rules:
- host: argocd.local
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: argocd-server
port:
number: 80
For the application :
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: wil-app-ingress
namespace: dev
annotations:
ingress.kubernetes.io/ssl-redirect: "false"
spec:
rules:
- host: localhost
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: wil-app-svc
port:
number: 8888
For argocd, it seems to work perfectly fine : I'm able to reach the ui, connect to it etc.
But for the app, I can do nothing.
Indeed, if I try to curl to localhost:8888 I have this response :
empty reply from server
When I'm trying to know how the ingresses are defined, I have this :
john@doe:~$ kubectl describe ing wil-app-ingress -n dev
Name: wil-app-ingress
Labels: <none>
Namespace: dev
Address: 172.18.0.2
Ingress Class: traefik
Default backend: <default>
Rules:
Host Path Backends
---- ---- --------
localhost
/ wil-app-svc:8888 (10.42.0.17:8888)
Annotations: ingress.kubernetes.io/ssl-redirect: false
Events: <none>
john@doe:~$ kubectl describe ing argocd-ingress -n argocd
Name: argocd-ingress
Labels: <none>
Namespace: argocd
Address: 172.18.0.2
Ingress Class: traefik
Default backend: <default>
Rules:
Host Path Backends
---- ---- --------
argocd.local
/ argocd-server:80 (10.42.0.16:8080)
Annotations: ingress.kubernetes.io/ssl-redirect: false
Events: <none>
Synthetically :
john@doe:~$ kubectl get ing --all-namespaces
NAMESPACE NAME CLASS HOSTS ADDRESS PORTS AGE
argocd argocd-ingress traefik argocd.local 172.18.0.2 80 16m
dev wil-app-ingress traefik localhost 172.18.0.2 80 14m
It seems that traefik point to port 80 for both ingress. If I delete the ingress for argocd, and I curl localhost:8080, I'm able to reach the app ! Like if traefik redirect all the trafic to the same port (here, 80 and 8080 on the host).
I'm a noob in kubernetes, I can't figure out why this happen. Sorry if I use the wrong term for such and such a notion, I'm a beginner and it's quite complicated.
Can someone explain me why I have this problem ? I think maybe it is related to traefik and its basic behaviour, but I was not able to find something clear about this. Thanks !
Well, there is a solution. It do not answer to my initial question (how to get the application on the host port 8888 via an ingress), but it makes possible to reach the app and argocd without troubles.
To do so, I exposed my service following this : https://k3d.io/v5.0.1/usage/exposing_services/#2-via-nodeport
It's really simple :
Then, we have to create a service of type nodePort :
Like so, we do not have to create an ingress for the application. k3d seems to expose the service directly from the port of the service of type nodePort. I think it's not a best pratice, but it works. Another solution is to use nginx as an ingress controller. It is worth because the way to configure nginx for such a project is straightforward.
The rest is unchanged, we can reach argocd ui, and reach the application.
If someone can answer why my previous way to achieve this task did not work, I will be glad of it.