I have a new traefik, metallb install and I'm struggling to access the traefik dashboard. I believe I have the correct ingress routes and I'm trying to access via a local ip:8000/dashboard but it seems to be just hanging. See below the helm for the ingress route and the service. Going to any other route on the same IP returns a 404, which I would expect.
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
annotations:
meta.helm.sh/release-name: traefik
meta.helm.sh/release-namespace: default
creationTimestamp: '2024-01-27T18:36:44Z'
generation: 1
labels:
app.kubernetes.io/instance: traefik-default
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: traefik
helm.sh/chart: traefik-26.0.0
managedFields:
- apiVersion: traefik.io/v1alpha1
fieldsType: FieldsV1
fieldsV1:
f:metadata:
f:annotations:
.: {}
f:meta.helm.sh/release-name: {}
f:meta.helm.sh/release-namespace: {}
f:labels:
.: {}
f:app.kubernetes.io/instance: {}
f:app.kubernetes.io/managed-by: {}
f:app.kubernetes.io/name: {}
f:helm.sh/chart: {}
f:spec:
.: {}
f:entryPoints: {}
f:routes: {}
manager: helm
operation: Update
time: '2024-01-27T18:36:44Z'
name: traefik-dashboard
namespace: default
resourceVersion: '629725'
uid: 7634801b-dcaf-4052-9149-6800f0ec192c
spec:
entryPoints:
- traefik
routes:
- kind: Rule
match: PathPrefix(`/dashboard`) || PathPrefix(`/api`)
services:
- kind: TraefikService
name: api@internal
apiVersion: v1
kind: Pod
metadata:
name: traefik-6f79c9bff5-ckfpn
annotations:
cni.projectcalico.org/containerID: da09e3dc01d0de9fdc06517dd29effe963d41ba5413f97dc12e83c51a3e418b1
cni.projectcalico.org/podIP: 10.42.1.75/32
cni.projectcalico.org/podIPs: 10.42.1.75/32
prometheus.io/path: /metrics
prometheus.io/port: '9100'
prometheus.io/scrape: 'true'
# key: string
creationTimestamp: '2024-01-27T18:26:16Z'
generateName: traefik-6f79c9bff5-
labels:
app.kubernetes.io/instance: traefik-traefik
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: traefik
helm.sh/chart: traefik-26.0.0
pod-template-hash: 6f79c9bff5
# key: string
namespace: traefik
ownerReferences:
- apiVersion: apps/v1
blockOwnerDeletion: true
controller: true
kind: ReplicaSet
name: traefik-6f79c9bff5
uid: 18af1103-198a-4e58-8960-61f0967fde3d
# - apiVersion: string
# blockOwnerDeletion: boolean
# controller: boolean
# kind: string
# name: string
# uid: string
resourceVersion: '625722'
uid: a07d7f2b-145c-44bd-9db7-fbeb68ff826c
fields:
- traefik-6f79c9bff5-ckfpn
- 1/1
- Running
- '0'
- 3s
- 10.42.1.75
- k8s-worker
- <none>
- <none>
spec:
containers:
- args:
- '--global.checknewversion'
- '--global.sendanonymoususage'
- '--entrypoints.metrics.address=:9100/tcp'
- '--entrypoints.traefik.address=:9000/tcp'
- '--entrypoints.web.address=:8000/tcp'
- '--entrypoints.websecure.address=:8443/tcp'
- '--api.dashboard=true'
- '--ping=true'
- '--metrics.prometheus=true'
- '--metrics.prometheus.entrypoint=metrics'
- '--providers.kubernetescrd'
- '--providers.kubernetesingress'
- '--api.insecure=true'
env:
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
image: docker.io/traefik:v2.10.6
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 3
httpGet:
path: /ping
port: 9000
scheme: HTTP
initialDelaySeconds: 2
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 2
name: traefik
ports:
- containerPort: 9100
name: metrics
protocol: TCP
- containerPort: 9000
name: traefik
protocol: TCP
- containerPort: 8000
name: web
protocol: TCP
- containerPort: 8443
name: websecure
protocol: TCP
readinessProbe:
failureThreshold: 1
httpGet:
path: /ping
port: 9000
scheme: HTTP
initialDelaySeconds: 2
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 2
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /data
name: data
- mountPath: /tmp
name: tmp
- mountPath: /var/run/secrets/kubernetes.io/serviceaccount
name: kube-api-access-kx97z
readOnly: true
_init: false
__active: true
resources: {}
volumes:
- name: data
emptyDir: {}
- name: tmp
emptyDir: {}
- name: kube-api-access-kx97z
projected:
defaultMode: 420
sources:
- serviceAccountToken:
expirationSeconds: 3607
path: token
- configMap:
items:
- key: ca.crt
path: ca.crt
name: kube-root-ca.crt
- downwardAPI:
items:
- fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
path: namespace
# - awsElasticBlockStore:
# fsType: string
# partition: int
# readOnly: boolean
# volumeID: string
# azureDisk:
# cachingMode: string
# diskName: string
# diskURI: string
# fsType: string
# kind: string
# readOnly: boolean
# azureFile:
# readOnly: boolean
# secretName: string
# shareName: string
# cephfs:
# monitors:
# - string
# path: string
# readOnly: boolean
# secretFile: string
# secretRef:
# name: string
# user: string
# cinder:
# fsType: string
# readOnly: boolean
# secretRef:
# name: string
# volumeID: string
# configMap:
# defaultMode: int
# items:
# - key: string
# mode: int
# path: string
# name: string
# optional: boolean
# csi:
# driver: string
# fsType: string
# nodePublishSecretRef:
# name: string
# readOnly: boolean
# volumeAttributes: key: string
# downwardAPI:
# defaultMode: int
# items:
# - fieldRef:
# apiVersion: string
# fieldPath: string
# mode: int
# path: string
# resourceFieldRef:
# containerName: string
# divisor: string
# resource: string
# emptyDir:
# medium: string
# sizeLimit: string
# ephemeral:
# volumeClaimTemplate:
# metadata:
# annotations: key: string
# creationTimestamp: string
# deletionGracePeriodSeconds: int
# deletionTimestamp: string
# finalizers:
# - string
# generateName: string
# generation: int
# labels: key: string
# managedFields:
# - apiVersion: string
# fieldsType: string
# fieldsV1: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1
# manager: string
# operation: string
# subresource: string
# time: string
# name: string
# namespace: string
# ownerReferences:
# - apiVersion: string
# blockOwnerDeletion: boolean
# controller: boolean
# kind: string
# name: string
# uid: string
# resourceVersion: string
# selfLink: string
# uid: string
# spec:
# accessModes:
# - string
# dataSource:
# apiGroup: string
# kind: string
# name: string
# dataSourceRef:
# apiGroup: string
# kind: string
# name: string
# namespace: string
# resources:
# claims:
# - name: string
# limits: key: string
# requests: key: string
# selector:
# matchExpressions:
# - key: string
# operator: string
# values:
# - string
# matchLabels: key: string
# storageClassName: string
# volumeMode: string
# volumeName: string
# fc:
# fsType: string
# lun: int
# readOnly: boolean
# targetWWNs:
# - string
# wwids:
# - string
# flexVolume:
# driver: string
# fsType: string
# options: key: string
# readOnly: boolean
# secretRef:
# name: string
# flocker:
# datasetName: string
# datasetUUID: string
# gcePersistentDisk:
# fsType: string
# partition: int
# pdName: string
# readOnly: boolean
# gitRepo:
# directory: string
# repository: string
# revision: string
# glusterfs:
# endpoints: string
# path: string
# readOnly: boolean
# hostPath:
# type: string
# path: string
# iscsi:
# chapAuthDiscovery: boolean
# chapAuthSession: boolean
# fsType: string
# initiatorName: string
# iqn: string
# iscsiInterface: string
# lun: int
# portals:
# - string
# readOnly: boolean
# secretRef:
# name: string
# targetPortal: string
# name: string
# nfs:
# path: string
# readOnly: boolean
# server: string
# persistentVolumeClaim:
# claimName: string
# readOnly: boolean
# photonPersistentDisk:
# fsType: string
# pdID: string
# portworxVolume:
# fsType: string
# readOnly: boolean
# volumeID: string
# projected:
# defaultMode: int
# sources:
# - configMap:
# items:
# - key: string
# mode: int
# path: string
# name: string
# optional: boolean
# downwardAPI:
# items:
# - fieldRef:
# apiVersion: string
# fieldPath: string
# mode: int
# path: string
# resourceFieldRef:
# containerName: string
# divisor: string
# resource: string
# secret:
# items:
# - key: string
# mode: int
# path: string
# name: string
# optional: boolean
# serviceAccountToken:
# audience: string
# expirationSeconds: int
# path: string
# quobyte:
# group: string
# readOnly: boolean
# registry: string
# tenant: string
# user: string
# volume: string
# rbd:
# fsType: string
# image: string
# keyring: string
# monitors:
# - string
# pool: string
# readOnly: boolean
# secretRef:
# name: string
# user: string
# scaleIO:
# fsType: string
# gateway: string
# protectionDomain: string
# readOnly: boolean
# secretRef:
# name: string
# sslEnabled: boolean
# storageMode: string
# storagePool: string
# system: string
# volumeName: string
# secret:
# defaultMode: int
# items:
# - key: string
# mode: int
# path: string
# optional: boolean
# secretName: string
# storageos:
# fsType: string
# readOnly: boolean
# secretRef:
# name: string
# volumeName: string
# volumeNamespace: string
# vsphereVolume:
# fsType: string
# storagePolicyID: string
# storagePolicyName: string
# volumePath: string
template:
spec:
containers:
- &ref_0
args:
- '--global.checknewversion'
- '--global.sendanonymoususage'
- '--entrypoints.metrics.address=:9100/tcp'
- '--entrypoints.traefik.address=:9000/tcp'
- '--entrypoints.web.address=:8000/tcp'
- '--entrypoints.websecure.address=:8443/tcp'
- '--api.dashboard=true'
- '--ping=true'
- '--metrics.prometheus=true'
- '--metrics.prometheus.entrypoint=metrics'
- '--providers.kubernetescrd'
- '--providers.kubernetesingress'
- '--api.insecure=true'
env:
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
image: docker.io/traefik:v2.10.6
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 3
httpGet:
path: /ping
port: 9000
scheme: HTTP
initialDelaySeconds: 2
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 2
name: traefik
ports:
- containerPort: 9100
name: metrics
protocol: TCP
- containerPort: 9000
name: traefik
protocol: TCP
- containerPort: 8000
name: web
protocol: TCP
- containerPort: 8443
name: websecure
protocol: TCP
readinessProbe:
failureThreshold: 1
httpGet:
path: /ping
port: 9000
scheme: HTTP
initialDelaySeconds: 2
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 2
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /data
name: data
- mountPath: /tmp
name: tmp
- mountPath: /var/run/secrets/kubernetes.io/serviceaccount
name: kube-api-access-kx97z
readOnly: true
_init: false
__active: true
resources: {}
dnsPolicy: ClusterFirst
enableServiceLinks: true
nodeName: k8s-worker
preemptionPolicy: PreemptLowerPriority
priority: 0
restartPolicy: Always
schedulerName: default-scheduler
securityContext: &ref_1
fsGroupChangePolicy: OnRootMismatch
runAsGroup: 65532
runAsNonRoot: true
runAsUser: 65532
serviceAccount: traefik
serviceAccountName: traefik
terminationGracePeriodSeconds: 60
tolerations:
- &ref_2
effect: NoExecute
key: node.kubernetes.io/not-ready
operator: Exists
tolerationSeconds: 300
- &ref_3
effect: NoExecute
key: node.kubernetes.io/unreachable
operator: Exists
tolerationSeconds: 300
volumes:
- &ref_4
name: data
emptyDir: {}
- &ref_5
name: tmp
emptyDir: {}
- &ref_6
name: kube-api-access-kx97z
projected:
defaultMode: 420
sources:
- serviceAccountToken:
expirationSeconds: 3607
path: token
- configMap:
items:
- key: ca.crt
path: ca.crt
name: kube-root-ca.crt
- downwardAPI:
items:
- fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
path: namespace
template:
spec:
containers:
- *ref_0
dnsPolicy: ClusterFirst
enableServiceLinks: true
nodeName: k8s-worker
preemptionPolicy: PreemptLowerPriority
priority: 0
restartPolicy: Always
schedulerName: default-scheduler
securityContext: *ref_1
serviceAccount: traefik
serviceAccountName: traefik
terminationGracePeriodSeconds: 60
tolerations:
- *ref_2
- *ref_3
volumes:
- *ref_4
- *ref_5
- *ref_6
metadata:
annotations: &ref_7
cni.projectcalico.org/containerID: da09e3dc01d0de9fdc06517dd29effe963d41ba5413f97dc12e83c51a3e418b1
cni.projectcalico.org/podIP: 10.42.1.75/32
cni.projectcalico.org/podIPs: 10.42.1.75/32
prometheus.io/path: /metrics
prometheus.io/port: '9100'
prometheus.io/scrape: 'true'
creationTimestamp: '2024-01-27T18:26:16Z'
fields:
- traefik-6f79c9bff5-ckfpn
- 1/1
- Running
- '0'
- 3s
- 10.42.1.75
- k8s-worker
- <none>
- <none>
generateName: traefik-6f79c9bff5-
labels: &ref_8
app.kubernetes.io/instance: traefik-traefik
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: traefik
helm.sh/chart: traefik-26.0.0
pod-template-hash: 6f79c9bff5
managedFields:
- &ref_9
apiVersion: v1
fieldsType: FieldsV1
fieldsV1:
f:metadata:
f:annotations:
f:cni.projectcalico.org/containerID: {}
f:cni.projectcalico.org/podIP: {}
f:cni.projectcalico.org/podIPs: {}
manager: calico
operation: Update
subresource: status
time: '2024-01-27T18:26:16Z'
- &ref_10
apiVersion: v1
fieldsType: FieldsV1
fieldsV1:
f:metadata:
f:annotations:
.: {}
f:prometheus.io/path: {}
f:prometheus.io/port: {}
f:prometheus.io/scrape: {}
f:labels:
.: {}
f:app.kubernetes.io/instance: {}
f:app.kubernetes.io/managed-by: {}
f:app.kubernetes.io/name: {}
f:helm.sh/chart: {}
f:pod-template-hash: {}
f:ownerReferences:
.: {}
k:{"uid":"18af1103-198a-4e58-8960-61f0967fde3d"}: {}
f:generateName: {}
f:spec:
f:containers:
k:{"name":"traefik"}:
f:env:
k:{"name":"POD_NAME"}:
f:valueFrom:
.: {}
f:fieldRef: {}
.: {}
f:name: {}
k:{"name":"POD_NAMESPACE"}:
f:valueFrom:
.: {}
f:fieldRef: {}
.: {}
f:name: {}
.: {}
f:livenessProbe:
f:httpGet:
.: {}
f:path: {}
f:port: {}
f:scheme: {}
.: {}
f:failureThreshold: {}
f:initialDelaySeconds: {}
f:periodSeconds: {}
f:successThreshold: {}
f:timeoutSeconds: {}
f:ports:
k:{"containerPort":8000,"protocol":"TCP"}:
.: {}
f:containerPort: {}
f:name: {}
f:protocol: {}
k:{"containerPort":8443,"protocol":"TCP"}:
.: {}
f:containerPort: {}
f:name: {}
f:protocol: {}
k:{"containerPort":9000,"protocol":"TCP"}:
.: {}
f:containerPort: {}
f:name: {}
f:protocol: {}
k:{"containerPort":9100,"protocol":"TCP"}:
.: {}
f:containerPort: {}
f:name: {}
f:protocol: {}
.: {}
f:readinessProbe:
f:httpGet:
.: {}
f:path: {}
f:port: {}
f:scheme: {}
.: {}
f:failureThreshold: {}
f:initialDelaySeconds: {}
f:periodSeconds: {}
f:successThreshold: {}
f:timeoutSeconds: {}
f:securityContext:
f:capabilities:
.: {}
f:drop: {}
.: {}
f:allowPrivilegeEscalation: {}
f:readOnlyRootFilesystem: {}
f:volumeMounts:
k:{"mountPath":"/data"}:
.: {}
f:mountPath: {}
f:name: {}
k:{"mountPath":"/tmp"}:
.: {}
f:mountPath: {}
f:name: {}
.: {}
.: {}
f:args: {}
f:image: {}
f:imagePullPolicy: {}
f:name: {}
f:resources: {}
f:terminationMessagePath: {}
f:terminationMessagePolicy: {}
f:securityContext:
.: {}
f:fsGroupChangePolicy: {}
f:runAsGroup: {}
f:runAsNonRoot: {}
f:runAsUser: {}
f:volumes:
k:{"name":"data"}:
.: {}
f:emptyDir: {}
f:name: {}
k:{"name":"tmp"}:
.: {}
f:emptyDir: {}
f:name: {}
.: {}
f:dnsPolicy: {}
f:enableServiceLinks: {}
f:restartPolicy: {}
f:schedulerName: {}
f:serviceAccount: {}
f:serviceAccountName: {}
f:terminationGracePeriodSeconds: {}
manager: kube-controller-manager
operation: Update
time: '2024-01-27T18:26:16Z'
- &ref_11
apiVersion: v1
fieldsType: FieldsV1
fieldsV1:
f:status:
f:conditions:
k:{"type":"ContainersReady"}:
.: {}
f:lastProbeTime: {}
f:lastTransitionTime: {}
f:status: {}
f:type: {}
k:{"type":"Initialized"}:
.: {}
f:lastProbeTime: {}
f:lastTransitionTime: {}
f:status: {}
f:type: {}
k:{"type":"Ready"}:
.: {}
f:lastProbeTime: {}
f:lastTransitionTime: {}
f:status: {}
f:type: {}
f:podIPs:
k:{"ip":"10.42.1.75"}:
.: {}
f:ip: {}
.: {}
f:containerStatuses: {}
f:hostIP: {}
f:phase: {}
f:podIP: {}
f:startTime: {}
manager: kubelet
operation: Update
subresource: status
time: '2024-01-27T18:26:19Z'
name: traefik-6f79c9bff5-ckfpn
namespace: traefik
ownerReferences:
- &ref_12
apiVersion: apps/v1
blockOwnerDeletion: true
controller: true
kind: ReplicaSet
name: traefik-6f79c9bff5
uid: 18af1103-198a-4e58-8960-61f0967fde3d
relationships:
- &ref_13
toId: traefik/traefik
toType: serviceaccount
rel: uses
state: active
message: Resource is current
- &ref_14
toId: traefik/kube-root-ca.crt
toType: configmap
rel: uses
state: active
message: Resource is always ready
- &ref_15
fromId: traefik/traefik-6f79c9bff5
fromType: apps.replicaset
rel: owner
state: in-progress
message: 'Available: 0/1'
transitioning: true
resourceVersion: '625722'
state: &ref_16
error: false
message: ''
name: running
transitioning: false
uid: a07d7f2b-145c-44bd-9db7-fbeb68ff826c
metadata:
annotations: *ref_7
creationTimestamp: '2024-01-27T18:26:16Z'
fields:
- traefik-6f79c9bff5-ckfpn
- 1/1
- Running
- '0'
- 3s
- 10.42.1.75
- k8s-worker
- <none>
- <none>
generateName: traefik-6f79c9bff5-
labels: *ref_8
managedFields:
- *ref_9
- *ref_10
- *ref_11
name: traefik-6f79c9bff5-ckfpn
namespace: traefik
ownerReferences:
- *ref_12
relationships:
- *ref_13
- *ref_14
- *ref_15
resourceVersion: '625722'
state: *ref_16
uid: a07d7f2b-145c-44bd-9db7-fbeb68ff826c
__clone: true