I am trying to install Traefik as my router on EKS. If I do it normally like this, Traefik is installed and fronted by an ELB:
helm install traefik traefik/traefik
However, I want Traefik to be fronted by an ALB instead so I can have multiple SSL certs attached to it. I have followed the EKS workshop guide to install the aws-load-balancer-controller on my cluster. This has been successful as I could successfully launch the test game and get an ALB. I tried to install Traefik and get an ALB but I don't seem to be able to. Here is how I have tried:
helm install traefik traefik/traefik --values values.yaml --set="additionalArguments={--log.level=DEBUG}"
Here is the contents of my values.yaml with the ingress annotations:
raynard@Raynards-MacBook-Pro traefik % cat values.yaml
# Use ingressClass. Ignored if Traefik version < 2.3 / kubernetes < 1.18.x
ingressClass:
# true is not unit-testable yet, pending https://github.com/rancher/helm-unittest/pull/12
enabled: true
isDefaultClass: false
# Use to force a networking.k8s.io API Version for certain CI/CD applications. E.g. "v1beta1"
fallbackApiVersion: ""
# Create an IngressRoute for the dashboard
ingressRoute:
dashboard:
enabled: true
# Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class)
annotations:
kubernetes.io/ingress.class: alb
alb.ingress.kubernetes.io/scheme: internet-facing
alb.ingress.kubernetes.io/target-type: ip
# Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels)
labels: {}
When I check, no ingress has been created. However, a svc has been created. again with an ELB:
raynard@Raynards-MacBook-Pro traefik % kubectl get ingress
NAME CLASS HOSTS ADDRESS PORTS AGE
infinyprod <none> prod.infiny.cloud,cloudlx.epsilontel.com,k83.infiny.cloud + 7 more... 80 69d
raynard@Raynards-MacBook-Pro traefik % kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 172.20.0.1 <none> 443/TCP 150d
my-release-redis-headless ClusterIP None <none> 6379/TCP 12d
my-release-redis-master ClusterIP 172.20.122.33 <none> 6379/TCP 12d
my-release-redis-replicas ClusterIP 172.20.202.106 <none> 6379/TCP 12d
traefik LoadBalancer 172.20.240.72 a67bbaa57465c438ab0bce03933682e8-1307117939.eu-west-1.elb.amazonaws.com 80:31899/TCP,443:31306/TCP 8m14s
Any idea where I am going wrong?
Looks like you might want to try making the traefik service installed as a NodePort as opposed to the default (LoadBalancer in this case). After that you can then use an ingress pointing to that service.
In your values.yaml file, add:
service:
annotations: {}
type: NodePort
Then make an ingress.yml with the following:
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: traefik
name: traefik-ingress
annotations:
kubernetes.io/ingress.class: alb
alb.ingress.kubernetes.io/scheme: internet-facing
spec:
rules:
- http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: traefik
port:
number: 80