Installing Traefik 2 on K3s
As I’ve written about before, it’s very easy to setup a highly available Kubernetes cluster using K3s. By default, K3s comes with Traefik pre-packaged as an cluster ingress. However, at the time of writing, the default version of Traefik installed with K3s is 1.8.x while the latest available is Traefik 2. Traefik 2 has many new features compared to Traefik 1 and is definitely worth the upgrade.
Disabling the default Traefik installation
To install Traefik 2, we must disable the default Traefik installation when setting up K3s. This can be done with the --disable=traefik
flag.
The following command would install K3s with Traefik disabled.
curl -sfL https://get.k3s.io | sh -s - --disable=traefik
Installing Traefik 2
We’re going to be installing Traefik 2 using the Helm package manager. The next section will cover how to install Helm; you can skip it if you already have Helm installed.
Installing Helm
You can install Helm using the following instructions.
curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3
chmod 700 get_helm.sh
./get_helm.sh
I found that I was not able to use the installed helm
command without first setting the KUBECONFIG
environment variable.
export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
Installing Traefik using Helm
We can follow the instructions listed here for painless installation with default params.
helm repo add traefik https://helm.traefik.io/traefik
helm repo update
helm install traefik traefik/traefik
Verifying Installation
You can check whether Traefik pods are running using:
$ kubectl get pods --selector "app.kubernetes.io/name=traefik"
NAME READY STATUS RESTARTS AGE
traefik-77fdb5c487-5kqz9 1/1 Running 1 5m
You should also be able to see a Traefik LoadBalancer service:
$ kubectl get svc --selector "app.kubernetes.io/name=traefik"
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
traefik LoadBalancer 10.43.19.49 192.168.64.4 80:31907/TCP,443:32511/TCP 5m
Exposing the Traefik dashboard
Traefik comes with a decent dashboard that can be used to view configurations. By default, the dashboard is enabled in the helm chart. It can be exposed using the Ingress itself. Create a file called dashboard.yaml
with the following contents:
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: dashboard
spec:
entryPoints:
- web
routes:
- match: Host(`traefik.localhost`) && (PathPrefix(`/dashboard`) || PathPrefix(`/api`))
kind: Rule
services:
- name: api@internal
kind: TraefikService
Create the new ingress route using kubectl
.
kubectl apply -f dashboard.yaml
You should now be able to access your dashboard at http://traefik.localhost/dashboard/
. Note the trailing slash is required.
It will look something like this:
It’s very strongly recommended you don’t leave this dashboard exposed without authentication.