Kubernetes Traefik

Shardul | Apr 2, 2025 min read
Kubernetes Traefik

Steps to install and configure Traefik as an Ingress for Kubernetes Cluster:

  1. Traefik Installation on K8s Cluster:

Use helm to install traefik:

 helm repo add traefik https://traefik.github.io/charts
 helm repo update
 helm install traefik traefik/traefik --namespace traefik --create-namespace

Verify pods after helm installation:

 [root@inslordevv113 traefik]# kubectl get po -A

NAMESPACE     NAME                            READY      STATUS    RESTARTS     AGE
traefik       traefik-6b6c947b6d-tbm6r        1/1       Running    0            6h19m

If the pod throws ErrImagePull error then do the following steps:

 kubectl edit deploy traefik -n traefik

Search for image argument in the yaml. use local docker registry or pull the image on local machine in advance.

 localhost:5000/traefik:v3.6.5

Save and exit and wait for the pod to run.

  1. IngressRoute Configuration with Middlewares:

Create IngressRoute and Middlewares as per below mentioned manifest replacing the desired values. Use this manifest for https requests.

 ---
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
  name: <middlewarename>
  namespace: <namespace>
spec:
  stripPrefix:
    prefixes:
      - /<path>
    forceSlash: false
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
  name: <ingressroutename>
  namespace: <namespace>
spec:
  entryPoints:
    - websecure   # web for HTTP || websecure for HTTPS
  routes:
  - match: Host(<hostname>) || Host(cname) && PathPrefix(/<path>)  #mention hostname or cname or both as per your requirement.
    kind: Rule
    middlewares:
    - name: <middlewarename>
      namespace: <namespace>
    services:
    - name: <backendservicename>
      port: <port>
  tls:
    secretName: <secretname>

To redirect http requests to https use below manifest.

 ---
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
  name: redirect-to-https
  namespace: <namespace>
spec:
  redirectScheme:
    scheme: https
    permanent: true
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
  name: <ingressroutename>
  namespace: <namespace>
spec:
  entryPoints:
    - web   # web for HTTP || websecure for HTTPS
  routes:
  - match: Host(<hostname>) || Host(<cname>) # mention as per need
    kind: Rule
    middlewares:
    - name: redirect-to-https
      namespace: <namespace>
    services:
    - name: <backendservicename>
      port: <port>