About the Author
Wang Hailong, Technical Manager of SUSE Rancher China Community, responsible for the maintenance and operation of Rancher China Technical Community. He has 8 years of experience in the field of cloud computing, and has experienced the technological transformation from OpenStack to Kubernetes. Whether the underlying operating system Linux, or virtualized KVM or Docker container technology, he has rich operation and maintenance and practical experience.
Preface
Traefik is an open source edge router that makes publishing your services easy and fun. It is responsible for receiving your system requests and handling them with the appropriate components.
Traefik's dashboard is handy and provides a detailed overview of the current state of the cluster, including cluster entry and service mesh routing configuration details:
K3s is a CNCF conformance-certified lightweight distribution of Kubernetes designed for IoT and edge computing. In K3s, Traefik is built-in as the default reverse proxy and Ingress Controller for the cluster. K3s 1.21 starts with Traefik v2 installed by default, while previous versions installed Traefik v1 by default. This article will introduce how to enable Traefik Dashborad according to different Traefik versions.
Traefik v1 Dashborad enabled
By default, K3s 1.20 and earlier have Traefik v1 installed by default, and Traefik Dashboard is not enabled by default. To enable Dashborad with Traefik v1 in K3s, we can use HelmChartConfig to customize Traefik v1 deployed by Helm and enable Dashboard:
Notice:
- It is not recommended to manually edit
/var/lib/rancher/K3s/server/manifests/traefik.yaml
to modify the Traefik configuration file, because the modified content will be overwritten after K3s restarts. - It is recommended to customize the
/var/lib/rancher/K3s/server/manifests
configuration by creating an additionalHelmChartConfig
manifest in 0623d3e4c2ec70, see: http://docs.rancher.cn/docs/K3s/helm/_index/
cat >> /var/lib/rancher/K3s/server/manifests/traefik-config.yaml << EOF
apiVersion: helm.cattle.io/v1
kind: HelmChartConfig
metadata:
name: traefik
namespace: kube-system
spec:
valuesContent: |-
dashboard:
enabled: true
domain: "traefik.localhost"
EOF
At this point, Traefik will be redeployed, and in about 10 seconds, you can access Traefik Dashboard through the domain name configured by spec.valuesContent.domain :
Traefik v2 enable Dashborad
By default, K3s 1.21 and above install Traefik v2 by default. For security reasons, Traefik Dashboard is not exposed by default. There are two common ways to expose Dashborad:
Method 1: via port forwarding
kubectl -n kube-system port-forward $(kubectl -n kube-system get pods --selector "app.kubernetes.io/name=traefik" --output=name) 9000:900
After port forwarding is enabled, Dashboard can be accessed through http://127.0.0.1:9000/dashboard/ :
Method 2: Custom IngressRoute CRD
Another way is by defining and applying the IngressRoute CRD (kubectl apply -f dashboard.yaml):
# dashboard.yaml
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: dashboard
spec:
entryPoints:
- web
routes:
- match: Host(`traefik.example`) && (PathPrefix(`/dashboard`) || PathPrefix(`/api`))
kind: Rule
services:
- name: api@internal
kind: TraefikService
After successful deployment, Dashboard can be accessed via http://traefik.example/dashboard/ :
- References: traefik-helm-chart:
https://github.com/traefik/traefik-helm-chart/ - Learn more about Traefik Dashboard configuration:
https://doc.traefik.io/traefik/operations/dashboard/