-
Notifications
You must be signed in to change notification settings - Fork 745
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
How to host and access dashboards from multiple traefiks in one namespace ? #143
Comments
Hi @den-is , Thanks for your question. This is not a common use case. Today with the helm chart you have multiple possibilities to expose a Traefik dashboard.
To achieve your needs, that is not a common use case, one possibility is to:
additionalArguments:
- "--api.insecure=true"
---
apiVersion: v1
kind: Service
metadata:
name: traefik-a-dashboard
namespace: traefik-a
labels:
app.kubernetes.io/name: name
app.kubernetes.io/instance: ReleaseName
spec:
type: ClusterIP
ports:
- port: 9000
name: traefik
selector:
app.kubernetes.io/name: name
app.kubernetes.io/instance: ReleaseName
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: traefik-a-dashboard
spec:
entryPoints:
- traefik
routes:
- match: Host(`traefik-a-dashboard.example.com`)
kind: Rule
services:
- name: traefik-a-dashboard
port: 9000 I will close this issue because I think that your question is answered. Please join our Community Forum on the Traefik section if you are further questions. |
Thanks @mmatur . I have actually duplicated that question in the Community forum. I will ask couple additional questions there. |
Initially, I've exposed the dashboard using NodePort + secure + IngressRoute. How is that not a common case? what if a namespace has multiple traefiks per namespace, per app, per TLS settings? How to check what specific traefik has caught or especially what it has not caught? Is it common to have traefik in the namespace with application and not separately in a secure namespace (kube-system)? I want to elaborate on
So PortForward means that Traefik should have own IngressRoute for own dashboard. That chart is not giving ability to set custom labels on dashboard IngressRoute. And it didn't work while there was Traefik which was monitoring whole namespace. Worked after removing such lb or applying label filter. Intersting why is that? Traefik and IngressRoute have one-to-one relations? |
I would say that it is pretty common usecase at least we have same requirements. |
We also run into the same problem. |
Is there perhaps an update on this? Maybe something has been added by the updates since mid-2020, which makes it easier. I would say that it is a pretty standard use case. Many have two Traefik instances, one for the internal domain (.localdomain) and one for the external domain (.example.com). Both Traefik dashboards - even if there is authentication in front of them - you would want to have internally only, of course. But @mmatur, your 3rd solution works! Not as easy as first thought, but it works 💯 |
Chiming in to say that I faced this issue as well. Might be a common use case. |
We have this kind of issue as well: two traefik deployments running in the same namespace - internal and external one, and I'm looking for a way to reach the external traefik dashboard via internal one (instead of exposing ext traefik dashboard to the Internet) |
Expose port 9000 of the external deployment with a label such as It should be good practice to use a |
Not sure if I have had to post that issue in original traefik repo or here in chart repo.
TLDR: How to serve dashboards from multiple ingress-controllers (traefiks) using single Ingress-controller dedicated for serving these dashboards?
With traefik 1.7 I have multiple ingress controllers deployed in the kube-system namespace. Each is for different purposes - mainly monitoring its own subset of namespaces.
There is one main Traefik in the kube-system namespace, which is serving only "internal" cluster, administrative ingress objects. dashboards, grafanas, etc.
Every other traefik-dashboard is exposed by own Ingress object which is then intercepted by that administrative-traefik. So each dashboard has own URL: traefik-x.example.com traefik-y.example.com.
How to achieve same with traefik v2?
What are the best or "all possible" ways to access dashboard in traefik v2?
web
entrypoint and it did work.But "service" points to some api@internal TraefikService. here is my IngressRouter
But some other traefik will be pointing to the same
api@internal
. How to make traefik understand that I'm requesting dashboard of some other traefik deployment?For example next I want to setup
default-ing
traefik which will be serving public apps in default namespace.Again. I have tried to create individual service
admin-ing-dashboard
for exposing dashboard only. But it didn't work.Is that possible at all? How to view the other traefik dashboard on the same cluster?
The text was updated successfully, but these errors were encountered: