Using Traefik v2 as a Reverse Proxy for Kubernetes: A Step-by-Step Guide for Developers and Kubernetes Enthusiasts

Avinash Bendigeri Avatar

Traefik v2 is a popular and modern reverse proxy and load balancer that is designed for microservices architecture. Traefik can be used as an ingress controller in Kubernetes to route traffic to different services in a cluster. In this blog, we will discuss how to use Traefik v2 as a reverse proxy for Kubernetes. We will cover the following topics:

  • Installing Traefik v2 on Kubernetes
  • Creating a Traefik deployment and service
  • Configuring Traefik to work with Kubernetes
  • Deploying an application and routing traffic using Traefik

Prerequisites

  • A Kubernetes cluster with kubectl installed
  • Basic understanding of Kubernetes objects such as pods, deployments, and services
  • Familiarity with Traefik v2 and its configuration options

Installing Traefik v2 on Kubernetes

Before we can use Traefik as a reverse proxy for Kubernetes, we need to install it in our cluster. There are several ways to install Traefik on Kubernetes, but the easiest way is to use the official Helm chart. If you don’t have Helm installed, you can follow the instructions in the Helm documentation to install it.

To install the Traefik Helm chart, run the following command:

$ helm repo add traefik https://helm.traefik.io/traefik
$ helm install traefik traefik/traefik

This will install the Traefik chart in the default namespace. You can check the status of the Traefik deployment using the following command:

$ kubectl get deployments traefik

This should show a deployment with one replica.

Creating a Traefik deployment and service

Now that we have Traefik installed in our cluster, we need to create a deployment and service for Traefik. The deployment will create a pod running Traefik, and the service will expose that pod to the cluster.

Create a file named traefik-deployment.yaml with the following content:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: traefik
spec:
  selector:
    matchLabels:
      app: traefik
  replicas: 1
  template:
    metadata:
      labels:
        app: traefik
    spec:
      containers:
      - name: traefik
        image: traefik:v2.5
        ports:
        - name: http
          containerPort: 80
        - name: admin
          containerPort: 8080

This deployment defines a single pod running the Traefik image and exposes two ports: port 80 for HTTP traffic and port 8080 for the Traefik dashboard. We will use the dashboard later to monitor Traefik’s activity.

Create a file named traefik-service.yaml with the following content:

apiVersion: v1
kind: Service
metadata:
  name: traefik
spec:
  selector:
    app: traefik
  ports:
  - name: http
    port: 80
    protocol: TCP
    targetPort: http
  - name: admin
    port: 8080
    protocol: TCP
    targetPort: admin
  type: NodePort

This service exposes the Traefik pod to the cluster on ports 80 and 8080 using the NodePort type. This means that any node in the cluster can access Traefik on these ports.

To create the Traefik deployment and service, run the following commands:

$ kubectl apply -f traefik-deployment.yaml
$ kubectl apply -f traefik-service.yaml

You can verify that the deployment and service were created successfully by running the following commands:

$ kubectl get deployments traefik
$ kubectl get svc traefik

This should show the Traefik deployment with one replica and the Traefik service with two ports exposed.

Configuring Traefik to work with Kubernetes

Now that we have Traefik deployed and exposed in our cluster, we need to configure it to work with Kubernetes. Traefik uses Kubernetes Ingress resources to route traffic to different services in the cluster. An Ingress resource defines rules for how traffic should be routed based on the incoming request’s host and path.

Create a file named traefik-ingressroute.yaml with the following content:

apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
  name: traefik-web-ui
spec:
  entryPoints:
    - web
  routes:
  - match: Host(`traefik.example.com`) && PathPrefix(`/`)
    kind: Rule
    services:
    - name: traefik
      port: 8080

This IngressRoute resource defines a rule for how traffic should be routed to the Traefik dashboard. The rule matches requests with the host traefik.example.com and the path prefix /. When a request matches this rule, Traefik will route the traffic to the traefik service on port 8080.

To create the IngressRoute, run the following command:

$ kubectl apply -f traefik-ingressroute.yaml

You can verify that the IngressRoute was created successfully by running the following command:

$ kubectl get ingressroute traefik-web-ui

This should show the Traefik IngressRoute with the name traefik-web-ui.

Deploying an application and routing traffic using Traefik

Now that we have Traefik configured to work with Kubernetes, we can deploy an application and route traffic to it using Traefik. For this example, we will deploy a simple Nginx web server and route traffic to it using Traefik.

Create a file named nginx-deployment.yaml with the following content:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx
spec:
  selector:
    matchLabels:
      app: nginx
  replicas: 3
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:latest
        ports:
        - name: http
          containerPort: 80

This deployment defines three pods running the Nginx image and exposes port 80 for HTTP traffic.

Create a file named nginx-service.yaml with the following content:

apiVersion: v1
kind: Service
metadata:
  name: nginx
spec:
  selector:
    app: nginx
  ports:
  - name: http
    port: 80
    protocol: TCP
    targetPort: http

This service exposes the Nginx pods to the cluster on port 80.

To deploy the Nginx application and service, run the following commands:

$ kubectl apply -f nginx-deployment.yaml
$ kubectl apply -f nginx-service.yaml

You can verify that the deployment and service were created successfully by running the following commands:

$ kubectl get deployments nginx
$ kubectl get svc nginx

This should show the Nginx deployment with three replicas and the Nginx service with port 80 exposed.

To route traffic to the Nginx service using Traefik, create a file named nginx-ingressroute.yaml with the following content:

apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
  name: nginx
spec:
  entryPoints:
    - web
  routes:
  - match: Host(`nginx.example.com`) && PathPrefix(`/`)
    kind: Rule
    services:
    - name: nginx
      port: http

This IngressRoute resource defines a rule for how traffic should be routed to the Nginx service. The rule matches requests with the host nginx.example.com and the path prefix /. When a request matches this rule, Traefik will route the traffic to the nginx service on port 80.

To create the IngressRoute, run the following command:

$ kubectl apply -f nginx-ingressroute.yaml

You can verify that the IngressRoute was created successfully by running the following command:

$ kubectl get ingressroute nginx

This should show the Nginx IngressRoute with the name nginx.

Testing the setup

To test the setup, you can add an entry to your /etc/hosts file to map the hostnames traefik.example.com and nginx.example.com to the IP address of your Kubernetes cluster. To find the IP address of your cluster, you can run the following command:

$ kubectl cluster-info | grep 'Kubernetes master' | awk '/http/ {print $NF}'

Add the following lines to your /etc/hosts file:

<IP address> traefik.example.com nginx.example.com

You should now be able to access the Traefik dashboard at http://traefik.example.com and the Nginx server at http://nginx.example.com. When you access these URLs, you should see the Traefik dashboard and the default Nginx welcome page, respectively.

Conclusion

In this tutorial, we have seen how to use Traefik v2 as a reverse proxy for Kubernetes. We have deployed Traefik in our cluster, configured it to work with Kubernetes, and used it to route traffic to a simple Nginx web server. By following these steps, you can use Traefik to manage and route traffic to different services in your Kubernetes cluster.

Leave a Reply

Your email address will not be published. Required fields are marked *