This message was deleted Rancher Users #k3d

Join Slack

This message was deleted.

# k3d

adamant-kite-43734

12/13/2024, 6:23 PM

This message was deleted.

wide-garage-9465

12/13/2024, 6:26 PM

Nothing that I know of. The fact that you get the traefik cert though is "good" in that it means the route into the cluster is clear (i.e. port forwarding and proxy is working).

brainy-yak-5996

12/13/2024, 6:27 PM

Here's some logging ... does this reveal anything?

Copy code

time="2024-12-13T18:20:55Z" level=info msg="Updated ingress status" namespace=default ingress=test
time="2024-12-13T18:20:55Z" level=debug msg="Skipping ingress status update" namespace=default ingress=test
time="2024-12-13T18:20:55Z" level=debug msg="Skipping Kubernetes event kind *v1.Ingress" providerName=kubernetes
time="2024-12-13T18:20:55Z" level=debug msg="Configuration received: {\"http\":{\"routers\":{\"default-test-registry-k-oracle-com\":{\"service\":\"default-nginx-80\",\"rule\":\"Host(`<http://registry.k.oracle.com|registry.k.oracle.com>`) \\u0026\\u0026 PathPrefix(`/`)\"}},\"services\":{\"default-nginx-80\":{\"loadBalancer\":{\"servers\":[{\"url\":\"<http://10.42.0.10:80>\"}],\"passHostHeader\":true}}}},\"tcp\":{},\"udp\":{},\"tls\":{}}" providerName=kubernetes
time="2024-12-13T18:20:55Z" level=debug msg="No entryPoint defined for this router, using the default one(s) instead: [metrics web websecure]" routerName=default-test-registry-k-oracle-com
time="2024-12-13T18:20:55Z" level=debug msg="No store is defined to add the certificate MIIE5zCCAs+gAwIBAgIJAMASb7rISlhOMA0GCSqGSIb3DQEBCw, it will be added to the default store."
time="2024-12-13T18:20:55Z" level=debug msg="Adding certificate for domain(s) <http://registry.k.oracle.com|registry.k.oracle.com>"
time="2024-12-13T18:20:55Z" level=debug msg="No default certificate, fallback to the internal generated certificate" tlsStoreName=default
time="2024-12-13T18:20:55Z" level=debug msg="Added outgoing tracing middleware prometheus@internal" middlewareName=tracing middlewareType=TracingForwarder entryPointName=metrics routerName=prometheus@internal
time="2024-12-13T18:20:55Z" level=debug msg="Creating middleware" entryPointName=metrics serviceName=default-nginx-80 middlewareName=pipelining middlewareType=Pipelining routerName=default-test-registry-k-oracle-com@kubernetes
time="2024-12-13T18:20:55Z" level=debug msg="Creating middleware" serviceName=default-nginx-80 middlewareName=metrics-service middlewareType=Metrics routerName=default-test-registry-k-oracle-com@kubernetes entryPointName=metrics
time="2024-12-13T18:20:55Z" level=debug msg="Creating load-balancer" entryPointName=metrics serviceName=default-nginx-80 routerName=default-test-registry-k-oracle-com@kubernetes
time="2024-12-13T18:20:55Z" level=debug msg="Creating server 0 <http://10.42.0.10:80>" serverName=0 routerName=default-test-registry-k-oracle-com@kubernetes entryPointName=metrics serviceName=default-nginx-80
time="2024-12-13T18:20:55Z" level=debug msg="child <http://10.42.0.10:80> now UP"
time="2024-12-13T18:20:55Z" level=debug msg="Propagating new UP status"
time="2024-12-13T18:20:55Z" level=debug msg="Added outgoing tracing middleware default-nginx-80" routerName=default-test-registry-k-oracle-com@kubernetes entryPointName=metrics middlewareName=tracing middlewareType=TracingForwarder
time="2024-12-13T18:20:55Z" level=debug msg="Creating middleware" entryPointName=metrics middlewareName=traefik-internal-recovery middlewareType=Recovery
time="2024-12-13T18:20:55Z" level=debug msg="Added outgoing tracing middleware api@internal" middlewareName=tracing entryPointName=traefik routerName=kube-system-traefik-dashboard-d012b7f875133eeab4e5@kubernetescrd middlewareType=TracingForwarder
time="2024-12-13T18:20:55Z" level=debug msg="Added outgoing tracing middleware ping@internal" routerName=ping@internal entryPointName=traefik middlewareName=tracing middlewareType=TracingForwarder
time="2024-12-13T18:20:55Z" level=debug msg="Creating middleware" middlewareName=traefik-internal-recovery middlewareType=Recovery entryPointName=traefik
time="2024-12-13T18:20:55Z" level=debug msg="Creating middleware" middlewareName=traefik-internal-recovery middlewareType=Recovery entryPointName=web
time="2024-12-13T18:20:55Z" level=debug msg="Creating middleware" middlewareName=metrics-entrypoint middlewareType=Metrics entryPointName=traefik
time="2024-12-13T18:20:55Z" level=debug msg="Creating middleware" entryPointName=web middlewareName=metrics-entrypoint middlewareType=Metrics
time="2024-12-13T18:20:55Z" level=debug msg="Creating middleware" middlewareType=Metrics entryPointName=websecure middlewareName=metrics-entrypoint
time="2024-12-13T18:20:55Z" level=debug msg="Creating middleware" entryPointName=metrics middlewareName=metrics-entrypoint middlewareType=Metrics
time="2024-12-13T18:20:55Z" level=debug msg="Creating middleware" routerName=websecure-default-test-registry-k-oracle-com@kubernetes serviceName=default-nginx-80 entryPointName=websecure middlewareType=Pipelining middlewareName=pipelining
time="2024-12-13T18:20:55Z" level=debug msg="Creating middleware" routerName=websecure-default-test-registry-k-oracle-com@kubernetes serviceName=default-nginx-80 entryPointName=websecure middlewareName=metrics-service middlewareType=Metrics
time="2024-12-13T18:20:55Z" level=debug msg="Creating load-balancer" serviceName=default-nginx-80 entryPointName=websecure routerName=websecure-default-test-registry-k-oracle-com@kubernetes
time="2024-12-13T18:20:55Z" level=debug msg="Creating server 0 <http://10.42.0.10:80>" routerName=websecure-default-test-registry-k-oracle-com@kubernetes serviceName=default-nginx-80 serverName=0 entryPointName=websecure
time="2024-12-13T18:20:55Z" level=debug msg="child <http://10.42.0.10:80> now UP"
time="2024-12-13T18:20:55Z" level=debug msg="Propagating new UP status"
time="2024-12-13T18:20:55Z" level=debug msg="Added outgoing tracing middleware default-nginx-80" entryPointName=websecure routerName=websecure-default-test-registry-k-oracle-com@kubernetes middlewareName=tracing middlewareType=TracingForwarder
time="2024-12-13T18:20:55Z" level=debug msg="Creating middleware" middlewareType=Recovery entryPointName=websecure middlewareName=traefik-internal-recovery
time="2024-12-13T18:20:55Z" level=debug msg="Creating middleware" entryPointName=traefik middlewareName=metrics-entrypoint middlewareType=Metrics
time="2024-12-13T18:20:55Z" level=debug msg="Creating middleware" entryPointName=web middlewareType=Metrics middlewareName=metrics-entrypoint
time="2024-12-13T18:20:55Z" level=debug msg="Creating middleware" middlewareType=Metrics entryPointName=websecure middlewareName=metrics-entrypoint
time="2024-12-13T18:20:55Z" level=debug msg="Creating middleware" entryPointName=metrics middlewareName=metrics-entrypoint middlewareType=Metrics
time="2024-12-13T18:20:55Z" level=debug msg="Adding route for <http://registry.k.oracle.com|registry.k.oracle.com> with TLS options default" entryPointName=websecure

brainy-yak-5996

12/13/2024, 6:28 PM

The 404 is wierd, like what's responding, it seems to be traefik responding ... which makes me think its ingress related ... but doesn't seem to be

wide-garage-9465

12/13/2024, 6:28 PM

It does show that he cert is not for localhost.com but for oracle.com

brainy-yak-5996

12/13/2024, 6:28 PM

i was faking that before to hide 'oracle.com'

wide-garage-9465

12/13/2024, 6:28 PM

Fair

wide-garage-9465

12/13/2024, 6:30 PM

I don't see anything suspicious on first sight

brainy-yak-5996

12/13/2024, 6:30 PM

i would have thought by increasing the logging to 'debug' the traefik log would show the 404 attempts ... since nothing happens, it makes me think its not hitting traefik, but the certs indicate otherwise. If I delete the k3d cluster then port 80 and 443 stop responding, indicating it is the expected k3d cluster responding

wide-garage-9465

12/13/2024, 6:30 PM

Yeah, traefik does respond with 404s

brainy-yak-5996

12/13/2024, 6:31 PM

i'll try something other than 80/443 .. maybe there something blocking me i don't know about

wide-garage-9465

12/13/2024, 6:32 PM

You shouldn't be getting 404s in that case

wide-garage-9465

12/13/2024, 6:32 PM

I'm on my phone only so cannot help too much...

brainy-yak-5996

12/13/2024, 6:32 PM

ya, or if it was some app blocking me, you'd think it would tell you that its blocking you

wide-garage-9465

12/13/2024, 6:33 PM

So port-forwarding to the service (not pod) works?

brainy-yak-5996

12/13/2024, 6:33 PM

yes

wide-garage-9465

12/13/2024, 6:33 PM

Can you kubectl describe the ingress?

brainy-yak-5996

12/13/2024, 6:34 PM

I'm trying with nginx now, here's the current version:

Copy code

k describe ing test 
Name:             test
Labels:           <none>
Namespace:        registry
Address:          172.29.0.2
Ingress Class:    traefik
Default backend:  <default>
TLS:
  registry.k.oracle.com-tls terminates <http://registry.k.oracle.com|registry.k.oracle.com>
Rules:
  Host                   Path  Backends
  ----                   ----  --------
  <http://registry.k.oracle.com|registry.k.oracle.com>  
                         /   nginx:80 ()
Annotations:             <none>
Events:                  <none>

brainy-yak-5996

12/13/2024, 6:36 PM

oh my gosh, ok using 8080 and 8443 instead of 80 and 443 worked

brainy-yak-5996

12/13/2024, 6:36 PM

so, maybe some security thing is getting in the way

brainy-yak-5996

12/13/2024, 6:36 PM

thanks for jumping on so i could bounce some ideas around

wide-garage-9465

12/13/2024, 6:37 PM

I would have guessed that only if you wouldn't be able to connect at all (since 80 and 443 are privileged ports) - but this is weird 😬

wide-garage-9465

12/13/2024, 6:37 PM

But I'm glad you got it working for you 👍

brainy-yak-5996

12/13/2024, 6:37 PM

definately weird

brainy-yak-5996

12/13/2024, 6:37 PM

yay

3 Views

Open in Slack

Previous Next