How to configure Traefik on k3s?

How to configure Traefik on k3s?
Traffic engineering with Traefik on k3s distribution of Kubernetes
Traefik is one of the most popular ingress controllers on Kubernetes. Traefik v2 brought some major changes in the usage of the controller itself. It brought the approach of heavy usage of Custom Resources on Kubernetes to provide reconfigurability and expanded fields of operation apart from the Ing…
You also might be interested in this article.
If you are only interested in the exact steps to configure Traefik on k3s skip to the last section.

K3s is a lightweight and certified Kubernetes distribution built by the Rancher. It's currently in the sandbox projects category at the CNCF. K3s is a production-grade distribution of Kubernetes which is in nature lightweight and the foremost reason for building it was the need to use Kubernetes on resource-restrained devices.

K3s is really easy to set up and install. Which is the main reason why I am using it for research, testing, and creating proof of concepts.

In the previous post, I wrote an introductory article about traffic engineering using Traefik v2. The underlying infrastructure hosting Traefik and other components was the K3s.

What I've found as a challenge in the start was configuration after the initial install. Anyhow to get straight to the point I'll describe the process of configuring Traefik on the K3s and K3s architecture itself.

To run k3s I will run Ubuntu VM using multipass. To setup VM with multipass is pretty straightforwad. You can read how you can provision VM with multipass on my article about Traffic engineering with Traefik.

To install the K3s, on the new VM instance, you can simply run the script in the terminal:

curl -sfL | sh -

After the installation and initial setup process (which can take a few minutes), you can access the k3s cluster using the kube config file located at the /etc/rancher/k3s/k3s.yaml.

You can easily use this file as Kube config exporting KUBECONF environment variable.

export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
ubuntu@k3s:~$ k get pods -n kube-system
NAME                                      READY   STATUS
local-path-provisioner-6c79684f77-zv678   1/1     Running
coredns-d76bd69b-j9b6z                    1/1     Running
metrics-server-7cd5fcb6b7-g5ff6           1/1     Running
helm-install-traefik-crd-w7b52            0/1     Completed
helm-install-traefik-tnt4w                0/1     Completed
svclb-traefik-c7zxl                       2/2     Running
traefik-df4ff85d6-w8wn4                   1/1     Running
It can be possible for path /etc/rancher to be under root ownership so you should set permissions accordingly for the user. For the current setup: sudo chown ubuntu /etc/rancher/k3s/k3s.yaml.

As you can see traefik-df4ff85d6-w8wn4 pod is created. Question arises how can I configure the Traefik static and dynamic configuration?

K3s is managing Traefik using CRs and helm-controller. To configure Traefik create new YAML file and provide with the needed details, like shown below.

kind: HelmChartConfig
  name: traefik
  namespace: kube-system
  valuesContent: |-
      - "--api"
      - "--api.dashboard=true"
      - "--api.insecure=true"
      - "--log.level=DEBUG"
        expose: true
        allowCrossNamespace: true

It's important to say that you need to specify namespace as kube-system, since Traefik should be running there.

When you run kubectl apply -f traefik-custom-conf.yaml, Traefik will be restarted and new pod will pick up configuration provided (Can take some time).

If you want to persist the changes on k3s restart you can create new file in the /etc/rancher/k3s/server/manifests/ named traefik-anything-you-want.yaml and k3s will pickup the configuration on file change and k3s restarts.

Thank you for reading!

If you liked this article and want to get informed when the new ones get published, hit the Subscribe button so you can get new articles directly in your mail. Also if you have something to say leave a comment.


Subscribe to qdnqn

Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
Join other 7 members. Unsubscribe whenever you want.