Awesome content and well presented. Tip for anyone who made the mistake I did and wasted a lot of time, I accidentally uncommented "Cloudflare example", and the acme settings were ignored!
Hey, thank you for your work! This is the way how the tutorials should be done - very practical, covering all the aspects which you will need in real life, rather then "labs" tutorials. 10 out of 5 content.
According to the Traefik docs, using the default SSL certificate by traefik does not scale, for instance if you wanna have more than 1 Traefik replica, you just can't, which is too bad. I deployed the latest version of Traefik but using CertManager and a regular ClusterIssuer, now I can scale up as much as I want. Also, I'm more into IngressRoutes than regular Ingress, flexibility is much better. The video is quite good though, not ideal but it does work.
Excellent video. Been a Traefik fan for a while, but only with local Docker runs. Wanted to step up my game to Kubernetes. This got me rolling. But now I would like to take it to the next step and make it more GitOps oriented. Using ArgoCD. I have not been able to find any examples. And my attempts have been failures. The problem comes in trying to get it to add in a modified values.yml file.
Actually video may be is good for pros, but for person who just strated to learn k8s it is very hard to understand on which position you are currently in - you need to have on side map with the explanation what goes where and current setting affects this route etc (like showing when connection goes in to nginx --> loadbalancer node --> something else etc) to have visual representation.
I think it is a great idea to switch to project based videos because this will cover many aspects of kubernetes practicially, just like this video :) Very nice content on your channel 👍
Thank you so much for that feedback. I'm currently rethinking the way I produce my content because I'd like to share more about my projects and stuff that I do instead of making 'just' tutorials. That means a lot to me 🤗
Hi Christian, thanks for this great video. Everything works perfectly when I am in my home network. Once I try to hit the URL from my mobile phone or while away from home, the server can't be reached. Do you know what could be the problem? Thanks for your support.
Nice Video! New video idea: configuring K3S built in traefik to use this config setup, needs a HelmChartConfig crd object so it was a little tricky to get working at first, but makes for a very well integrated setup
I'm new to all of this so bare with me.. Ok correct me if I'm wrong... But in order to use cloudflare you need to have a website to begin with correct? I don't have one... Would I have to create or buy one in order to use traefik? I use sophos as a dns server and DHCP server can I use this instead? I think I'm a little confused on the logistics overall and pre requisites that need to be in place in order to get traefik.. k8s and rancher going... Setting this up via helm that is...
Hi Christian, how can I use the K3S traefik instance to route to a server inside my local network (outside of my K3S Cluster)? I still have some hardware-based services (e.g. my TrueNAS Server) which I need to make reachable. Any advise? Greatings from Germany
so on a bare metal server with a public ip address, can we use an ingress like traefik and not use any load balancer solution like metallb and everything will work fine? I mean the ingress will pick automatically up the host public ip and use it?
Good video. I suppose when you refer to the "DNS provider" you assume we are using our DNS provider as the CA for our site's certificates; so I would not need any of that configuration in case I'm using manually generated certificates. In this case how would I load my site's certificates/private key (for example a glob certificate) into Traefik? Thanks
What the heck happened at 23:34? You were about to edit the ingress with 80 enabled, and then you were suddenly showing us a 443 connection to that same ingress. There is a lot of missing information there..
Hi! very cool video, i'm using cloudfare and i map in dns section my dynamic ip updated by a cloudfare script to my domains; may i do the some as you did with traefik? in my k8s proxmox vm i got as EXTERNAL-IP my vm ip and not my real router external ip, may it be a problem for let's encrypt and traefik? many thanks. Nino.
Would love to see how we can run k3s, traefik and Teleport. I managed to get Teleport running, however, hit snag after snag trying to install it on k3s cluster and all...
Another really great video, I have watched it a couple of times but I just can't seem to get traefik running, I'm running the latest version of Helm and K8S version 1.25.3 and traefik is saying its version 18.1.0 but every time I run the command it fails in the same way helm install -f values.yml traefik traefik/traefik coalesce.go:175: warning: skipped value for traefik.env: Not a table. Error: INSTALLATION FAILED: Deployment in version "v1" cannot be handled as a Deployment: json: cannot unmarshal object into Go struct field Container.spec.template.spec.containers.env of type []v1.EnvVar Im guessing something has changed in the helm chart which is a shame.
Trying to use DigitalOcean managed kubernetes for this... keep running face-first into 2 major problems with this one and have been stuck for weeks. DO has some weird permissions configurations so the InitContainer still doesn't work, tried every command combination for touch, chmod, chown, and securityContext that I can think of. Still get a "Permission denied error". Also, the LetsEncrypt certificate shows as "Not secure" in Chrome. Not that this is a support forum or anything, just wanted to vent. Getting certificates to work on K8s is like my white whale and it's driving me to madness
If your k8s cluster is running in a cloud provider you don't need MetalLB (the cloud provider has its won LB). But if you are running k8s locally then YES you need MetalLB, Klipper, or any other LB service
Great video mate!! Keep it up! I am beginner with Kubernetes and Traefik. Do you know how I can use Whitelisting IP using Middleware in Traefik version 2.x?
do i need a domain name for this setup as i don't own a domain name i am using oracle always free resources and deployed a k3s on it so please support me in how can i make it work
anyone else getting a persistentvolumeclaim/traefik no persistent volumes available for this claim and no storage class is set? Do i need to create a persistent volume claim where?
Hi... i am a small it guy. I have 16 servers windows and each server has 10 client machie connect to it. Its a small medical office 16 locations...please advice what would you do for back please...i want to backup to my storage. What hardwarde will u buy and what software u would use ..what kind of backs you would do like image, files and so on and how many copies
Awesome content and well presented.
Tip for anyone who made the mistake I did and wasted a lot of time, I accidentally uncommented "Cloudflare example", and the acme settings were ignored!
Hey, thank you for your work! This is the way how the tutorials should be done - very practical, covering all the aspects which you will need in real life, rather then "labs" tutorials. 10 out of 5 content.
Thank you so much :)
According to the Traefik docs, using the default SSL certificate by traefik does not scale, for instance if you wanna have more than 1 Traefik replica, you just can't, which is too bad. I deployed the latest version of Traefik but using CertManager and a regular ClusterIssuer, now I can scale up as much as I want. Also, I'm more into IngressRoutes than regular Ingress, flexibility is much better. The video is quite good though, not ideal but it does work.
This video is amazing, tried to grok traefik forever and this helped so much!
Excellent video. Been a Traefik fan for a while, but only with local Docker runs. Wanted to step up my game to Kubernetes. This got me rolling. But now I would like to take it to the next step and make it more GitOps oriented. Using ArgoCD. I have not been able to find any examples. And my attempts have been failures. The problem comes in trying to get it to add in a modified values.yml file.
Wow! Thank you for the video - you really demystified ingresses for me 👍🏼
Actually video may be is good for pros, but for person who just strated to learn k8s it is very hard to understand on which position you are currently in - you need to have on side map with the explanation what goes where and current setting affects this route etc (like showing when connection goes in to nginx --> loadbalancer node --> something else etc) to have visual representation.
nice video, i believe the secrets should be also in same namespace as of the deployment. Else deployment will complain about secretes not found.
Thanks, and yea, you're absolutely right
Thanks man, it was very helpful, can you please tell me what the type of terminal you are using it looks awesome.
I've used Windows Terminal in the past, now I'm using mostly Warp (MacOS and Linux only)
This was just what I was looking for. Thanks for a great tutorial and walkthrough.
Hi, could you make a video about rancher since they released new version.
That will need some time to prepare, but somewhere next year I'll do that!
I think it is a great idea to switch to project based videos because this will cover many aspects of kubernetes practicially, just like this video :) Very nice content on your channel 👍
Thank you so much for that feedback. I'm currently rethinking the way I produce my content because I'd like to share more about my projects and stuff that I do instead of making 'just' tutorials. That means a lot to me 🤗
Hi Christian,
thanks for this great video. Everything works perfectly when I am in my home network.
Once I try to hit the URL from my mobile phone or while away from home, the server can't be reached.
Do you know what could be the problem?
Thanks for your support.
Nice Video!
New video idea: configuring K3S built in traefik to use this config setup, needs a HelmChartConfig crd object so it was a little tricky to get working at first, but makes for a very well integrated setup
What documentation did you use? I'm trying to configure it on k3s and hitting dead ends.
Thanks, thats a great idea! Can you share me some resources on Discord? That would be so helpful
I'll do a video soon, stay tuned 😀
@@christianlempa Awesome 😎 oder eher Ausgezeichnet! 😉
@@christianlempa are you still doing this video? 😀
Hello, love your videos!, do you have a video that shows traefik in kubernetes pointing to for example a proxmox server?
Hi, Christian
Thanks al lot
so cool & perfect 👌🙏🙏🙏
I'm new to all of this so bare with me.. Ok correct me if I'm wrong... But in order to use cloudflare you need to have a website to begin with correct? I don't have one... Would I have to create or buy one in order to use traefik? I use sophos as a dns server and DHCP server can I use this instead? I think I'm a little confused on the logistics overall and pre requisites that need to be in place in order to get traefik.. k8s and rancher going... Setting this up via helm that is...
What addons are you using on vscode? It's looking like it's automatically doing some refactoring to me.
Awesome video.
What are you using to run K8s locally? K3s, minikube??
k3s, I've now done a tutorial about it: ruclips.net/video/UdjhFLV1yt8/видео.html
Hi Christian,
how can I use the K3S traefik instance to route to a server inside my local network (outside of my K3S Cluster)?
I still have some hardware-based services (e.g. my TrueNAS Server) which I need to make reachable.
Any advise?
Greatings from Germany
Would love to see a video on a k3s homelab setup (proxmox), configuring traefik in a similar way, using a HelmChartConfig and if this differs.
Oh that's coming! :) Takes me a while though.
@@christianlempa Did you release this video? I'm getting stuck on this myself right now.
This is awesome. It was really easy to understand. What VS code extension are you using for auto-completing k8s specific yamls?
Thank you :) I guess it's the official kubernetes extension
what if? you already have outside traefik that runs on docker is there a way to just integrate that on kubernetes?
so on a bare metal server with a public ip address, can we use an ingress like traefik and not use any load balancer solution like metallb and everything will work fine? I mean the ingress will pick automatically up the host public ip and use it?
Good video. I suppose when you refer to the "DNS provider" you assume we are using our DNS provider as the CA for our site's certificates; so I would not need any of that configuration in case I'm using manually generated certificates. In this case how would I load my site's certificates/private key (for example a glob certificate) into Traefik? Thanks
Thank you! :) I think you should have a look at my other videos about traefik and self-signed certs, that might be a good start.
What the heck happened at 23:34? You were about to edit the ingress with 80 enabled, and then you were suddenly showing us a 443 connection to that same ingress. There is a lot of missing information there..
Very good video with explanations! Traefik is so good when it works but so hard to understand the API documentation :(
Thank you so much! It absolutely is hard to understand though :D
when you create ingress, what IP should you forward your external load balancer to? Will it be the IP of the master node?
It can be the IP of the master node, or the worker nodes.
Can you do a how to use trafik in TureNAS Scale? It is debian based running Kub and docker
Yeah I might do it in the future!
Nice tutorial, Can i have multiple loadbalancer pointing to same kubernetes cluster?
Thanks! Yes sure you can do that
@@christianlempa thanks man, keep growing.. i am a subscriber from long time
@@shadyapp7416 thanks! Appreciate that :)
Thanks a lot Bros!
alias "kn" equal "kubectl config set-context --current --namespace=traefik"
The Ingress object template is no longer available in the boilerplate repo.
Hi! very cool video, i'm using cloudfare and i map in dns section my dynamic ip updated by a cloudfare script to my domains; may i do the some as you did with traefik? in my k8s proxmox vm i got as EXTERNAL-IP my vm ip and not my real router external ip, may it be a problem for let's encrypt and traefik? many thanks.
Nino.
what is the alias for `kn`?
Do I need an additional MetalLB to run this?
No
Would love to see how we can run k3s, traefik and Teleport. I managed to get Teleport running, however, hit snag after snag trying to install it on k3s cluster and all...
Hmm that sounnds awesome! I'll take a look at k3s soon, might take me some time to figure it out though :D
@@christianlempa Cool, I look forward to it. I took it on and it is a bit to chew ha. Cheers.
Thanks buddy!
No problem!
Hey! What theme do you use for VSCode?
I'm using my own one! :D You can find it in the vscode marketplace when you search for "The Digital Life"
Another really great video, I have watched it a couple of times but I just can't seem to get traefik running, I'm running the latest version of Helm and K8S version 1.25.3 and traefik is saying its version 18.1.0 but every time I run the command it fails in the same way
helm install -f values.yml traefik traefik/traefik
coalesce.go:175: warning: skipped value for traefik.env: Not a table.
Error: INSTALLATION FAILED: Deployment in version "v1" cannot be handled as a Deployment: json: cannot unmarshal object into Go struct field Container.spec.template.spec.containers.env of type []v1.EnvVar
Im guessing something has changed in the helm chart which is a shame.
Maybe you should come to our discord and share more details about your setup, we can take a look
Trying to use DigitalOcean managed kubernetes for this... keep running face-first into 2 major problems with this one and have been stuck for weeks. DO has some weird permissions configurations so the InitContainer still doesn't work, tried every command combination for touch, chmod, chown, and securityContext that I can think of. Still get a "Permission denied error". Also, the LetsEncrypt certificate shows as "Not secure" in Chrome.
Not that this is a support forum or anything, just wanted to vent. Getting certificates to work on K8s is like my white whale and it's driving me to madness
hi, did you found a solution for this? i have the same setup and also the same problem :p
@@thijsdevlieger758 I didn't find a solution for it unfortunately
Where are your videos about crowdsec?
Decided to put that a little bit in the backlog, as I'm not fully convinced of it for now.
Hi, very nice video :)
I have this issue: volume-permissions chmod: /ssl-certs/*: No such file or directory
Can anybody help me please¿?
same problem here
Do I need MetalLB as a prerequisite for this?
If your k8s cluster is running in a cloud provider you don't need MetalLB (the cloud provider has its won LB). But if you are running k8s locally then YES you need MetalLB, Klipper, or any other LB service
Great video mate!!
Keep it up!
I am beginner with Kubernetes and Traefik. Do you know how I can use Whitelisting IP using Middleware in Traefik version 2.x?
Hey thanks! No haven't done that yet sry
After doing the last step, I got 404 Not Found. Help!!!
Why not come to the discord and share some details about the problem, maybe we can help
Can we use api gateway in the place of traefik proxy
Not sure what the API gateway is? Do you mean the kubernetes API?
if you mean the trafik api gateway, its an enterprise application. Sadly cant use it if you dont pay a bunch of money
Danke!
Vielen Dank für deinen Support!
How to work together with AWS ELB?
do i need a domain name for this setup as i don't own a domain name i am using oracle always free resources and deployed a k3s on it so please support me in how can i make it work
What color scheme are you using in the VSC?
The Digital Life 😉
@@christianlempa 🤣 thanks man!
anyone else getting a persistentvolumeclaim/traefik no persistent volumes available for this claim and no storage class is set? Do i need to create a persistent volume claim where?
Yes have the same problem and breaking my head over it, this is to much for my noobie skills to solve :(
been trying to figure this out as well, getting the same error message
@Dennis Hobbelen Yep, I got there last night too, setup an nfs Persistence Volume and marked it as the Default. Error message went away.
you're a.m.a.z.i.n.g.
My External-Ip is showing Pending, did I miss a step somewhere
Sounds like a problem with your provider and load balancers
@@christianlempa I am running this in Proxmox on my home lab
@@MikeCarr07 then you likely already have a load balancer running. If you don’t use something like metallb you can only have one
Hi... i am a small it guy. I have 16 servers windows and each server has 10 client machie connect to it. Its a small medical office 16 locations...please advice what would you do for back please...i want to backup to my storage. What hardwarde will u buy and what software u would use ..what kind of backs you would do like image, files and so on and how many copies
i'm not getting clear vision on it so will make a private service for me
Where is the external IP?
An IP that is publicly available
Traefik is cool product but their official documentation totally sucks!! They should do some proper cookbooks
Yeah I agree with you, that would really help! It's hard to fight your way through the docs xD
dud! why are you screaming?
omg u using windows...
Omg, and now?