k3s
k3s copied to clipboard
k3s-io
Update the Traefik chart for Traefik v3
Is your feature request related to a problem? Please describe. I'm trying to use Traefik v3 with the OpenTelemetry settings which are bugged in chart v25.0.0. See https://github.com/traefik/traefik-helm-chart/issues/999 for more info.
Describe the solution you'd like
Update the embedded Traefik chart.
Describe alternatives you've considered
Additional context Needs to happen here: https://github.com/k3s-io/k3s-charts/tree/main
The last time we did a major Traefik upgrade from v1 -> v2 we didn't even attempt to migrate folks, we just left them on v1 if it was installed, and added docs to help folks migrate when they are ready - since there were breaking changes between the two versions.
I suspect we will probably want to do something similar with this transition.
Ref: https://doc.traefik.io/traefik/migration/v2-to-v3/
@brandond What do you mean with
The last time we did a major Traefik upgrade from v1 -> v2 we didn't even attempt to migrate folks, we just left them on v1 if it was installed, and added docs to help folks migrate when they are ready - since there were breaking changes between the two versions.
So you shipped Traefik v2 with k3s but didn't automatically migrate to v2 if there was an existing Trafeik v1 deployment?
I'd also welcome this upgrade procedure for the v2 -> v3 switch.
The Traefik v3 update also has breaking changes in the IngressRoute syntax, which requires manual migration for specific scenarios (regex paths).
https://docs.k3s.io/networking/networking-services#traefik-ingress-controller
K3s includes Traefik v2. K3s versions 1.21 through 1.30 install Traefik v2, unless an existing installation of Traefik v1 is found, in which case Traefik is not upgraded to v2. K3s versions 1.20 and earlier include Traefik v1. For more information on the specific version of Traefik included with K3s, consult the Release Notes for your version.
This repository uses a bot to automatically label issues which have not had any activity (commit/comment/label) for 45 days. This helps us manage the community issues better. If the issue is still relevant, please add a comment to the issue so the bot can remove the label and we know it is still valid. If it is no longer relevant (or possibly fixed in the latest release), the bot will automatically close the issue in 14 days. Thank you for your contributions.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
@caroline-suse-rancher Can you provide any information on when this will be prioritized?
We do not currently have any particular reason to start moving folks to Traefik v3. We can take a look at bumping the chart to a newer release while sticking with Traefik v2 for next month.
Traefik v2.11 will be EOL Apr 29, 2025; I don't know if additional v2 releases are planned, or if only v3.x will be maintained going forward. This is a good question to take to the Traefik project.
According to Traefik announcement, Traefik 3 will support 2.x configuration
With Traefik v3, we are introducing a streamlined transition process from v2, ensuring backward compatibility with v2 syntax while offering a progressive path for adopting the v3 syntax, effectively overcoming the challenges encountered in previous migrations.
@brandond Hey, it'd be very good to update Traefik to even just 2.11.9. There's a big security issue regarding the X-Forwarded-For header in Traefik <2.11.9 & <3.1.3: https://nvd.nist.gov/vuln/detail/CVE-2024-45410
@brandond How about defaulting to the existing Traefik version 2.x and adding a feature flag for those that want to leverage Traefik 3.x and all it's goodness. A common use case is people that are standing up new clusters and don't have to worry about migrating.
We will probably make K3s v1.33 a hard transition point to traefik v3 and containerd v2. We maintained back-compat checks for traefik v1 for WAY too long and would like to avoid that this time around.
