jitsi-helm icon indicating copy to clipboard operation
jitsi-helm copied to clipboard

Published 20 hours ago verified publisher icon krakazyabra

Question: Setup Traefik for Ingress (TLS Letsencrypt) in Front of HA-Proxy

Open MatthiasHertel opened this issue 4 years ago • 4 comments

Hi @krakazyabra

first of all , really nice chart ... nice architectur graphic ! (btw which tool did you use for that ?)

to my question: i have the following problem / setup , i use traefik as a my default ingress ... how can i use this chart with traefik in front of that ? it is possible in general? or do I have to replace ha proxy with traefik ?

greets matthias

MatthiasHertel avatar Nov 18 '20 21:11 MatthiasHertel

Hi @MatthiasHertel Thanks for report! I have pure experience in Helm, so I just replaced some values with templater. As I understood your question, you want to use Traefik instead of ingress. If so, you need to delete this yaml from your project and replace it with Traefik's (I don't know, how Traefik works, sorry for that).

Haproxy is working behind Ingress, has own service, so you can point your Traefik to this service

Also, TLS verification is working on the front (Traefik in your case)

In my own setup, I don't use any ingress at all, I route all trafic to haproxy service (we use baremetal k8s and can assign external IPs directly to services).

krakazyabra avatar Nov 18 '20 22:11 krakazyabra

HI @krakazyabra

thx for the explanation, yes you understand it correctly , i want to replace the TLS termination point ... i dont want to use ha-proxy with certmanager ... traefik handle it out of the box.

i will try it today and give u feedback.

our k8s setup runs in a HCI on vm's (cause of our HA needs in our setup) and we got our external IP's through metalLB.

by the way your architecture graphics are so nice , which tool do you used for it ? link to architecture

greets matthias

MatthiasHertel avatar Nov 19 '20 06:11 MatthiasHertel

hello, similar question. I am trying to deploy this on an OTC k8s cluster. So I try to find the external IP to configure the DNS entry, but there is no such external IP.

Should I add a k8s service type=loadbalancer like i did for all my other services which gives me an external IP to connect to? https://kubernetes.io/docs/tutorials/stateless-application/expose-external-ip-address/

uvwild avatar Jan 11 '21 21:01 uvwild

which tool do you used for it

Simple Draw.io

hi @uvwild You should ask your provider about external IP. Sorry, I don't know specifications of OTC.

krakazyabra avatar Jan 12 '21 09:01 krakazyabra