Traefik plugins not working, in fact no middleware is working?
- Details
- Category: Blog
- Published: Saturday, 29 April 2023 17:33
- Written by Lars Berntzon
- Hits: 1608
When installing Traefik, as a kubernetes ingress or other, its not immediately clear what do to with the middleware configurations. If this is not correctly done, the effect is as plugins and middlewares are not working. One must actively turn on a middleware (plugins runs as middlewares). For kubernetes this is either done via an annotation for an ingress. If you for instance have the plugin fail2ban installed and want to use it on your web-service, you need to add following annotation to your ingress (if its in the namespace "default"):
traefik.ingress.kubernetes.io/router.middlewares: default-fail2ban@kubernetescrd
The syntax is: <namespace>-<middleware>@kubernetescrd if you run in kubernetes and have created the Middleware defined there as a custom resource.
Or, you can enable it by default on all web-services managed by Traefik by adding this helm configuration:
additionalArguments:
- "--experimental.plugins.fail2ban.modulename=github.com/tomMoulard/fail2ban"
- "--experimental.plugins.fail2ban.version=v0.6.6"
- "--entrypoints.web.http.middlewares=default-fail2ban@kubernetescrd,default-geoblock@kubernetescrd"
- "--entrypoints.websecure.http.middlewares=default-fail2ban@kubernetescrd,default-geoblock@kubernetescrd"
- "--entrypoints.ssh.http.middlewares=default-fail2ban@kubernetescrd,default-geoblock@kubernetescrd"