Docs
Blog
Kubevious.io places cookies on your computer or device to make the site work better and to help us understand how you use our site. Further use of this site (by clicking, navigating or scrolling) will be considered consent. Please visit our privacy policy for more information.
Guard
Features
Application Centric UI
Health Monitoring
Cloud Native Tools
Search Engine
Time Machine
Rules Engine
Slack Bot
Built-in Validators
Container
Compute
Configuration
Networking
Storage
RBAC
Security
Traefik Proxy
Missing Traefik Middleware reference in IngressRoute
Missing Traefik Service reference in IngressRoute or TraefikService
Missing Traefik TLSOptions reference in IngressRoute
Unused Traefik Middleware
Unused Traefik Service
Unused Traefik TLSOptions
Docs
Built-in Validators
Traefik Proxy

Missing Traefik TLSOptions reference in IngressRoute

Traefik TLSOptions are used to configure Traefik Proxy TLS connection parameters. TLSOptions are referenced from IngressRoute. This validator detects a condition when the TLSOptions referenced in the IngressRoute is not found.

Affected Resources: IngressRoute

Examples

apiVersion: traefik.containo.us/v1alpha1 kind: IngressRoute metadata: name: whoami spec: entryPoints: - websecure routes: - kind: Rule match: Host(`demo.kubevious.io`) services: - kind: Service name: whoami-svc port: 80 tls: certResolver: le domains: - main: demo.kubevious.io sans: - demo.kubevious.io options: name: foo # TLSOptions not found in the namespace "samples" namespace: samples
apiVersion: traefik.containo.us/v1alpha1 kind: TLSOption metadata: name: bar # Different name in IngressRoute namespace: samples spec: cipherSuites: - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305 - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305 - TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 - TLS_AES_256_GCM_SHA384 - TLS_AES_128_GCM_SHA256 - TLS_CHACHA20_POLY1305_SHA256 - TLS_FALLBACK_SCSV curvePreferences: - CurveP521 - CurveP384 minVersion: VersionTLS12 sniStrict: true

Resolution

  • Check if the TLSOptions is present in the same namespace.
  • Check if the TLSOptions is present in the namespace specified by the namespace field.
  • Did you make a typo in the IngressRoute? Kubevious Search uses fuzzy logic to return results and can help with finding the correct TLSOptions.
    • Prev
    Missing Traefik Service reference in IngressRoute or TraefikService
    Next
    Unused Traefik Middleware

    Need other validation rules?

    Please let us know if there are other built-in validation rules you would like to see in Kubevious to detect misconfigurations and violations to best practices. Optionally, you can provide your details so we can reach out to you with follow-up questions.

    Share this article on:
    message
    PRODUCTGet StartedDemoOpen-Source
    COMPANYContactPrivacy PolicyTerms and Conditions
    KNOWLEDGE BASEDocumentationKubernetes Best PracticesBlog