{"id":622,"date":"2023-04-24T00:30:37","date_gmt":"2023-04-23T21:30:37","guid":{"rendered":"https:\/\/grechka.family\/dmitry\/blog\/?p=622"},"modified":"2023-04-24T00:30:50","modified_gmt":"2023-04-23T21:30:50","slug":"ha-traefik-for-k8s-ingressroutes-cert-manager-letsencrypt","status":"publish","type":"post","link":"https:\/\/grechka.family\/dmitry\/blog\/2023\/04\/ha-traefik-for-k8s-ingressroutes-cert-manager-letsencrypt\/","title":{"rendered":"High Availability Traefik for K8s (IngressRoute + Cert Manager + LetsEncrypt)"},"content":{"rendered":"\n

Here I share the recipe for how to setup High Availability Traefik Proxy<\/a> (multiple instances) for Kubernetes with TLS certificates obtained from LetsEncrypt<\/a> with help of Cert Manager<\/a>.<\/p>\n\n\n\n\n\n\n\n

To get high availability setup for Traefik we will host multiple instances of Traefik on different hosts (or even in different availability zones). All of the Traefik instances need to load the same TLS certificates and equally participate in ACME http challenge process during obtaining the certificates from LetsEncrypt. Both can be achieved by using Cert Manager<\/a>, which stores the TLS certificates in Kubernetes secrets (no need for PVC) and carries out LetEncrypt ACME http challenge through Kubernetes Ingress entities. We leave deployment of Cert Manager <\/a>out of scope for this post. The following assumes that you have Cert Manager deployed.<\/p>\n\n\n\n

Configuring Cert Manager for LetsEncrypt<\/h3>\n\n\n\n

In order to get certificates from LetsEncrypt we can define the following Issuers (CRD used by Cert Manager):<\/p>\n\n\n\n

YAML<\/span><\/path><\/path><\/svg><\/span>
apiVersion<\/span>:<\/span> <\/span>cert-manager.io\/v1<\/span><\/span>\nkind<\/span>:<\/span> <\/span>ClusterIssuer<\/span><\/span>\nmetadata<\/span>:<\/span><\/span>\n  <\/span>name<\/span>:<\/span> <\/span>letsencrypt-staging<\/span><\/span>\nspec<\/span>:<\/span><\/span>\n  <\/span>acme<\/span>:<\/span><\/span>\n    <\/span>server<\/span>:<\/span> <\/span>https:\/\/acme-staging-v02.api.letsencrypt.org\/directory<\/span><\/span>\n    <\/span>email<\/span>:<\/span> <\/span>hostmaster@your-domain.tld<\/span> <\/span># Replace this with your mail address<\/span><\/span>\n    <\/span>privateKeySecretRef<\/span>:<\/span><\/span>\n      <\/span>name<\/span>:<\/span> <\/span>letsencrypt-staging<\/span><\/span>\n    <\/span>solvers<\/span>:<\/span><\/span>\n    <\/span>-<\/span> <\/span>http01<\/span>:<\/span><\/span>\n        <\/span>ingress<\/span>:<\/span><\/span>\n          <\/span>class<\/span>:<\/span> <\/span>traefik<\/span><\/span>\n---<\/span><\/span>\napiVersion<\/span>:<\/span> <\/span>cert-manager.io\/v1<\/span><\/span>\nkind<\/span>:<\/span> <\/span>ClusterIssuer<\/span><\/span>\nmetadata<\/span>:<\/span><\/span>\n  <\/span>name<\/span>:<\/span> <\/span>letsencrypt-prod<\/span><\/span>\nspec<\/span>:<\/span><\/span>\n  <\/span>acme<\/span>:<\/span><\/span>\n    <\/span>server<\/span>:<\/span> <\/span>https:\/\/acme-v02.api.letsencrypt.org\/directory<\/span><\/span>\n    <\/span>email<\/span>:<\/span> <\/span>hostmaster@your-domain.tld<\/span> <\/span># Replace this with your mail address<\/span><\/span>\n    <\/span>privateKeySecretRef<\/span>:<\/span><\/span>\n      <\/span>name<\/span>:<\/span> <\/span>letsencrypt-prod<\/span><\/span>\n    <\/span>solvers<\/span>:<\/span><\/span>\n    <\/span>-<\/span> <\/span>http01<\/span>:<\/span><\/span>\n        <\/span>ingress<\/span>:<\/span><\/span>\n          <\/span>class<\/span>:<\/span> <\/span>traefik<\/span><\/span><\/code><\/pre><\/div>\n\n\n\n
Configuring Traefik for Cert Manager<\/h3>\n\n\n\n
Note that we specified the “traefik” ingress class among ACME solvers. That is how Cert Manager will get the TLS certificates for our domains. Cert Manager can’t use IngressRoute CRD defined for Traefik as they are too application specific. Instead, it can use standard Ingress or newly emerged Gateway API Kubernetes entities. Here we use Ingress. That means that we need to enable Traefik to serve Kubernetes Ingress entities. That can be done, for instance, through CLI args:<\/p>\n\n\n\n
YAML<\/span><\/path><\/path><\/svg><\/span>
...<\/span><\/span>\n      <\/span>spec<\/span>:<\/span><\/span>\n        <\/span>containers<\/span>:<\/span><\/span>\n        <\/span>-<\/span> <\/span>name<\/span>:<\/span> <\/span>traefik<\/span><\/span>\n          <\/span>image<\/span>:<\/span> <\/span>traefik:v2.9<\/span><\/span>\n          <\/span>args<\/span>:<\/span><\/span>\n            <\/span>-<\/span> <\/span>--entrypoints.web.Address=:80<\/span><\/span>\n            <\/span>-<\/span> <\/span>--entrypoints.websecure.Address=:443<\/span><\/span>\n            <\/span>-<\/span> <\/span>--providers.kubernetescrd<\/span> <\/span># needed for IngressRoutes<\/span><\/span>\n            <\/span>-<\/span> <\/span>--providers.kubernetesingress<\/span> <\/span># needed for cert-manger<\/span><\/span>\n          <\/span>ports<\/span>:<\/span><\/span>\n            <\/span>-<\/span> <\/span>name<\/span>:<\/span> <\/span>web<\/span><\/span>\n              <\/span>containerPort<\/span>:<\/span> <\/span>80<\/span><\/span>\n            <\/span>-<\/span> <\/span>name<\/span>:<\/span> <\/span>websecure<\/span><\/span>\n              <\/span>containerPort<\/span>:<\/span> <\/span>443<\/span><\/span><\/code><\/pre><\/div>\n\n\n\n
If you use IngressRoutes then you will have to enable both kubernetescrd <\/em>and kubernetesingress <\/em>Traefik configuration providers.<\/p>\n\n\n\n
Defining “certificate” for IngressRoute<\/h3>\n\n\n\n
Now the Cert Manager will be able to finish the ACME http challenge for our domains. At this point we can define a certificate to obtain from LetsEncrypt. The following example defines the certificate that is used at this blog (note that you can define multiple DNS names for single certificate).<\/p>\n\n\n\n
YAML<\/span><\/path><\/path><\/svg><\/span>
apiVersion<\/span>:<\/span> <\/span>cert-manager.io\/v1<\/span><\/span>\nkind<\/span>:<\/span> <\/span>Certificate<\/span><\/span>\nmetadata<\/span>:<\/span><\/span>\n  <\/span>name<\/span>:<\/span> <\/span>grechka.family-tls-cert<\/span><\/span>\nspec<\/span>:<\/span><\/span>\n  <\/span>secretName<\/span>:<\/span> <\/span>grechka.family-tls-secret<\/span><\/span>\n  <\/span>issuerRef<\/span>:<\/span><\/span>\n    <\/span>name<\/span>:<\/span> <\/span>letsencrypt-prod<\/span><\/span>\n    <\/span>kind<\/span>:<\/span> <\/span>ClusterIssuer<\/span><\/span>\n  <\/span>dnsNames<\/span>:<\/span><\/span>\n    <\/span>-<\/span> <\/span>grechka.family<\/span><\/span>\n    <\/span>-<\/span> <\/span>www.grechka.family<\/span><\/span><\/code><\/pre><\/div>\n\n\n\n
Right after we create this entity in Kubernetes, Cert Manager will acquire the certificate. Now we can use the certificate in Traefik IngressRoute, like in the following example:<\/p>\n\n\n\n
YAML<\/span><\/path><\/path><\/svg><\/span>
apiVersion<\/span>:<\/span> <\/span>traefik.containo.us\/v1alpha1<\/span><\/span>\nkind<\/span>:<\/span> <\/span>IngressRoute<\/span><\/span>\nmetadata<\/span>:<\/span><\/span>\n  <\/span>name<\/span>:<\/span> <\/span>tls-dmitry-web-blog<\/span><\/span>\nspec<\/span>:<\/span><\/span>\n...<\/span><\/span>\n  <\/span>tls<\/span>:<\/span><\/span>\n    <\/span>secretName<\/span>:<\/span> <\/span>grechka.family-tls-secret<\/span><\/span><\/code><\/pre><\/div>\n\n\n\n
That’s it! We have high availability Traefik with LetsEncrypt certificates.<\/p>\n","protected":false},"excerpt":{"rendered":"
Here I share the recipe for how to setup High Availability Traefik Proxy (multiple instances) for Kubernetes with TLS certificates obtained from LetsEncrypt with help of Cert Manager.<\/p>\n","protected":false},"author":1,"featured_media":627,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[65],"tags":[69,70,71,66,68,67],"class_list":["post-622","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-it-infrastructure","tag-cert-manager","tag-highavailablilty","tag-ingressroute","tag-kubernetes","tag-letsencrypt","tag-traefik"],"yoast_head":"\nHA Traefik: IngressRoute + Cert Manager + LetsEncrypt<\/title>\n<meta name=\"description\" content=\"How to deploy multiple instances of Traefik which serves certificates from LetsEncrypt while using IngressRoute at the same time.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/grechka.family\/dmitry\/blog\/2023\/04\/ha-traefik-for-k8s-ingressroutes-cert-manager-letsencrypt\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"HA Traefik: IngressRoute + Cert Manager + LetsEncrypt\" \/>\n<meta property=\"og:description\" content=\"How to deploy multiple instances of Traefik which serves certificates from LetsEncrypt while using IngressRoute at the same time.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/grechka.family\/dmitry\/blog\/2023\/04\/ha-traefik-for-k8s-ingressroutes-cert-manager-letsencrypt\/\" \/>\n<meta property=\"og:site_name\" content=\"Dmitry A. Grechka\" \/>\n<meta property=\"article:published_time\" content=\"2023-04-23T21:30:37+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-04-23T21:30:50+00:00\" \/>\n<meta property=\"og:image\" content=\"http:\/\/grechka.family\/dmitry\/blog\/wp-content\/uploads\/2023\/04\/ha_traefik.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"525\" \/>\n\t<meta property=\"og:image:height\" content=\"233\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/webp\" \/>\n<meta name=\"author\" content=\"dmitry\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"dmitry\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/grechka.family\/dmitry\/blog\/2023\/04\/ha-traefik-for-k8s-ingressroutes-cert-manager-letsencrypt\/\",\"url\":\"https:\/\/grechka.family\/dmitry\/blog\/2023\/04\/ha-traefik-for-k8s-ingressroutes-cert-manager-letsencrypt\/\",\"name\":\"HA Traefik: IngressRoute + Cert Manager + LetsEncrypt\",\"isPartOf\":{\"@id\":\"https:\/\/grechka.family\/dmitry\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/grechka.family\/dmitry\/blog\/2023\/04\/ha-traefik-for-k8s-ingressroutes-cert-manager-letsencrypt\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/grechka.family\/dmitry\/blog\/2023\/04\/ha-traefik-for-k8s-ingressroutes-cert-manager-letsencrypt\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/grechka.family\/dmitry\/blog\/wp-content\/uploads\/2023\/04\/ha_traefik.webp\",\"datePublished\":\"2023-04-23T21:30:37+00:00\",\"dateModified\":\"2023-04-23T21:30:50+00:00\",\"author\":{\"@id\":\"https:\/\/grechka.family\/dmitry\/blog\/#\/schema\/person\/63485104fdec6dbe258ea67c2e053a6f\"},\"description\":\"How to deploy multiple instances of Traefik which serves certificates from LetsEncrypt while using IngressRoute at the same time.\",\"breadcrumb\":{\"@id\":\"https:\/\/grechka.family\/dmitry\/blog\/2023\/04\/ha-traefik-for-k8s-ingressroutes-cert-manager-letsencrypt\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/grechka.family\/dmitry\/blog\/2023\/04\/ha-traefik-for-k8s-ingressroutes-cert-manager-letsencrypt\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/grechka.family\/dmitry\/blog\/2023\/04\/ha-traefik-for-k8s-ingressroutes-cert-manager-letsencrypt\/#primaryimage\",\"url\":\"https:\/\/grechka.family\/dmitry\/blog\/wp-content\/uploads\/2023\/04\/ha_traefik.webp\",\"contentUrl\":\"https:\/\/grechka.family\/dmitry\/blog\/wp-content\/uploads\/2023\/04\/ha_traefik.webp\",\"width\":525,\"height\":233,\"caption\":\"HA Traefik + CertManager + LetsEncrypt\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/grechka.family\/dmitry\/blog\/2023\/04\/ha-traefik-for-k8s-ingressroutes-cert-manager-letsencrypt\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/grechka.family\/dmitry\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"High Availability Traefik for K8s (IngressRoute + Cert Manager + LetsEncrypt)\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/grechka.family\/dmitry\/blog\/#website\",\"url\":\"https:\/\/grechka.family\/dmitry\/blog\/\",\"name\":\"Dmitry A. Grechka\",\"description\":\"Personal blog\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/grechka.family\/dmitry\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/grechka.family\/dmitry\/blog\/#\/schema\/person\/63485104fdec6dbe258ea67c2e053a6f\",\"name\":\"dmitry\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/grechka.family\/dmitry\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/ce55dc1fed08e9a15667f56e3285826aa634c717d9c0e34809d717f699bb7b0b?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/ce55dc1fed08e9a15667f56e3285826aa634c717d9c0e34809d717f699bb7b0b?s=96&d=identicon&r=g\",\"caption\":\"dmitry\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"HA Traefik: IngressRoute + Cert Manager + LetsEncrypt","description":"How to deploy multiple instances of Traefik which serves certificates from LetsEncrypt while using IngressRoute at the same time.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/grechka.family\/dmitry\/blog\/2023\/04\/ha-traefik-for-k8s-ingressroutes-cert-manager-letsencrypt\/","og_locale":"en_GB","og_type":"article","og_title":"HA Traefik: IngressRoute + Cert Manager + LetsEncrypt","og_description":"How to deploy multiple instances of Traefik which serves certificates from LetsEncrypt while using IngressRoute at the same time.","og_url":"https:\/\/grechka.family\/dmitry\/blog\/2023\/04\/ha-traefik-for-k8s-ingressroutes-cert-manager-letsencrypt\/","og_site_name":"Dmitry A. Grechka","article_published_time":"2023-04-23T21:30:37+00:00","article_modified_time":"2023-04-23T21:30:50+00:00","og_image":[{"width":525,"height":233,"url":"http:\/\/grechka.family\/dmitry\/blog\/wp-content\/uploads\/2023\/04\/ha_traefik.webp","type":"image\/webp"}],"author":"dmitry","twitter_misc":{"Written by":"dmitry","Estimated reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/grechka.family\/dmitry\/blog\/2023\/04\/ha-traefik-for-k8s-ingressroutes-cert-manager-letsencrypt\/","url":"https:\/\/grechka.family\/dmitry\/blog\/2023\/04\/ha-traefik-for-k8s-ingressroutes-cert-manager-letsencrypt\/","name":"HA Traefik: IngressRoute + Cert Manager + LetsEncrypt","isPartOf":{"@id":"https:\/\/grechka.family\/dmitry\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/grechka.family\/dmitry\/blog\/2023\/04\/ha-traefik-for-k8s-ingressroutes-cert-manager-letsencrypt\/#primaryimage"},"image":{"@id":"https:\/\/grechka.family\/dmitry\/blog\/2023\/04\/ha-traefik-for-k8s-ingressroutes-cert-manager-letsencrypt\/#primaryimage"},"thumbnailUrl":"https:\/\/grechka.family\/dmitry\/blog\/wp-content\/uploads\/2023\/04\/ha_traefik.webp","datePublished":"2023-04-23T21:30:37+00:00","dateModified":"2023-04-23T21:30:50+00:00","author":{"@id":"https:\/\/grechka.family\/dmitry\/blog\/#\/schema\/person\/63485104fdec6dbe258ea67c2e053a6f"},"description":"How to deploy multiple instances of Traefik which serves certificates from LetsEncrypt while using IngressRoute at the same time.","breadcrumb":{"@id":"https:\/\/grechka.family\/dmitry\/blog\/2023\/04\/ha-traefik-for-k8s-ingressroutes-cert-manager-letsencrypt\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/grechka.family\/dmitry\/blog\/2023\/04\/ha-traefik-for-k8s-ingressroutes-cert-manager-letsencrypt\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/grechka.family\/dmitry\/blog\/2023\/04\/ha-traefik-for-k8s-ingressroutes-cert-manager-letsencrypt\/#primaryimage","url":"https:\/\/grechka.family\/dmitry\/blog\/wp-content\/uploads\/2023\/04\/ha_traefik.webp","contentUrl":"https:\/\/grechka.family\/dmitry\/blog\/wp-content\/uploads\/2023\/04\/ha_traefik.webp","width":525,"height":233,"caption":"HA Traefik + CertManager + LetsEncrypt"},{"@type":"BreadcrumbList","@id":"https:\/\/grechka.family\/dmitry\/blog\/2023\/04\/ha-traefik-for-k8s-ingressroutes-cert-manager-letsencrypt\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/grechka.family\/dmitry\/blog\/"},{"@type":"ListItem","position":2,"name":"High Availability Traefik for K8s (IngressRoute + Cert Manager + LetsEncrypt)"}]},{"@type":"WebSite","@id":"https:\/\/grechka.family\/dmitry\/blog\/#website","url":"https:\/\/grechka.family\/dmitry\/blog\/","name":"Dmitry A. Grechka","description":"Personal blog","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/grechka.family\/dmitry\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Person","@id":"https:\/\/grechka.family\/dmitry\/blog\/#\/schema\/person\/63485104fdec6dbe258ea67c2e053a6f","name":"dmitry","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/grechka.family\/dmitry\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/ce55dc1fed08e9a15667f56e3285826aa634c717d9c0e34809d717f699bb7b0b?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/ce55dc1fed08e9a15667f56e3285826aa634c717d9c0e34809d717f699bb7b0b?s=96&d=identicon&r=g","caption":"dmitry"}}]}},"jetpack_featured_media_url":"https:\/\/grechka.family\/dmitry\/blog\/wp-content\/uploads\/2023\/04\/ha_traefik.webp","jetpack_sharing_enabled":true,"jetpack_likes_enabled":true,"_links":{"self":[{"href":"https:\/\/grechka.family\/dmitry\/blog\/wp-json\/wp\/v2\/posts\/622","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/grechka.family\/dmitry\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/grechka.family\/dmitry\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/grechka.family\/dmitry\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/grechka.family\/dmitry\/blog\/wp-json\/wp\/v2\/comments?post=622"}],"version-history":[{"count":7,"href":"https:\/\/grechka.family\/dmitry\/blog\/wp-json\/wp\/v2\/posts\/622\/revisions"}],"predecessor-version":[{"id":631,"href":"https:\/\/grechka.family\/dmitry\/blog\/wp-json\/wp\/v2\/posts\/622\/revisions\/631"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/grechka.family\/dmitry\/blog\/wp-json\/wp\/v2\/media\/627"}],"wp:attachment":[{"href":"https:\/\/grechka.family\/dmitry\/blog\/wp-json\/wp\/v2\/media?parent=622"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/grechka.family\/dmitry\/blog\/wp-json\/wp\/v2\/categories?post=622"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/grechka.family\/dmitry\/blog\/wp-json\/wp\/v2\/tags?post=622"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}